Category: Cisco
Most accurate Cisco 642-892 practice test for you to free download.csci-scrc is also an authenticated IT certifications site that offer all the new questions and answers timely.Visit the site Flydumps.com to get free Cisco 642-892 VCE test engine and PDF.
QUESTION 85
Refer to the exhibit. What two statements are true about the IS-IS configuration? (Choose two.)
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. The router is in area 49.0001.0002.
B. The router has a system ID of 0003.0004.
C. The router acts as a Level 1-2 router.
D. The network service access point selector (NSEL) byte has a value of 0. E. CLNS routing is enabled for the router.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference: QUESTION 86
Refer to the exhibit. Which two statements about the IS-IS configurations of router R1 and router R2 are correct? (Choose two.)
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. The IS-IS Level 2 metric that is assigned on the serial interface of router R2 is over three times the default value.
B. Router R1 sends only Level 1 hellos out the interface that is connected to R2.
C. Router R2 sends only Level 2 hellos out the interface that is connected to R1.
D. Router R1 is configured as a Level 1-2 router.
E. Router R2 has the same metric value assigned for Level 1 and Level 2 on the serial interface.
F. The network entity titles (NETs) that are configured on L1 and L2 are incompatible.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 87
Refer to the exhibit. On the basis of the output, what two conclusions can be reached? (Choose two.)
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. Three physical interfaces are taking part in integrated IS-IS.
B. Address summarization is configured.
C. There are two neighboring routers sending IS-IS routing information.
D. The default administrative distance has been changed.
E. IS-IS is not redistributing any other routing protocols.
F. IS-IS is not enabled.
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 88
Which three options are supported as address allocation mechanisms for DHCP on Cisco routers? (Choose three.)
A. The IP address can be automatically assigned to a host.
B. The IP address can be assigned as a random hash value of the burned-in-address of the lowest-numbered LAN interface on the router.
C. The network administrator can assign a specific IP address to a specific host MAC address.
D. The IP address can be assigned from configured pools in a reverse lexicographical order.
E. The IP address can be assigned to a host for a limited time or until the host explicitly releases the address. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
F. The IP address can be assigned to a host until the host usurps the assigned value using its own dynamic override mechanism.
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference: QUESTION 89
Refer to the exhibit. What two conclusions can be made based on the DHCP configuration? (Choose two.)
A. The second DNS server configured will never be queried.
B. The first IP address assigned by DHCP is 172.16.0.1.
C. The IP address of the default router is used for DHCP relay.
D. The DHCP clients learn the excluded address ranges that area configured.
E. The configured domain name is propagated to the DHCP clients.
Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Refer to the exhibit. Which statement is true about the configuration?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. Hosts will receive IP settings from pool 1 until the addresses run out, and then hosts will receive the settings from pool 2.
B. Hosts belonging to DHCP pool 1 and pool 2 will retain their IP settings for 30 hours before they must renew.
C. Hosts in the 10.10.20.0/24 subnet will use 10.10.20.50 as its DNS server.
D. DHCP pool 0 needs to have the ip dhcp excluded-address command to exclude the default router and DNS servers.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 91
Refer to the exhibit. Which configuration is reflected in the output that is displayed in the exhibit?
A. neighbor 192.168.28.1 route-map cisco in ! access-list 66 permit 10.0.0.0 0.0.0.255 ! route-map cisco permit 10 match ip address 66 set local-preference 90 PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
B. neighbor 192.168.28.1 route-map cisco out ! access-list 66 permit 10.0.0.0 0.0.0.255 ! route-map cisco permit 10 match ip address 66 set metric 90
C. neighbor 192.168.28.1 route-map cisco out ! access-list 66 permit 10.30.0.0 0.0.255.255 ! route-map cisco permit 10 match ip address 66 set metric 90
D. neighbor 192.168.28.1 route-map cisco in ! PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892 access-list 66 permit 10.30.0.0 0.0.255.255 ! route-map cisco permit 10 match ip address 66 set local-preference 90
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 92
Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the reason Router RT-1 chooses this “best” path.
A. In making its decision about the best path, RT-1 gives precedence to the origin code.
B. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.
C. IP address 128.107.2.2 is lower than 128.107.255.2.
D. In making its decision about the best path, RT-1 prefers the IGP metrics.
E. RT-1 prefers internal BGP routes.
F. IP address 128.107.254.2 is lower than 128.107.255.2.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 93
What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from becoming a transit system?
A. Advertise with a high MED value all networks that are discovered via external BGP.
B. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.
C. Only advertise networks externally if they have been discovered via internal BGP.
D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system.
E. Set the no-export community attribute on all networks that are advertised externally.
F. Set the origin code to incomplete for all networks that are discovered via external BGP.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 94
Refer to the exhibit. Which statement is true about the router configuration that is shown? PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. Additional DHCP options will be imported from another DHCP server.
B. The DHCP server pools need to be bound to an interface to operate.
C. This configuration will provide IP configuration information to two different subnets.
D. Additional DCHP option information needs to be imported from another DHCP server.
E. If the router hands out all the addresses in pool 1, then it will supply addresses from pool 2.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 95
Refer to the exhibit. Which statement is true about the router with ID 10.64.0.1?
A. It is the BDR for the local segment.
B. It is the DR for the local segment.
C. It is not running OSPF.
D. It has an OSPF priority of 1 on the attached interface.
E. It has a loopback that is configured.
F. It is not the DR or BDR for the local segment.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Which statement is true about Protocol Independent Multicast Dense Mode (PIM DM) multicast routing?
A. PIM DM supports shared distribution trees.
B. If a port is pruned, the administrator must re-enable the port to support multicast traffic.
C. The (S,G) state exists in every router, regardless of the presence of an RPF interface.
D. Flooding of traffic only occurs in the beginning stages of routing. Afterwards, all necessary ports are pruned and multicast traffic is not sent across those interfaces.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 97
The show ip route command generated routes flagged as O N2 and O N1. Which option best describes how these routes were created?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. Summarization was performed on an ASBR connected to a totally stubby area.
B. Static routes were redistributed into an ASBR.
C. Redistribution was performed into a totally stubby area.
D. Redistribution was performed into an NSSA area.
E. Summarization was performed on an ASBR connected to a NSSA area.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 98
How is the configuration of a totally stubby area different from that of a stub area?
A. The totally stubby area requires the no-summary command on the ABR.
B. The totally stubby area requires the totally stubby command on the ABR.
C. The no-summary command should be included on all routers within the totally stubby area.
D. The totally stubby command should be included on all routers within the totally stubby area.
E. The totally stubby area requires the no-summary command on the ASBR.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 99
Refer to the exhibit. Which one statement is true?
