The latest Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 exam and earn Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 certification.
Exam Question 191
Which of the following statements are correct regarding NETCONF? (Select 2 choices.)
A. NETCONF is an opensource cloudcomputing platform.
B. NETCONF is a connectionless protocol.
C. NETCONF is a standardsbased protocol.
D. NETCONF uses XML as the data modeling language.
E. NETCONF uses YANG as the data modeling language.
Correct Answer:
C. NETCONF is a standardsbased protocol.
E. NETCONF uses YANG as the data modeling language.
Answer Description:
Network Configuration Protocol (NETCONF) is a standardsbased protocol that uses YANG as the data modeling language. NETCONF, which is described in Request for Comments (RFC) 6241, provides the ability to automate the configuration of network devices. YANG, which is defined in RFC 6020, is a hierarchical data modeling language that can model configuration and state data for NETCONF.
NETCONF does not use Extensible Markup Language (XML) as the data modeling language? NETCONF uses XML as its data encoding method. YANG data that is used by NETCONF is encoded in an XML format.
NETCONF is not a connectionless protocol. Rather, it is a connectionoriented protocol that requires a persistent, reliable connection. NETCONF connections must also provide confidentiality, integrity, authentication, and replay protection. Secure Shell (SSH) is the mandatory transport protocol for NETCONF.
NETCONF is not an opensource cloudcomputing platform. OpenStack is an opensource cloudcomputing platform. Each OpenStack modular component is responsible for a particular function, and each component has a code name. The following list contains several of the most popular OpenStack components:
- Nova -OpenStack Compute: manages pools of computer resources
- Neutron -OpenStack Networking: manages networking and addressing
- Cinder -OpenStack Block Storage: manages blocklevel storage devices
- Glance -OpenStack Image: manages disk and server images
- Swift -OpenStack Object Storage: manages redundant storage systems
- Keystone -OpenStack Identity: is responsible for authentication
- Horizon -OpenStack Dashboard: provides a graphical user interface (GUI)
- Ceilometer -OpenStackTelemetry: provides counterbased tracking that can be used for customer usage
billing
Exam Question 192
Which of the following benefits is provided by fog computing? (Select the best answer.)
A. It filters data before it goes to the cloud.
B. It ensures reliable connectivity to the cloud.
C. It allows more data to be stored in the cloud.
D. It allows data to be transmitted to the cloud faster.
Correct Answer:
A. It filters data before it goes to the cloud.
Answer Description:
Fo computing filters data before it goes to the cloud. Fog computing is a method designed to alleviate the challenges of processing the data generated by Internet of Things (IoT) devices and transmitting that data to the cloud. IoT devices, which are often called embedded devices or smart objects, are typically lowpower, lowmemory devices with limited processing capabilities. These devices are used in a variety of applications, such as environmental monitoring, healthcare monitoring, process automation, and location tracking. Many embedded devices can transmit data wirelessly, and some are capable of transmitting over a wired connection. However, connectivity is generally unreliable and bandwidth is often constrained.
Io devices are numerous, and they produce a lot of data. For example, an airplanegenerates 10 terabytes (TB) of data for every 30 minutes of flight, and a tagged cow can generate an average of 200 megabytes (MB) of data per year. However, IoT devices often do not have the processing power to analyze the data, nor do they have the power or bandwidth to transmit a lot of data. Fog computing addresses these concerns by storing, processing, and filtering IoT data locally, sending only critical information to the cloud.
Fo computing does not ensure reliable connectivity to the cloud. However, because fogcomputing handles most of the data locally, security and resiliency of the data are increased.
Fo computing does not allow more data to be stored in the cloud. However, because fogcomputing processes and filters data before it is sent to the cloud, the cloud storage space can be filled with relevant data rather than irrelevant, unprocessed data.
Fo computing does not allow data to be transmitted to the cloud faster. However, because fog computing selectively chooses only the most relevant data to send to the cloud, more bandwidth is freed up for data to be sent.
