Which three statements about HSRP operation are true? (Choose three.)
A. The virtual IP address and virtual MA+K44C address are active on the HSRP Master router. B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval. C. HSRP supports only clear-text authentication. D. The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN. E. The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN. F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.
Correct Answers: A, B, F
Explanation:
The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal).
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance. B. The Syslog server automatically notifies the network administrator of network problems. C. A Syslog server provides the storage space necessary to store log files without using router disk space. D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages. E. Enabling Syslog on a router automatically enables NTP for accurate time stamping. F. A Syslog server helps in aggregation of logs and alerts.
Correct Answers: C, D, F
Explanation:
The Syslog sender sends a small (less than 1KB) text message to the Syslog receiver. The Syslog receiver is commonly called “syslogd,” “Syslog daemon,” or “Syslog server.”
Syslog messages can be sent via UDP (port 514) and/or TCP (typically, port 5000). While there are some exceptions, such as SSL wrappers, this data is typically sent in clear text over the network. A Syslog server provides the storage space necessary to store log files without using router disk space.
In general, there are significantly more Syslog messages available within IOS as compared to SNMP Trap messages. For example, a Cisco Catalyst 6500 switch running Cisco IOS Software Release 12.2(18)SXF contains about 90 SNMP trap notification messages, but has more than 6000 Syslog event messages.
System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts.
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)
A. informational B. emergency C. warning D. critical E. debug F. error
Correct Answers: B, D, F
Explanation:
The Message Logging is divided into 8 levels as listed below:
If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 3″ command, all the logging of emergencies, alerts, critical, and errors, will be logged.
Explanation:
By default, Cisco IOS devices, CatOS switches, and VPN 3000 Concentrators use facility local7 while Cisco PIX Firewalls use local4 to send syslog messages. Moreover, most Cisco devices provide options to change the facility level from their default value.
What command instructs the device to timestamp Syslog debug messages in milliseconds?
A. service timestamps log datetime localtime B. service timestamps debug datetime msec C. service timestamps debug datetime localtime D. service timestamps log datetime msec
Correct Answer: B
Explanation:
Enable millisecond (msec) timestamps using the service timestamps command:
command configures the system to apply a time stamp to debugging messages. The time-stamp format for datetime is MMM DD HH:MM:SS, where MMM is the month, DD is the date, HH is the hour (in 24-hour notation), MM is the minute, and SS is the second. With the additional keyword msec, the system includes milliseconds in the time stamp, in the formatHH:DD:MM:SS.mmm, where .mmm is milliseconds.
A. The EIGRP neighbor on Fa0/1 went down due to a failed link. B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency to go down. C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down. D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.
Correct Answer: C
Explanation:
The first lines of the message show that a configuration change was made, and that the fa0/1 interface changed to a state of administratively down. This can only be done by issuing the shutdown command. The last line indicates that this caused an EIGRP neighbor adjacency to go down.
What are three components that comprise the SNMP framework? (Choose three.)
A. MIB B. agent C. set D. AES E. supervisor F. manager
Correct Answers: A, B, F
Explanation:
The SNMP framework consists of three parts:
An SNMP manager — The system used to control and monitor the activities of network devices using SNMP.
An SNMP agent — The software component within the managed device that maintains the data for the device and reports these data, as needed, to managing systems.
Cisco Nexus 1000V supports the agent and MIB. To enable the SNMP agent, you must define the relationship between the manager and the agent.
A managed information base (MIB) — The collection of managed objects on the SNMP agent.
SNMP is defined in RFCs 3411 to 3418.
What levels will be trapped if the administrator executes the command router(config)# logging trap 4 (Choose four)
A. Emergency B. Notice C. Alert D. Error E. Warning
Correct Answers: A, C, D, E
Explanation:
The Message Logging is divided into 8 levels as listed below:
If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 4″ command, all the logging of emergencies, alerts, critical, errors, warnings will be logged.
What SNMP message alerts the manager to a condition on the network?
A. response B. get C. trap D. capture
Correct Answer: C
Explanation:
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant events.
A. HMAC-MD5 B. HMAC-SHA C. CBC-DES D. community strings
Correct Answer: D
Explanation:
SNMP Versions
Cisco IOS software supports the following versions of SNMP:
SNMPv1 — The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
SNMPv2c — The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
SNMPv3 — Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network.