A. Traffic from the 172.16.0.0/16 network will be blocked by the ACL.
B. The 10.0.0.0/8 network will not be advertised by Router B because the network statement for the 10.0.0.0/8 network is missing from Router B.
C. The 10.0.0.0/8 network will not be in the routing table on Router B.
D. Users on the 10.0.0.0/8 network can successfully ping users on the 192.168.5.0/24 network, but users on the 192.168.5.0/24 cannot successfully ping users on the 10.0.0.0/8 network.
E. Router B will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Refer to the exhibit. RTR-38 has two possible paths to reach the indicated networks but only chooses next hop 172.20.72.1. Which two options would cause RTR-38 to choose next hop 172.20.73.1 for network
192.168.101.0 but still use next hop 172.20.72.1 for the remaining networks? (Choose two)
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-preference to 200 for network 192.168.101.0.
B. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-preference to 200 for all networks accept 192.168.101.0.
C. On RTR-38 apply the command neighbor 172.20.73.1 weight 200.
D. On RTR-38 apply the command neighbor 172.20.72.1 weight 200.
E. On BGP neighbor router 172.20.73.1 apply a route map that advertises a MED of 200 for network
192.168.101.0 to RTR-38.
F. On BGP neighbor router 172.20.72.1 apply a route map that advertises a MED of 200 for network
192.168.101.0 to RTR-38.
Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
QUESTION 101
During BGP configuration on a router that has peered with other BGP speakers, the BGP command aggregate-address 172.32.0.0 255.255.252.0 is issued. However, the peers do not receive this aggregate network in BGP advertisements. Also, the router does not have this aggregate network in its BGP table. Which option indicates a possible reason this command did not cause the router to advertise the aggregate network to its peers?
A. Interface NULL 0 is likely shutdown.
B. The BGP command no synchronization is missing.
C. The BGP command no auto-summary is missing.
D. Subnets of 172.32.0.0/22 do not exist in the BGP table.
E. The IGP running on this router does not have network 172.32.0.0/22 installed.
F. The next hop IP address must be a loopback address.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 102
What are the two effects of the IP multicast global configuration command ip pim send-rp-announce loopback0 scope 31 group-list 5 issued on multicast router RTA? (Choose two.)
A. RTA will drop all RP announcements it receives if the TTL field is greater than 31.
B. RTA will forward RP announcements provided they are within the scope of 31.
C. RTA will originate RP announcements with TTL set to 31.
D. RTA will forward RP announcements from any neighbor router with a source IP address that matches access-list 5.
E. RTA will originate RP announcements for multicast groups that match access-list 5.
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Refer to the exhibit. Based on the output from the show command on RT1 which statement is true?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. OSPFv3 uses global IPv6 addresses to establish neighbor adjacencies.
B. RT1 has a subnet mask of 64 bits.
C. RT1 has FastEthernet0/0 set as a DR for network type broadcast.
D. OSPFv3 uses Link-local addresses to establish neighbor adjacencies.
E. RT1 does not have a global IPv6 address set on FastEthernet0/0.
F. OSPFv3 uses IPv4 addresses to establish neighbor adjacencies.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 104
Refer to the exhibit. In the show ipv6 route output, what would the metric be for a summary route that summarizes all three OSPFv3 routes displayed?
A. 20
B. 40
C. 100
D. 120
E. 140
F. 160
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
QUESTION 105
Refer to the exhibit. Which statement is correct regarding the partial configuration shown?
A. The router’s fa0/0 interface will be assigned the reserved address of 20.0.0.2.
B. The router will import its DHCP options from a configuration file on a TFTP server.
C. The router’s fa0/0 interface will be assigned any address from the 20.0.0.0/8 network except 20.0.0.2.
D. The router will add the DHCP option parameters it learns from another server into its DHCP server database.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 106
Refer to the exhibit. It is desired to set up a BGP neighbor relationship between routers R1 and R4. BGP packets between them could travel through R2 or R3. What is the simplest configuration that will allow for failover?
A. Configure BGP neighbor relationships between all interfaces on R1 and R4.
B. Install a direct connection between R1 and R4.
C. Configure loopback interfaces on R1 and R4 to provide the update source address for BGP packets.
D. Configure only one neighbor relationship between R1’s 192.168.1.2 interface and R4’s 172.16.10.2 interface.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
QUESTION 107
Refer to the exhibit. Routing updates for the 192.168.1.0 network are being received from all three neighbors. Which statement is correct regarding the result of the configuration shown?
A. The router will prefer the next hop of 172.16.1.1 for packets destined for the 192.168.1.0 network.
B. The router will prefer the next hop of 172.26.1.1 for packets destined for the 192.168.1.0 network.
C. The router will advertise the 192.168.1.0 network only to 172.30.1.1.
D. The router will advertise the 192.168.1.0 network only to 172.26.1.1.
E. The router will prefer the next hop of 172.26.1.1 for packets except those destined for the 192.168.1.0 network.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 108
Refer to the exhibit. The neighbor 10.1.1.1 weight 200 BGP configuration command has been configured on router A. What will be the result of this configuration?
A. Router A will prefer the path through router B for network 172.20.0.0. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
B. Router A will prefer the path through router C for network 172.20.0.0.
C. Packets from router D will prefer the path through router B for networks advertised by router A.
D. Packets from router D will prefer the path through router C for networks advertised by router A.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 109
Which spanning-tree command would cause a PortFast-enabled interface to lose its PortFast-operational status and disable BPDU filtering if it receives BPDUs?
A. spanning-tree guard root
B. spanning-tree bpduguard enable
C. spanning-tree portfast bpduguard default
D. spanning-tree bpdufilter enable
E. spanning-tree portfast bpdufilter default
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Which spanning-tree command would essentially disable spanning tree on an interface and make that interface susceptible to spanning-tree loops?
A. spanning-tree portfast bpdufilter default
B. spanning-tree bpdufilter enable
C. spanning-tree portfast bpduguard default
D. spanning-tree bpduguard enable
E. spanning-tree guard root
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 111
Which statement correctly describes the results of the Ethernet switch global configuration command spanning-tree loopguard default?
A. When any port receives a BPDU, it is put it in the error-disabled state.
B. An interface is moved directly to the spanning-tree forwarding state without waiting for the standard forward-time delay.
C. Prevents interfaces that are in a PortFast-operational state from sending or receiving BPDUs.
D. Detects indirect link failures and starts the spanning-tree reconfiguration sooner.
E. Prevents alternate or root ports from becoming designated ports because of a failure that leads to a unidirectional link.
F. Provides fast convergence after a direct link failure where a root port transitions to the forwarding state immediately without going through the listening and learning states.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 112
Which optional feature of an Ethernet switch disables a port on a point-to-point link if the port does not receive traffic while Layer 1 status is up?