Exam Question 193
You administer the IS-IS network shown in the exhibit above.
A DIS has been elected on the multiaccess segment.
Which of the following routers will be the DIS after you connect RouterE to the multiaccess segment? (Select the best answer.)
A. RouterA
B. RouterB
C. RouterC
D. RouterD
E. RouterE
Correct Answer:
E. RouterE
Answer Description:
RouterE will be the designated intermediate system (DIS) after you connect it to the multiaccess segment. The Intermediate SystemtoIntermediate System (IS-IS) DIS is analogous to the Open Shortest Path First (OSPF) designated router (DR). All ISIS routers on the network segment establish adjacencies with the DIS. The DIS serves as a focal point for the distribution of ISIS routing information. If the DIS is no longer detected on the network, a new DIS is elected based on the priority of the remaining routers on the network segment.
The DIS for the multiaccess segment is the router with the highest interface priority. To configure the priority of an interface, you should issue the isis priority command from interface configuration mode. The syntax of the isis priority command is isis priorityvalue [level1 | level2], where value is an integer from 0 through 127. A router with an interface priority of 0 can still become the DIS. If you do not issue the isis prioritycommand on an interface, the default interface priority is 64.
If interface priority values are equal, the router with the highest Media Access Control (MAC) address becomes the DIS if the multiaccess segment is a LAN. If the multiaccess segment is a Frame Relay link, the router with the highest datalink connection identifier (DLCI) becomes the DIS. If the DLCI is the same at both ends, the router with the higher system ID becomes the DIS. Every ISIS router is required to have a unique system ID. If two ISIS routers have the same system ID, an ISIS neighbor relationship will not form.
Unlike the DR in OSPF, the DIS in ISIS can be preempted if a router with a higher priority or a higher MAC address is connected to the network. In this scenario, all of the routers have the same interface priority.
Therefore, the router with the highest MAC address becomes the DIS. Before RouterE is connected, RouterD is the DIS because it has the highest MAC address. However, after RouterE is connected, RouterE becomes the DIS because RouterE has a higher MAC address than RouterD.
Neither RouterA, RouterB, nor RouterC will become the DIS unless you increase the interface priority for that router’s interface. Loopback addresses and interface IP addresses are not considered in the election of the DIS.
Exam Question 194
Which of the following statements is true about DiffServ class AF41? (Select the best answer.)
A. AF41 has a low priority and a low drop probability.
B. AF41 has a low priority and a high drop probability.
C. AF41 has a high priority and a low drop probability.
D. AF41 has a high priority and a high drop probability.
Correct Answer:
C. AF41 has a high priority and a low drop probability.
Answer Description:
DiffServ class AF41 has a high priority and a low drop probability. AF41 is a Differentiated Services Code Point (DSCP) value, which is a 6bit header value that identifies the Quality of Service (QoS) traffic class that is assigned to the packet. DSCP values beginning with AF are called Assured Forwarding (AF) perhop behaviors (PHBs), which are defined in Request for Comments (RFC) 2597. AF separates packets into four queue classes and three drop probabilities. The AF values are specified in the format AFxy, where x is the queue class and y is the drop probability. The following table displays the AF values with their queue classes and drop rates:
AF11 has a low priority and a low drop probability. AF13 has a low priority and a high drop probability. AF43 has a high priority and a high drop probability. The first three DSCP bits correspond to the queue class, the fourth and fifth DSCP bits correspond to the drop probability, and the sixth bit is always set to 0. To quickly convert AF values to decimal values, you should use the formula 8x + 2y. For example, AF41 converts to a decimal value of 34, because (8 x 4) + (2 x 1) = 32 + 2 = 34.
Packets with higher AF values are not necessarily given preference over packets with lower AF values. Packets with a higher queue class value are given queuing priority over packets with a lower queue class, but packets with a higher drop rate value are dropped more often than packets with a lower drop rate value.
Exam Question 195
You issue the show mls qos maps cosdscp command and receive the following output:
An untagged packet arrives on a CoStrusted port. The port is using the default CoS settings.
