Which two features control multicast traffic in a VLAN environment? (Choose two)
A. IGMP snooping
B. MLD snooping
C. RGMP
D. PIM snooping
E. pruning
Explanation:
1. IGMP Snooping (A)
Purpose:
Listens to IGMP (Internet Group Management Protocol) messages between hosts and routers to track multicast group memberships.
Prevents switches from flooding multicast traffic to all ports (limits traffic to only ports with interested receivers).
VLAN Impact:
Operates per-VLAN to isolate multicast domains.
2. Pruning (E)
Purpose:
Blocks multicast traffic from being forwarded to VLANs with no active receivers.
Example: Cisco’s VLAN pruning for VTP (VLAN Trunking Protocol) or manual pruning on trunks.
Why Other Options Are Incorrect?
B) MLD snooping: For IPv6 multicast (not IPv4/VLAN-centric).
C) RGMP: Rarely used; coordinates multicast between routers/switches.
D) PIM snooping: Tracks PIM routing in L3 switches, not VLAN traffic control.
Reference:
IEEE 802.1D (IGMP Snooping Standard)
Cisco VLAN Pruning Configuration Guide
Which two types of planning approaches are used to develop business-driven network designs and to facilitate the design decisions? (Choose two)
A. cost optimization approach
B. strategic planning approach
C. modular approach
D. tactical planning approach
E. business optimization approach
Explanation:
1. Strategic Planning Approach (B)
Purpose:
Focuses on long-term business goals (e.g., 3–5 years) and aligns network design with organizational vision.
Examples:
Designing a scalable SD-WAN for global expansion.
Adopting Zero Trust for future security needs.
2. Tactical Planning Approach (D)
Purpose:
Addresses short-term, actionable steps (e.g., 6–12 months) to implement strategic goals.
Examples:
Rolling out VoIP QoS policies in the next quarter.
Migrating a branch office to a new firewall.
Why Other Options Are Less Relevant?
A) Cost optimization: A goal, not a planning methodology.
C) Modular approach: A design technique (e.g., breaking networks into blocks), not business-driven planning.
E) Business optimization: Vague—strategic/tactical planning are structured methods to achieve this.
Reference:
ITIL 4 (Strategic vs. Tactical Planning)
Cisco Business-Driven Network Design Guide
Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?
A. Evaluate bandwidth utilization and connection quality
B. Enable special requirements such as direct DID lines on pickup
C. Make recommendations to limit the size of the half-open session table on routers
D. Check if anomaly detection is enabled for SIP and H.323 on Layer 3 devices
Explanation:
Why Bandwidth and Quality Assessment is Critical?
VoIP Traffic Requirements:
VoIP demands low latency (<150ms), jitter (<30ms), and packet loss (<1%).
Insufficient bandwidth or poor quality causes choppy audio, dropped calls.
Pre-Implementation Steps:
Bandwidth audit: Measure current utilization (e.g., via NetFlow, SNMP).
Quality testing: Use tools like Cisco IP SLA or ping/jitter tests.
Upgrade if needed:Add QoS (LLQ for VoIP), increase WAN bandwidth.
Why Other Options Are Secondary?
B) Direct DID lines: A telephony feature, not a network readiness task.
C) Half-open session table: Mitigates DoS but doesn’t ensure VoIP quality.
D) SIP/H.323 anomaly detection: Security measure, irrelevant to traffic handling.
Reference:
Cisco VoIP Design Guide: Bandwidth and QoS requirements.
ITU-T G.114: VoIP latency/jitter standards.
An existing wireless network was designed to support data traffic only. You must now install context-aware services for location tracking. What changes must be applied to the existing wireless network to increase the location accuracy? (Choose two)
A. Add access points along the perimeter of the coverage area.
B. Increase the access point density to create an average inter-access point distance of less than 40 feet or 12.2 meters.
C. Use directional antennas to provide more cell overlapping.
D. Install additional access points in monitor mode where the co-channel interference would otherwise be affected.
E. Fine tune the radio configuration of the access point to have a higher average transmission power to achieve better coverage.
Explanation:
1. Increase AP Density (B)
Why?
Location accuracy improves with more APs (triangulation requires ≥3 APs per device).
<40 feet spacing ensures devices are "heard" by multiple APs for precise RSSI-based tracking.
2. Directional Antennas (C)
Why?
Focuses RF energy to create controlled overlap zones, improving signal strength consistency for location calculations.
Example: Patch antennas in hallways reduce multipath interference vs. omnidirectional antennas.
Why Other Options Are Less Effective?
A) Perimeter APs: Helps with boundary detection but doesn’t improve in-building accuracy.
D) Monitor-mode APs: Used for rogue detection, not location tracking.
E) Higher TX power: Increases coverage but reduces accuracy (devices may "hear" fewer APs).
