Skip to Content

Cisco ENCOR 350-401 Exam Questions and Answers – Page 2

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

The latest Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 exam and earn Cisco CCNP and CCIE Enterprise Core: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401 certification.

Exam Question 171

You issue the show ip ospf neighbor command on a Cisco router. The router’s OSPF neighbor state is FULL/DR.
Which of the following is most likely true about the OSPF router? (Select the best answer.)

A. It is the DR.
B. It is the BDR.
C. It will exchange its entire database with the DR.
D. It is on a pointtopoint network.
Correct Answer:
C. It will exchange its entire database with the DR.
Answer Description:
Most likely, the router will exchange its entire database with the designated router (DR) if the output of the show ip ospf neighbor command reveals that the router’s Open Shortest Path First (OSPF) state is FULL/DR. This output indicates that the router has formed a full adjacency with its neighbor and that the neighbor is the DR. This output also indicates that the router is configured on a multiaccess network because OSPF routers that are connected in a pointtopoint fashion do not elect a DR or BDR. The neighbor states for a multiaccess OSPF router include all of the following:

  • FULL/DR
  • FULL/BDR
  • 2WAY/DROTHER

On a multiaccess network, OSPF routers exchange databases only with the DR and BDR, which helps prevent congestion. Therefore, routers with a 2WAY/DROTHER state do not exchange full databases with those neighbors.

The router is not on a pointtopoint network. On a pointtopoint OSPF network, a neighbor state of FULL/ indicates that the OSPF neighbors have formed a full adjacency and are thus capable of exchanging their entire databases. Because neither a DR nor a BDR exists on a pointtopoint network, the second field in the state output will be a dash.

The router is neither the DR nor the BDR. The first field in the state output indicates the state of the adjacency. The second field in the state indicates the type of OSPF router to which the router is connected, not the role of the router itself.

The DR generates linkstate advertisements (LSAs) that contain OSPF routing information, and the BDR takes over for the DR if the DR fails. Because only the DR and BDR generate LSAs, network bandwidth is conserved. The DR is typically the router with the highest OSPF priority, and the BDR is typically the router with the secondhighest OSPF priority. If priorities are equal between two or more routers, the router with the highest router ID will be elected. OSPF priorities can range from 0 through 255? the default OSPF priority is 1. A router with a priority of 0 will never become the DR or BDR. A router that is not the DR or BDR will display a state of DROTHER.

Exam Question 172

RouterA and RouterB are connected routers.
You issue the show clns neighbors command on RouterA and receive the following output:
System Id Interface SNPA State Holdtime ….. Type Protocol
RouterB Et0/0 0000.0000.000b Up 23 L1 IS-IS
Which of the following statements must be true? (Select the best answer.)

A. RouterA and RouterB are in the same area.
B. RouterA and RouterB are in different areas.
C. RouterB is configured for L1 routing only.
D. RouterB is configured for L1/L2 routing.
E. RouterA is a backbone router.
Correct Answer:
A. RouterA and RouterB are in the same area.
Answer Description:
RouterA and RouterB are in the same area. Routers running the Intermediate SystemtoIntermediate System (IS-IS) routing protocol are placed into administrative domains called areas. Each ISIS router resides in only one area. The collection of all areas managed by a single organization is called a routing domain.

Each ISIS router is configured with a routing level. Level 1 (L1) routers are capable of intraarea routing, which delivers data within a single area. The output of the show clns neighbors command indicates that RouterB has established an L1 adjacency with RouterA; therefore, both routers must be in the same area.

Level 2 (L2) routers are capable of interarea routing, which delivers data between areas. If RouterA and RouterB were in separate areas and both routers were configured for L2 routing, you would have received the following output from the show clns neighbors command:

System Id Interface SNPA State Holdtime Type Protocol
RouterB Et0/0 0000.0000.000b Up 23 L2 IS-IS

Level 1/Level 2 (L1/L2) routers are capable of both intraarea and interarea routing and maintain a separate linkstate database for each. If RouterA and RouterB were in the same area and both routers were configured for L1/L2 routing, you would have received the following output from the show clns neighbors command:

System Id Interface SNPA State Holdtime Type Protocol
RouterB Et0/0 0000.0000.000b Up 23 L1L2 IS-IS

You can configure the routing level for an ISIS process by issuing the istype {level1 | level12 | level2only} command, and you can configure the routing level for an ISIS interface by issuing the isis circuittype {level1 | level12 | level2only} command. By default, all ISIS routing processes and interfaces are configured for L1/ L2 routing.