Which of the following internal DSCP values will the switch use for the packet? (Select the best answer.)
A. 0
B. 8
C. 24
D. 46
E. 56
Correct Answer:
A. 0
Answer Description:
The switch will use an internal Differentiated Services Code Point (DSCP) value of 0 for the packet. The Class of Service (CoS)toDSCP map is used to generate an internal DSCP value for packets that arrive on a CoStrusted port. By default, the CoS for untagged packets is set to 0. The CoStoDSCP map in this scenario indicates that a CoS value of 0 corresponds to a DSCP value of 0.
The CoStoDSCP map in this scenario is the default CoStoDSCP map. You can modify the CoStoDSCP map by issuing the mls qos map cosdscp dscp1 dscp2 …dscp8 command. The no mls qos map cosdscp command causes the switch to use the default CoStoDSCP map.
The CoS field is a Quality of Service (QoS) 3bit marking field, whereas the DSCP is a QoS 6bit marking field. The following table shows the relationship between CoS and DSCP values:
The first three bits of the DSCP value are the same as the CoS value? the DSCP value just has three extra 0 bits appended to the end. If you know the CoS value of a packet, you can derive the default DSCP value by converting the CoS value to binary, appending three 0 bits, and converting back to decimal.
If the packet in this scenario had a CoS of 1, or if the default CoS for the port were set to a value of 1, the switch would have used an internal DSCP value of 8. If the packet in this scenario had a CoS of 3, or if the default CoS for the port were set to a value of 3, the switch would have used an internal DSCP value of 24.
If the packet in this scenario had a CoS of 7, or if the default CoS for the port were set to a value of 7, the switch would have used an internal DSCP value of 56.
The DSCP value 46 corresponds to a special classification known as DSCP Expedited Forwarding (EF). DSCP EF, which is defined in Request for Comments (RFC) 2598, indicates a highpriority packet that should be given queuing priority over other packets but should not be allowed to completely monopolize the interface. Voice over IP (VoIP) traffic is often assigned to DSCP EF.
Exam Question 196
Which of the following command sets correctly configures basic IPv6toIPv4 connectivity for NAT-PT? (Select the best answer.)
A. Router(config)#ipv6 nat prefix 2000:ABC::/32Router(config)#ipv6 nat
B. Router(config)#ipv6 nat prefix 2000:ABC::/64Router(config)#ipv6 nat
C. Router(config)#ipv6 nat prefix 2000:ABC::/96Router(config)#ipv6 nat
D. Router(config)#ipv6 nat prefix 2000:ABC::/32
Router(config)#interface fastethernet 1/1
Router(configif)#ipv6 nat
Router(configif)#interface fastethernet 1/2
Router(configif)#ipv6 nat
E. Router(config)#ipv6 nat prefix 2000:ABC::/64
Router(config)#interface fastethernet 1/1
Router(configif)#ipv6 nat
Router(configif)#interface fastethernet 1/2
Router(configif)#ipv6 nat
F. Router(config)#ipv6 nat prefix 2000:ABC::/96
Router(config)#interface fastethernet 1/1
Router(configif)#ipv6 nat
Router(configif)#interface fastethernet 1/2
Router(configif)#ipv6 nat
Correct Answer:
F. Router(config)#ipv6 nat prefix 2000:ABC::/96
Router(config)#interface fastethernet 1/1
Router(configif)#ipv6 nat
Router(configif)#interface fastethernet 1/2
Router(configif)#ipv6 nat
Answer Description:
The following command set correctly configures basic IPv6toIPv4 connectivity for Network Address TranslationProtocol Translation (NATPT):
Router(config)#ipv6 nat prefix 2000:ABC::/96
Router(config)#interface fastethernet 1/1
Router(configif)#ipv6 nat
Router(configif)#interface fastethernet 1/2
Router(configif)#ipv6 nat
NAT-PT is used to enable communication between IPv4only hosts and IPv6only hosts by translating IPv4 packets to IPv6 packets and IPv6 packets to IPv4 packets. To enable NATPT, you must assign a global NATPT prefix, enable NATPT on the incoming and outgoing interfaces, and create IPv4toIPv6 and IPv6toIPv4 address mappings. To assign a global NATPT prefix, you should issue the ipv6 nat prefixipv6prefix/ prefixlength command from global configuration mode, where prefixlength is always 96.