A. BackboneFast
B. UplinkFast
C. Loop Guard
D. UDLD aggressive mode
E. Fast Link Pulse bursts
F. Link Control Word
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 113
Which three statements are true about routed ports on a multilayer switch? (Choose three)
A. A routed port can support VLAN subinterfaces.
B. A routed port will take an IP address assignment.
C. A routed port can be configured with routing protocols.
D. A routed port is a virtual interface on the multilayer switch. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
E. A routed port is only associated with one VLAN.
F. A routed port is a physical interface on the multilayer switch.
Correct Answer: BCF Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Which three statements are true about CEF? (Choose three.)
A. The FIB table is derived from the IP routing table.
B. The adjacency table is derived from the ARP table.
C. CEF IP destination prefixes are stored in the TCAM table, from the least specific to the most specific entry.
D. When the CEF TCAM table is full, packets are dropped.
E. When the adjacency table is full, a CEF TCAM table entry points to the Layer 3 engine to redirect the adjacency.
F. The FIB lookup is based on the Layer 3 destination address prefix (shortest match).
Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 115
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. Encapsulation on the switch is wrong.
B. Trunking needs to be enabled on Fa0/1.
C. The native VLAN is wrong.
D. VLAN 1 needs the no shutdown command.
E. IP routing needs to be enabled on the switch.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 116
Refer to the exhibit. What problem is preventing users on VLAN 100 from pinging addresses on VLAN 200?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
A. No default route on DLS1.
B. Encapsulation mismatch between switches.
C. Native VLAN mismatch.
D. Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1.
E. Trunking needs to be enabled.
F. The ip routing command is missing on DLS1.
Correct Answer: F Section: (none)
Explanation
Explanation/Reference:
QUESTION 117
Which three characteristics are true about voice traffic in the campus network? (Choose three.)
A. bursty
B. greedy
C. drop sensitive
D. delay sensitive
E. UDP priority
F. TCP retransmits
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 118
Which three characteristics are true about voice traffic in the campus network? (Choose three.)
A. TCP retransmits
B. benign
C. greedy
D. drop sensitive
E. smooth
F. delay insensitive
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 119
Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip ospf PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-892
neighbor output, what prevents R1 from establishing a full adjacency with R2?
A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess networks.
B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area 1.
C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2.
D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2.
E. The Hello parameters on routers R1 and R2 do not match.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 120
Which two statements are true about voice VLANs? (Choose two.)
A. Voice VLANs allow IP phones to be moved around without worrying about subnets.
B. Voice VLANs allow voice and data packets to be logically combined.
C. Implementing voice VLANs causes network administrators to change their existing IP topology.
D. Using voice VLANs makes it easier for network administrators to identify and troubleshoot network problems.
E. Voice VLANs are available on all Cisco switches.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 121
Which two statements are true about trust boundaries? (Choose two.)
A. Classifying and marking traffic should be done as close to the traffic source as possible.
B. Classifying and marking traffic should be done at the distribution layer.
C. Traffic is classified and marked as it travels through the network.
D. If untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.
E. The trust boundary moves depending on the type of traffic entering the network.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Try Cisco 642-892 exam free demo before you decide to buy it in Flydumps.After you buy Flydumps Cisco 642-892 exam dumps, you will get free update for ONE YEAR!
Flydumps just published the newest Cisco 642-813 dumps with all the new updated exam questions and answers.Flydumps provide the latest version of Cisco 642-813 and VCE files with up-to-date questions and answers to ensure your exam 100% pass, on our website you will get the free new newest Cisco 642-813 version VCE Player along with your VCE dumps.
QUESTION 80 Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 81
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 82
A.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Correct Answer: BF Section: (none) Explanation
Explanation/Reference:
QUESTION 84 Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 85
B.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 86
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 87
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 88
A.
B.
C.
D.
E.
F.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 89 Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 91 Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 92
A.
B.
D.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 93 Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 94
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 95
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 97
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 98
B.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 99
C.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 101
A. active
B. speak
C. learn
D. listen
E. init
F. standby
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Whenever Cisco candidates take a tour of sample questions of Cisco 642-813 exam they find their training to be matchless to great extent.Passing the Cisco 642-813 on your own can be a difficult task,but with Cisco 642-813 preparation products,many candidates who appeared online passed Cisco 642-813 easily.
Flydumps ensures Cisco 642-813 study guide are the newest and valid enough to help you pass the test.Please visit Flydumps.com and get valid Cisco 642-813 PDF and VCE exam dumps with free new version.100% valid and success.
QUESTION 60
Correct Answer: A Section: (none)Explanation
Explanation/Reference:
QUESTION 61
Correct Answer: BC Section: (none)Explanation
QUESTION 62
A. acceess
B. non negotiate
C. trunk
D. dynamic desirable
E. dynamic auto
F. none of the other alternatives apply
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Correct Answer: BD Section: (none) Explanation
QUESTION 64
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Correct Answer: Section: (none)Explanation
QUESTION 66
A. auto
B. negotiate
C. designate
D. non negotiate
Correct Answer: A Section: (none)Explanation
QUESTION 67
Correct Answer: B Section: (none) Explanation
QUESTION 68
A. DTP
B. VTP
C. 802.1Q
D. ISL
E. none of the other alternatives apply
Correct Answer: C Section: (none)Explanation
QUESTION 69
Correct Answer: C Section: (none) Explanation
QUESTION 70
Correct Answer: BD Section: (none)Explanation
QUESTION 71
A. MST00
B. MST01
C. the last MST instance configured
D. none
Correct Answer: A Section: (none)Explanation
Explanation/Reference:
QUESTION 72
A. 802.11b
B. spanning-tree
C. 802.1q
D. ISL
E. VTP
F. Q.921
Correct Answer: C Section: (none) Explanation
QUESTION 73
A. region name
B. configuration revision number
C. VLAN INSTANCE MAP
D. ist stp bpdu HELLO TIMER
E. CST instance map
F. PVST+ instance map
Correct Answer: ABC Section: (none)Explanation
Explanation/Reference:
QUESTION 74
A.
Correct Answer: C Section: (none) Explanation
QUESTION 75
Correct Answer: C Section: (none)Explanation
QUESTION 76
A.
B.
C.
D.
E.
Correct Answer: BC Section: (none)Explanation
Explanation/Reference:
QUESTION 77
Correct Answer: CF Section: (none) Explanation
QUESTION 78
A. VTP mode
B. STP ROOT STATUS
C. Negotiation status
D. management domain
E. configuration revision number
Correct Answer: DE Section: (none) Explanation
QUESTION 79
D.