RouterB is configured for either L1 routing or L1/L2 routing. However, the output of the show clns neighbors command in this scenario does not indicate which routing level RouterB is configured to use. If either router was configured for L1 routing only, the Typefield of the show clns neighbors command would show L1, even if the other router were an L1/L2 router.

The output of the show clns neighbors command in this scenario does not indicate whether RouterA is a backbone router. ISIS requires that all Level 2 (L2) and L1/L2 routers be connected to form a backbone through the routing domain. If RouterA were configured for L1/L2 routing, RouterA would be a backbone router.

When an ISIS routing level mismatch, authentication mismatch, or maximum transmission unit (MTU) mismatch occurs, an ISIS adjacency will not form, but the output of the show clns neighbors command might instead show an End SystemtoIntermediate System (ESIS) adjacency. ESIS is used to discover end systems. If RouterA and RouterB were in different areas and if either router was configured for L1 routing only, you might see the following output after issuing the show clns neighbors command on RouterA:

System Id Interface SNPA State Holdtime Type Protocol
RouterB Et0/0 0000.0000.000b Up 23 IS ES-IS

Exam Question 173

Which of the following commands can you issue to enable RSTP? (Select 2 choices.)

A. spanning-tree mode mst
B. spanning-tree mode pvst
C. spanning-tree mode rapid-pvst
D. no spanning-tree mode
Correct Answer:
A. spanning-tree mode mst
C. spanning-tree mode rapid-pvst
Answer Description:
You can issue the spanning-tree mode mst command or the spanning-tree mode rapid-pvst command to enable Rapid Spanning Tree Protocol (RSTP). RSTP, which is defined in the Institute of Electrical and Electronics Engineers (IEEE) 802.1w standard, is used to improve the slow transition of a Spanning Tree Protocol (STP) port to the forwarding state, thereby increasing convergence speed. A switch port will pass through the following RSTP states:

  • Discarding
  • Learning
  • Forwarding

When RSTP is enabled on a switch port, the port first enters the discarding state, in which a port receives bridge protocol data units (BPDUs) and directs them to the system module, however, the port neither sends BPDUs nor forwards any frames. The switch port then transitions to the learning state, in which it begins to transmit BPDUs and learn addressing information. Finally, a switch port transitions to the forwarding state, in which the switch port forwards frames. If a switch port determines at any time during the RSTP state process that a switching loop would be caused by entering the forwarding state, the switch port again enters the discarding state, in which the switch receives BPDUs and directs them to the system module but does not send BPDUs or forward frames.

The spanning-tree mode mst command enables Multiple Spanning Tree (MST), which uses RSTP. MST, which is defined in the IEEE 802.1s standard, is used to enable multiple spanning trees for groups of one or more virtual LANs (VLANs).

The spanning-tree mode pvst command enables PerVLAN Spanning Tree Plus (PVST+), which uses STP, not RSTP. PVST+, which is defined in the IEEE 802.1D standard, creates a separate spanning tree instance for each VLAN and can be used with 802.1Q encapsulation. By contrast, PVST can only be used with InterSwitch Link (ISL).

The spanning-tree mode rapid-pvst command enables RapidPVST+, which uses RSTP. RapidPVST+, which is defined in the IEEE 802.1w standard, combines the rapid transition of ports by RSTP with the creation of spanning trees for each VLAN by PVST+. The no spanning-tree mode command is not used to enable RSTP. Rather, it is used to configure a switch with the default switch mode, PVST+.