Reference:
Cisco CMX Location Analytics Guide: Recommends 12m AP spacing.
IEEE 802.11-2016: Antenna patterns for location accuracy.
An enterprise requires MPLS-connected branches to access cloud-based Microsoft 365 services over an SD-WAN solution. Internet access is available only at dual regional hub sites that are connected to the MPLS network. Which connectivity method provides an optimum access method to the cloud-based services if one ISP suffers loss or latency?
A. Cloud onRamp gateway site
B. Cloud onRamp SWG
C. Cloud onRamp
D. Cloud onRamp SaaS
Explanation:
Why Cloud onRamp?
Scenario Requirements:
MPLS branches need reliable access to Microsoft 365 (SaaS).
Internet redundancy: Only dual regional hubs have ISP links (MPLS-only branches rely on them).
How Cloud onRamp Helps:
Direct-to-Cloud Optimization:
Establishes performance-optimized tunnels from SD-WAN hubs to Microsoft 365 POPs (Points of Presence).
Uses Microsoft Azure Peering (ExpressRoute or Internet) for low-latency paths.
Failover Capability:
If one ISP fails, traffic automatically switches to the other hub’s ISP.
Monitors latency/jitter to avoid degraded links.
Why Not Other Options?
A) Gateway site: Part of Cloud onRamp but too narrow (focuses on gateway placement).
B) SWG (Secure Web Gateway): Filters traffic but doesn’t optimize SaaS paths.
D) SaaS: Describes the service (Microsoft 365), not the solution.
Reference:
Cisco Cloud onRamp for SaaS: Details Microsoft 365 optimization.
Microsoft Azure Peering Locations: Ensures low-latency access
The SD-WAN architecture is composed of separate orchestration, management, control, and data planes. Which activity happens at the orchestration plane?
A. Automatic onboarding of the SD-WAN routers into the SD-WAN overlay
B. Decision-making process on where traffic flows
C. Packet forwarding
D. Central configuration and monitoring
Explanation:
Role of the Orchestration Plane in SD-WAN:
Primary Function:
The orchestration plane automates the deployment and provisioning of SD-WAN devices (e.g., routers, edges).
Key tasks:
Zero-touch onboarding: Devices auto-register with the controller (e.g., Cisco vManage).
Policy distribution: Pushes templates (e.g., VPN, QoS) to all nodes.
Why Option A Fits?
"Automatic onboarding" is a core orchestration task, ensuring new routers join the overlay without manual configs.
Why Other Options Are Incorrect?
B) Decision-making on traffic flows: Control plane (e.g., OMP in Cisco SD-WAN).
C) Packet forwarding: Data plane (e.g., IPsec tunnels).
D) Central config/monitoring: Management plane (e.g., dashboard analytics).
Reference:
Cisco SD-WAN Architecture Guide: Orchestration plane responsibilities.
RFC 8402 (SDN Terminology): Defines orchestration vs. control planes..
Company XYZ wants to use the FCAPS ISO standard for network management design, focusing on minimizing outages through detection, isolation, and corrective actions. Which layer accomplishes this design requirement?
A. Fault management
B. Performance management
C. Security management
D. Accounting management
Explanation:
Why Fault Management?
FCAPS Focus:
Fault Management is explicitly designed for:
Detection: Identifying failures (e.g., link drops, device crashes).
Isolation: Pinpointing the root cause (e.g., SNMP traps, syslog).
Corrective Actions: Automating fixes (e.g., failover to backup links).
Outage Minimization:
Tools like Cisco Prime or SolarWinds use fault management to:
Trigger alerts for rapid response.
Restore services via predefined scripts.
Why Other Options Are Incorrect?
B) Performance Management: Tracks metrics (e.g., latency) but doesn’t fix outages.
C) Security Management: Prevents breaches but doesn’t resolve faults.
D) Accounting Management: Logs resource usage (e.g., billing), irrelevant to outages.
Reference:
ISO/IEC 7498-4 (FCAPS): Fault management definition.
ITU-T M.3400: Telecom fault management standards.
The network designer needs to use GLOP IP addresses to make them unique within their ASN. Which multicast address range will be considered?
A. 239.0.0.0 to 239.255.255.255
B. 224.0.0.0 to 224.0.0.255
C. 233.0.0.0 to 233.255.255.255
D. 232.0.0.0 to 232.255.255.255
Explanation:
What is GLOP Addressing?
Purpose of GLOP:
GLOP (RFC 3180) assigns globally unique multicast addresses to organizations based on their public ASN (Autonomous System Number).
Ensures multicast groups don’t collide across domains.
Address Range:
233.0.0.0/8 is reserved for GLOP.
The second and third octets encode the ASN (e.g., ASN 65000 → 233.253.232.0/24).
Why Other Options Are Incorrect?