E.
Correct Answer: BE Section: (none)Explanation
Explanation/Reference:
QUESTION 80
A. the host will be allowed to connect
B. the port will shut down
C. the host can only connect through a hub/switch where 0002.0002.0002 is already connected
D. the host will be refused access
E. none of th other alternatvies apply
Correct Answer: A Section: (none) Explanation
QUESTION 81
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 82
A. snooping attack
B. rougue device attack
C. STP attack
D. VLAN attack
E. spoofing attack
F. MAC flooding attack
Correct Answer: E Section: (none)Explanation
Explanation/Reference:
QUESTION 83
Correct Answer: AD Section: (none) Explanation
QUESTION 84
Correct Answer: F Section: (none) Explanation
QUESTION 85
Correct Answer: D Section: (none) Explanation
QUESTION 86
Correct Answer: A Section: (none) Explanation
QUESTION 87
Correct Answer: B Section: (none)Explanation
QUESTION 88
A. ports 0/1 and 0/2
B. the trunk port 0/22 and ethernchannel ports
C. ports 0/1 0/2 and 0/3
D. ports 0/1 0/2 and 0/3, the trunk port 0/22 and ethernchannel ports
E. port 0/1
F. ports 0/1 0/2 and 0/3, the trunk port 0/22
Correct Answer: C Section: (none)Explanation
QUESTION 89
A. EAP over LAN
B. EAP MD5
C. STP
D. portocols not filtered by an ACL
E. CDP
F. TACACS+
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Correct Answer: ACE Section: (none)Explanation
QUESTION 91
Correct Answer: F Section: (none)Explanation
QUESTION 92
Correct Answer: C Section: (none) Explanation
QUESTION 93
A. STP
B. CDP
C. EAP MD5
D. TACACS+
E. EAP-over-LAN
F. portocols not filtered by an ACL
Correct Answer: ABE Section: (none) Explanation
QUESTION 94
Correct Answer: B Section: (none)Explanation
Explanation/Reference:
QUESTION 95
E.
Correct Answer: ABD Section: (none) Explanation
QUESTION 96
Correct Answer: B Section: (none) Explanation
QUESTION 97
Explanation/Reference:
QUESTION 98
A.
B.
C.
D.
E.
F.
Correct Answer: BDF Section: (none)Explanation
Explanation/Reference:
QUESTION 99
Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Correct Answer: B Section: (none)Explanation
Explanation/Reference:
QUESTION 101
A. trunk
B. isolated
C. primary
D. community
E. promiscous
F. non of the alternatives apply
Correct Answer: E Section: (none)Explanation
QUESTION 102
A.
B.
C.
D.
Correct Answer: F Section: (none) Explanation
QUESTION 103
Correct Answer: A Section: (none)Explanation
QUESTION 104
A.
B.
Correct Answer: Section: (none) Explanation
QUESTION 105
Correct Answer: A Section: (none)Explanation
Explanation/Reference:
QUESTION 106
C.
Correct Answer: C Section: (none) Explanation
QUESTION 107
Correct Answer: B Section: (none) Explanation
QUESTION 108
Correct Answer: CE Section: (none)Explanation
QUESTION 109
Correct Answer: AD Section: (none)Explanation
Explanation/Reference:
QUESTION 110
Correct Answer: B Section: (none) Explanation
QUESTION 111
Correct Answer: A Section: (none) Explanation
QUESTION 112
A. hubs
B. switch
C. router
D. bridge
E. none of the other alternatvies apply
Correct Answer: C Section: (none)Explanation
Explanation/Reference:
QUESTION 113
A.
B.
C.
D.
E.
Correct Answer: BE Section: (none)Explanation
Explanation/Reference:
QUESTION 114 Correct Answer: A Section: (none)Explanation
QUESTION 115
Correct Answer: B Section: (none)Explanation
QUESTION 116
Correct Answer: BDE Section: (none) Explanation
QUESTION 117
Correct Answer: C Section: (none)Explanation
Explanation/Reference:
QUESTION 118
Correct Answer: B Section: (none) Explanation
QUESTION 119
A.
B.
C.
D.
E.
Correct Answer: A Section: (none)Explanation
Explanation/Reference:
QUESTION 120
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 121 Correct Answer: BC Section: (none)Explanation
QUESTION 122
A. ip routing
B. switchport mode trunk
C. no switchport
D. switchport turnk native vlan 1
E. none of the other alternatives apply
Correct Answer: A Section: (none)Explanation
QUESTION 123
A. configure VACLs
C.
Correct Answer: E Section: (none)
Explanation
QUESTION 124
Correct Answer: C Section: (none) Explanation
QUESTION 125
B.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 126
A.
B.
C.
D.
E.
F.
Correct Answer: ABC Section: (none)Explanation
Explanation/Reference:
QUESTION 127
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 128
A.
B.
C.
D.
E.
F.
Correct Answer: ABC Section: (none)Explanation
Explanation/Reference:
QUESTION 129 Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 130
Correct Answer: E Section: (none) Explanation
QUESTION 131
A.
C.
Correct Answer: D Section: (none)Explanation
QUESTION 132
A.
B.
C.
D.
E.
F.
Correct Answer: BDF Section: (none)Explanation
Explanation/Reference:
QUESTION 133
Correct Answer: BD Section: (none)Explanation
QUESTION 134
Select and Place: Correct Answer:
Section: (none) Explanation
Explanation/Reference:
QUESTION 135
Correct Answer: AB Section: (none) Explanation
QUESTION 136
A. accounting
B. analog and digital voice
C. mobility
D. security
E. routing and switching
F. VLAN and QoS
Correct Answer: CDF Section: (none) Explanation
Flydumps is ready to provide Cisco 642-813 candidates with Cisco 642-813 training materials which can be very much helpful for getting Cisco 642-813 certification, which means that candidates.Cisco 642-813 can easily get access to the services of Cisco 642-813 for practice exam, which will assure them 100% Cisco 642-813 success rate.Though Cisco 642-813 tests are not easy at all,but they do not make Cisco 642-813 things complicated.
The 100% valid latest Cisco 642-812 question answers ensure you 100% pass! And now we are offering the free Cisco 642-812 new version along with the VCE format Cisco 642-812 practice test. Free download more new Cisco 642-812 PDF and VCE on Flydumps.com.
QUESTION 73
With Cisco Express Forwarding, prefixes that require exception processing can be cached with one of
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
which four special adjacencies. (Choose four.)