Exam Question 174

You issue the ip as-path access-list 1 permit ^7_23$ command on a BGP router.
Which of the following paths are allowed by the AS path filter? (Select the best answer.)

A. paths that originate from AS 7 or AS 23
B. paths that pass through AS 7 or AS 23
C. paths that originate from AS 7 and are learned from AS 23
D. paths that are learned from AS 7 and originate from AS 23
Correct Answer:
D. paths that are learned from AS 7 and originate from AS 23
Answer Description:
Paths that are learned from Border Gateway Protocol (BGP) autonomous system (AS) 7 and originate from AS 23 are allowed by the AS path filter. Regular expressions are used to locate character strings that match a particular pattern.

The caret (^) character indicates that the subsequent characters should match the start of the string. Each router in the path prepends its AS number to the beginning of the AS path; therefore, the first AS number in the AS path is the AS from which the path is learned. Therefore, the ip aspath accesslist 1 permit ^7_23$ command allows paths that are learned from AS 7.

The dollar sign ($) character indicates that the preceding characters should match the end of the string. The originating router will insert its AS number into the AS path, and subsequent routers will prepend their AS numbers to the beginning of the AS path string. The last AS number in the AS path is the originating AS; therefore, the ip aspath accesslist 1 permit ^7_23$ command allows paths that originate from AS 23.

The underscore (_) character is used to indicate a comma, a brace, the start or end of an input string, or a space. When used between two AS path numbers, the _ character indicates that the ASes are directly connected. Therefore, the ip aspath accesslist 1 permit ^7_23$ command indicates that AS 7 is directly connected to AS 23.

The ip aspath accesslist 1 permit ^7_23$ command does not permit paths that originate from AS 7 and are learned from AS 23. To configure an AS path filter that permits paths that originate from AS 7 and are learned from AS 23, you could issue the ip aspath accesslist 1 permit ^23_7$ command.

The ip aspath accesslist 1 permit ^7_23$ command does not permit paths that originate from AS 7 or AS 23; it only permits paths that originate from AS 23. To configure an AS path filter that permits paths that originate from AS 7 or AS 23, you could issue the following command set:

ip aspath accesslist 1 permit _7$
ip aspath accesslist 1 permit _23$

The ip aspath accesslist 1 permit ^7_23$ command does not permit paths that pass through AS 7 or AS 23. To configure an AS path filter that permits paths that pass through AS 7 or AS 23, you could issue the following command set:

ip aspath accesslist 1 permit _7_
ip aspath accesslist 1 permit _23_

Exam Question 175

You administer the network shown above. RouterB and RouterC are running OSPF.
You administer the network shown above. RouterB and RouterC are running OSPF.
You issue the show ip ospf database external 192.168.1.0 command on RouterB and receive the following output:
You issue the show ip ospf database external 192.168.1.0 command on RouterB and receive the following output.
Which of the following statements is true about RouterB regarding the route to 192.168.1.0? (Select the best answer.)
A. The nexthop interface is running OSPF.
B. The nexthop interface is passive.
C. The nexthop interface is configured as a pointtopoint interface.
D. RouterB is missing the network command for the 192.168.2.0 network.
Correct Answer:
A. The nexthop interface is running OSPF.
Answer Description:
The nexthop interface on RouterB is running Open Shortest Path First (OSPF). The output from the show ip ospf database external 192.168.1.0 command indicates that the forwarding address is 192.168.2.1. The forwarding address is a nonzero number only if the following five conditions are met:

  • OSPF is enabled on the nexthop interface.
  • The nexthop interface is not passive.
  • The nexthop interface is not pointtopoint.
  • The nexthop interface is not pointtomultipoint.
  • The nexthop interface address is a valid address within the subnet specified in the network command.

Therefore, the nexthop address must be running OSPF. If the nexthop address were not running OSPF or if any of the above conditions were not met, the forwarding address would be set to 0.0.0.0. This occurs because OSPF does not allow an external route to be used to reach another external OSPF route.

