Jobs & Careers | Warranty & Testing | Privacy Policy | Asset Recovery Services

Buy Juniper & Cisco Equipment Online

Used Cisco | Used Extreme | Used Foundry | Used Nortel | New Force10 | New F5 Networks | New Juniper | Used HP

Search Telecom and Network EquipmentProduct SpecialsAwardsForumsCompany InformationPress ReleasesComputer & Technology ArticlescertificationsWe Sell to GovernmentContact Us

Bookmark and Share |

Jump to Telecom Equipment

Request a Free Quote

Sell to us or Recycle your Equipment

Watch Company Virtual Tour

Top Networking Brands
Networking Products
Cisco certifications savings

Cisco 642-821 BCRAN Certification Exam

Building Cisco Remote Access Networks Exam 642-821... Continue Below To CCNP Articles and Cisco 642-831 Questions & Answers. The real CCNP 642-821 Exam has a duration of 75 - 90 minutes to complete and has approximately 60 - 70 questions.

The Cisco BCRAN 642-821 is a qualifying exam for the Cisco Certified Network Professional CCNP® certification. The BCRAN exam (642-821) focuses on using one or more of the available WAN connection technologies for remote access between enterprise sites. The BCRAN 642-821 exam also assesses techniques and features for enhancing WAN and remote access connections. The BCRAN 642-821 exam will certify that the successful candidate has the skills and knowledge necessary to describe, configure, and implement comprehensive remote access solutions in the enterprise environment. All these objectives are designated from the Cisco.com website. Please note that exam topics and objectives may change without notice, since technologies are always changing.

CCNP 642-821 Exam Objectives:

Describe and Configure PPP in a remote access environment

  • Describe PPP operation
  • Configure and verify PPP NCP options
  • Configure and verify PPP LCP options

Describe and implement ISDN

  • Describe and configure ISDN PRI and BRI operation
  • Describe and configure ISDN dialer operations
  • Verify ISDN and dialer operations

Describe and implement queuing and compression solutions

  • Describe and configure WFQ, CBWFQ, LLQ, and WRED
  • Describe and configure data compression
  • Verify queuing and compression operations

Describe and configure Broadband connectivity

  • Describe xDSL and Cable (HFC) technologies
  • Describe and configure PPPoE, PPPoA, and RFC 1483/2684 Bridging
  • Verify broadband configurations

Describe and configure a site-to-site VPN and AAA

  • Describe and configure IPSec VPN with a preshared key
  • Describe, configure, and verify AAA
  • Verify IPSec operation

Describe and implement backup connectivity solutions

  • Describe and configure backup interfaces
  • Describe and configure dialer watch
  • Verify backup connectivity configurations
CCNP Certification Exams
Cisco 642-821 BCRAN Certification Exam (Building Cisco Remote Access Networks Exam)
Cisco 642-831 CIT Certification Exam (Cisco Internet Troubleshooting Support Exam)
Cisco 642-811 BCMSN Certification Exam (Building Cisco Multilayer Switched Exam)
Cisco 642-891 Composite Certification Exam (Cisco Composite Exam)
Cisco 642-892 Composite Certification Exam (Cisco Composite Exam)
Cisco 642-801 BSCI Certification Exam (Building Scalable Cisco Internetworks Exam)
Cisco 642-901 BSCI Certification Exam (Building Scalable Cisco Internetworks Exam)
Back to Cisco Certifications
Back to Certifications

Cisco 642-821 Questions & Answers (Practice Makes Perfect)

We hope these questions and answers on the Cisco 642-821 exam help you on your CCNP certification track.