A. forward
B. null
C. glean
D. kick
E. discard
F. drop
Correct Answer: BCEF Section: (none) Explanation
Explanation/Reference: QUESTION 74
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
A. Encapsulation on the switch is wrong.
B. Trunking needs to be enabled on Fa0/1.
C. The native VLAN is wrong.
D. VLAN 1 needs the no shutdown command.
E. IP routing needs to be enabled on the switch.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
QUESTION 75
Refer to the exhibit. What problem is preventing users on VLAN 100 from pinging addresses on VLAN
200?
A. No default route on DLS1.
B. Encapsulation mismatch between switches.
C. Native VLAN mismatch.
D. Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1.
E. Trunking needs to be enabled.
F. The ip routing command is missing on DLS1.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 76
An attacking device has gained unauthorized access to data on a different VLAN through the use of
double tagging. What is the name of this network attack?
A. switch spoofing TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
B. IP spoofing
C. VLAN hopping
D. VLAN jumping
E. DHCP spoofing
F. MAC flooding
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 77
Which three characteristics are true about voice traffic in the campus network? (Choose three.)
A. bursty
B. greedy
C. drop sensitive
D. delay sensitive
E. UDP priority
F. TCP retransmits
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 78
Which three characteristics are true about voice traffic in the campus network? (Choose three.)
A. TCP retransmits
B. benign
C. greedy
D. drop sensitive
E. smooth
F. delay insensitive
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 79
Which two statements are true about voice VLANs? (Choose two.)
A. Voice VLANs allow IP phones to be moved around without worrying about subnets.
B. Voice VLANs allow voice and data packets to be logically combined.
C. Implementing voice VLANs causes network administrators to change their existing IP topology.
D. Using voice VLANs makes it easier for network administrators to identify and troubleshoot network TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside problems.
E. Voice VLANs are available on all Cisco switches.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Which two statements are true about trust boundaries? (Choose two.)
A. Classifying and marking traffic should be done as close to the traffic source as possible.
B. Classifying and marking traffic should be done at the distribution layer.
C. Traffic is classified and marked as it travels through the network.
D. If untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.
E. The trust boundary moves depending on the type of traffic entering the network.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 81
In the event that two devices need access to a common server, but they cannot communicate with each
other, which security feature should be configured to mitigate attacks between these devices?
A. port security
B. dynamic ARP inspection
C. DHCP snooping
D. private VLANs
E. BPDU guard
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 82
A hacker is interested in seeing traffic from all switch ports on the switch that he is connected to,
including the ports belonging to other VLANs. What type of attack is he likely to implement?
A. MAC address flooding
B. ARP attack
C. spoofing attack
D. DHCP attack
E. VLAN hopping
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
QUESTION 83
Which statement best summarizes how DHCP snooping works?
A. DHCP snooping validates the header information of all DHCP replies and only allows the reply through if it has a matching request in the DSRT.
B. DHCP snooping validates all DHCP responses from all switch ports and only allows packets through if the destination port sent a DHCP request in the last 5 seconds.
C. DHCP snooping validates all DHCP responses from all switch ports and only allows packets through if the destination port specifically sent a DHCP request.
D. DHCP snooping determines which switch ports are trusted and can source all DHCP messages.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 84
Which three statements are true about DAI? (Choose three.)
A. DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the DHCP Snooping database.
B. DAI forwards all ARP packets received on a trusted interface without any checks.
C. DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the CAM table.
D. DAI forwards all ARP packets received on a trusted interface after verifying and inspecting the packet against the DAI table.
E. DAI intercepts all ARP packets on untrusted ports.
F. DAI is used to prevent against a DHCP Snooping attack.
Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 85
What does the auto qos voip cisco-phone command do?
A. If a Cisco IP phone is attached, the switch trusts the CoS.
B. The switch assigns a CoS value of 5 to incoming packets.
C. It turns on STP to see if a Cisco IP phone is attached.
D. If a Cisco IP phone is attached and removed, the switch continues to trust the CoS values as long as the switch is not rebooted.
E. It disables the trust boundary feature because the switch knows a Cisco IP phone is attached. TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 86
A network administrator would like to configure 802.1x port-based authentication, however, the client workstation is not 802.1x compliant. What is the only supported authentication server that can be used?
A. TACACS with LEAP extensions
B. TACACS+
C. RADIUS with EAP extensions
D. LDAP
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 87
A switch has been configured with PVLANs. With what type of PVLAN port should the default gateway be configured?
A. Isolated
B. Promiscuous
C. Community
D. Primary
E. Trunk
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 88
Workstations on a segment with HSRP running should have their IP default gateway configured for which device?
A. standby router
B. virtual router
C. router physically connected to the network segment
D. router closest to the network segment
E. backup router
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 89
Refer to the exhibit. The lightweight wireless architecture splits the processing of the 802.11 data and management protocols and the access point functionality between the access point and the WLAN
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
controller using split MAC approach. Which three functionalities are handled by the WLAN controller?
(Choose three.)
A. the transmission of beacon frames
B. the portions of the protocol that have real-time requirements
C. the response to Probe Request frames from clients
D. 802.11 authentication
E. 802.11 association and re-association (mobility)
F. 802.11 frame translation and bridging
Correct Answer: DEF Section: (none) Explanation
Explanation/Reference:
QUESTION 90
What is the function of the Service Set Identifier (SSID) in the wireless LAN?
A. The SSID should be configured on the client site only and provides data-privacy functions and authentication to the access point.
B. The SSID must match on both the client and the access point. The SSID is advertised in plain-text in the access point beacon messages.
C. The SSID must match on both the client and the access point and provides encryption keys for authentication to the access point.
D. The SSID must match on both the client and the access point and provides MAC Address Authentication to authenticate the client to the access point.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 91
Refer to the exhibit. Three different wireless groups of users are allowed to gain access to the wireless
LAN. What type of security policy should be enforced for the users in the Guest group?
TestInside Help You Pass Any IT Exam http://www.TestInside.com
Testinside
A. static WEP and MAC authentication
B. LEAP authentication
C. primary SSID with open or no WEP authentication
D. open authentication with WEP plus MAC authentication
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 92
Refer to the exhibit. Which statement is true about the repeater access point that is deployed in this wireless network?
A. The repeater access point should use a different SSID than the SSID configured on the parent access point.
B. The repeater access point should use a different WEP encryption method than the WEP encryption that is enabled on the parent access point.
C. The repeater access point reduces the throughput in half because it receives and then re-transmits each packet on the same channel.
D. The repeater access point requires a 10 percent channel overlap with channel of the root access point.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
QUESTION 93
What are two differences between the Autonomous WLAN solution and the Lightweight WLAN solution?
(Choose two.)