RouterB is not missing the network command for the 192.168.2.0 network. If it were, OSPF would not be enabled on the nexthop interface and the forwarding address would be set to 0.0.0.0. The next-hop interface is not set for point-to-point or point-to-multipoint operation. If it were, the forwarding address would be set to 0.0.0.0 and you would be required to issue a static route and to redistribute static and connected subnets.

The next-hop interface on RouterB is not passive. Configuring an interface as a passive interface prevents a router from sending or receiving OSPF routing information or hello packets on the specified interface. To configure a router as a passive interface, you should issue the passive-interface command in OSPF router configuration mode.

Exam Question 176

SwitchA and SwitchB are Layer 2 switches that are connected by a trunk link that forwards traffic for all VLANs. Server1 uses RouterA as its default gateway. Server2 uses RouterB as its default gateway. RouterA and RouterB are configured to perform interVLAN routing. Which of the following statements is true? (Select the best answer.)

SwitchA and SwitchB are Layer 2 switches that are connected by a trunk link that forwards traffic for all VLANs. Server1 uses RouterA as its default gateway. Server2 uses RouterB as its default gateway. RouterA and RouterB are configured to perform interVLAN routing.

A. Server1 and Server2 will be unable to communicate.
B. Server1 and Server2 will be able to communicate without any problems.
C. Server1 will be able to communicate with Server2, but Server2 will not be able to communicate with Server1.
D. Server2 will be able to communicate with Server1, but Server1 will not be able to communicate with Server2.
E. Server1 and Server2 will be able to communicate, but excess unicast flooding will occur.
Correct Answer:
E. Server1 and Server2 will be able to communicate, but excess unicast flooding will occur.
Answer Description:
Server1 and Server2 will be able to communicate, but excess unicast flooding will occur because of asymmetric routing. When Server1 wants to communicate with Server2, Server1 sends the traffic through SwitchA to its default gateway, RouterA. RouterA routes the traffic through the VLAN 20 subinterface to SwitchA. SwitchA does not know to which port Server2 is connected, so it floods the traffic to all ports that belong to VLAN 20. SwitchB receives the flooded traffic and forwards it directly to Server2.

When Server2 wants to respond to Server1, the same process happens in reverse. Server2 sends the traffic through SwitchB to its default gateway, RouterB. RouterB routes the traffic through the VLAN 10 subinterface to SwitchB. SwitchB does not know to which port Server1 is connected, so it floods the traffic to all ports that belong to VLAN 10. SwitchA receives the flooded traffic and forwards it directly to Server1.The behavior exhibited by the network topology in this scenario is called asymmetric routing. The excess unicast flooding occurs because SwitchA does not see traffic from the Media Access Control (MAC) address of Server2 and because SwitchB does not see traffic from the MAC address of Server1. When a switch receives traffic for a destination that is not listed in its forwarding table, it floods the traffic out all ports in that VLAN. If the servers in this scenario send a lot of traffic to one another, other devices connected to the switches can be adversely affected.

It is possible that one of the servers might send a broadcast Address Resolution Protocol (ARP) request, which will cause both switches to learn the MAC address of the server. This will cause the excess unicast flooding to stop. However, the server’s MAC address will eventually age out of the forwarding table, and the excess unicast flooding will resume.

Exam Question 177

You want to establish an EtherChannel between SwitchA and SwitchB.
Which of the following modes can you configure on both of the switches to establish the EtherChannel over PAgP? (Select the best answer.)

A. on
B. passive
C. active
D. desirable
E. auto
Correct Answer:
D. desirable
Answer Description:
You can configure both switches to operate in desirable mode to establish the EtherChannel over Port Aggregation Protocol (PAgP). Alternatively, you can set one switch to auto and the other switch to desirable.

PAgP is a Ciscoproprietary protocol that groups individual physical PAgPconfigured ports into a single logical link, called an EtherChannel. The ports that constitute an EtherChannel are grouped according to various parameters, such as hardware, port, and administrative limitations. Once PAgP has created an EtherChannel, it adds the EtherChannel to the spanning tree as a single switch port. Because PAgP is a Cisco-proprietary protocol, it can be used only on Cisco switches.

