Which of the following statements best describes the result of issuing the command standby 44 timers 3 1 on an HSRP router?
A. The holdtime will be set to a value of 3, and the hellotime will be set to a value of 1.
B. The status of the standby router will be displayed as unknown expired.
C. The role of active router will be passed repeatedly from one router to another.
D. The router will be configured to reassume the role of active router in the event that the router fails and is subsequently restarted.
Correct Answer: C
Explanation:
When the command standby 44 timers 3 1 is issued on a Hot Standby Routing Protocol (HSRP) router, the role of active router will be passed repeatedly from one router to another. This behavior occurs when the timers are set incorrectly. The syntax for the standby timers command is standby [group-number] timers [hellotime holdtime].
The hellotime variable is the number of seconds between hello messages and is set to a value of 3 by default.
The holdtime variable is the number of seconds that the HSRP standby router will wait before assuming that the active router is down; if the standby router believes the active router to be down, it will assume the role of active router.
The holdtime is set to a value of 10 by default. The holdtime should be set to a value at least three times the value of the hellotime. Otherwise, the active router might not be able to respond before the standby router assumes that the active router is down and becomes the new active router.
Because the command standby 44 timers 3 1 sets the hellotime to a value of 3 and the holdtime to a value of 1, the role of active router will be passed from one standby router to the next. To set the holdtime to a value of 3 and the hellotime to a value of 1, the command standby 44 timers 1 3 should be issued. To reset the timer values to their default values, the command no standby group-number timers should be issued.
The status of the standby router will be displayed as unknown expired if a Physical layer problem exists. The unknown expired status can also be displayed if only one HSRP router is configured for the subnet.
To configure an HSRP router to reassume the role of active router in the event that the router fails and is subsequently restarted, the command standby group- number preempt should be issued. When the HSRP active router fails or is shut down, the standby router assumes the role of active router. By default, when the original HSRP active router is restarted, it does not take the role of active router away from the original standby router, even if the original active router has a higher priority value. The command standby group-number preempt changes this default behavior.
The holdtime will not be set to a value of 3, and the hellotime will not be set to a value of 1. On the contrary, the hellotime will be set to a value of 3 and the holdtime will be set to a value of 1.
You have executed the following commands on switch55:
What is the result of executing the given commands? (Choose two.)
A. Only the listed RADIUS server is used for authentication
B. 802.1X authentication is enabled on the Fa0/1 interface only
C. The key for the RADIUS server is firstKey111
D. AAA is not enabled on the switch
Correct Answer: A, C
Explanation:
As a result of executing these commands, the default list is used for the RADIUS server for authentication, and the key for the RADIUS server is firstKey111.
A RADIUS server combines the authentication and authorization processes. Before you configure the RADIUS server, you should enable AAA by using the aaa new-model command in global configuration mode. Then, you can specify the location of the RADIUS server and the key using the radius-server host command. In this case, the RADIUS server is located at the IP address 192.168.105.67 and requires the key firstKey111 as the encryption key. This key must be mutually agreed upon by the server and the clients.
The aaa authentication dot1x default group radius command creates a method list for 802.1X authentication. The default group radius keywords specify that the default method will be to use all listed RADIUS servers to authenticate clients. Since only one is listed, it will be the only one used.
It is incorrect to state that 802.1X authentication is enabled only on the Fa0/1 interface. The interface range Fa 0/1 – 11 and the dot1x port-control auto commands specify that 802.1X authentication is enabled on the interfaces Fa0/1 to Fa0/11.
It is incorrect to state that AAA is not enabled on the switch. The aaa new-model command enables AAA globally on the switch.
What port types are available for Rapid Spanning Tree Protocol (RSTP) but NOT available in Spanning Tree Protocol (STP)? (Choose two.)
A. Root port
B. Backup port
C. Alternate port
D. Designated port
E. Learning port
Correct Answer: B, C
Explanation:
RSTP was developed to reduce the high convergence times required in STP, and introduces the alternate port and backup port roles. RSTP is an Institute of Electrical and Electronics Engineers (IEEE) standard, 802.1w, and is interoperable with 802.1d (STP). It operates on the Data Link layer of the OSI model.