Question: Cisco has 2 platform types. What are they?
A. Static
B. Fixed
C. Preset
D. Modular
E. Scalable
Answer: B. Fixed
D. Modular
Explanation: Cisco has 2 types of platforms:
- modular, different ports and modules can be inserted in the router
- fixed, ports are defined when the router leaves the factory
Question: What type of router would you recommend in a Remote Office? [according to Cisco]
A. 1600 series
B. 1700 series
C. 2500 series
D. 2600 series
E. 800 series
Answer: E. 800 series
Explanation: According to Cisco the 800 series routers are ideal for Remote Offices (RO) and Small Offices, Home Offices (SOHO).
Question: If you are using AVVID what type of router is recommended by Cisco to use?
A. 3600 series
B. 7200 series
C. 2600 series
D. 3700 series
Answer: D. 3700 series
Explanation: According to Cisco the 3700 series router, which is replacing the 3600 series, is the cornerstone for AVVID [Architecture for Voice, Video and Integrated Data].
Question: Of the following WAN technologies which are emerging technologies?
A. ATM
B. xDSL
C. Wireless
D. Frame-Relay
E. ISDN
Answer: B. xDSL
C. Wireless
Explanation: xDSL, Cable access and Wireless are emerging WAN technologies compared to ATM, ISDN, Dial up, Frame-Relay and Leased Lines.
Question: Which WAN technology has 4Mb upload and up to 28Mb download speeds?
A. ATM
B. xDSL
C. Frame-Relay
D. Cable Access
E. Wireless
Answer: D. Cable Access
Explanation: Cable access has speeds that are up to 4Mb upload and 28Mb download.
Question: If we want to connect our network to the internet what is the best way to provide security?
A. Checkpoint Firewall-1
B. 3700 series router
C. PIX
D. 2600 series router
Answer: C. PIX
Explanation: If we need security on our internet connection and using a Cisco product then the PIX Firewall is the device to acquire.
Question: When determining the site requirements what is the major consideration to evaluate?
A. speed
B. growth
C. cost
D. flexibility
Answer: C. cost
Explanation: Cost is a major consideration when evaluating the requirements for a central site, branch-office or remote office or home office.
Question: Which of the following are methods of policing?
A. CAR
B. CIR
C. PQ
D. WRED
E. WFQ
Answer: A. CAR
D. WRED
Explanation: The three basic types of policing are:
- Commited Access Rate (CAR)
- Random Early Detection (RED)
- Weighted Random Early Detection (WRED)
Question: Which of the following are types of congestion management?
A. Committed Access Rate
B. Weighted Random Early Detection
C. IP Presedence
D. Weighted Fair Queueing
E. Priority Queueing
F. Compression
Answer: D. Weighted Fair Queueing
E. Priority Queueing
Explanation: Congestion management can use one of the following queueing methods:
- Priority Queueing
- Custom Queueing
- Weighted Fair Queueing
Question: Which type of link would we usually find at a Central-Site?
A. Leased Line
B. ISDN
C. Dial-Up
D. Frame-Relay
Answer: A. Leased Line
Explanation: Leased lines are typically found at the Central-Site since they provide better reliability then Frame-Relay.
Question: Which of the following are factors that you need to take in consideration when selecting equipment?
A. Encryption
B. Compression
C. Ease of management
D. Ease of implementation
E. Availability
Answer: A. Encryption
C. Ease of management
E. Availability
Explanation: Factors that you need to take in consideration when selecting equipment are the following:
- Bandwidth
- Availability
- Reliability
- Cost
- Ease of management
- Applications and traffic patterns
- Redundancy
- QoS
- Security
- Encryption
Question: An E1 circuit consits of how many DS0s?
A. 24
B. 29
C. 30
D. 100
E. Eleventy Billion
Answer: C. 30
Explanation: DS0 equal 64kbps so an E1 2.048Mbps consists of 30 DS0s.
Question: In a packet switched environment a VC is labeled with a?
A. MAC Address
B. VPI
C. IP Address
D. DLCI
E. VCI
Answer: D. DLCI
Explanation: In a packet switched environment a VC is labeled with a Data-Link Connection Identifier (DLCI) that is local only to the site assigned the DLCI.
Question: How can we ensure that the traffic is safe during transfer?
A. Use Leased Lines
B. Use Compression
C. Implement VPNs
D. Implement Firewalls
Answer: C. Implement VPNs
Explanation: To ensure that data is safe during transfer from one site to another implement VPNs.
Question: What is a major consideration in a ROBO site only?
A. Application traffic patterns
B. Cost of equipment
C. Access control
D. Flexibility
Answer: A. Application traffic patterns
Explanation: The major considerations for a ROBO are:
- WAN availability
- Redundancy needs
- Ease of management
- Application traffic patterns
Question: What can you use on the Cisco website to help you choose equipement?
A. Product Specifications Tool
B. Product Information Tool
C. Product Selection Tool
D. Product Comparison Tool
Answer: C. Product Selection Tool
Explanation: The Product Selection Tool on Cisco's website can help you determine what type of equipment to choose.
Question: An AS5000 would be typically placed in a ____________. [according to Cisco]
A. Remote Office
B. Home Office
C. Central Site
D. Branch Office
Answer: C. Central Site
Explanation: Cisco 3600, AS5000 abd 7200 Series routers are typically found in Central Sites.
Question: Which of the following routers can handle six 12-port T1/E1 trunk cards?
A. AS5350
B. AS5800
C. AS5000
D. AS5400
Answer: B. AS5800
Explanation: The AS5800 can handle six 12-port T1/E1 trunk cards
Question: Which of the following 800 series have an ISDN connection?
A. 827
B. 805
C. 806
D. 801
E. 803
Answer: D. 801
E. 803
Explanation: The 801 and 803 router have and ISDN S/T connection.
Question: What type of connections can we use with a DB-60 cable?
A. Frame-Relay
B. ISDN BRI
C. Leased Lines
D. ATM
E. xDSL
Answer: A. Frame-Relay
C. Leased Lines
Explanation: Leased Lines and Frame-Relay use DB-60 or smart serial connectors.
Question: What type of connector does a channelized T1/E1 use?
A. EIA/TIA-232
B. Smart Serial
C. DB-60
D. RJ-45
Answer: D. RJ-45
Explanation: A channelized T1/E1 uses a RJ-45 connector.
Question: When you encounter the following line in the show interface FastEthernet 0/0 output:
FastEthernet0/0 is up, line protocol is down
What could be the cause?
A. Incorrect pinouts
B. Physical problem
C. Cable not attached
D. Incorrect clockrate
Answer: A. Incorrect pinouts
Explanation: The most probably cause of an up/down state on a Ethernet interface is an mispinned cable.
Question: On a serial interface what are possible causes of an interface being in up/down state?
A. Cable not connected
B. Incorrect clock rate
C. Bad cable
D. Incorrect pinout
E. Encapsulation mismatch
Answer: B. Incorrect clock rate
E. Encapsulation mismatch
Explanation: Possible causes for a serial interface to be in an up/down state are:
- Keepalive mismatch
- Incorrect clock rate
- Clockrate not set
- Encapsulation mismatch
Question: What does it mean when DTR is on?
A. The device has detected the provider switch.
B. The device notifies the far end it will send data.
C. The device notifies the far end it's ready to receive data.
D. The device is OK to send data.
Answer: C. The device notifies the far end it's ready to receive data.
Explanation: When DTR is on the device notifies the far end it's ready to receive data.
Question: Of the following services which could have a HDLC encapsulation?
A. Leased lines
B. Frame-Relay
C. xDSL
D. ATM
E. ISDN
F. Cable
Answer: A. Leased lines
E. ISDN
Explanation: Leased Lines and ISDN (BRI and PRI) can use PPP or HDLC encapsulation.
Question: Which pins control the flow of data?
A. DSR
B. CTS
C. DTR
D. TD
E. RTS
F. RD
Answer: B. CTS
E. RTS
Explanation: The RTS and CTS pins control the flow of data.
Question: Which of the following designations are controlled by the DTE?
A. DSR
B. RD
C. CTS
D. DTR
E. RTS
Answer: D. DTR
E. RTS
Explanation: DTR and RTS are controlled by the DTE.
Question: According to the EIA/TIA-232 standard GRD is found on which pin?
A. 2
B. 4
C. 8
D. 3
E. 5
F. 6
G. 7
Answer: G. 7
Explanation:
Pin Number Designation
2 TD
3 RD
4 RTS
5 CTS
6 DSR
7 GRD
8 CD
20 DTR
Question: When doing reverse telnet, which port range is reserved for telnet(character mode) using rotary groups?
A. 2000-2xxx
B. 6000-6xxx
C. 7000-7xxx
D. 3000-3xxx
Answer: D. 3000-3xxx
Explanation: The reserve port range when using rotary groups for telnet in character mode is 3000-3xxx.
Question: Which steps do we need to do to make a modem useable again after using the modem for reverse telnet?
A. exit
B. disconnect
C. CTRL-SHIFT-6 and X
D. logout
Answer: B. disconnect
C. CTRL-SHIFT-6 and X
Explanation: First we need to exit the connection using CTRL-SHIFT-6 and X to suspend the session followed by the disconnect router command.
Question: On a Cisco 3640 router what is the reserved line range for slot 2?
A. 65-96
B. 1-32
C. 33-64
D. 97-128
Answer: A. 65-96
Explanation: Slot 2 has line number 65-96 reserved.
Question: When using an A/S interface, how do we use it as an asynchronous interface?
A. async mode enable
B. no physical-layer sync
C. physical-layer async
D. physical-layer async enable
Answer: C. physical-layer async
Explanation: To use an A/S interface as an asynchrounous interface we use the physical-layer async interface configuration command.
Question: How do we let a dialup user use the EXEC commands?
A. async mode dedicated
B. async mode interactive
C. async mode dedicated exec
D. no configuration needed
Answer: B. async mode interactive
Explanation: For a dialup user to have access to the SLIP and PPP EXEC commands we use the async mode interactive interface configuration command.
Question: How do we configure the line for incoming and outgoing calls?
A. modem InOut
B. modem InOut enable
C. modem InOut default
D. modem OutIn enable
E. modem OutIn
F. modem OutIn default
Answer: A. modem InOut
Explanation: The modem InOut line configuration command enables both incoming and outgoing calls.
Question: Which AT command will turn off local echo?
A. ATE0
B. ATM0
C. ATS0=n
D. AT&C1
Answer: A. ATE0
Explanation: The ATE0 command turns off local echo.
Question: Which command do we use to see the entries in the modemcap database?
A. show modemcap-database
B. show modemcap
C. show modemcap database
D. show modem-database
Answer: B. show modemcap
Explanation: The show modemcap command will display the modemcap database entries.
Question: What are some reasons to use a chat script?
A. Logon to the remote system
B. Disconnecting an active call
C. Provide the user a username
D. Provide the modem with a dial string
Answer: A. Logon to the remote system
D. Provide the modem with a dial string
Explanation: Chat scripts can be used for the following:
- Initialization of the modem
- Provide the modem with a dial string
- Logon to the remote system
- Command execution on a remote system
Question: What types of PPP packets are send to configure and test the link?
A. NCP
B. TCP
C. DTR
D. LCP
Answer: D. LCP
Explanation: LCP or Link Control Protocol packets are send from each end of the data link to configure and test it.
Question: PPP is defined in which RFC?
A. RFC 1661
B. RFC 1700
C. RFC 1771
D. RFC 2328
Answer: A. RFC 1661
Explanation: RFC 1661 defines PPP.
Question: Which of the following are not part of PPP capabilities?
A. Header Compression
B. Link Configuration
C. Multiplexing of network layer protocols
D. Error Prevention
E. Authorization
Answer: D. Error Prevention
E. Authorization
Explanation: PPP has some of the following capabilities:
- Multiplexing of network layer protocols
- Link configuration
- Link quality testing
- Authentication
- Header compression
- Error detection
- Link parameter negotiation
Question: How can PPP assign a specific IP address to the dialup client on asynchronous interfaces?
A. router(config-if)#peer ip address ip_address
B. router(config-if)#client default ip address ip_address
C. router(config-if)#default ip address ip_address
D. router(config-if)#peer default ip address ip_address
Answer: A. router(config-if)#peer ip address ip_address
Explanation: Predefined IP addresses can be assigned using the peer default ip address {ip_address | dhcp | pool poolname} interface configuration command.
Question: Which forms of authentication does PPP support?
A. CHAP
B. MS-CHAP
C. MS-CHAPv2
D. EAP
E. PAP
Answer: A. CHAP
E. PAP
Explanation: PPP supports PAP and CHAP authentication. This is what is required for the exam. In real life it also supports the other protocols 12.2 introduced EAP and MS-CHAPv2.
Question: Which of the following are parameters negotiated by LCP?
A. Authorization
B. Callback
C. Multilink PPP
D. Error Prevention
Answer: B. Callback
C. Multilink PPP
Explanation: LCP negotiates the following additional options:
- Authentication
- Callback
- Compression
- Multilink PPP
Question: How do we enable CHAP authentication with PAP as 2nd option?
A. router(config-if)#ppp authentication chap pap
B. router(config-if)#ppp authentication pap chap
C. router(config-if)#ppp authentication chap primary pap secondary
D. router(config-ppp)#authentication chap
Answer: A. router(config-if)#ppp authentication chap pap
Explanation: To enable CHAP as first choice of authentication and PAP as a backup we use the ppp authentication chap pap interface configuration command.
Question: CHAP uses which hashing algorithm?
A. MD5
B. 3DES
C. DES
D. RSA
Answer: A. MD5
Explanation: CHAP uses MD5 as its hashing algorithm.
Question: Which LCP frames are used to debug a link?
A. LCP-debug frames
B. LCP-termination frames
C. LCP-testing frames
D. LCP-establishment frames
E. LCP-maintenance frames
Answer: E. LCP-maintenance frames
Explanation: LCP-maintenance frames are used to manage and debug a link.
Question: What is required on the client side for PPP Callback to work?
A. ppp callback enable
B. ppp callback accept
C. ppp callback request
D. ppp callback
Answer: C. ppp callback request
Explanation: One of the requirements on the client side is the ppp callback request interface configuration command.
Question: What command can we use to disconnect calls that are not properly configured for PPP Callback?
A. dialer callback-secure
B. ppp callback-secure
C. ppp authentication callback-secure
D. dialer map ip ip_address name name dialer-string callback-secure
Answer: A. dialer callback-secure
Explanation: We can use the dialer callback-secure interface configuration command to disconnect calls that are not properly configured for PPP Callback.
Question: How can we enable bandwidth-on-demand?
A. ppp multilink
B. ppp bandwidth-on-demand enable
C. ppp multilink bod
D. dialer load-threshold
Answer: D. dialer load-threshold
Explanation: Bandwidth-on-demand is enabled when the dialer load-threshold interface configuration command is used without the ppp multilink command.
Question: How can we view to which number a B channel is connected?
A. show interface bri0
B. show dialer
C. show dialer detail
D. show interface bri0 detail
Answer: B. show dialer
Explanation: The show dialer command will display the number to which a B channel is connected and also the failed and successful calls.
Question: How can we view the PPP LCP communication in real time?
A. debug ppp negotiation
B. debug ppp lcp
C. debug ppp authentication
D. debug ppp cbcp
Answer: A. debug ppp negotiation
Explanation: The debug ppp negotiation command will display PPP LCP options during startup of PPP.
Question: What is the total utilized bandwidth used by an ISDN BRI running 2B+D?
A. 128000bps
B. 176000bps
C. 144000bps
D. 192000bps
Answer: D. 192000bps
Explanation: The total utilized bandwidth used by an ISDN BRI running 2B+D is 192000bps. This consits of 64000bps for each B channel, 16000bps for the D channel and 48000bps utilized for overhead not seen by the customer.
Question: When there is no D channel what can we configure to issue signaling requests to the ISDN switch?
A. isdn switch type non-native
B. dialer in-band
C. dialer out-band
D. isdn switch type basic
E. dialer non-native
Answer: B. dialer in-band
Explanation: The dialer in-band configuration command is used when there is no D channel so that signaling requests can be send to the ISDN switch
Question: Which layer 3 protocol is used on the D channel?
A. PPP
B. IP
C. Q.921
D. DSS1
Answer: D. DSS1
Explanation: DSS1 or Q.931 is the layer 3 protocol used on the D channel.
Question: Which BRI switch type is used in Europe?
A. Basic-net3
B. Basic-5ess
C. Basic-ts013
D. Basic-dms100
Answer:  
Explanation:
Question: What TEI is used for group assignments?
A. 127
B. 0
C. 0-63
D. 64-126
Answer:  
Explanation: 127 is the TEI or Terminal Endpoint Identifier for group assignments. 0-63 is used for static assignments although 0 is only used for PRI. 64-126 are used for dynamic assignments.
Question: Which of the following carries the logical ISDN layer 2 indentifier?
A. Terminal Endpoint Identifier
B. Data-link Connection Identifier
C. Local Connection Mode Network Service
D. Service Access Point Identifier
Answer: D. Service Access Point Identifier
Explanation: The Service Access Point Identifier (SAPI) carries the ISDN Layer 2 logical indentifier.
Question: Which of the following switch types support the use of SPIDs?
A. Basic-nznet3
B. Basic-5ess
C. Ntt
D. vn3
E. Basic-NI-1
Answer: B. Basic-5ess
E. Basic-NI-1
Explanation: SPIDs are supported by 5ESS, DMS-100 and NI-1 switch types.
Question: Which of the following fields are not in the Address subfield of a LAPD frame?
A. SAPI
B. TEI
C. C/R
D. AI
E. CTRL
Answer: D. AI
E. CTRL
Explanation: The address subfield of a LAPD frame consists of:
- SAPI, Service Access Point Identifier, 6 bits
- C/R, Comamnd/Response, 1 bit
- EA, Extended addressing, 1 bit
- TEI, Terminal Endpoint Identifier, 7 bits
- EA, Extended addressing, 1 bit
Question: Which command will display all three layers of ISDN?
A. show isdn active
B. show isdn history
C. show isdn service
D. show isdn status
Answer: D. show isdn status
Explanation: The show isdn status command will display all three layers of ISDN.
Question: What is the order to configure basic DDR?
A. Set ISDN switch type, Specify interesting traffic, Configure protocol addressing, Specify static routes, Define int. encap and ISDN addr. parameters, Define any additional interface info.
B. Set ISDN switch type, Specify interesting traffic, Specify static routes, Define int. encap and ISDN addr. parameters, Configure protocol addressing, Define any additional interface info.
C. Set ISDN switch type, Specify interesting traffic, Specify static routes, Configure protocol addressing, Define any additional interface info, Define int. encap and ISDN addr. parameters.
D. Set ISDN switch type, Specify static routes, Specify interesting traffic, Define int. encap and ISDN addr. parameters, Configure protocol addressing, Define any additional interface info.
Answer: B. Set ISDN switch type, Specify interesting traffic, Specify static routes, Define int. encap and ISDN addr. parameters, Configure protocol addressing, Define any additional interface info.
Explanation: The configuration tasks for basic DDR are:
- step 1, set the ISDN switch type
- step 2, specify interesting traffic
- step 3, specify static routes
- step 4, define the interface encapsulation and ISDN addressing parameters
- step 5, configure the protocol addressing
- step 6, define any additional inteface information
Question: What needs to be configured to classify only WWW and TFTP traffic as interesting traffic?
A. router(config)#access-list 101 permit ip any any eq www router(config)#access-list 101 permit ip any any eq tftp router(config)#dialer-list 1 protocol ip list 101
B. router(config)#access-list 101 permit tcp any any eq www router(config)#access-list 101 permit udp any any eq tftp router(config)#dialer-list 1 protocol ip list 101
C. router(config)#access-list 101 permit tcp any any eq www router(config)#access-list 101 permit tcp any any eq tftp router(config)#dialer-list 1 protocol list 101
D. router(config)#access-list 101 permit tcp any any eq www router(config)#access-list 101 permit tcp any any eq tftp router(config)#dialer-list 1 protocol ip 101
Answer: B. router(config)#access-list 101 permit tcp any any eq www router(config)#access-list 101 permit udp any any eq tftp router(config)#dialer-list 1 protocol ip list 101
Explanation: We first create an extended access-list to define the traffic we consider interesting. This list is then used in the dialer-list number protocol ip list access-list-number global configuration command to define the interesting traffic.
Question: What command do we use to associate a dialer-list with the correct interface?
A. access-group list_number
B. dialer-group list_number in
C. dialer-group list_number
D. dialer-class list_number
Answer: C. dialer-group list_number
Explanation: The dialer-group list_number interface configuration command will associate a dialer-list with the appropriate interface.
Question: We want to drop the ISDN connection after 180 seconds of idle time. How do we achieve this?
A. dialer idle time 180
B. dialer timer 180
C. dialer idle-timer 180
D. dialer idle-timeout 180
Answer: D. dialer idle-timeout 180
Explanation: To specify an idle time after which the connection is dropped we use the dialer idle-timeout seconds interface configuration command.
Question: How can we configure the router to accept only calls from specified numbers?
A. dialer answer number
B. dialer map number
C. isdn answer number
D. isdn map number
E. isdn dialer number
Answer: C. isdn answer number
Explanation: To configure the router to accept calls from a certain number only we use the isdn answer number interface configuration command.
Question: How do we implement a mechanism so that routing updates are not send out of BRI0 so the link is not unnecessary kept active?
A. router(config)#passive-interface bri 0 protocol
B. router(config)#router protocol router(config-router)#passive-interface bri 0
C. router(config)#interface bri 0 router(config-if)#passive-interface protocol
D. router(config-dialer)#passive-interface
Answer: B. router(config)#router protocol router(config-router)#passive-interface bri 0
Explanation: The use of the passive-interface type number router configuration command will stop updates being sent via that interface.
Question: How can we configure a specific next hop address and bearing in mind we dial into non-native isdn solution?
A. dialer map ip address phone_number speed 56
B. dialer map ip address speed 56 phone_number
C. dialer map ip address phone_number
D. dialer next-hop address phone_number
Answer: B. dialer map ip address speed 56 phone_number
Explanation: We use the dialer map ip address speed 56 phone_number interface configuration command. This allows a specific next hop address to be reached via a specific phone number. The use of the speed keyword is needed because of the dialling into a non-native ISDN solution, so the B channels operate at 56k instead of 64k.
Question: Which protocol defines the framing between TE1 and NT1?
A. I.430
B. T1.601
C. Q.921
D. Q.931
Answer: A. I.430
Explanation: I.430 defines the framing between a TE1 and NT1 device on ISDN layer 1.
Question: How do we configure BoD to activate the 2nd B channel when the 1st reaches a load of 50%?
A. dialer load-threshold 50
B. dialer load-threshold 49
C. dialer load-threshold 100
D. dialer load-threshold 128
Answer: D. dialer load-threshold 128
Explanation: The dialer load-threshold command specifies that if the load on the first B channel reaches a certain value (1-255) the second B channel should be initialized and once connected, the traffic should load-balance across both channels.
Question: When ppp multilink is enabled on a router, the load is recalculated every ______ ?
A. 5 minutes
B. 30 seconds
C. 3 minutes
D. 90 seconds
E. 180 seconds
Answer: A. 5 minutes
Explanation: When ppp multilink or BoD is enabled on a router, the load is recalculated every 5 minutes
Question: Which of the following are part of a dialer profile?
A. dialer map class
B. virtual interface
C. physical interface
D. dialer group member
Answer: A. dialer map class
C. physical interface
Explanation: A dialer profile is made up of the following:
- dialer interfaces
- dialer map class
- dialer pool
- physical interfaces
Question: What is described by the following:
"defines specific characteristics for any call made to the specified dial string."
A. dialer interface
B. dialer map class
C. dialer pool
D. dialer profile
Answer: B. dialer map class
Explanation: The dialer map class, part of the dialer profile, defines specific characteristics for any call made to the specified dial string.
Question: How do we assign a physical interface to a specific dialer profile?
A. dialer pool-member number
B. dialer profile-member number
C. dialer-group number
D. dialer pool number
Answer: A. dialer pool-member number
Explanation: The dialer pool-member number binds the logical and physical interface together as a single operating entity.
