Share
Report Abuse
Next Blog
Create Blog
Sign In
A&Q
Saturda , April 18, 2009
CCNP 2 ISCW 100% final e am
How do cable modems transfer data across local cable TV lines? carries analog signals end-to-end carries digital signals end-to-end toggles between radio frequency and analog data signals modulates digital data to an RF and transmits it at a specific frequency What is the maximum distance ADSL transmissions will work? 18,000 meters 5460 meters 17,068 meters 2478 meters Which form of DSL uses the frequency band of 20khz to 1Mhz? IDSL SDSL ADSL VDSL What is the most popular modulation technique that ADSL uses? carrierless amplitude modulation/phase modulation (CAP) frequency division multiplexing (FDM) quadrature phase shift keying (QPSK) discrete multitone modulation (DMT) consumer/Mass-Market DMT (G.lite) quadrature amplitude modulation (QAM)
Ads
Counter
Blog Archive
2009 (1) April (1) CCNP 2 ISCW 100% final e am 2008 (3 )
1/21
11/12/11
in he c
ome ne
o k do no ha e connec i i . Wha co ld be ca
ing hi i
e?
bne ma k fo he DHCP pool i inco ec . pecified in he DHCP pool i inco ec . e a e inco ec . ide e ei ed on he inco ec in e face .
The defa l o e ha i
The command ip na in ide and ip na o The o e load ke Which a emen i o d ho ld be emo ed. e abo he
i hin an IP ec en i onmen ? DPD and Ci co IOS keepali e a e en oge he . DPD a e en a eg la in e al . DPD a e en hen no affic i flo ing. hen he IKE polic i ini ia ed.
2/21
11/12/11
Refer to the e hibit. Which statement is true about the IPsec configuration? The ke ill not be sent encr pted to the peer.
The default authentication has been changed. The local IP address is 172.16.153.2. Access-list 2 ill be referenced to control traffic.
Refer to the e hibit. Which set of commands the e hibit? cr pto isakmp polic 15
ould correctl configure this router to displa the output that is generated in
hash md5
authentication rsa-sig
group 2
hash sha
authentication rsa-sig
group 2
authentication pre-share
3/21
11/12/11
authentication pre-share
hash sha
group 2
authentication rsa-sig
group 2
lifetime 5000 If SDM is being used, which statement is true when no IKE policies have been configured on a router? The hash algorithm used will be MD5. The lifetime will be unlimited. Pre-share authentication will be used. 3DES encr ption will be used. Which two modes can be selected after launching the Create a Site-to-Site VPN option using the SDM? (Choose two.) One click VPN setup Step b step wi ard CLI wi ard Quick setup Edit Site-to-Site VPN
4/21
11/12/11
Refe o he e hibi . Which a k VPN de ice? Selec ing he in e face on Config ing IKE policie .
e of a emo e
ill e mina e.
Config ing an IPSec an fo m e . Config ing a g o p polic look p me hod. Config ing e a hen ica ion.
Config ing g o p policie on he local o e . Which o a emen o.) VPN Clien do no in alla ion. be abo he Ci co Ea VPN Clien fo Windo ae
e? (Choo e P e io
l in alled e ion of he Ci co Ea
i h a ne
l in alled e ion of he Ci co Ea i h a ne
VPN Clien m
In allShield o he Mic o of Windo The Ci co Ea In allShield. The Ci co Ea Mic o of Windo The Ci co Ea e e. Wha a e he Ci co Ea Ci co Ea Ci co Ea Ci co Ea Ci co Ea o componen VPN GRE VPN Ro e VPN Remo e VPN One-Click VPN Se e i ad i ad
VPN Clien can onl be in alled b In alle (MSI). VPN Clien i onl compa ible
ing he
i h a Ci co Ea
VPN
of Ci co Ea
VPN? (Choo e
o.)