An alternate port is a port that has an alternative path or paths to the root bridge, but is currently in a discarding state. A backup port is a port on a segment that could be used to reach the root port, but there is already an active designated port for the segment. An alternate port can also be described as a secondary, unused root port, and a backup port as a secondary, unused designated port.
A root port is a port on non-root switches used to reach the root switch. There can be only one root port on a switch, and it is determined by the least path cost to the root switch. Root ports are used in STP and RSTP.
A designated port is the port used by a network segment to reach the root switch. Designated ports lead away (downstream) from the root switch, and are determined by the lowest path cost to the root switch. While a switch can only have one root port, every other port could potentially be a designated port. Whenever a network segment could be serviced by more than one switch, STP will elect one switch as designated for the segment, and the other(s) will be blocking. This is a core function of the STP protocol, in that only one active Layer 2 path can exist between any two network segments. This port type is available in STP.
A learning port is not a valid port type in STP or RSTP. Learning is one of the possible port states in STP and RSTP. STP has five port states; blocked, listening, learning, forwarding, and disabled. There are only three port states in RSTP; discarding, learning, and forwarding.
Which of the following is a classful routing protocol?
A. RIPv1
B. EIGRP
C. BGPv4
D. RIPv2
Correct Answer: A
Explanation:
The Routing Information Protocol version 1 (RIPv1) is a classful routing protocol, which exchanges routes without including any subnet masking information. IP addresses in the routing table should have the same subnet mask. Because classful routing protocols may not fully utilize the available IP address range, all router interfaces within the same network must have the same subnet mask.
Open Shortest Path First (OSPF), Routing Information Protocol version 2 (RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP), and Border Gateway Protocol version 4 (BGPv4) are classless routing protocols. These protocols include the subnet mask in the route advertisement and support variable length subnet masks (VLSM). Intermediate System-to-Intermediate System (IS-IS) is also a classless routing protocol.
You have the following configuration on your router:
ip dhcp pool POOLNAME
network 10.1.0.0 255.255.255.0
default-router 10.1.0.254
dns-server 10.1.0.200
What command would you run to prevent the last available IP address in the scope from being allocated to a host via DHCP?
A. ip dhcp restrict 10.1.0.254
B. ip dhcp excluded-address 10.1.0.253
C. ip dhcp excluded-address 10.1.0.254
D. ip dhcp 10.1.0.253 excluded-address
Correct Answer: B
Explanation:
In this scenario, you would run the ip dhcp excluded-address 10.1.0.253 command in global configuration mode to prevent DHCP allocation of the last available IP address in the scope. The ip dhcp excluded-address command is used to prevent DHCP from handing out IP addresses that are already statically configured on your network. The command can include a single IP address to exclude, or an entire range, such as:
Router(config)# ip dhcp excluded-address 10.1.0.100 10.1.0.125
The command above would block the entire range of 10.1.0.100 through 10.1.0.125 from being allocated by DHCP. If the next IP address in sequence to be assigned would have been 10.1.0.100, DHCP will skip the range and assign 10.1.0.126 as the next host address.
You would not execute ip dhcp excluded-address 10.1.0.254. This is the address of the router and it will automatically be excluded. The other commands are incorrect because they are not valid Cisco IOS commands.
Refer to the following sample output:
Which Cisco Internetwork Operating System (IOS) command produces this output?
A. show interfaces
B. show interfaces summary
C. show ip interface
D. show interfaces serial
Correct Answer: C
Explanation:
The show ip interface command will produce the displayed output. The show ip interface command is used to view the usability status of Internet Protocol (IP) interfaces. The complete syntax of this command is:
show ip interface [type number] [brief]
Following is a brief description of the parameters used in this command:
type: An optional parameter that refers to the type of interface.
number: An optional parameter that refers to the interface number.
brief: An optional parameter used to view a summarized display of the usability status information for every interface
The show interfaces command does not generate the displayed output. This command is used to view information regarding statistics for specific interfaces.
The show interfaces summary command does not generate the displayed output. This command provides a summarized view of all interfaces configured on a device.
The show interfaces serial command does not generate the displayed output. This command is used to view information for a serial interface.