Question: When the physical interfaces are scanned on an incoming call and the first available B channel is initialized a _______________ is implemented.
A. dialer pool
B. round robin dial-on-demand
C. rotary group
D. round robin bandwidth-on-demand
Answer: C. rotary group
Explanation: In a rotary group on an incoming call the members physical interface are scanned and the first available B channel is initialized.
Question: In order for a rotary group to work properly what condition has to be met?
A. The physical interfaces must be capable of supporting rotary groups.
B. The dialer map class must be identical for all rotary group members.
C. The dialer interface desginator must match the dialer rotary-group number.
D. The physical interfaces must all be member of the same dialer-group.
Answer: C. The dialer interface desginator must match the dialer rotary-group number.
Explanation: For a rotary group to function properly the dialer interface designator has to match the dialer rotary-group number.
Question: How do we configure a snapshot client to exchange updates for 10 minutes every 6 hours?
A. snapshot client 10 360 dialer
B. snapshot client 10 6 dialer
C. snapshot client 360 10 dialer
D. snapshot client 6 10 dialer
Answer: A. snapshot client 10 360 dialer
Explanation: To configure the snapshot client for the specified duration we use the snapshot client active quiet dialer interface configuration command. Active is the amount of minutes a connection remains active and quiet is the interval, both are specified in minutes.
Question: How can we monitor the snapshot routing processes?
A. show snapshot
B. show ip snapshot
C. show snapshot route
D. show snapshot proc
Answer: A. show snapshot
Explanation: The show snapshot command lets us monitor the snapshot routing processes.
Question: Which time slots are used on an E1 ISDN link for signalling and framing?
A. Framing, timeslot 0 Signalling, timeslot 1
B. Framing, timeslot 30 Signalling, timeslot 31
C. Framing, timeslot 0 Signalling, timeslot 16
D. Framing, timeslot 0 Signalling, timeslot 31
Answer: C. Framing, timeslot 0 Signalling, timeslot 1
Explanation: On an E1 ISDN link timeslot 0 is used for framing and timeslot 16 for signalling.
Question: With a primary ISDN, the physical coding of the signal on the wire is specified by?
A. DS1
B. DS0
C. S/T
D. T1
Answer: D. T1
Explanation: The physical coding of the signal on the wire is specified by T1 and DS1 specifies the framing characteristics.
Question: Which types of framing are supported by a primary T1 circuit?
A. ESF
B. D4
C. B8ZS
D. CRC4
E. AMI
Answer: A. ESF
B. D4
Explanation: T1 supports SF, SuperFrame or D4 and ESF, Extended SuperFrame framing types.
Question: Which of the following are line coding types?
A. ESF
B. D4
C. AMI
D. SF
E. CRC4
F. HDB3
Answer: C. AMI
F. HDB3
Explanation: AMI, B8ZS and HDB3 are types of line coding on a primary isdn link.
Question: How can we view the framing and line coding used on a primary isdn interface?
A. show controllers t1
B. show interface pri summary
C. show interface pri
D. show interface detail
Answer: A. show controllers t1
Explanation: To view the type of framing and line coding used we use the show controllers t1 command.
Question: 1 Multiframe consists of?
A. 12 T1 frames
B. 16 E1 frames
C. 24 T1 frames
D. 30 E1 frames
Answer: B. 16 E1 frames
Explanation: 16 E1 frames form 1 MultiFrame.
Question: The TEI of a PRI is?
A. 127
B. 1
C. 64
D. 0
Answer: D. 0
Explanation: In Cisco's implementation the Terminal Endpoint Identifier (TEI) is always 0 for a PRI.
Question: How do we configure esf framing on our PRI interface?
A. router(config)#controller e1 0/0 router(config-controller)#framing esf
B. router(config)#interface pri 0/0 router(config-if)#framing esf
C. router(config)#framing esf
D. router(config)#controller t1 0/0 router(config-controller)#framing esf
Answer: D. router(config)#controller t1 0/0 router(config-controller)#framing esf
Explanation: To configure the framing type on our PRI interface we use the framing framing_type controller configuration command. The controller type depends on the fact if we are using a T1 or E1.
Question: How do we configure an incoming isdn call from a modem user to be diverted to a modem bank installed in the router?
A. router(config-if)#isdn incoming-modem
B. router(config-if)#isdn incoming-call modem
C. router(config-if)#isdn incoming-voice modem
D. router(config-if)#isdn incoming modem
Answer: C. router(config-if)#isdn incoming-voice modem
Explanation: To redirect any inbound calls from modem users to the installed MICA modem bank we use the isdn incoming-voice modem interface configuration command.
Question: Which command displays the dialer reason?
A. show isdn dialer
B. show isdn service
C. show isdn detail
D. show dialer
Answer: D. show dialer
Explanation: One of the lines in the output of the show dialer command is the dial reason.
Dial reason: ip (s=192.168.1.15, d=192.168.100.1)
Question: Which debug command can we use to determine which traffic is crossing the ISDN link?
A. debug dialer
B. debug ppp multilink
C. debug isdn q931
D. debug isdn q921
Answer: A. debug dialer
Explanation: The debug dialer command will display what kind of traffic is attempting to traverse the ISDN link.
Question: In the output of debug isdn q921 we see a ri = xxxx. What does ri represent?
A. redirect indicator
B. reference indicator
C. request indicator
D. resource indicator
Answer: B. reference indicator
Explanation: Ri is a reference indicator, it provides the router and isdn switch a means to differentiate between the calls they might be making.
Question: Which debug command is very usefull if we want to see call setup and teardown?
A. debug isdn q921
B. debug isdn call
C. debug isdn q931
D. debug isdn dialer
Answer: C. debug isdn q931
Explanation: The debug isdn q931 command is very usefull if we want to know more information about call setup and teardown.
Question: Which of the following are DOCSIS components?
A. Framing specifications
B. Signalling specifications
C. Bandwidth specifications
D. Cable Modem Termination System
E. Back office services
Answer: D. Cable Modem Termination System
E. Back office services
Explanation: DOCSIS components that comprise its architecture are:
- Cable Modem Termination System
- Cable Modem
- Back office services
Question: Which of the following are part of a DOCSIS compliant configuration file?
A. FTP software server IP Address
B. Network Access configuration
C. Maximum downstream rate
D. CPE ethernet MAC Address
E. Authentication wait timeout
Answer: B. Network Access configuration
D. CPE ethernet MAC Address
Explanation: CPE Ethernet MAC Address and Network Access Configuration are some of the elements of a DOCSIS compliant confoiguration file.
Question: What command can we use on a uBR device to show the status of the individual connections?
A. show cable modem
B. show cable connections
C. show cable details
D. show cable summary
Answer: A. show cable modem
Explanation: The show cable modem command will display the status of the individual connections on a uBR device.
Question: What is the correct order for the data transfer process?
A. register with the CMTS, scan for downstream channel and synch., obtain upstream parameters, make ranging and auto adjustments,establish IP connectivty, establish time of day, transfer optional parameters, establish baseline privacy (optional)
B. scan for downstream channel and synch., obtain upstream parameters,make ranging and auto adjustments, establish IP connectivty, establish time of day, transfer optional parameters, register with the CMTS, establish baseline privacy (optional)
C. scan for downstream channel and synch., obtain upstream parameters,make ranging and auto adjustments,establish IP connectivty, establish time of day, register with the CMTS, establish baseline privacy (optional), transfer optional parameters.
D. obtain upstream parameters, make ranging and auto adjustments,establish IP connectivty, establish time of day,transfer optional parameters, register with the CMTS, establish baseline privacy (optional),scan for downstream channel and synch.
Answer: B. scan for downstream channel and synch., obtain upstream parameters, make ranging and auto adjustments, establish IP connectivty, establish time of day, transfer optional parameters, register with the CMTS, establish baseline privacy (optional)
Explanation: The data transfer process is as follows:
- scan for a downstream channel and establish synchronization
- obtain upstream parameters
- make ranging and automatic adjustments
- establish IP connectivity (DHCP)
- establish time of day (ToD)
- transfer optional parameters
- register with CMTS
- establish baseline privacy (optional)
Question: How do enable briding again on a uBR 900 series router?
A. ip bridging enable
B. ip bridging
C. ip routing disable
D. no ip routing
Answer: D. no ip routing
Explanation: Bridging mode is the default mode for most CM devices. If routing was turned on we can revert back to bridging mode with the no ip routing global configuration command.
Question: Which of the following are provided by the DHCP server to the CM?
A. Complete name of the DOCSIS configuration file
B. Radius server address
C. Syslog server address
D. FTP server address
E. WINS server address
Answer: A. Complete name of the DOCSIS configuration file
C. Syslog server address
Explanation: The following are provided by the DHCP server to the CM:
- IP Address
- Subnetmask
- Default gateway
- TFTP server
- DHCP Relay agent
- Complete name of DOCSIS configuration file
- Address of ToD server
- Syslog server address
Question: Satellite links provide on average a downstream speed of ______ during peak hours?
A. 400 kbps
B. 40 kpbs
C. 150 kpbs
D. 128 kpbs
Answer: C. 150 kpbs
Explanation: Downstream speeds on satellite links are usuaul up to 400 kpbs during off peak hours and 150 kpbs during peak hours.
Question: The orbit period of a intermediate circular orbit is?
A. 8 hours
B. 24 hours
C. 6 hours
D. 2 hours
Answer: C. 6 hours
Explanation: The orbit period of a intermediate circular orbit or medium earth orbit is 6 hours.
Question: Wireless is specified in which IEEE standard?
A. 802.11
B. 802.2
C. 802.5
D. 802.10
E. 802.13
Answer: A. 802.11
Explanation: IEEE 802.11 specifies the wireless specifications and has 3 variations, 802.11a, 802.11b and 802.11g.
Question: Which Wireless IEEE standard operates in the 5GHz band?
A. 802.11b
B. 802.11g
C. 802.11f
D. 802.11a
Answer: D. 802.11a
Explanation: IEEE802.11a operates in the 5 GHz band.
Question: IEEE802.11b has a maximum of ________ data transmission capability.
A. 54 Mbps
B. 11 Mbps
C. 5.5 Mbps
D. 24 Mbps
Answer: B. 11 Mbps
Explanation: Data transmission in the IEEE802.11b standard can be at 1, 2, 5.5 and 11 Mbps.
Question: WEP has a maximum encryption of?
A. 56-bit
B. 40-bit
C. 128-bit
D. 512-bit
Answer: C. 128-bit
Explanation: WEP provides encryption with 40 bits or 128 bits of key strength
Question: What type of WiFi security is in place when using a centralized user-based authentication?
A. WEP
B. WAP
C. LEAP
D. AAA
Answer: C. LEAP
Explanation: LEAP or Light Extensible Authentication Protocol provides a centralized user-based authentication with the ability to generate dynamic WEP keys.
Question: Which of the following are some reason why ADSL would not be available at your site?
A. Loading coils
B. Copper cables
C. Splitters
D. Fiber-optic cables
Answer: A. Loading coils
D. Fiber-optic cables
Explanation: Fiber-optic cables, bridge taps and loading coils are some reasons why a site can not be equiped with ADSL.
Question: A DSL data rate of 6.1 Mbps over 26AWG wires has a maximum distance of?
A. 9000 ft
B. 12000 ft
C. 15000 ft
D. 18000 ft
Answer: A. 9000 ft
Explanation: A DSL data rate of 6.1 Mbps over 26AWG wires has a maximum distance of 9000 ft.
Question: Which types of modulation are available on DSL?
A. TDM
B. DMT
C. QAM
D. PCM
E. CAP
F. FDM
Answer: B. DMT
E. CAP
Explanation: CAP, Carrierless Amplitude Phase, and DMT, Discrete Multitone, are ANSI standards that define ADSL modulation.
Question: What is the range used for upstream data traffic when using CAP ADSL modulation?
A. 0 kHz to 4 kHz
B. 15 kHz to 50 kHz
C. 240 kHz to 1.5 MHz
D. 25 kHz to 160 kHz
Answer: D. 25 kHz to 160 kHz
Explanation: The 25 kHz to 160 kHz range is used for upstream data traffic when using CAP ADSL modulation.
Question: What type of ADSL modulation divides the signals into 256 seperate channels?
A. CAP
B. ATM
C. DMT
D. POTS
Answer: C. DMT
Explanation: DMT, Discrete MultiTone, divides the signal into 256 channels or carriers.
Question: What is the range used for downtream data traffic when using DMT ADSL modulation?
A. 240 kHz to 1.5 MHz
B. 140 kHz to 1 MHz
C. 15 kHz to 50 kHz
D. 130 kHz to 1.5 MHz
Answer: B. 140 kHz to 1 MHz
Explanation: 140 kHz to 1 MHz is the range used by DMT for downstream data traffic.
Question: Using DTM modulation each of the carriers is ________ wide.
A. 4.3125 kHz
B. 5 kHz
C. 3.2475 kHz
D. 2.1024 kHz
Answer: A. 4.3125 kHz
Explanation: When using DTM modulation each of the 256 channels or carriers is 4.3125 kHz wide.
Question: Which of the following xDSL flavors are symmetric?
A. IDSL
B. VDSL
C. ADSL
D. HDSL2
E. RDSL
Answer: A. IDSL
D. HDSL2
Explanation: SDSL, SHDSL, HDSL, HDSL2 and IDSL are symmetric DSL flavors. ADSL, G.lite ADSL, RADSL and VDSL are asymmetric DSL flavors.
Question: Which DSL flavor will adjust the connection speed depending on the quality of the telpehone line?
A. G.lite ADSL
B. HDSL2
C. RADSL
D. IDSL
Answer: C. RADSL
Explanation: RADSL or rate-adavptive DSL will automatically adjust the connection speed depending on the quality of the telephone line.
Question: HDSL2 uses how many wire pairs to provide 1.5 Mbps?
A. 1
B. 2
C. 4
D. 8
Answer: A. 1
Explanation: HDSL2 uses one pair of wires to provide 1.5 Mbps while HDSL used 2 pair.
Question: Which DSL flavor provides upstream and downstream transfer rates of up to 144 kbps?
A. VDSL
B. G.Lite ADSL
C. SDSL
D. IDSL
Answer: D. IDSL
Explanation: IDSL, ISDN DSL, provides upstream and downstream transfer rates of up to 144 kbps over existing phonelines.
Question: Which of the following are part of the PPP Packet?
A. VCI
B. NCP
C. ESF
D. Data frames
E. DLCI
Answer: B. NCP
D. Data frames
Explanation: A PPP packet contains:
- Link Control Protocol, LCP
- Network Control Protocol, NCP
- Data frames
Question: PPP adds a __________ protocol identifier to the HDLC packet.
A. 16 byte
B. 8 bit
C. 8 byte
D. 4 bit
E. 4 byte
F. 16 bit
Answer: F. 16 bit
Explanation: PPP extends the HDLC packet with a 16 bit packet identifier.
Question: What are the 2 phases of PPPoE initialization?
A. Discovery phase
B. PPP Session phase
C. Establishing phase
D. Disconnection phase
E. Authentication phase
Answer: A. Discovery phase
B. PPP Session phase
Explanation: PPPoE initialization has a discovery phase and a PPP session phase.
Question: What is the order of the Discovery phase in PPPoE initialization?
A. DLSAM responds with offer, CPE continues to Session phase, DSLAM continues to Session phase, CPE sends a initiation packet
B. CPE sends a initiation packet, DLSAM responds with offer, CPE continues to Session phase, DSLAM continues to Session phase
C. CPE sends a initiation packet, DLSAM responds with offer, DSLAM continues to Session phase, CPE continues to Session phase
D. DLSAM responds with offer, CPE sends a initiation packet, CPE continues to Session phase, DSLAM continues to Session phase
Answer: B. CPE sends a initiation packet, DLSAM responds with offer, CPE continues to Session phase, DSLAM continues to Session phase
Explanation: The 4 steps of the Discovery phase are:
- The CPE sends an initiation packet
- The DSLAM responds with an offer packet
- The CPE continues to the Session phase
- The DSLAM continues to the Session phase
Question: During the PPP Session phase the Ether_Type field of the packet is set to?
A. 0x8863
B. 0x8865
C. 0x8862
D. 0x8864
Answer: D. 0x8864
Explanation: During the PPP Session phase the Ether_Type field of the packet is set to 0x8864.
Question: Which of the following is part of PPPoA?
A. AAL5
B. DLCI
C. ETHER_Type
D. DMT
Answer: A. AAL5
Explanation: PPPoA uses AAL5, ATM adaption layer 5 framing.
Question: In PPPoA what is the first VCI available to be used for end-user configurations?
A. 16
B. 100
C. Any VCI between 0 - 65535
D. 32
E. 15
Answer: D. 32
Explanation: VCI 0 - 15 are used by the ITU.
VCI 16 - 31 are used by the ATM forum.
VCI 32 - 65535 are used for end-user configurations.
Question: PPPoA uses what type of encapsulation?
A. SNAP
B. 802.2
C. Frame Relay
D. CCC
Answer: A. SNAP
Explanation: PPPoA uses SNAP encapsulation along with AAL5 framing.
Question: Which Cisco 827 series router is recommended for IP Telephony?
A. 827-4H
B. 827-H
C. 827-4T
D. 827-4V
Answer: D. 827-4V
Explanation: The 827-4V comes standard with 4 voice ports.
Question: What is the maximum receive unit on a 827 series router?
A. 1492
B. 1500
C. 1518
D. 53
Answer: A. 1492
Explanation: The maximum receive unit on a 827 series router is 1492.
Question: How do we configure the maximum receive unit on a 827 series router?
A. ip mru 1492
B. ip mtu 1492
C. mru 1492 max
D. ip mru-size 1492
Answer: B. ip mtu 1492
Explanation: To configure the maximum receive unit we use the ip mtu 1492 interface configuration command.
Question: Which debug command can we use to troubleshoot ADSL?
A. debug adsl events
B. debug atm adsl
C. debut atm adsl events
D. debug atm events
Answer: D. debug atm events
Explanation: Debug atm events will display ATM events and is usefull when troubleshooting ADSL.
Question: What could be the cause of an ATM interface showing up but the line protocol is down?
A. The interface is shutdown.
B. The interface is not receiving carrier on the wire.
C. The cable is unplugged from the interface.
D. The interface is misconfigured.
Answer: B. The interface is not receiving carrier on the wire.
Explanation: A possible cause of an ATM interface showing up but the line protocol showing down is that the interface is not receiving carrier on the wire.
Question: Frame Relay is by nature a ___________ _________________ network.
A. broadcast multiaccess
B. cell switched
C. nonbroadcast multiaccess
D. packet-switched
E. nonbroadcast single access
F. broadcast single access
Answer: C. nonbroadcast multiaccess
D. packet-switched
Explanation: Frame Relay is by nature a nonbroadcast multiaccess packet-switched network.
Question: A VC is identified via the ______________ when we use Frame Relay?
A. Data-Link Connectivity Identifier
B. Data-Layer Connection Identifier
C. Data-Link Connection Identifier
D. Data-Layer Connectivity Identification
Answer: C. Data-Link Connection Identifier
Explanation: The DLCI, Data-Link Connection Identifier is used to identify a VC when we use Frame-Relay.
Question: Using ANSI LMI which of the following are not reserved DLCI's?
A. 10
B. 1007
C. 1010
D. 16
E. 1020
F. 674
G. 5
Answer: B. 1007
D. 16
F. 674
Explanation: Using ANSI LMI reserved DLCI's are 0 to 15 and 1008 to 1023.
Question: What is used by a Frame Relay switch to monitor the status of the CPE device to which it is attached?
A. DLCI
B. VCI
C. LCP
D. LMI
Answer: D. LMI
Explanation: LMI, Local Management Interface, is used by a Frame Relay switch to monitor the status of the CPE devices that are attached to it.
Question: Which LMI type is also known as Annex D?
A. ANSI
B. Q933a
C. ITU-T
D. Cisco
Answer: A. ANSI
Explanation: The ANSI LMI type is also known as Annex D.
Question: Q933a LMI type uses which DLCI?
A. DLCI 10
B. DLCI 0
C. DLCI 1023
D. user defined DLCI
Answer: A. DLCI 10
Explanation: Q933a and ANSI use DLCI 0. CISCO LMI uses DLCI 1023.
Question: What command do we use to change the LMI?
A. frame-relay lmi-type type
B. lmi-type type
C. frame-relay LMI type
D. frame-relay encapsulation LMI type
Answer: A. frame-relay lmi-type type
Explanation: We use the frame-relay lmi-type type interface configuration command to change the LMI type.
Question: What is the default LMI type on a Cisco router?
A. Q933a
B. ANSI
C. Cisco
D. Annex D
Answer: C. Cisco
Explanation: As expected Cisco is the default LMI type on a Cisco router.
Question: In a full mesh Frame Relay network of 25 routers how many connections have to be made?
A. 300
B. 600
C. 625
D. 50
Answer: A. 300
Explanation: We use the n(n-1)/2 formula to calculate the amount of VC's that need to be made between the sites. In this case 25(25-1)/2 = 600/2 = 300.
Question: Which Frame Relay topology is the least fault tolerant?
A. full mesh
B. partial mesh
C. collapsed core
D. hub and spoke
Answer: D. hub and spoke
Explanation: A hub and spoke topology has the least redundant strategy, i.e. the least fault tolerant.
Question: When using a hub and spoke Frame-Relay topology what could cause problems?
A. DLCI mismatch
B. Bandwidth mismatch
C. Split horizon
D. Counting to infinity
Answer: C. Split horizon
Explanation: When using a Frame-Relay hub and spoke topology then split horizon can cause problems if there are no sub interfaces configured.
Question: What can we do to resolve the problem of split horizon using a hub and spoke frame-relay topology?
A. Router(config)#interface serial 0 Router(config-if)#encapsulation frame-relay Router(config-if)#ip address ip_address subnetmask
B. Router(config)#interface serial 0 Router(config-if)#encapsulation frame-relay Router(config-if)#no split-horizon Router(config-if)#ip address ip_address subnetmask
C. Router(config)#no split-horizon
D. Router(config)#interface serial 0 Router(config-if)#encapsulation frame-relay Router(config-if)#interface serial 0.1 point-to-point Router(config-subif)#ip address ip_address subnetmask
Answer: D. Router(config)#interface serial 0 Router(config-if)#encapsulation frame-relay Router(config-if)#interface serial 0.1 point-to-point Router(config-subif)#ip address <i>ip_address subnetmask</i>
Explanation: The creation of subinterfaces solves the split horizon problem by creating multiple logical interfaces.
Question: How can we configure subinterfaces when using Frame Relay?
A. multipoint
B. point-to-point
C. point-to-multipoint
D. broadcast
Answer: A. multipoint
B. point-to-point
Explanation: We can configure a subinterface to be a point-to-point or multipoint interface.
Question: How do we enable Frame Relay on an interface?
A. encapsulation frame relay
B. frame-relay encapsulation
C. encapsulation frame-relay
D. frame relay encapsulation
Answer: C. encapsulation frame-relay
Explanation: To enable Frame Relay we use the encapsulation frame-relay interface configuration command.
Question: How do we disable LMI on an interface?
A. no lmi type
B. no keepalive
C. no lmi keepalive
D. no ip lmi
Answer: B. no keepalive
Explanation: To disbale LMI completely we use the no keepalive interface configuration command.
Question: We want to disable split horizon in our IPX RIP network. How do we achieve this?
A. This is not possible.
B. Router(config)#router rip Router(config-router)#no split-horizon
C. Router(config)#interface name Router(config-if)#no split-horizon
D. Router(config)#no split-horizon
Answer: A. This is not possible.
Explanation: By default on IPX and Appletalk networks we cannot disable split horizon unless EIGRP is used as the routing protocol.
Question: What could be the next line of the following configuration?
router(config)#interface serial 0
router(config-if)#encapsulation frame-relay
router(config-if)#interface serial 0.1 multipoint
router(config-subif)#ip address 10.1.1.1 255.255.255.0
 A. router(config-subif)#frame-relay map ip 10.1.1.2 255.255.255.0 100 broadcast
B. router(config-subif)#frame-relay map ip 10.1.1.2 100 broadcast
C. router(config-subif)#encapsulation frame-relay
D. router(config-subif)#frame-relay map ip 10.1.1.2 255.255.255.0 broadcast
Answer: B. router(config-subif)#frame-relay map ip 10.1.1.2 100 broadcast
Explanation: The frame-relay map ip ip_address dlci broadcast configuration line is the most logical next line in the configuration that has the correct syntax.
Question: How do we achieve routing updates being send on a Frame-Relay network?
A. frame-relay map ip next_hop_ip_address dlci
B. frame-relay map ip next_hop_ip_address next_hop_subnetmask dlci broadcast
C. frame-relay map ip next_hop_ip_address dlci broadcast
D. frame-relay map ip next_hop_ip_address next_hop_subnetmask dlci
Answer: C. frame-relay map ip <i>next_hop_ip_address dlci</i> broadcast
Explanation: The broadcast keyword of the frame-relay map ip next_hop_ip_address next_hop_subnetmask dlci interface configuration command will allow routing updates to be send through the network.
Question: How do we view the active PVCs?
A. show frame-relay pvc
B. show frame-relay pvc active
C. show pvc active
D. show interface serial
Answer: A. show frame-relay pvc
Explanation: The show frame-relay pvc command will display the status of the configured pvc's on the router.
Question: Looking at the output below. What does FECN mean?