Therefore, the ipv6 nat prefix 2000:ABC::/32 command and the ipv6 nat prefix 2000:ABC::/64 command are invalid.
To enable NATPT on an interface, you should issue the ipv6 nat command from interface configuration mode on the incoming and outgoing interfaces. You cannot issue the ipv6 nat command from global configuration mode.
A NATPT router must contain IPv6toIPv4 and IPv4toIPv6 address mappings so that the router knows how to correctly translate IPv4 and IPv6 addresses. There are four methods for using NATPT:
- IPv4mapped NATPT
- Static NATPT
- Dynamic NATPT
- Port Address Translation (PAT)
IPv4mapped NATPT enables IPv6 traffic to be sent to an IPv4 network without requiring that IPv6 destination address mapping be configured. To configure IPv4mapped NATPT, you should issue the ipv6 nat prefix ipv6prefixv4mapped {accesslistname | ipv6prefix} command from global configuration mode or interface configuration mode.
Static NATPT creates static IPv6toIPv4 or IPv4toIPv6 address mappings. To create a static IPv6toIPv4 address mapping, you should issue the ipv6 nat v6v4 source ipv6address ipv4address command. To create a static IPv4toIPv6 mapping, you should issue the ipv6 nat v4v6 source ipv6address ipv4address command.
Dynamic NATPT allocates IPv6toIPv4 or IPv4toIPv6 address mappings from a pool. When a session is established, a onetoone mapping is created? the mapping is then removed when the session is finished. To configure dynamic IPv6toIPv4 address mapping, you should issue the ipv6 nat v6v4 source {list accesslistname | routemapmapname} pool poolname command. You should then create the address pool by issuing the ipv6 nat v6v4 pool poolname startipv4 endipv4 prefixlength prefixlengthcommand. To configure dynamic IPv4toIPv6 address mapping, you should issue the ipv6 nat v4v6 sourcelist {accesslistnumber | accesslistname} pool poolname command. You should then create the address pool by issuing the ipv6 nat v4v6 pool poolname startipv6 endipv6 prefixlength prefixlength command.
PAT allows multiple IPv6 addresses to be mapped to one or more IPv4 addresses. To use PAT with a single IPv4 address, you should issue the ipv6 nat v6v4 source {list accesslistname | routemap mapname} interface interfacenameoverload command. To use PAT with a pool of IPv4 addresses, you should issue the ipv6 nat v6v4 source {listaccesslistname | routemap mapname} pool poolnameoverload command. You should then create the address pool by issuing the ipv6 nat v6v4 pool poolname startipv4 endipv4 prefixlength prefixlength command.
Exam Question 197
Which of the following regular expression characters should be placed at the end of a BGP AS path filter to indicate the originating AS? (Select the best answer.)
A. $
B. ^
C. *
D. ]
E. .
F. _
Correct Answer:
A. $
Answer Description:
The dollar sign ($) regular expression character should be placed at the end of a Border Gateway Protocol (BGP) autonomous system (AS) path filter to indicate the originating AS. Regular expressions are used to locate character strings that match a particular pattern. AS path filters are used to permit or deny routes that match the regular expression.
The $ character indicates that the preceding characters should match the end of the string. The originating router will insert its AS number into the AS path, and subsequent routers will prepend their AS numbers to the beginning of the AS path string. The last AS number in the AS path is the originating AS. For example, the ip as-path access-list 1 permit ^111_999$ command permits paths that originate from AS 999.
The caret (^) character should be placed at the beginning of a BGP AS path filter to indicate the AS from which the path was learned. The ^ character indicates that the subsequent characters should match the start of the string. The first number in an AS path indicates the AS from which the path was learned. For example, the ip aspath accesslist 1 permit ^111_999$ command permits paths that are learned from AS 111.
The underscore (_) character is used to indicate a comma, a brace, the start or end of an input string, or a space. When used between two AS path numbers, the _ character indicates that the ASes are directly connected. For example, the ip aspath accesslist 1 permit ^111_999$ command indicates that AS 111 and AS 999 should be directly connected.
The period (.) character is used to represent any single character. For example, the ip aspath accesslist 1 permit ^…_999$ command permits paths that originate from AS 999 and are learned from any threedigit AS.
The bracket (]) character is used to indicate a set of characters or a range of characters. For example, the ip aspath accesslist 1 permit ^[09]_999$ command permits paths that originate from AS 999 and are learned from any AS numbered from 0 through 9, and the ip aspath accesslist 1 permit ^[123]_999$ command permits paths that originate from AS 999 and are learned from AS 1, AS 2, or AS 3.
The asterisk (*) character indicates zero or more sequences of the previous expression. For example, the expression [09]* indicates a string of zero or more digits. Therefore, the ip aspath accesslist 1 permit ^111_ [09]*$ command permits paths that are learned from AS 111 and originate from any AS.
Exam Question 198
You issue the following commands on RouterB:
Which of the following key strings will RouterB use when sending EIGRP packets? (Select the best answer.)
A. Boson
B. ExSim
C. NetSim
D. any of the three key strings
Correct Answer:
A. Boson
Answer Description:
RouterB will use the key string Boson when sending Enhanced Interior Gateway Routing Protocol (EIGRP) packets. EIGRP supports Message Digest 5 (MD5) authentication of routing updates to prevent a router from receiving routing updates from unauthorized routers. Authentication is configured on a perinterface basis.
To configure an interface to authenticate EIGRP packets, you should first enter interface configuration mode by issuing the interfacetype number command from global configuration mode. Next, you should enable MD5 authentication by issuing the ip authentication mode eigrp autonomoussystemmd5 command in interface configuration mode. Finally, you should issue the ip authentication keychain eigrpautonomoussystem keychain command in interface configuration mode to specify the key chain that should be used. In this scenario, RouterB is configured for EIGRP autonomous system (AS) 19.
To create a key chain, you should issue the key chain chainname command from global configuration mode. The chain name is locally significant; it is used only to match a set of keys with a local router interface. Therefore, key chain names do not have to match between neighbor routers. In this scenario, RouterB is configured with the key chain name ExSim.
After you create a key chain, you must specify at least one key number by issuing the keynumber command in keychain configuration mode, where number is an integer from 0 through 2147483647. If multiple key commands are used to create multiple keys, the numbers do not need to be sequential. When sending EIGRP packets, the router will use the lowestnumbered key. Therefore, RouterB will use key 1 when sending EIGRP packets. When receiving EIGRP packets, the router will use any valid key that is configured on the router. Therefore, RouterB can use any of the keys when receiving EIGRP packets. However, the key numbers must match on each router; if a neighbor router uses the key string NetSim, it must also be assigned key number 37.
Each key can have only one authentication string. To specify the authentication string, you should issue the keystring text command in keychain key configuration mode, where text is a string of up to 80 casesensitive letters and numbers; the first character cannot be a number.
Exam Question 199
You administer the OSPF network shown in the diagram above. The reference bandwidth has been changed to 1000 on every router in the network.
What is the cost of the route from RouterA to RouterC? (Select the best answer.)
A. 2
B. 3
C. 11
D. 12
E. 20
Correct Answer:
B. 3
Answer Description:
In this scenario, the cost of the route from RouterA to RouterC is 3. In an Open Shortest Path First (OSPF) network, a cost is associated with every link on the network. The OSPF routing process on each router calculates the optimal route to other routers in the network based on the sum of the link costs to those routers. The route with the lowest cost is considered the best. If there is more than one route with the same cost, then the OSPF routing process will use load balancing to distribute traffic evenly among the routes.