A. TACACS+ can only be used for authentication with the Cisco Lightweight WLAN solution.
B. CiscoWorks Wireless LAN Solution Engine can be used for management with the Autonomous WLAN Solution.
C. CiscoWorks Wireless LAN Solution Engine can be used for management with the Lightweight WLAN Solution.
D. Cisco Wireless LAN Controller is used to configure the access points in the Lightweight WLAN solution.
E. Cisco Wireless LAN Controller is used to configure the access points in the Autonomous WLAN solution.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 94
Which statement is true about the data traffic between the access point and controller?
A. The data traffic is switched at the access point before being sent to the WLAN controller where VLAN tagging and QoS are applied.
B. The data traffic is encrypted with AES.
C. The data traffic between the access point and controller is encrypted.
D. The data traffic is encapsulated with LWAPP.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 95
How are VRRP messages exchanged between routers sharing a common LAN segment?
A. VRRP relies on TCP to open a connection and to maintain that connection using TCP keepalives.
B. Unicast IP addresses with UDP port ID 112.
C. Destination IP address 224.0.0.18 with IP Protocol ID 112.
D. VRRP messages are directly encapsulated into the Ethernet data field using type code 0x112.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Refer to the exhibit. Based on the minimal VRRP configuration, which VRRP command issued on RTA
will ensure that RTA is the master virtual router?
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
A. vrrp 100 priority 0
B. vrrp 100 priority 1
C. vrrp 100 priority 100
D. vrrp 100 priority 254
E. vrrp 100 preempt
F. no vrrp 100 preempt
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 97
Refer to the exhibit. What does the output of the debug command indicate on VRRP router RTA?
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
A. VRRP is not active on RTA.
B. RTB does not have VRRP active.
C. RTA does not have VRRP preempt active.
D. RTB has a different IP address coded for VRRP group 1 than RTA.
E. RTB has the same IP address coded on its Ethernet interface as RTA.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 98
Which method enables GLBP to forward traffic from a LAN segment via multiple routers
simultaneously?
A. Clients need to have different default gateway IP addresses coded.
B. Separate GLBP groups are coded on the routers.
C. The AVG assigns different virtual MAC addresses.
D. Multiple AVG designated routers respond to ARP requests.
E. Proxy ARP allows multiple routers to respond to ARP requests from clients.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
QUESTION 99
How are GLBP messages exchanged between routers that share a common LAN segment?
A. GLBP messages are multicast to UDP port ID 3222.
B. GLBP messages are directly encapsulated into the Ethernet data field using type code 3222.
C. GLBP relies on TCP to open a connection and to maintain that connection using TCP keepalives.
D. Routers inform clients with GLBP messages and use ARP messages to exchange information about first-hop redundancy.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Which method used by GLBP allows the AVG to prefer one GLBP router as the AVF over other GLBP routers until its tracked interface goes down, when another router might be more preferred?
A. no glbp group load-balancing
B. glbp group load-balancing host-dependent
C. glbp group load-balancing round-robin
D. glbp group load-balancing weighted
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 101
Refer to the exhibit. If VLAN 21 does not exist before typing the commands, what is the result of the configuration applied on switch SW1?
A. A new VLAN 21 is created and port 0/8 is assigned to that VLAN.
B. A new VLAN 21 is created, but no ports are assigned to that VLAN.
C. No VLAN 21 is created and no ports are assigned to that VLAN.
D. Configuration command vlan database should be used first to create the VLAN 21.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 102
Refer to the exhibit. The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between the switches. Based on the configurations and the error TestInside Help You Pass Any IT Exam
http://www.TestInside.com Testinside messages received on the console of SW1, what is the cause of the problem?
A. The two ends of the trunk have different duplex settings.
B. The two ends of the trunk have different EtherChannel configuration.
C. The two ends of the trunk have different native VLAN configuration.
D. The two ends of the trunk allow different VLANs on the trunk.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 103
What action should a network administrator take to enable VTP pruning on an entire management
domain?
A. enable VTP pruning on any client switch in the domain
B. enable VTP pruning on every switch in the domain
C. enable VTP pruning on any switch in the management domain
D. enable VTP pruning on a VTP server in the management domain
Correct Answer: D Section: (none) Explanation Explanation/Reference:
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
QUESTION 104
Which process plays a major role in the creation of the CEF adjacency table?
A. Address Resolution Protocol (ARP)
B. PDU header rewrite
C. NetFlow switching
D. hello packet exchange
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 105
How does VTP pruning enhance network bandwidth?
A. by restricting unicast traffic to across VTP domains
B. by reducing unnecessary flooding of traffic to inactive VLANs
C. by limiting the spreading of VLAN information
D. by disabling periodic VTP updates
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 106
The network operations center has received a call stating that users in VLAN 107 are unable to access
resources through Router 1. From the information contained in the graphic, what is the cause of this
problem?
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
A. VLAN 107 does not exist on switch A.
B. VTP is pruning VLAN 107
C. VLAN 107 is not configured on the trunk
D. spanning tree is not enabled on VLAN 107
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 107
Which two table types are CEF components?(Choose two.)
A. forwarding information base
B. adjacency tables
C. neighbor tables TestInside Help You Pass Any IT Exam http://www.TestInside.com
Testinside
D. caching tables
E. route tables
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 108
Which Cisco IOS command assigns a Catalyst switch port to VLAN 10?
A. switchport mode vlan 10
B. switchport trunk native 10
C. switchport access vlan 10
D. switchport mode access vlan 10
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 109
Which statement is true regarding the configuration of ISL trunks?
A. All Catalyst switches support ISL trunking.
B. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
C. ISL trunking requires that native VLANs match.
D. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Which three statements are true regarding the above diagram? (Choose three.)
TestInside Help You Pass Any IT Exam http://www.TestInside.com Testinside
A. A trunk link will be formed.
B. Only VLANs 1-1001 will travel across the trunk link.
C. The native VLAN for Switch B is vlan 1.
D. DTP is not running on Switch A.
E. DTP packets are sent from Switch B.
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
Cisco 642-812 Questions and Answers Products basically comprise of the simulated Cisco 642-812 exam questions AND their most correct answers,accompanied with a methodical elucidation of the Cisco 642-812 answers and the probable wrong answers.The extent to which Cisco 642-812 Questions and Answers Products cover their Cisco subject is so thorough,that once you are done with a Cisco product,passing the Cisco 642-812 exam in first attempt should be a piece of cake.
Do not you know how to choose the Cisco 642-618 exam dumps? Being worried about your Cisco 642-618 exam? Just try Flydumps new version Cisco 642-618 exam dumps.High pass rate and money back guarantee!
QUESTION 50
In the default global policy, which traffic is matched for inspections by default?