DLCI = 456, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0.456
input pkts 0
output pkts 40
in bytes 0
out bytes 45000
dropped pkts 0
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
out BECN pkts 0
in DE pkts 0
out DE pkts 0
out bcast pkts 0
out bcast bytes 0
pvc create time 00:01:20, last time pvc status changed 00:00:11
A. Forward Extreme Congestion Notofication
B. Forward Explicit Configuration Notification
C. Forward Explicit Congestion Notification
D. Forward Explicit Congestion Notice
Answer: C. Forward Explicit Congestion Notification
Explanation: FECN or Forward Explicit Congestion Notification is set by the source when the destination should slow down the request for data in order not to mark packets as DE (Discard Eligble).
Question: What command will display statistics about the local management interface?
A. shown interface local
B. show frame-relay lmi
C. show lmi
D. show frame-relay statistics
Answer: B. show frame-relay lmi
Explanation: The show frame-relay lmi command will display statistics about the Local Management Interface [LMI].
Question: What debug command can we use to view traffic between the router and the switch?
A. debug frame-relay adjacency
B. debug frame-relay switching
C. debug frame-relay fragment
D. debug frame-relay lmi
Answer: D. debug frame-relay lmi
Explanation: The debug frame-relay lmi command will display information about information send between the router and the Frame-Relay switch.
Question: What command will display the following output?