You are the network administrator for your company. The Chief Technical Officer of the company is looking for a routing solution that satisfies the following
requirements:
– No routing protocol advertisements
– Increased network security
– No routing protocol overhead
– Not concerned about fault tolerance
Which of the following routing techniques matches the criteria?
A. Dynamic routing
B. Hybrid routing
C. Static routing
D. Public routing
Correct Answer: C
Explanation:
The static routing technique matches the criteria given in this scenario. Static routing is a process of manually entering routes into a routing table. Static routes are not recommended for large networks because static routes are manually configured on the router. However, if a single link is used to connect an enterprise to an Internet Service Provider (ISP), then static routing is the best option.
The following are characteristics of static routing:
– Configuring static routes does not create any network traffic.
– Manually configured static routes do not generate routing updates and therefore do not consume any network bandwidth.
– Router resources are used more efficiently.
– Static routes are not recommended for large networks because they are manually configured on the router and maintaining the routes can become problematic.
– Static route configuration is not fault tolerant, because static routes do not automatically adapt to changes in the network.
The dynamic routing option is incorrect because route updates consume bandwidth and overhead. While the scenario is not concerned with routing protocol overhead, it states that there should be no bandwidth consumption by route advertisements.
Hybrid routing and public routing are not valid routing techniques in Cisco terminology.
You wish to configure Secure Shell (SSH) support on your router so that incoming VTY connections are secure. Which of the following commands must be configured? (Choose all that apply.)
A. ip domain-name
B. transport input ssh
C. ip access-group
D. crypto key generate rsa
E. service config
Correct Answer: A, B, D
Explanation:
Secure Shell (SSH) provides a secure alternative to Telnet for remote management of a Cisco device. Configuring Secure Shell (SSH) support on a Cisco router involves a minimum of three commands:
– ip domain-name [domain-name]: configures the DNS of the router (global configuration mode)
– crypto key generates rsa: generates a cryptographic key to be used with SSH (global configuration mode)
– transport input ssh: allows SSH connections on the router’s VTY lines (VTY line configuration mode)
The transport input ssh command allows only SSH connectivity to the router, and prevents clear-text Telnet connections. To enable both SSH and Telnet, you would use the transport input ssh telnet command.
The ip access-group command is incorrect because this command is used to activate an access control list (ACL) on an interface, and does not pertain to SSH. The service config command is incorrect because this command is used to automatically configure routers from a network server, and does not pertain to SSH
Which Cisco Internetwork Operating System (IOS) command is used to assign a router a name for identification?
A. description
B. banner motd
C. hostname
D. banner exec
Correct Answer: C
Explanation:
The hostname command is used to assign the router a name for identification. This command is a global configuration mode command. The syntax of the command is as follows:
Router(config)# hostname [name]
The name parameter of the command specifies the new host name for the router.
The description command is incorrect because this command is used to set a description for an interface. The description command is an interface configuration mode command.
The banner motd command is used to specify a message of the day (MOTD) banner to users logging into the router. This is a global configuration mode command, but it does not assign a name to the router for identification.
The banner exec command enables a banner message to be displayed when an EXEC process is created; for example, if a line is activated or an incoming connection is made to a telnet line.
Which command is used to disable Cisco Discovery Protocol (CDP) on a Cisco router?
A. disable cdp
B. no cdp run
C. no cdp enable
D. no cdp advertise-v2
Correct Answer: B
Explanation:
The no cdp run command is used to disable CDP on a Cisco router globally. CDP is a Layer 2 (Data Link layer) protocol that discovers information about neighboring network devices. CDP does not use network layer protocols to transmit information because it operates at the Data Link layer. Therefore, it is useful to determine information about directly connected Cisco network devices, because it can operate when network protocols have not been configured or are misconfigured. The show cdp neighbors detail command is used to view the IP addresses of the directly connected Cisco devices.
The no cdp advertise-v2 command disables CDPv2 advertisements. It will not disable the protocol globally.
The no cdp enable command is used to disable CDP on an interface. In a situation where CDP needs to be disabled on a single interface only, such as the interface
leading to the Internet, this command would be executed from interface configuration mode for that specific interface. It will not disable the protocol globally. For example, to disable CDP for only the serial0 interface, the command sequence would be:
