[Free] Download Latest (March 2016) Cisco 642-885 Real Exam 51-60

Ensurepass

QUESTION 51

What is enabled by default on Cisco IOS-XR routers and cannot be disabled?

 

 

Correct Answer: C

Explanation:

Before using the BGP policy accounting feature, you must enable BGP on the router (CEF is enabled by default).

 

 

QUESTION 52

Refer to the Cisco IOS-XR configuration exhibit. The Cisco IOS-XR router is unable to establish any PIM neighbor relationships. What is wrong with the configuration?

 

clip_image002

 

A.

SSH server

B.

Multicast routing

C.

IPv4 and IPv6 CEF

D.

IPv6 routing

E.

CDP

F.

BFD

A.

The configuration is missing:

interface gi0/0/0/0

ip pim sparse-mode

interface gi0/0/0/1

ip pim sparse-mode

interface loopback0

ip pim sparse-mode

B.

The configuration is missing:

multicast-routing

address-family ipv4

interface gi0/0/0/0

enable

interface gi0/0/0/1

enable

C.

The auto-rp scoping configurations should be set to 1 not 16

D.

The RP address has not been configured using the rp-address router PIM configuration command

E.

PIM defaults to dense mode operations only, so PIM sparse mode must be enabled using the pim sparse-mode router PIM configuration command

 

Correct Answer: B

 

 

QUESTION 53

Refer to the exhibit for the outputs from an ASR9K router. Why did the ping fail?

 

clip_image004

 

A.

The ping command is missing the ipv6 option: ping ipv6 2001:db8:10:1:10::1/128

B.

There is a problem with the IS-IS configurations

C.

The fe80::eab7:48ff:fe2c:a180 next-hop is not reachable

D.

The prefix length should be removed from the IPv6 address in the ping command: ping ipv6 2001:db8:10:1:10::1

E.

IPv6 is not enabled on the Gi0/0/0/0 interface

F.

The IPv6 neighbor discovery protocol is not enabled on the Gi0/0/0/0 interface

 

Correct Answer: D

 

 

QUESTION 54

Refer to the Cisco IOS configuration exhibit. Which statement is correct?

 

clip_image006

 

A.

This configuration is typically configured on the boundary routers within a PIM SM domain to filter out malicious candidate-RP-announce and candidate-RP-discovery packets

B.

This configuration is typically configured on the RPs within a PIM-SM domain to restrict the candidate-RP-announce packets

C.

This configuration is typically configured on the mapping agents within a PIM-SM domain to restrict the candidate-RP-discovery packets

D.

This configuration is typically configured on the MSDP peering routers within a PIM-SM domain to filter out malicious MSDP SA packets

 

Correct Answer: A

 

 

QUESTION 55

An SP core is running PIM on the network. Multicast groups in this networkare in the 232.0.0.0/8 range. Which commandenables multicast routing operations without using an RP?

 

A.

ip pim autorp

B.

ip pim ssm default

C.

ip pim bidir-enable

D.

ip pim register-source

 

Correct Answer: B

 

 

QUESTION 56

Refer to the exhibit. Given the partial BGP configuration, which configuration correctly completes the Cisco IOS-XR route reflector configuration where both the 1.1.1.1 and 2.2.2.2 routers are the clients and the 3.3.3.3 router is a non-client IBGP peer?

 

clip_image008

 

A.

neighbor 1.1.1.1

remote-as 65123

route-reflector-client

neighbor 2.2.2.2

remote-as 65123

route-reflector-client

neighbor 3.3.3.3

remote-as 65123

B.

neighbor 1.1.1.1

address-family ipv4 unicast

remote-as 65123

route-reflector-client

neighbor 2.2.2.2

address-family ipv4 unicast

remote-as 65123

route-reflector-client

neighbor 3.3.3.3

address-family ipv4 unicast

remote-as 65123

C.

neighbor 1.1.1.1

remote-as 65123

address-family ipv4 unicast

route-reflector-client

neighbor 2.2.2.2

remote-as 65123

address-family ipv4 unicast

route-reflector-client

neighbor 3.3.3.3< /span>

remote-as 65123

D.

neighbor 1.1.1.1 remote-as 65123

neighbor 1.1.1.1 route-reflector-client

neighbor 2.2.2.2 remote-as 65123

neighbor 2.2.2.2 route-reflector-client

neighbor 3.3.3.3 remote-as 65123

 

Correct Answer: C

 

 

QUESTION 57

Which of the following is a feature added in IGMPv3?

 

A.

Support for source filtering

B.

Support for Host Membership Report and a Leave Group message

C.

Uses a new variation of the Host Membership Query called the Group-Specific Host Membership Query

D.

Uses an election process to determine the querying router on the LAN

E.

Uses an election process to determine the designated router on the LAN

F.

IPv6 support

 

Correct Answer: A

 

 

QUESTION 58

Which two statements correctly describe the BGP ttl-security feature? (Choose two.)

 

A.

This feature protects the BGP processes from CPU utilization-based attacks from EBGP neighbors which can be multiple hops away

B.

This feature prevents IBGP sessions with non-directly connected IBGP neighbors

C.

This feature will cause the EBGP updates from the router to be sent using a TTL of 1

D.

This feature needs to be configured on each participating BGP router

E.

This feature is used together with the ebgp-multihop command

 

Correct Answer: AD

Explanation:

http://packetlife.net/blog/2009/nov/23/understanding-bgp-ttl-security/

 

 

QUESTION 59

When implementing source-based remote-triggered black hole filtering, which two configurations are required on the
edge routers that are not the signaling router? (Choose two.)

 

A.

A static route to a prefix that is not used in the network with a next hop set to the Null0 interface

B.

A static route pointing to the IP address of the attacker

C.

uRPF on all external facing interfaces at the edge routers

D.

Redistribution into BGP of the static route that points to the IP address of the attacker

E.

A route policy to set the redistributed static routes with the no-export BGP community

 

Correct Answer: AC

Explanation:

Source-Based RTBH
Filtering

With destination-based black holing, all traffic to a specific destination is dropped after the black hole has been activated, regardless of where it is coming from. Obviously, this could include legitimate traffic destined for the target. Source-based black holes provide the ability to drop traffic at the network edge based on a specific source address or range of source addresses.

If the source address (or range of addresses) of the attack can be identified (spoofed or not), it would be better to drop all traffic at the edge based on the source address, regardless of the destination address. This would permit legitimate traffic from other sources to reach the target. Implementation of source-based black hole filtering depends on Unicast Reverse Path Forwarding (uRPF), most often loose mode uRPF. Loose mode uRPF checks the packet and forwards it if there is a route entry for the source IP of the incoming packet in the router forwarding information base (FIB). If the router does not have an FIB entry for the source IP address, or if the entry points to a null interface, the Reverse Path Forwarding (RPF) check fails and the packet is dropped, as shown in Figure

2. Because uRPF validates a source IP address against its FIB entry, dropping traffic from specific source addresses is accomplished by configuring loose mode uRPF on the external interface and ensuring the RPF check fails by inserting a route to the source with a next hop of Null0.

This can be done by using a trigger device to send IBGP updates. These updates set the next hop for the source IP to an unused IP address that has a static entry at the edge, setting it to null as shown in Figure 2.

 

clip_image010

 

 

QUESTION 60

With IPv6 multicast, which feature can be used as a replacement method for static RP configuration?

 

A.

PIM Snooping

B.

MLD

C.

MLD Snooping

D.

Embedded RP

E.

DHCPv6

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 642-885 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

Comments are closed.