5/21
11/12/11
Refe o he e hibi . A nnel i e abli hed be ae e abo affic ha flo be -li f om ne een ne
een o e
a emen
o k A o ne
o k B? (Choo e
o k A and ne
101 doe no pe mi TCP o UDP, affic ill ee packe ill ee packe nnel. nnel. i ching o e
in ide he In e ne in ide he In e ne
An MPLS ne
no f nc ion of an
a ding of packe
e changing La e 3 o ing info ma ion e changing label pop la ing an LFIB Which o a emen a e cha ac e i ic of MPLS? ans-and-ans.blogspot.com/2009/04/ccnp-2-isc -100-final-e am.html (Choo e o.)
6/21
11/12/11
Which
a emen
o.)
F ame Mode MPLS in e La e 3 heade . F ame Mode MPLS in e La e 3 heade . F ame Mode MPLS e
een he La e 2 and
a 53-bi label be
een he La e 2 and
he i
al pa h iden ifie / i
al channel
iden ifie (VPI/VCI) field in he ATM heade o label he f ame. MPLS o e ATM in e heade . MPLS o e ATM in e heade . MPLS o e ATM e he i al pa h iden ifie / i al channel iden ifie a 53-bi label be een he La e 2 and La e 3 a 32-bi label be een he La e 2 and La e 3
(VPI/VCI) field in he ATM heade o label he f ame. MPLS VPN a chi ec e combine he be fea e of pee - o-pee VPN and o e la VPN model . Which h ee a emen
indic
he e ad an age ? (Choo e h ee.) P o ide o e P o ide o e C ome can pa icipa e in c ome o ing. ome .
The c C C
ome ne
ome ome
a e p o ided
Which VPN implemen a ion model p o ide op im m o ing be c ome ie i ho an pecial de ign o config a ion effo ?
o e la VPN GRE VPN VPDN VPN pee - o-pee VPN non- e ice-p o ide MPLS VPN Wha i he benefi of implemen ing he pee - o-pee VPN model? hen adding
A f ll me h of VC be
ed o p o ide
op im m in e i e o ing. The e ice p o ide doe no pa icipa e in c The e ice p o ide PE o e Wha i he leng h of a VPN 4 add e (RD)? ca all c ha ome o ing.
ome o e . e MPLS-VPN ih o e
a emen
ae
e? (Choo e
o.)
If no MPLS label di
ib ion p o ocol i e plici l config ed b he mpl label p o ocol command, bo h LDP and TDP a e
7/21
11/12/11
MPLS abe di ib i c .
a d ha bee a
i g he ip o e-cach
fig a i
c a d
a d.
i g he mpl ip c
e i e face? (Ch
i chi g i e ab ed a d mpl ip
i e face
a d ac e
i i e ab i he a MPLS
ie a ie a
c c
ha i ha i
ed ed
di di
ib e abe ib e abe
i ac i a ed. i
A Ci c ac i a ed p i e face c e i ed
fig a i e e
a d. Wha addi ac
a c
fig a i ? a d. a d. a d. a d.
f ag e a i e e e e
a ica
e he i e face ac
a de fig a i i
ea e i ed.
hi MTU i i . N e
8/21
11/12/11
Refe o he e hibi . Ro e n a Ci co p op ie a
RTA, RTB, and RTC a e MPLS capable Ci co o e . RTB and RTC a e config ed o ib ion of MPLS ag . Ro e R1 and R2 a e non-Ci co MPLS capable
p o ocol fo di
RTA(config-if)# mpl ip
RTA(config-if)# mpl ip
RTA(config-if)# mpl ip
RTA(config-if)# mpl ip
RTA(config-if)# mpl ip
RTA(config-if)# mpl ip
RTA(config-if)# mpl a f ll me h of dp ABC Compan ha config ed label p o ocol GRE ie ia he In e ne . Which o o.) a emen
nnel
o link emo e
co ec l de c ibe he i e
een i e .
een i e . een i e .