The cost of each link and the optimal route from RouterA to RouterC are shown in the following exhibit:
The cost of a link is based on the interface bandwidth and the reference bandwidth, as indicated by the following formula: cost = reference bandwidth / interface bandwidth
The default reference bandwidth is 100 Mbps. If a bandwidth has not been configured on an interface, the OSPF process will use the default value for the interface type. For example, a 100Mbps Fast Ethernet interface has a default interface bandwidth of 100. The minimum supported cost for an OSPF interface is 1, and any values that calculate to less than 1 are rounded up to 1. Therefore, any link with an interface bandwidth greater than or equal to 100 Mbps will result in a cost of 1 by default. In this scenario, the reference bandwidth is 1000 Mbps. Thus a FastEthernet interface will have a cost of 10, and a 1Gbps GigabitEthernet interface will have a cost of 1.
An OSPF process uses cost values to generate its shortest path first (SPF) tree and then to determine the optimal routes to all known networks. Because the minimum cost value is 1, the reference bandwidth should be a value greater than or equal to the bandwidth of the fastest routed link in the administrative domain. If the reference bandwidth is less than the fastest routed link on the network, a situation can arise where the costs of two interfaces are the same even though their link speeds are different. For example, if the reference bandwidth in this scenario were reset to its default value, the cost of every link would have a value of 1. Because all links would then appear to have the same cost, the OSPF routing process would not be able to distinguish between the FastEthernet and GigabitEthernet links in the network. The OSPF process would then perform equalcost load balancing to distribute packets evenly among the available paths. This distribution would cause some packets in this example to take suboptimal routes to their destinations.
You can issue the autocost command from router configuration mode to change the reference bandwidth for an OSPF routing process. The syntax for the autocost command is autocost reference-bandwidth refbw, where ref-bw is an integer between 1 and 4294967. Alternatively, you can manually configure a cost at the interface level by issuing the ip ospf cost command.
Exam Question 200
Which of the following terms refers to a method that is used to pass IPv6 traffic over an IPv4-only network? (Select the best answer.)
A. 6to4 tunneling
B. 4to6 tunneling
C. NAT64
D. dual stacks
Correct Answer:
A. 6to4 tunneling
Answer Description:
To pass IPv6 traffic over a network that supports only IPv4, a tunneling method is required, such as 6to4 tunneling. The 6to4 tunneling method encapsulates an IPv6 packet inside an IPv4 header. Routers on the IPv4only network recognize only the IPv4 header information? the IPv6 packet is simply carried as the data payload of the IPv4 packet.
The 4to6 tunneling method is the reverse of the 6to4 tunneling method. Routers on the IPv6only network recognize only the IPv6 header information. Therefore, IPv4 packets must be encapsulated inside an IPv6 header so that they can pass over the IPv6only network.
Network Address Translation 64 (NAT64) enables communication between IPv4only hosts and IPv6only hosts. NAT64 translates IPv4 packets to IPv6 packets and translates IPv6 packets to IPv4 packets.
However, a NAT64 router must contain address mappings so that the router can correctly translate IPv4 and IPv6 addresses. NAT64 supports stateless and stateful address translation. When performing stateless translation, NAT64 uses algorithms to create a onetoone relationship between IPv6 addresses on the inside network and IPv4 addresses on the outside network. When performing stateful translation, NAT64 maps multiple IPv6 addresses to a single IPv4 address and keeps track of the state of each connection. Static mappings can also be applied manually.
Dual stacks are used so that a host or router can use IPv4 and IPv6 simultaneously. Dualstack devices are configured with an IPv4 address and an IPv6 address; thus a dualstack device can communicate directly with both IPv4 and IPv6 devices without requiring protocol translation. However, a network infrastructure capable of routing both IPv4 and IPv6 traffic is required.