A. match any
B. match default-inspection-traffic
C. match access-list
D. match port
E. match class-default
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which option lists the main tasks in the correct order to configure a new Layer 3 and 4 inspection policy on the Cisco ASA appliance using the Cisco ASDM Configuration > Firewall > Service Policy Rules pane?
A. 1. Create a class map to identify which traffic to match.
2.
Create a policy map and apply action(s) to the traffic class(es).
3.
Apply the policy map to an interface or globally using a service policy.
B. 1. Create a service policy rule.
2.
Identify which traffic to match.
3.
Apply action(s) to the traffic.
C. 1. Create a Layer 3 and 4 type inspect policy map.
2.
Create class map(s) within the policy map to identify which traffic to match.
3.
Apply the policy map to an interface or globally using a service policy.
D. 1. Identify which traffic to match.
2.
Apply action(s) to the traffic.
3.
Create a policy map.
4.
Apply the policy map to an interface or globally using a service policy.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 52
By default, how does a Cisco ASA appliance process IP fragments?
A. Each fragment passes through the Cisco ASA appliance without any inspections.
B. Each fragment is blocked by the Cisco ASA appliance.
C. The Cisco ASA appliance verifies each fragment and performs virtual IP re-assembly before the full IP packet is forwarded out.
D. The Cisco ASA appliance forwards the packet out as soon as all of the fragments of the packet have been received.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Which additional active/standby failover feature was introduced in Cisco ASA Software Version 8.4?
A. HTTP stateful failover
B. OSPF and EIGRP routing protocol stateful failover
C. SSL VPN stateful failover
D. IPsec VPN stateful failover
E. NAT stateful failover
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Which other match command is used with the match flow ip destination-address command within the class map configurations of the Cisco ASA MPF?
A. match tunnel-group
B. match access-list
C. match default-inspection-traffic
D. match port
E. match dscp
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which Cisco ASA configuration is used to configure the TCP intercept feature?
A. a TCP map
B. an access list
C. the established command
D. the set connection command with the embryonic-conn-max option
E. a type inspect policy map
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which configuration step (if any) is necessary to enable FTP inspection on TCP port 2121?
A. None. FTP inspection is enabled by default using the global policy.
B. Create a new class map to match TCP port 2121, then edit the global policy to inspect FTP for traffic matched by the new class map.
C. Edit default-inspection-traffic to match FTP on port 2121.
D. Add a new traffic class using the match protocol FTP option within the inspect_default class map.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 57
When the Cisco ASA appliance is processing packets, which action is performed first?
A. Check if the packet is permitted or denied by the inbound interface ACL.
B. Check if the packet is permitted or denied by the outbound interface ACL.
C. Check if the packet is permitted or denied by the global ACL.
D. Check if the packet matches an existing connection in the connection table.
E. Check if the packet matches an inspection policy.
F. Check if the packet matches a NAT rule.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which Cisco ASA (8.4.1 and later) CLI command is the best command to use for troubleshooting SSH connectivity from the Cisco ASA appliance to the outside 192.168.1.1 server?
A. telnet 192.168.1.1 22
B. ssh -l username 192.168.1.1
C. traceroute 192.168.1.1 22
D. ping tcp 192.168.1.1 22
E. packet-tracer input inside tcp 10.0.1.1 2043 192.168.4.1 ssh
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which reason explains why the Cisco ASA appliance cannot establish an authenticated NTP session to the inside 192.168.1.1 NTP server?
A. The ntp server 192.168.1.1 command is incomplete.
B. The ntp source inside command is missing.
C. The ntp access-group peer command and the ACL to permit 192.168.1.1 are missing.
D. The trusted-key number should be 1 not 2.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 60
On which type of encrypted traffic can a Cisco ASA appliance running software version 8.4.1 perform application inspection and control?
A. IPsec
B. SSl
C. IPsec or SSL
D. Cisco Unified Communications
E. Secure FTP
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Where in the Cisco ASA appliance CLI are Active/Active Failover configuration parameters configured?
A. admin context
B. customer context
C. system execution space
D. within the system execution space and admin context
E. within each customer context and admin context
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 62
With Cisco ASA active/active or active/standby stateful failover, which state information or table is not passed between the active and standby Cisco ASA by default?
A. NAT translation table
B. TCP connection states
C. UDP connection states
D. ARP table
E. HTTP connection table
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols?
A. network
B. ICMP
C. protocol
D. TCP-UDP
E. service
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Using the default modular policy framework global configuration on the Cisco ASA, how does the Cisco ASA process outbound HTTP traffic?
A. HTTP flows are not permitted through the Cisco ASA, because HTTP is not inspected by default.
B. HTTP flows match the inspection_default traffic class and are inspected using HTTP inspection.
C. HTTP outbound traffic is permitted, but all return HTTP traffic is denied.
D. HTTP flows are statefully inspected using TCP stateful inspection.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which flags should the show conn command normally show after a TCP connection has successfully been established from an inside host to an outside host?
A. aB
B. saA
C. sIO
D. AIO
E. UIO
F. F
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which Cisco ASA show command groups the xlates and connections information together in its output?
A. show conn
B. show conn detail
C. show xlate
D. show asp
E. show local-host
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 67
When a Cisco ASA is configured in multiple context mode, within which configuration are the interfaces allocated to the security contexts?
A. each security context
B. system configuration
C. admin context (context with the “admin” role)
D. context startup configuration file (.cfg file)
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 68
When troubleshooting redundant interface operations on the Cisco ASA, which configuration should be verified?
A. The nameif configuration on the member physical interfaces are identical.
B. The MAC address configuration on the member physical interfaces are identical.
C. The active interface is sending periodic hellos to the standby interface.
D. The IP address configuration on the logical redundant interface is correct.
E. The duplex and speed configuration on the logical redundant interface are correct.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which statement about the Cisco ASA 5505 configuration is true?
A. The IP address is configured under the physical interface (ethernet 0/0 to ethernet 0/7).
B. With the default factory configuration, the management interface (management 0/0) is configured with the 192.168.1.1/24 IP address.
C. With the default factory configuration, Cisco ASDM access is not enabled.
D. The switchport access vlan command can be used to assign the VLAN to each physical interface (ethernet 0/0 to ethernet 0/7).
E. With the default factory configuration, both the inside and outside interface will use DHCP to acquire its IP address.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 70
What is the correct regular expression to match HTTP requests whose URI is /welcome.jpg?
A. ^/welcome.jpg
B. ^/welcome\.jpg
C. ^*/welcome\.jpg
D. ^\/welcome\.jpg
E. ^\*/welcome\.jpg
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 71
A Cisco ASA in transparent firewall mode generates the log messages seen in the exhibit. What should be configured on the Cisco ASA to allow the denied traffic?