Serial0.123  (up): point-to-point dlci, dlci 16(0x10,0x400), broadcast
                    status defined, active

Serial0.456  (up): point-to-point dlci, dlci 17(0x0A,0x401), broadcast
                    status defined, active
A. show frame-relay map
B. show frame-relay status
C. show frame-relay route
D. show frame-relay traffic
Answer: A. show frame-relay map
Explanation: The show frame-relay map command will display the following output:

Serial0.123  (up): point-to-point dlci, dlci 16(0x10,0x400), broadcast
                    status defined, active

Serial0.456  (up): point-to-point dlci, dlci 17(0x0A,0x401), broadcast
                    status defined, active
Question: Which of the following vendors defined the Cisco LMI type?
A. Juniper
B. DEC
C. IBM
D. Cisco
E. Nortel
F. 3Com
G. StrataCom
H. Alcatel
I. AT&T
J. LinkSys
Answer: B. DEC
D. Cisco
E. Nortel
G. StrataCom
Explanation: The Cisco LMI type is defined by Cisco, StrataCom, Nortel and DEC, it also known as "gang of four".
Question: What is the formula to calculate the Be of a Frame-Relay circuit?
A. PIR/8
B. Bc/8
C. MIR/8
D. CIR/8
Answer: D. CIR/8
Explanation: The Be or Excessive Burst is typical CIR/8. This is full credit, credit is build up duing periods of non-transmission.
Question: CIR stands for?
A. Congestion Information Rate
B. Committed Information Ratio
C. Committed Information Rate
D. Committed Input Ratio
Answer: C. Committed Information Rate
Explanation: CIR is the abbreviation of Committed Information Rate.
Question: Cisco has 2 platform types. What are they?If we have a 256 kbps Frame Relay circuit, what would the Byte Increment be?
A. 2000 bps
B. 8000 bps
C. 16000 bps
D. 4000 bps
Answer: D. 4000 bps
Explanation: In order to calculate the Byte Increment we first calculate the Bc [Committed burst] using the formula CIR / 8 = 256000 / 8 = 32000 bps. The Byte Increment is the Bc / 8 and must be greater then 125, using that formula we come to 32000 / 8 = 4000 bps.
Question: Frame Relay Traffic Shaping is supported on which switching paths?
A. Fast-switching
B. Process-switching
C. CEF
D. Netflow-switching
E. dCEF
Answer: A. Fast-switching
B. Process-switching
Explanation: Frame Relay Traffic Shaping is supported only on fast-switching or process-switching paths.
Question: After receiving the last BECN, how many time intervals does it take to get back to CIR when frame-relay traffic shaping is enabled?
A. 1
B. 16
C. 8
D. 10
E. 24
Answer: B. 16
Explanation: It takes 16 time intervals with no receipt of BECNs to get link back to CIR speed.
 