9/21
11/12/11
bne
ill need o be ad e i ed o he In e ne o
p o ide La e 3 connec i i . Thi canno be con ide ed a i enabled. ABC Compan pda e di ec l o e a ached o he In e ne can e change o ing GRE nnel . he pee - o-pee al p i a e ne o k nle IP ec i
i h one ano he ac o
Refe o he e hibi . Which VPN model ho n? The model o line a ne comm nica ion be
a emen i co ec abo
o k ha
nnel
o e abli h ec e
een Si e#1 and Si e#2. o k ha in e connec al ci c i . o e he WAN a ached o Si e#1 i ho o e in ide Si e#1 and Si e#2
o k ha allo
and Si e#2 o ad e i e o e ac o
he WAN pa icipa ing in he o ing pda e . The model o line a ne be o k ha p o ide poin - o-poin link
een Si e#1 and Si e#2 nkno n o de ice in ide he WAN. o k ha allo o e a ached o Si e#1 ih o e
and Si e#2 o ad e i e p i a e o e ac o
he WAN
in ide he WAN pa icipa ing in he p i a e o ing pda e . ABC Compan ha Rela ne (Choo e o k. Which o.) ha a pee - o-pee La e 2 VPN be ha an o e la La e 2VPN be een i e . b c ibed o a ca ie -p o ided, f ll-me h F ame o a emen co ec l de c ibe hi ne o k?
een i e . he
o ing pda e ac o
The ca ie onl p o ide La e 3 poin - o-poin link be and doe no pa icipa e in ABC Compan F ame Rela ne o k. o k canno be con ide ed a i
een i e he
o ing pda e ac o
al p i a e
IP ec i enabled. o e ha a e a ached o he F ame Rela ne i h one ano he . ha can be ed o iden if malicio affic in a ne o k? ok
ABC Compan
can e change o ing pda e di ec l Fo IDS and IPS h ee.) igna e-ba ed app oach
hone po app oach a ef l packe fil e ing app oach malicio po - o-applica ion mapping
anomal -ba ed app oach a ele Packe niffe packe fil e ing app oach a e able o cap e plain e da a. Which h ee p o ocol an mi affic in plain e ? (Choo e h ee.)
SNMP 3 FTP
ans-and-ans.blogspot.com/2009/04/ccnp-2-isc -100-final-e am.html 10/21
11/12/11
W ? 1 4 6
AAA
W ? show authentication show tacacs show statistics tacacs show tacacs settings W
TACACS+
no service password-recover ROMMON ROMMON ROMMON ROMMON login block-for 15 attempts 3 within 5 R . T .
TFTP .
ACL
11/12/11
Connection attempts made via Telnet and SSH are not affected b the quiet period. Once the quiet period is activated, it will last for 15 seconds. This command onl applies to hosts defined b ACL 15. Which sequence of steps is recommended for worm attack mitigation? Step 1: Con ainmen
11/12/11
S W
4: Treatment ? (C D S, DD D S, DD H H T T , , , , , ,T , , . . . , . , .) . .
13/21
11/12/11
Refe o he e hibi . On he ba i of he info ma ion ha i p e en ed, hich i nable o elne o o e RTA? The login a hen ica ion DEFAULT command i mi The ing in line
he likel
ea on ha he
e i
line ha e no been config ed, o b defa l elne acce ing in line 0 4 config a ion mode.
14/21
11/12/11
Refe
he e hibi . A
e f .O
e RTB a e he ba i
a Te e f he i f ai i gi i
e RTA i h he ided, ha i he
e a eU e a d a
d ci co
a he ica i
i dica e a e
be ? de. de.
The login a hen ica ion defa l c The login a hen ica ion defa l -li The login c The ee e a i a di hi i i gi c i e
a di a di 04c
i e
04c i e de.
fig a i fig a i
i gi
04c
fig a i .
i h he TACACS+ e e i a d e ha e e a ea d a ac e fi e i g ha e e .) e bee c d.
fig ed.
a ef
ac e fi e i g
a e ga e a e i e CEF
? (Ch
ce f affic a ce a he e -a a e a e
ha highe e ae i a ica i
Which a
de ice a e f ica i b ic
ai ed i
.)
a e ga e a (ALG)
eb e e ai e e e
i e a e e a
ca be c O
b hi b
e i e face ca be c fig ed f
fig ed d
a de ice, a d he di ec i b d. a de ice, b e ca
ca be c M e ha be a M e ha e a ae di ec i
ei he i b
fig ed . fig ed he i b
a de ice, a d a da d b d
, e
ae e c
e? IPS ig a e .
defi e hei
fi e UDP ac e . i c a ib e ih he Ci c IOS ec i f a e.