A. extended ACL on the outside and inside interface to permit the multicast traffic
B. EtherType ACL on the outside and inside interface to permit the multicast traffic
C. stateful packet inspection
D. static ARP mapping
E. static MAC address mapping
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 72
With active/standby failover, what happens if the standby Cisco ASA does not receive three consecutive hello messages from the active Cisco ASA on the LAN failover interface?
A. The standby ASA immediately becomes the active ASA.
B. The standby ASA eventually becomes the active ASA after three times the hold-down timer interval expires.
C. The standby ASA runs network activity tests, including ARP and ping, to determine if the active ASA has failed.
D. The standby ASA sends additional hellos packets on all monitored interfaces, including the LAN failover interface, to determine if the active ASA has failed.
E. Both ASAs go to the “unknown” state until the LAN interface becomes operational again.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 73
The Cisco ASA is dropping all the traffic that is sourced from the internet and is destined to any security context inside interface. Which configuration should be verified on the Cisco ASA to solve this problem?
A. The Cisco ASA has NAT control disabled on each security context.
B. The Cisco ASA is using inside dynamic NAT on each security context.
C. The Cisco ASA is using a unique MAC address on each security context outside interface.
D. The Cisco ASA is using a unique dynamic routing protocol process on each security context.
E. The Cisco ASA packet classifier is configured to use the outside physical interface to assign the packets to each security context.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 74
The Cisco ASA is operating in transparent mode. What is required on the Cisco ASA so that R1 and R2 can form OSPF neighbor adjacency?
A. Map the R1 and R2 MAC address in the Cisco ASA MAC address table using the mac-addresstable static if_name MAC_address command.
B. Configure OSPF stateful packet inspection using MPF.
C. Apply an EtherType ACL to the inside and outside interfaces to permit OSPF multicast traffic.
D. Apply an extended ACL to the inside and outside interfaces to permit OSPF multicast traffic.
E. Enable Advanced Application Inspection using MPF.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 75
On the Cisco ASA, where are the Layer 5-7 policy maps applied?
A. inside the Layer 3-4 policy map
B. inside the Layer 3-4 class map
C. inside the Layer 5-7 class map
D. inside the Layer 3-4 service policy
E. inside the Layer 5-7 service policy
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 76
A Cisco ASA requires an additional feature license to enable which feature?
A. transparent firewall
B. cut-thru proxy
C. threat detection
D. botnet traffic filtering
E. TCP normalizer
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 77
With Cisco ASA active/standby failover, what is needed to enable subsecond failover?
A. Use redundant interfaces.
B. Enable the stateful failover interface between the primary and secondary Cisco ASA.
C. Decrease the default unit failover polltime to 300 msec and the unit failover holdtime to 900 msec.
D. Decrease the default number of monitored interfaces to 1.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 78
Which command options represent the inside local address, inside global address, outside local address, and outside global address?
A. 1 = outside local, 2 = outside global, 3 = inside global, 4 = inside local
B. 1 = outside local, 2 = outside global, 3 = inside local, 4 = inside global
C. 1 = outside global, 2 = outside local, 3 = inside global, 4 = inside local
D. 1 = inside local, 2 = inside global, 3 = outside global, 4 = outside local
E. 1 = inside local, 2 = inside global, 3 = outside local, 4 = outside global
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 79
On Cisco ASA Software Version 8.4.1 and later, when you configure the Cisco ASA appliance in transparent firewall mode, which configuration is mandatory?
A. NAT
B. static routes
C. ARP inspections
D. EtherType access-list
E. bridge group(s)
F. dynamic MAC address learning
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Which access rule is disabled automatically after the global access list has been defined and applied?
A. the implicit global deny ip any any access rule
B. the implicit interface access rule that permits all IP traffic from high security level to low security level interfaces
C. the implicit global access rule that permits all IP traffic from high security level to low security level interfaces
D. the implicit deny ip any any rule on the global and interface access lists
E. the implicit permit all IP traffic from high security level to low security level access rule on the global and interface access lists
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 81
Which option can cause the interactive setup script not to work on a Cisco ASA 5520 appliance running software version 8.4.1?
A. The clock has not been set on the Cisco ASA appliance using the clock set command.
B. The HTTP server has not been enabled using the http server enable command.
C. The domain name has not been configured using the domain-name command.
D. The inside interface IP address has not been configured using the ip address command.
E. The management 0/0 interface has not been configured as management-only and assigned a name using the nameif command.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 82
Which statement about the Cisco ASA 5585-X appliance is true?
A. The IPS SSP must be installed in slot 0 (bottom slot) and the firewall/VPN SSP must be installed in slot 1 (top slot).
B. The IPS SSP operates independently. The firewall/VPN SSP is not necessary to support the IPS SSP.
C. The ASA 5585-X appliance supports three types of SSP (the firewall/VPN SSP, the IPS SSP, and the CSC SSP).
D. The ASA 5585-X appliance with the firewall/VPN SSP-60 has a maximum firewall throughput of 10 Gb/
s.
E. All IPS traffic (except the IPS management interface traffic) must flow through the firewall/VPN SSP first before it can be redirected to the IPS SSP.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Which logging mechanism is configured using MPF and allows high-volume traffic-related events to be exported from the Cisco ASA appliance in a more efficient and scalable manner compared to classic syslog logging?
A. SDEE
B. Secure SYSLOG
C. XML
D. NSEL
E. SNMPv3
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 84
Which option completes the CLI NAT configuration command to match the Cisco ASDM NAT configuration?
object network insidenatted range 10.1.2.10 10.1.2.20 object network insidenet range 172.16.1.10 172.16.1.100 ! object network outnatted range 192.168.3.100 192.168.3.150 ! nat (inside,outside) after-auto 1 _______________?________________
A. source dynamic insidenet insidenatted destination static Partner-internal-subnets outnatted
B. source dynamic insidenet insidenatted interface destination static Partner-internal-subnets outnatted
C. source dynamic insidenet interface destination static Partner-internal-subnets outnatted
D. source dynamic insidenet interface destination static Partner-internal-subnets outnatted
E. source dynamic insidenatted insidenet destination static Partner-internal-subnets outnatted
F. source dynamic insidenatted interface destination static Partner-internal-subnets outnatted
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 85
By default, not all services in the default inspection class are inspected. Which Cisco ASA CLI command do you use to determine which inspect actions are applied to the default inspection class?
A. show policy-map global_policy
B. show policy-map inspection_default
C. show class-map inspection_default
D. show class-map default-inspection-traffic
E. show service-policy global
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Preparing Cisco 642-618 exam is not difficult now.You can prepare from Cisco 642-618 Certification or Cisco 642-618 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-618 study material notes for test preparation. Latest Cisco 642-618 study material available.