Question: Which command do we use to define the peak rate using traffic shaping?
A. frame-relay peak value
B. frame-relay shaping peak value
C. frame-relay rate peak value
D. frame-relay traffic-rate average peak
Answer: D. frame-relay traffic-rate average peak
Explanation: The frame-relay traffic-rate average peak command allows you to define the average and peak traffic rate in the map class when you use traffic shaping.
Question: Which command will show the current traffic shaping configuration, interface by interface?
A. show traffic-shape
B. show interface traffic-shape
C. show traffic-shape statistics
D. show frame-relay traffic-shape
Answer: A. show traffic-shape
Explanation: The show traffic-shape command will display the current traffic shaping configuration interface by interface.
Question: Once we defined a map class how do we apply it to an interface?
A. Router(config-if)#frame-relay map-class name
B. Router(config-if)#frame-relay class name
C. Router(config-if)#map-class name
D. Router(config-if)#frame-relay traffic-shaping map-class name
Answer: B. Router(config-if)#frame-relay class name
Explanation: To apply a map class to an interface, subinterface or PVC we use the frame-relay class name configuration command.
Question: Which command will display DLCI specific traffic shaping information?
A. show traffic-shape dlci
B. show traffic-shape
C. show traffic-shape queue
D. show traffic-shape statistics
Answer: C. show traffic-shape queue
Explanation: We use the show traffic-shape queue command to display specific information about traffic shaping on DLCI or interface level.
Question: Cisco has 2 platform types. What are they?We want our backup link to come up 3 seconds after failure detection of the primary link and stay up for 45 seconds after the primary link has become active again. How do we achieve this?
A. backup delay 45 3
B. backup delay 3 backup tear-down 45
C. backup initiate 3 backup tear-down 45
D. backup delay 3 45
Answer: D. backup delay 3 45
Explanation: The backup delay enable_time disable_time interface configuration command will allow us to configure the delays timers for the backup interface.
Question: What command can we use to activate the backup link when the primary link reaches a threshold due to over-utilization?
A. backup load enable_threshold disable_load
B. backup delay enable_threshold disable_load
C. backup watch enable_threshold disable_load
D. backup enable enable_threshold disable_load
Answer: A. backup load enable_threshold disable_load
Explanation: The backup load enable_threshold disable_load interface configuration command let's us specify the percentage load at which the backup link is activated. When the aggregate load of both interfaces falls below the disable load the backup link is de-activated.
Question: When not using dial-up or ISDN we can use which of the following?
A. secondary ip addressing
B. adaptive traffic shaping
C. load balancing
D. floating static routes
Answer: C. load balancing
D. floating static routes
Explanation: We can use load balancing or floating static routes as alternative to dial-up or ISDN.
Question: When using dynamic redundancy as alternative backup strategy for dial-up or ISDN which of the following are considered dynamic?
A. IGRP/EIGRP variance
B. floating static routes
C. load balancing over equal-cost, redundant paths
D. adaptive traffic shaping
Answer: A. IGRP/EIGRP variance
C. load balancing over equal-cost, redundant paths
Explanation: Dynamic redundancy strategies are IGRP/EIGRP variance and load balancing across equal-cost, redundant paths.
Question: Using a crypto map, which statement will define the key exchange parameters?
A. set pfs
B. set exchange
C. set pki
D. set key
Answer: A. set pfs
Explanation: The set pfs group 1 | group 2 statement defines the key exhange parameters, Diffie-Hellman group 1 or 2.
Question: Which queueing strategy will take place on the egress interface even if that interface is not congested?
A. CBWFQ
B. WFQ
C. LLQ
D. STAC
Answer: C. LLQ
Explanation: LLQ or Low Latency Queueing is the only method that will always be applied to the egress interface. Other queueing techniques will enable when the egress interace is congested.
Question: On a Cisco router, the default queueing method for a serial interface with a clockrate equalling 2Mbps or less is?
A. FQ
B. WFQ
C. LLQ
D. FIFO
Answer: B. WFQ
Explanation: WFQ or Weighted Fair Queueing is the default queueing method for a serial interface with a clockrate equalling 2Mbps or less on a Cisco router.
Question: Which of the following statements are true?
A. Queueing is a method to prioritise traffic
B. Queueing will increase bandwidth
C. Queueing will add no additional delay to the traffic
D. All forms of queuing need to be configured on the router
E. On high speed interfaces (greater then 2Mbps) FIFO is the default queueing method
Answer: A. Queueing is a method to prioritise traffic
E. On high speed interfaces (greater then 2Mbps) FIFO is the default queueing method
Explanation: FIFO or First-in First-out is the default queueing method on high speed interfaces, i.e. interfaces with a clockrate higher then 2 Mbps. Using queueing strategies we can prioritise traffie, e.g. voice traffic before telnet traffic.
Question: Which of the following queueing methods are considered advanced methods?
A. FQ
B. CBWFQ
C. WFQ
D. LLQ
E. FIFO
Answer: B. CBWFQ
D. LLQ
Explanation: CBWFQ or Class-Based Weighted Fair Queueing and LLQ or Low-Latency Queueing are considered advanced queueing techniques.
Question: Using Fair Queueing, what is the delimiter to allow a packet to be put on the wire?
A. protocol
B. port number
C. ToS
D. size
Answer: D. size
Explanation: When FQ is used smaller packets will be sent out of the egress interface before larger packets, so the size of the packets is the only delimiter when using FQ.
Question: What does WFQ use to "weigh" a packet?
A. destination
B. size
C. ToS bits
D. port numbers
Answer: C. ToS bits
Explanation: Weighted Fair Queueing uses the ToS bits to become a "weight" when dispatching packets through an egress interface.
Question: Which of the following are taken into consideration when the router creates a flow using WFQ?
A. DLCI
B. protocol numbers
C. Priority
D. Size
Answer: A. DLCI
B. protocol numbers
Explanation: WFQ takes the source and destination IP Addresses, MAC addresses, DLCI, ToS, protocol numbers, ports in consideration when creating a flow.
Question: When using CBWFQ, which command do we use to apply our queueing strategy to the interface?
A. class-map
B. service-policy
C. policy-map
D. no fair-queue
Answer: B. service-policy
Explanation: We assign our policy or queueing strategy to the interface using the service-policy command.
Question: What is the maximum amount of match conditions in a class-map?
A. 8
B. 32
C. 128
D. 16
E. 64
Answer: E. 64
Explanation: Each class-map can have a maximum of 64 matching conditions within.
Question: Which of the following queueing strategies can be used to assign a adequate bandwidth to certain flows?
A. FIFO
B. FQ
C. WFQ
D. CBWFQ
Answer: D. CBWFQ
Explanation: One advantage of CBWFQ or Class-Based Weighted Fair Qeueuing is that it allows the administrator to assign adequate bandwidth to certain flows.
Question: When creating a class-map we want all the conditions to be met, how do we achieve this?
A. use match option when defining the class map
B. use the match-exact option after every condition withing the class map
C. use match-all option when defining the class map
D. use the match-exact option when defining the class map
Answer: C. use match-all option when defining the class map
Explanation: When using the match-all option when defining the class map all the conditions in the class map have to be fulfilled for the class to succeed.
Question: How do we create a class map that would match all packets permitted by access lists 110 and 111?
A. class-map match-all name
match access-list 110
match access-list 111
B. class-map match-all name
match access-group 110
match access-group 111
C. class-map name
match access-group 110
match access-group 111
D. class-map match-all name
access-group 110
access-group 111
Answer: B. class-map match-all name
match access-group 110
match access-group 111
Explanation: To match all conditions in the class map we use the match-all keyword when defining the class map. In the match condition we use access-group to call the required access list.
Question: Which of the following can be used, as a keyword, in the match condition of a class map?
A. Bandwidth
B. IP DSCP value
C. Destination IP Address
D. Destination-address MAC
E. ToS
Answer: B. IP DSCP value
D. Destination-address MAC
Explanation: Besides access-group we can also use the IP DSCP value, destination/source-address mac, IP RTP ports, CoS, CoS group numbers, MPLS experimental bits and protocol values.
Question: How do we apply class-map free and class-map test to an interface? Assuming that the first class needs 64 kbps bandwidth and the other one 128 kbps.
A. policy-map name
class free
bandwidth 64
class test
bandwidth 128
! interface type/number
service-policy output policy name
B. policy-map name
class free
bandwidth 64
class test
bandwidth 128
! interface type/number
policy-class output policy name
C. service-policy-map name
class free
bandwidth 64
class test
bandwidth 128
! interface type/number
service-policy output policy name
D. policy-map name
class-map free
bandwidth 64
class-map test
bandwidth 128
! interface type/number
service-policy output policy name
Answer: A. policy-map name
class free
bandwidth 64
class test
bandwidth 128
! interface type/number
service-policy output policy name
Explanation: After creating the class maps we create a policy map using the policy-map name command. We then apply that policy map to the required interface using the service-policy input or output policy_name interface configuration command.
Question: How can we view the class maps of a specific policy?
A. show queue
B. show interface policy
C. show queue details
D. show policy-map
Answer: D. show policy-map
Explanation: The show policy-map command will display the class maps that are within that policy.
Question: Which command do we use to request bandwidth when using LLQ?
A. bandwidth
B. precentage
C. priority
D. reserve
Answer: C. priority
Explanation: LLQ uses the priority command to request bandwidth.
Question: Which of the following compression types are supported on a Cisco router?
A. RBA
B. TCP header
C. Microsoft Point-to-Point
D. PKZIP
Answer: B. TCP header
C. Microsoft Point-to-Point
Explanation: The following compression types are supported on a Cisco router:
- Link
- Payload
- TCP header
- Microsoft Point-to-Point
Question: When would it not be a good idea to implement compression?
A. When the router is running at a high CPU utilization.
B. When there are slow links being used.
C. When WAN links are overutilized.
D. When all packets are the same size.
Answer: A. When the router is running at a high CPU utilization.
Explanation: Compression adds additional CPU cycles so when the router is running at a high CPU utilization already (+80 %) it is not a good idea to implement compression.
Question: Which of the following are Link compression methods?
A. PKZIP
B. Payload
C. Stac
D. Predictor
Answer: C. Stac
D. Predictor
Explanation: Link compression methods are Stac, Predictor or MPPC these methods will compress the whole L2 frame.
Question: Which of the following compression methods can only be used on PPP links?
A. predictor
B. stac
C. payload
D. tcp header
Answer: A. predictor
Explanation: Predictor compression can not be used on any type of link like tcp header compression, nor can it be used on HDLC like stac or payload. It is Cisco proprietary.
Question: How do we enable stac on a frame-relay interface?
A. Router(config-if)#compress stac
B. Router(config-if)#frame-relay compress-stac
C. Router(config-if)#frame-relay compress
D. Router(config-if)#frame-relay payload-compress
Answer: D. Router(config-if)#frame-relay payload-compress
Explanation: To enable Stac on Frame-Relay connections we use the <b>frame-relay payload-compress</b> interface configuration command.
Question: Which of the following are issues when implementing compression?
A. CPU and memory
B. Low bandwidth
C. Routing protocol used
D. Data encryption
Answer: A. CPU and memory
D. Data encryption
Explanation: When implementing compression watch out for the following issues:
- modem compression, MNP5 and V.42bis are not compatible
- data encryption
- CPU and memory
Question: How do we configure predictor on an interface?
A. Router(config-if)#compress
B. Router(config-if)#compress predictor
C. Router(config-if)#predictor enable
D. Router(config-if)#no compression stac
Answer: B. Router(config-if)#compress predictor
Explanation: To enable predictor on an interface we use the <b>compress predictor</b> interface configuration command.
Question: Looking at the following output:

show policy-map

   Policy Map Shaping-policy
      Class free-class
         Weighted Fair Queueing
                      Bandwidth 24 (kbps) Max Threshold 64 (packets)

       Class test-class
          Weighted Fair Queueing
                       Strict Priority
                       Bandwidth 48 (kbps)  Burst  1200  (Bytes)

        Class class-default
            Weighted Fair Queueing
                       Flow based Fair Queueing
                       Bandwidth  0  (kbps)   Max  Threshold  64  (packets)
What type of queueing is configured?
A. Class-Based Weighted Fair Queing
B. Weighted Fair Queing
C. Low-Latency Queuing
D. First in-First out
Answer: C. Low-Latency Queuing
Explanation: Looking at the show policy-map output we notice the Strict Priority line, this indicates that Low-Latency Queing is configured.
Question: Which of the following are disadvantages of implementing NAT?
A. increased latency
B. application functionality
C. address depletion
D. eliminating immediate renumbering of the network
Answer: A. increased latency
B. application functionality
Explanation: Implementing NAT will increase latency, loss of certain application functionality and address accountability.
Question: When using PAT what is being translated?
A. source port
B. source address
C. destination port
D. destination address
Answer: A. source port
Explanation: Overloading uses the source port to distinguish between the different sending devices.
Question: Which of the following situations would be suitable to use NAT?
A. source port
B. the socket
C. destination port
D. source ip address
Answer: B. the socket
Explanation: PAT translates the entire socket, being ip_address:port_address.
Question: What type of address is described by the following:
IP addresses assigned by the ISP to the customer
A. When using Oracle database because they don't use IP address embedding.
B. Merge of two companies using different internal IP addressing.
C. Merge of two companies using the same internal IP addressing.
D. A cost-effective solution for load balancing.
Answer: C. Merge of two companies using the same internal IP addressing.
D. A cost-effective solution for load balancing.
Explanation: NAT can be used when two companies are merging and they use the same internal ip addressing, also can it be used to load balance.
Question: The private address space is described in which RFC?
A. RFC 1772
B. RFC 1700
C. RFC 1918
D. RFC 791
Answer: C. RFC 1918
Explanation: RFC 1918 describes the IP addresses to be used in the private address space.
Question: The two servers need to be available on the internet. How do we configure the router to make this possible?
A. define translation, define interfaces to participate, define addresses to be translated, define address pool
B. define interfaces to participate, define addresses to be translated, define address pool, define translation
C. define address pool, define translation, define addresses to be translated, define interfaces to participate
D. define address pool, define translation, define interfaces to participate, define addresses to be translated
Answer: D. define address pool, define translation, define interfaces to participate, define addresses to be translated
Explanation: To configure NAT we follow the following steps:
- Define the address pool that will be used for the translation
- Define the translation
- Define the interfaces that will be participating in NAT
- Define the addresses that will be translated
Question: Which command will produce the following output?