15/21
11/12/11
The Ci c IOS Fi e a fea SDM. The Ci c IOS Fi e a fea highe . Whe a a ch agai
e e ca
be c
fig ed
i g he
e e i i c ded
a ig a fig ed a
e i de ec ed b he Ci c IOS e e a UDP c i gi ec i e ec ec e e i i ec i .
e i e face a a he i b he affic. I he i b b ei ei
he e affic i i ia e ? (Ch he i b he b a a d di ec i d di ec i ha i ha i
d di ec i d di ec i
a ACL ha a ACL ha
d di ec i
a ACL
de
affic ha ha
bee i Wha i he e ab e
ec ed b he fi e a . i a e f he aei f ai a Ci c IOS Fi e a ?
e if he c a UDP, a IP ec a ba ed a e e dee e
e a f
i c di g GRE a d
a i
e i gi ib e e ibi i ab i
he ACL a d e
i e
affic
e i i a e he Which (Ch e ae e .)
fe b he
ic c
ec i e?
e f a Ci c IOS fi e a a e
ide ge
a ef eeded
ac e fi e i g. he he Ci c IOS Fi e a i
ab e ica i
de ec f ag e ed ac e . -a a e a d ca i ec a
e de ai ha ca
ac e fi e i g. ec i i he e ac
d be e ab ed
d be
di ab ed if Fi ge e
e ice i e ab ed b defa
d be di ab ed if
ICMP di ab ed P e
ed i e face . a d h d e ai di ab ed if
TCP ee a i e a e di ab ed b defa
d be e ab ed
16/21
11/12/11
d be e ab ed
e ice a e
e? (Ch b
e h
.) d be
Ci c Di c di ab ed if
(CDP) i e ab ed b defa
d be di ab ed if
ICMP edi ec IP ce
a d h a d h
d e ai e ab ed. d e ai e ab ed. b h d be
The Ne di ab ed if Si b e Ne h
(NTP) i e ab ed b defa
Ma age e
(SNMP) i e ab ed b defa
d be di ab ed if
i ed.
Refe
he e hibi . Ba ed
he IOS fi e a c
fig a i
, hich
ae e
e?
17/21
11/12/11
Incoming traffic that matches state table entries All incoming IP traffic on the outside interface matches state table entries.
ill be logged.
ICMP packet-too-big messages incoming on the outside interface in the state table but ill be permitted. All incoming traffic on the outside interface ill be logged.
18/21
11/12/11
Refe o he e hibi . A config a ion ha been applied b one of he SDM Fi e all i e? Do ble-clicking he field name So ce Fi e all fea e ill o he li
The IOS fi e all config a ion i incomple e. The fi e all Ho S a e In ill fil e and den CUS eeMe p o ocol affic. em (IPS) and In ion De ec ion
ion P e en ion S
em (IDS) componen
ed conj nc i el ? ha offending
The IDS block offending affic and he IPS e ifie affic a blocked. The IDS ill end ale me IPS ill block malicio age abo
hile he
affic.
The IPS ill block all affic ha he IDS doe no ma k a legi ima e. The IPS ill end ale me ha i ma ked a malicio . age hen he IDS end affic h o gh
19/21
11/12/11
Refer to the e hibit. The e hibit illustrates the Cisco E press For arding (CEF) s itching architecture and the tables that it references. Each table is identified b the label on its left. Which list correctl identifies the table names? A = Adjacenc Table
B = ARP Cache
C = BGP Table
B = IP Routing Table
C = Adjacenc Table
B = IP Routing Table
D = Adjacenc Table
B = BGP Table
C = Adjacenc Table
D = ARP Cache
B = BGP Table
ans-and-ans.blogspot.com/2009/04/ccnp-2-isc -100-final-e am.html 20/21
11/12/11
C = Adjacenc Table
E = ARP Cache
Olde Po
21/21