A) 239.0.0.0/8: Administratively scoped (local use only, not global).
B) 224.0.0.0/24: Link-local (e.g., OSPF, EIGRP multicasts).
D) 232.0.0.0/8: Source-Specific Multicast (SSM), not GLOP.
Reference:
RFC 3180 (GLOP): Defines the 233.0.0.0/8 block.
IANA Multicast Address Assignments: Lists reserved ranges.
With virtualization applied throughout the network, every physical link may carry one or more virtual links. What is a key drawback of this?
A. Unneeded tunneling
B. Fate sharing
C. Bandwidth utilization
D. Serialization delay
Explanation:
Why Fate Sharing is a Key Drawback?
Definition of Fate Sharing:
In a virtualized network, multiple virtual links share the same physical link.
If the physical link fails, all virtual links carried over it fail simultaneously.
Impact:
No isolation: A single point of failure disrupts multiple services/applications.
Example: A fiber cut could take down VPNs, VoIP, and storage traffic at once.
Why Other Options Are Less Critical?
A) Unneeded tunneling: Overhead exists but is manageable (e.g., VXLAN, GRE).
C) Bandwidth utilization: Shared links can be oversubscribed, but QoS mitigates this.
D) Serialization delay:Affects latency but isn’t a systemic risk like fate sharing.
Reference:
RFC 3439 (Internet Architecture): Discusses fate-sharing trade-offs.
Cisco ACI Design Guide: Highlights physical redundancy to counter fate sharing.
Which two data plane hardening techniques are true? (Choose two)
A. warning banners
B. redundant AAA servers
C. Control Plane Policing
D. SNMPv3
E. infrastructure ACLs
F. disable unused services
G. routing protocol authentication
Explanation:
1. Infrastructure ACLs (E)
Purpose:
Block unauthorized access to network devices (e.g., routers, switches) at the data plane.
Example: Permit only SSH/HTTPS from management subnets, deny all else.
2. Disable Unused Services (F)
Purpose:
Eliminates attack surfaces (e.g., Telnet, HTTP, CDP) that could be exploited.
Why Other Options Are Incorrect?
A) Warning banners: Legal, not security hardening.
B) Redundant AAA servers: Management plane, not data plane.
C) Control Plane Policing: Protects the control plane (CPU), not data forwarding.
D) SNMPv3: Secures management traffic, not data plane.
G) Routing protocol auth: Control plane protection.
Reference:
Cisco SAFE Security Guide: Recommends ACLs and service hardening.
NIST SP 800-123: Best practices for network device security.
What statement describes the application layer as defined in the software-defined networking architecture?
A. This layer is responsible for collecting the network status such as network usage and topology.
B. This layer contains programs that communicate their desired network behavior to controllers.
C. This layer is responsible for handling packets based on the rules provided by the controller.
D. This layer processes the instructions and requirements sent by networking components.
Explanation:
Role of the Application Layer in SDN:
Definition:
The application layer hosts programs/services (e.g., firewalls, load balancers) that define network policies (e.g., QoS, security).
These applications communicate intent to the SDN controller via northbound APIs (e.g., REST, gRPC).
Examples:
A VoIP application requests low-latency paths from the controller.
A security app instructs the controller to block malicious traffic.
Why Other Options Are Incorrect?
A) Network status collection: Management/analytics layer (e.g., telemetry).
C) Packet handling: Data plane (switches/routers).
D) Processing instructions: Controller’s role, not applications.
Reference:
ONF SDN Architecture: Defines application layer functions.
Cisco ACI Application-Centric Design: Shows app-to-controller communication.
What are two advantages of controller-based networks versus traditional networks? (Choose two.)
A. The ability to have forwarding tables at each device
B. More flexible configuration per device
C. More consistent device configuration
D. Programmatic APIs that are available per device
E. The ability to configure the features for the network rather than per device
Explanation:
1. Consistent Device Configuration (C)
Why?
Controller-based networks enforce uniform policies (e.g., security, QoS) across all devices via centralized management.
Eliminates human errors from manual per-device CLI configurations.
2. Network-Wide Configuration (E)
Why?
SDN controllers (e.g., Cisco DNA Center, OpenDaylight) allow intent-based networking:
Define policies once (e.g., "Prioritize VoIP").
Automatically deploy to all relevant devices.
Why Other Options Are Less Relevant?
A) Forwarding tables: Traditional networks also use them (e.g., FIB).
B) Flexible per-device config: Controllers reduce per-device tweaks (centralization is the goal).
D) Programmatic APIs per device: Controllers centralize APIs, avoiding per-device scripts.
Reference:
Cisco SD-WAN Design Guide: Highlights consistency/automation.
ONF SDN Principles: Contrasts controller-based vs. traditional networks.
| Page 5 out of 17 Pages |
| Previous |