Pro Inside global   Inside local Outside local Outside global udp 171.69.233.209:1220  192.168.1.95:1220 171.69.2.132:53 171.69.2.132:53 tcp 171.69.233.209:11012 192.168.1.89:11012 171.69.1.220:23 171.69.1.220:23 tcp 171.69.233.209:1067  192.168.1.95:1067  171.69.1.161:23 171.69.1.161:23
A. show ip nat statistics
B. show ip nat details
C. show ip nat translations
D. show ip nat summary
Answer: C. show ip nat translations
Explanation: The show ip nat translations command will display the following output:
Pro Inside global   Inside local Outside local Outside global udp 171.69.233.209:1220  192.168.1.95:1220  171.69.2.132:53 171.69.2.132:53 tcp 171.69.233.209:11012 192.168.1.89:11012 171.69.1.220:23   171.69.1.220:23 tcp 171.69.233.209:1067  192.168.1.95:1067  171.69.1.161:23 171.69.1.161:23
Question: Which command will display which interfaces are inside and outside using NAT?
A. show ip nat statistics
B. show ip nat translations detail
C. show ip nat detail
D. show ip nat summary
Answer: A. show ip nat statistics
Explanation: The show ip nat statistics command will display the following information:

Router#show ip nat statistics
 Total active translations: 1 (1 static, 0 dynamic; 0 extended)
 Outside interfaces:
 Ethernet0, Serial0
 Inside interfaces:
 Ethernet1
 Hits: 0  Misses: 0
 Expired translations: 0
 Dynamic mappings:
 -- Inside Source
 access-list 10 pool free-tests refcount 0
 pool test: netmask 255.255.255.0
 start 172.16.1.100 end 172.16.1.101
 type generic, total addresses 2, allocated 0 (0%), misses 0
Question: How do we reset all NAT translations?
A. clear nat translation *
B. clear ip nat all
C. clear ip nat translation all
D. clear ip nat translation *
Answer: D. clear ip nat translation *
Explanation: The clear ip nat translation * command will clear all current NAT translations.
Question: How do we enable PAT on a Cisco 700 series router?
A. set ip porthandler port ip-address
B. set ip nat on
C. set ip pat on
D. set ip pat porthandler port ip-address
Answer: C. set ip pat on
D. set ip pat porthandler port ip-address
Explanation: To enable PAT on a 700 series Cisco router we need the following two commands:
- set ip pat on
- set ip pat porthandler port ip-address
Question: What is the maximum amount of port handlers in a single configuration on a Cisco 700 series router?
A. 15
B. 10
C. 5
D. 20
Answer: A. 15
Explanation: The maximum amount of port handlers in a single configuration on a Cisco 700 series router is 15.
Question: Which of the following are not valid arguements when used with set ip pat porthandler?
A. dns
B. tftp
C. wins
D. on
E. ftp
F. telnet
Answer: A. dns
B. tftp
D. on
Explanation: When using set ip pat porthandler we can use the following keywords: default, telnet, ftp, smtp, wins, http, port ip-address and off.
Question: On a Cisco 700 series router how do enable PAT for a our webserver [10.1.1.1/24]?
A. Free-Test#set ip pat port http 10.1.1.1
B. Free-Test>ip pat port http 10.1.1.1
C. Free-Test>set ip nat port http 10.1.1.1
D. Free-Test>set ip pat port http 10.1.1.1
Answer: D. Free-Test>set ip pat port http 10.1.1.1
Explanation: The set ip pat port http ip-address command will enable PAT for the webserver. This is a global configuration command so the > represents this.
Question: What does the * mean in the following output?
NAT*: s=210.1.1.1, d=205.23.4.56->172.16.1.1 [2]
A. The first translation of a stream.
B. This is the last translation of a stream.
C. The translation was done using cache.
D. The translation failed.
Answer: C. The translation was done using cache.
Explanation: When using debug ip nat the output will disply the translations, when a NAT entry is marked with a * it means that that translation was done using the fast path or by using cache.
Question: Which of the following are advantages of implementing NAT?
A. fexibility when changing ISP
B. accountability for applications
C. address conservation
D. increased functionality for applications
Answer: A. fexibility when changing ISP
C. address conservation
Explanation: The advantages of implementing NAT are:
- address conservation
- overlap dysfunction so no need for immediate renumbering when in an overlapped network situation
- flexibility when changing ISPs
- elimination of immediate renumbering by providing an intermediate solution
Question: Which of the following are not NAT configurations?
A. advanced
B. symmetric
C. simple
D. balanced
E. enhanced
F. overlap
G. overload
Answer: A. advanced
B. symmetric
D. balanced
E. enhanced
Explanation: NAT can be configured as either simple, static, overload, overlap and load distribution.
Question: What part of AAA defines what a user is able to do?
A. accounting
B. authentication
C. authorization
D. this is not a function of AAA
Answer: C. authorization
Explanation: The authorization function of AAA defines what a user is authorized to perform.
Question: What are the security protocols used for AAA?
A. RADIUS
B. PPP
C. PPPoA
D. TACACS
Answer: A. RADIUS
D. TACACS
Explanation: RADIUS or Remote Authentication Dial-In User Service and TACACS or Terminal Access Control Access Control System are the security protocols used by AAA. TACACS+ is Cisco s proprietary implementation of TACACS.
Question: TACACS uses which port?
A. TCP 49
B. UDP 53
C. UDP 49
D. TCP 53
E. UDP 37
F. TCP 37
Answer: A. TCP 49
Explanation: TACACS uses the well known port number of 49 in TCP.
Question: We want to have the best possible billing and network usage tracking. What security protocol do we use?
A. RADIUS
B. TACACS
C. TACACS+
D. Kerberos
Answer: A. RADIUS
Explanation: RADIUS offers enchanced accounting functionality for billing and tracking network usage.
Question: Which of the following router access modes is packet based?
A. AUX
B. VTY
C. TTY
D. Dialer profile
E. CON
Answer: A. AUX
D. Dialer profile
Explanation: Packet mode router access is used on async, group-async, BRI, PRI, serial, dialer profiles, dialer rotaries. The AUX port can be access either via character mode or packet mode.
Question: Which of the following are part of Cisco Secure Access Control Server?
A. CSTrack
B. CSKerberos
C. CSAccount
D. CSLog
E. CSTacacs
Answer: D. CSLog
E. CSTacacs
Explanation: The Cisco Secure Access Control Server consits of 7 modules:
- CSAdmin
- CSAuth
- CSMon
- CSTacacs
- CSRADIUS
- CSDBSync
- CSLog
Question: How do we locally access the CS-ACS server from a browser?
A. http://127.0.0.1:2002
B. https://127.0.0.1:2002
C. http://127.0.0.1:2005
D. http://127.0.0.1:2000
E. https://127.0.0.1:2000
Answer: A. http://127.0.0.1:2002
Explanation: Using http://127.0.0.1:2002 we can access the CS-ACS server using a browser that is installed on the server.
Question: How do we enable AAA on a router?
A. Router(config)#aaa enable
B. Router(config)#radius enable or Router(config)#tacacs enable
C. Router(config)#aaa authentication
D. Router(config)#aaa new-model
Answer: D. Router(config)#aaa new-model
Explanation: We enable AAA on a router using the aaa new-model global configuration command.
Question: How do we configure line 10 to 15 to use: radius, tacacs+ authentication for the marketing staff? Assume that AAA is already enabled.
A. router(config)#aaa authentication login marketing tacacs+ radius local router(config)#line 10 15 router(config-line)#login authentication marketing
B. router(config)#aaa authentication login marketing radius tacacs+ local router(config)#line 10 15 router(config-line)#login authentication marketing
C. router(config)#aaa authentication login marketing radius tacacs+ local router(config)#login authentication marketing
D. router(config)#aaa authentication login radius tacacs+ local router(config)#line 10 15 router(config-line)#login authentication marketing
Answer: B. router(config)#aaa authentication login marketing radius tacacs+ local router(config)#line 10 15 router(config-line)#login authentication marketing
Explanation: We use the aaa authentication login configuration command to specify the authentication order. We then apply the required login method to the line(s).
Question: How do we specify which radius server to use?
A. Router(config)#radius-server ip_address
B. Router(config-aaa)#radius-server ip_address
C. Router(config)#radius-server host ip_address
D. Router(config)#radius-host ip_address
Answer: C. Router(config)#radius-server host ip_address
Explanation: To specify which radius server we will be using for AAA we use the radius-server host ip_address global configuration command. To use tacacs we use the same command but replace radius with tacacs.
Question: Which of the following are not options for aaa authentication login?
A. enable
B. login
C. radius
D. kerberos
E. none
Answer: B. login
D. kerberos
Explanation: The following methods for aaa authentication login can be used:
- line
- enable
- local
- none
- radius
- tacacs+
Question: When using aaa authentication ppp, which of the following are possible authentication methods?
A. guest
B. if-needed
C. krb5
D. line
E. enable
Answer: B. if-needed
C. krb5
Explanation: The following methods for aaa authentication ppp can be used:
- local
- none
- tacacs+
- radius
- krb5
- if-needed
Question: Which of the following keywords can be used with the aaa authorization command?
A. enable
B. login
C. reverse-access
D. network
E. system
Answer: C. reverse-access
D. network
Explanation: When using the aaa authorization command we first specify what a user can do using one of the following keywords:
- network, network related services (SLIP, PPP etc)
- exec, is the user allowed to run the EXEC shell
- command level, sets the privilige level
- reverse-access, to allow reverse telnet for example.
Once that is specified we enter the authentication method, eg tacacs+, radius, local etc.
Question: Which argument can we use to track configuration changes using aaa accounting?
A. network
B. connection
C. system
D. exec
Answer: C. system
Explanation: The system argument will track configuration changes and reloads for the device.
Question: What argument can we use to make sure events are logged into the accounting database before the event is started?
A. start-stop
B. stop-start
C. stop-only
D. confirm-start
E. wait-start
Answer: E. wait-start
Explanation: The wait-start argument does not allow a user to start a process untill there is a confirmation received from the database that the event is logged.
Question: Which aaa authentication method do we use to give a user access to privileged mode?
A. aaa authentication enable
B. aaa authentication login
C. aaa authentication arap
D. aaa authentication nasi
Answer: A. aaa authentication enable
Explanation: The aaa authentication enable is used to give user access to privileged mode provided they are authenticated by one of authentication methods configured (radius, tacacs+, local,...).
Question: Which steps do we use to enable AAA?
A. enable AAA, enable the method on the interface, define authentication authorization and accounting,
B. enable AAA, define authentication authorization and accounting, enable the method on the interface
C. define authentication authorization and accounting, enable the method on the interface, enable AAA
D. enable the method on the interface, enable AAA, define authentication authorization and accounting
Answer: B. enable AAA, define authentication authorization and accounting, enable the method on the interface
Explanation: To enable AAA on a device we use the following steps:
1 enable AAA on the router
2 define who will be authenticated, what they are authorized to do and how it will be tracked in the database
3 enable the method on the interface
Question: If CSMon detects that one of the modules is not responding you can configure it to do which of the following options?
A. send a notification
B. restart the service after the notification is confirmed
C. reboot the server
D. restart the specific service
Answer: C. reboot the server
D. restart the specific service
Explanation: If CSMon detects that one of the modules is not responding you can configure it to do one of the following options:
- restart the specific service
- restart all services
- reboot the server
Question: How do we set the shared password to be used with Radius?
A. Router(config)#radius password free-test
B. Router(config)#radius-server ip_address password free-test
C. Router(config)#radius-server ip_address key free-test
D. Router(config)#radius-server key free-test
Answer: D. Router(config)#radius-server key free-test
Explanation: shared key we use the radius-server key name global configuration command.
Question: Which of the following are symmetrical algorithms?
A. DES
B. AES
C. MD5
D. SHA-1
Answer: A. DES
B. AES
Explanation: DES, 3DES and AES are symmetrical algorithms.
Question: Cisco Encryption Technology works at which OSI layers?
A. Data-Link
B. Application
C. Network
D. Physical
E. Transport
F. Session
G. Presentation
Answer: C. Network
E. Transport
Explanation: Cisco Encryption Technology works at the Transport and Network OSI layers as does IPSec.
Question: Which are advantages of using an asymmetrical algorithm?
A. easy key management
B. lengths vary between 40 to 168 bits
C. based on very hard mathematical equations
D. sender and receiver share the same password
E. very fast at encrypting bulk data
Answer: A. easy key management
C. based on very hard mathematical equations
Explanation: Some advantages of using an asymmetrical algorithm are:
- authentication is enhanced because of the one key is always private
- key management is easier
- can be used for digital signatures, e-mail, small amounts of data,...
- based on very hard mathematical equations
Question: Using the MD5 hashing algorithm, what is the fixed-lenght output?
A. 128-bit
B. 160-bit
C. 256-bit
D. 168-bit
Answer: A. 128-bit
Explanation: MD5 has a fixed-lenght output of 128 bits.
Question: One of IPSec protocols is, protocol 51 or?
A. Encapsulating Security Protocol
B. HMAC
C. Authentication Header
D. Advanced Encryption Standard
Answer: C. Authentication Header
Explanation: IPSec uses 2 primary protocols, protocol 51 or Authentication Header and protocol 50 or Encapsulating Security Protocol.
Question: What are the two modes that ESP and AH can be used?
A. embedded
B. transparent
C. mixed
D. transport
E. tunnel
Answer: D. transport
E. tunnel
Explanation: AH and ESP can operate in either tunnel mode (Cisco s default) or Transport mode.
Question: What IPSec mode is described by the following:

The packet is send through the AH or ESP options and a new IP header is created for the new packet.
A. transport mode
B. tunnel mode
C. embedded mode
D. encapulated mode
Answer: B. tunnel mode
Explanation: In tunnel mode the packet is send through the AH and/or ESP options and then a new IP header is created for the new packet. In transport mode the IP header is reused.
Question: Which of the following are part of the Security Association?
A. Source IP address
B. Source MAC address
C. SPID number
D. Key lifetime
E. Destination MAC address
Answer: A. Source IP address
D. Key lifetime
Explanation: The Security Association keeps track of the following:
- Source IP Address
- Destination IP Address
- IPSec protocols used
- SPI number
- Encryption and authentication algorithms
- Key lifetime
Question: IKE phase one can use two different modes, what are they?
A. passive
B. aggressive
C. mixed
D. main
E. quick
Answer: B. aggressive
D. main
Explanation: IKE phase 1 can either be aggressive [everything is sent in 1 exchange to add security to the tunnel] or main mode [three different and distinct exchanges take place to add to the security of the tunnel].
Question: Which of the following are part of IKE phase 1?
A. negotiate policy sets
B. establish security associations
C. negotiate IPSec security parameters
D. create a secure channel between peers
Answer: A. negotiate policy sets
D. create a secure channel between peers
Explanation: During IKE phase 1 the following happens:
- negotiate policy sets (e.g. hash algorithm used)
- authenticate peers
- set up a secure channel between peers
Question: If IKE was disabled manually how do we enable it on a Cisco router?
A. Router(config)#ike enable
B. Router(config)#crypto ike enable
C. Router(config)#crypto isakmp policy enable
D. Router(config)#crypto isakmp enable
Answer: D. Router(config)#crypto isakmp enable
Explanation: The crypto isakmp enable global configuration command will enable IKE if it was manually disabled. It is turned on by default.
Question: How do we set the uniqueness of a router when using VPNs?
A. Router(config)#crypto isakmp identity ip_address or hostname
B. Router(config)#crypto isakmp host ip_address or hostname
C. Router(config-iskmp)#hostname ip_address or hostname
D. Router(config-iskmp)#identity ip_address or hostname
Answer: A. Router(config)#crypto isakmp identity ip_address or hostname
Explanation: To set the identity of a router when using VPNs we use the crypto isakmp identity ip_address or hostname global configuration command.
Question: Which commands can be used to set the key with a specific VPN peer?
A. Router(config)#crypto isakmp key key address name
B. Router(config)#crypto isakmp key key address ip_address
C. Router(config)#crypto isakmp key key hostname name
D. Router(config)#crypto isakmp key key ip_address
E. Router(config)#crypto isakmp key key hostname ip_address
F. Router(config)#crypto isakmp key key identity name
Answer: B. Router(config)#crypto isakmp key key address ip_address
C. Router(config)#crypto isakmp key key hostname name
Explanation: To set the key we use with a VPN peer we use either the crypto isakmp key key hostname name or crypto isakmp key key address ip_address global configuration commands.
Question: Which of the following are ESP encryption transform sets?
A. esp-3des
B. esp-md5-hmac
C. esp-null
D. esp-sha-hmac
Answer: A. esp-3des
C. esp-null
Explanation: The following are valid options for ESP encryption transform sets:
- esp-des
- esp-3des
- esp-null
Question: What command do we use to set an IPSec transform set?
A. crypto isakmp transform-set name transform_set
B. crypto ipsec isakmp transform-set name transform_set
C. crypto ipsec transform-set name transform_set
D. crypto map transform-set name transform_set
Answer: C. crypto ipsec transform-set name transform_set
Explanation: To set an IPSec transform set we use the crypto ipsec transform-set name transform_set global configuration command.
Question: Which of the following are specified in a crypto map?
A. Tunnel or transport mode
B. IPSec transform set
C. Security Association lifetime
D. The egress interface
Answer: B. IPSec transform set
C. Security Association lifetime
Explanation: A crypto map specifies the following:
- the protected traffic using a crypto access list
- where to send the IPSec traffic using a peer statement
- IPSec transform set that is used
- Manual or IKE exchanged keys, etc
- Security Association lifetime [optional]
Question: How do we specify a global SA lifetime?
A. crypto isakmp security-association lifetime seconds seconds
B. crypto ipsec security-association seconds seconds
C. crypto ipsec security-association lifetime seconds
D. crypto ipsec security-association lifetime kilobytes kilobytes
Answer: D. crypto ipsec security-association lifetime kilobytes kilobytes
Explanation: To specify a global security association lifetime we use the crypto ipsec security-association lifetime [seconds seconds or kilobytes kilobytes] global configuration command.
Question: Which debug command can we use when troubleshooting SA establishment?
A. debug crypto condition
B. debug crypto engine
C. debug crypto isakmp
D. debug crypto events
Answer: C. debug crypto isakmp
Explanation: When troubleshooting SA establishment or peer authentication we can use the debug crypto isakmp command because it will show information about every packet dealing with IKE phase 1 or 2.
Question: Which command can we use to view the current SA settings?
A. show ipsec sa
B. show crypto isakmp sa
C. show crypto sa
D. show isakmp sa
E. show crypto ipsec sa
Answer: E. show crypto ipsec sa
Explanation: The show crypto ipsec sa command will display the settings used by the current security associations.

Cisco CCNP Certification Articles

Cisco CCNP Certification Articles Cisco CCNP Certification Articles Cisco CCNP Certification Articles
Cisco CCNA CCNP Home Lab Tutorial Assembling your Home Cisco Lab Cisco CCNP BCMSN Exam Tutorial Multicasting and the RPF Check Cisco CCNP BSCI Exam Tutorial Route Summarization
Certification Suggested Topologies for your Home CCNA CCNP Lab Cisco CCNP BCMSN Exam Tutorial Spanning Tree Protocol STP Timers Cisco CCNP BSCI Exam Tutorial the BGP Attribute MED
Cisco CCNA CCNP BCMSN Exam Tutorial Configuring Portfast and BPDU Guard Cisco CCNP BCMSN Exam Tutorial Static VLANS Cisco CCNP BSCI Exam Tutorial the Passive Interface Command and OSPF
Cisco CCNA CCNP Certification Exam Attending a Video Boot Camp Cisco CCNP BCMSN Exam Tutorial the Core Layer of Cisco's Three Layer Model Cisco CCNP BSCI Exam Tutorial Using Distribute Lists
Cisco CCNA CCNP Certification Exam Creating a Study Plan Cisco CCNP BCMSN Exam Tutorial the Four or Five STP Port States Cisco CCNP BSCI Exam Tutorial Using OSPF's Summary Address Command
Cisco CCNA CCNP Certification How and Why to Build an Etherchannel Cisco CCNP BCMSN Exam Tutorial VLAN Trunking Protocol Cisco CCNP BSCI Exam Tutorial Using the OSPF Command Area Range
Cisco CCNA CCNP Certification Introduction to BGP Attributes Cisco CCNP BCMSN Tutorial Switches QOS and Cisco's Networking Model Cisco CCNP BSCI Tutorial BGP Attribute Next_Hop
Cisco CCNA CCNP Certification OSPF E2 vs E1 Routes Cisco CCNP BSCI Certification BGP Route Reflector Tutorial Cisco CCNP BSCI Tutorial Comparing OSPF ISIS Hellos
Cisco CCNA CCNP Exam Tutorial Five Debugs you Must Know Cisco CCNP BSCI Certification Exam Five OSPF Details you must Know Cisco CCNP BSCI Tutorial Route Summarization with RIP and EIGRP
Cisco CCNA CCNP Home Labs Developing Troubleshooting Skills Cisco CCNP BSCI Certification Introduction to ISIS Terminology Cisco CCNP BSCI Tutorial the Role of the OSPF ASBR
Cisco CCNA CCNP Home Lab Setup How to Configure Reverse Telnet Cisco CCNP BSCI Certification Route Redistribution and the Seed Metric Cisco CCNP Certification BCMSN Exam Tutorial Uplinkfast
Cisco CCNA CCNP Home Lab Tutorial Cabling your Access Server Cisco CCNP BSCI Certification the BGP Attribute MED
Cisco CCNA CCNP Home Lab Tutorial Configuring an Access Server Cisco CCNP BSCI Certification the Local Preference BGP Attribute Cisco CCNP Certification BSCI Exam Tutorial Floating Static Routes
Cisco CCNA CCNP Home Lab Tutorial many Cable Types Cisco CCNP BSCI Exam Tutorial a Guide to IPV6 Addressing Cisco CCCP Certification BSCI Exam Tutorial ISIS Hellos and Adjacencies
Cisco CCNA CCNP Home Lab Tutorial Planning Ahead for IE Study Cisco CCNP BSCI Exam Tutorial BGP Adjancey States Cisco CCNP Certification BSCI Exam Tutorial Route Summarization Basics
Cisco CCNA CCNP Home Lab Tutorial Starting Over Cisco CCNP BSCI Exam Tutorial Broadcasts and the IP Helper address Command Cisco CCNP Certification FAQ
Cisco CCNA CCNP Home Lab Tutorial the 2501 Router Cisco CCNP BSCI Exam Tutorial Configuring and Troubleshooting OSPF Virtual Links Cisco CCNP Certification Introduction to BGP
Cisco CCNA CCNP Home Lab Tutorial the 2503 Router Cisco CCNP BSCI Exam Tutorial Configuring EIGRP Packet Authentication Cisco CCNP Certification the BGP Weight Attribute
Cisco CCNA CCNP Home Lab Tutorial the 2520 Router Cisco CCNP BSCI Tutorial EIGRP Stub Routing Passing the CCNA and CCNP Cisco Home Lab Faq
Cisco CCNA CCNP Tutorial Home Lab Assembly Case Study Cisco CCNP BSCI Exam Tutorial Filtering BGP Updates with Prefix Lists Cisco CCNP Certification Using the BGP Command Source
Certification Suggested Topologies for you Home CCNA CCNP Lab Cisco CCNP BSCI Exam Tutorial Introduction to Policy Routing Cisco CCNP Home Lab Tutorial on a Frame Relay Switch
Cisco CCNP Certification OSPF ASBRS Explained and Illustrated Cisco CCNP BSCI Exam Tutorial IP Version 6 Zero Compression Cisco Certification in What Order shoud you Take your CCNP Exams
Cisco CCNP BCMSN Exam Tutorial BPDU Skew Detection and Cisco Switches Cisco CCNP BSCI Exam Tutorial ISIS Router Types Cisco Certification Recertifying your CCNA and CCNP
Cisco CCNP BCMSN Exam Tutorial Changing Root Bridge Election Results Cisco CCNP BSCI Exam Tutorial Leading Zero Compression Cisco Certification the Secret Key to Getting your CCNA and CCNP
Cisco CCNP BCMSN Exam Tutorial Configuring CGMP on Routers Switches Cisco CCNP BSCI Exam Tutorial Not all Static Routes are Created Equal Four Important Commands for your CCNA CCNP Home Lab
Cisco CCNP BCMSN Exam Tutorial Dynamic Trunking Protocol DTP Cisco CCNP BSCI Exam Tutorial OSPF Route Redistribution Review How to Become a Cisco CCNP
Cisco CCNP BCMSN Exam Tutorial Dynamic VLANS VMPS Cisco CCNP BSCI Exam Tutorial OSPF Router Types Cisco CCNA and CCNP Exam Five Tipes for Exam Day Success
Cisco CCNP BCMSN Exam Tutorial Multicasting and Reserved Addresses Cisco CCNP BSCI Exam Tutorial RIP Update Packet Authentication Passing Cisco's CCNA and CCNP Exams the VLAN Dat File
Passing Cisco's CCNA and CCNP Exams Traceroute Passing Cisco's CCNA and CCNP Ping and Extended Ping Passing the CCNA and CCNP Cisco Home Lab FAQ
Passing the CCNA and CCNP Exams Setup Moden Passing the CCNA and CCNP Home Lab Shopping on EBAY Passing you CCNA and CCNP COnfiguring and Troubleshooting Router on a Stick

You are Viewing cisco 642 821 bcran certification exam

Site Navigation

Home
Cisco
Extreme
Foundry
Force10
HP
Nortel

Used Compaq
F5 Networks
Juniper
Search
Contact
Forums

Definitions

Copyright © 2012 Network Liquidators ®. All rights reserved.

Contact Information

Office: 813.852.6400
Email: sales@nweq.com
Oldsmar, FL 34677