Link Aggregation Control Protocol (LACP) is a newer, standardsbased alternative to PAgP that is defined by the Institute of Electrical and Electronics Engineers (IEEE) 802.3ad standard. LACP is available on switches newer than the Catalyst 2950 switch, which offers only PAgP. Like PAgP, LACP identifies neighboring ports and their group capabilities; however, LACP goes further by assigning roles to the EtherChannel’s endpoints. Because LACP is a standardsbased protocol, it can be used between Cisco and nonCisco switches.

The following table displays the channelgroup configurations that will establish an EtherChannel:
The following table displays the channelgroup configurations that will establish an EtherChannel.

The channelgroup command configures the EtherChannel mode. The syntax of the channelgroup command is channelgroup number mode {on | active | passive | {auto | desirable} [nonsilent]}, where number is the port channel interface number. The on keyword configures the channel group to unconditionally create the channel with no LACP or PAgP negotiation.

The active and passive keywords can be used only with LACP. The active keyword configures the channel group to actively negotiate LACP, and the passive keyword configures the channel group to listen for LACP negotiation to be offered. Either or both sides of the link must be set to active to establish an EtherChannel over LACP? setting both sides to passive will not establish an EtherChannel over LACP.

The auto, desirable, and nonsilent keywords can be used only with PAgP. The desirable keyword configures the channel group to actively negotiate PAgP, and the autokeyword configures the channel group to listen for PAgP negotiation to be offered. Either or both sides of the link must be set to desirable to establish an EtherChannel over PAgP; setting both sides to auto will not establish an EtherChannel over PAgP. The optional nonsilent keyword requires that a port receive PAgP packets before the port is added to the channel.

Exam Question 178

You issue the following commands on the routers on your network:

RouterMain(config)#username Router1 password Boson
RouterMain(config)#username Router2 password Boson
RouterMain(config)#username Router3 password Boson
RouterMain(config)#interface s0/1
RouterMain(configif)#encapsulation ppp
RouterMain(configif)#ppp authentication chap
RouterMain(configif)#exit
RouterMain(config)#interface s0/2
RouterMain(configif)#encapsulation ppp
RouterMain(configif)#ppp authentication chap
RouterMain(configif)#exit
RouterMain(config)#interface s0/3
RouterMain(configif)#encapsulation ppp
RouterMain(configif)#ppp authentication chap
Router1(config)#username routermain password boson
Router1(config)#interface s0/1
Router1(configif)#encapsulation ppp
Router1(configif)#ppp authentication chap
Router2(config)#username RouterMain password Boson
Router2(config)#interface s0/1
Router2(configif)#encapsulation ppp
Router2(configif)#ppp authentication chap
Router3(config)#username RouterMain password boson
Router3(config)#interface s0/1
Router3(configif)#encapsulation ppp
Router3(configif)#ppp authentication chap

Which of the following routers will be able to connect successfully to RouterMain? (Select the best answer.)

A. Router1
B. Router2
C. Router3
D. Router1 and Router2
E. Router2 and Router3
F. Router1 and Router3
G. Router1, Router2, and Router3
Correct Answer:
B. Router2
Answer Description:
Only Router2 will be able to connect successfully to RouterMain. The syntax of the username command is username hostname password password. By default, the hostname parameter is the host name configured in the hostname command of the peer router. However, you can use the ppp chap hostname command to specify a separate host name that is used only for Challenge Handshake Authentication Protocol (CHAP) authentication. Since the ppp chap hostname command has not been issued on the routers in this scenario, the host name that should be specified in the username command is the normal host name for each router.

Router1 will not be able to connect successfully to RouterMain, because the host name and password are specified incorrectly in the username command on Router1. The host name and password specified in the username command are case-sensitive. Therefore, the host name “routermain” does not match the host name “RouterMain”, and the password “boson” does not match the password “Boson”. To enable Router1 to connect, you should issue the username RouterMain password Boson command.

Router3 will not be able to connect successfully to RouterMain. Although the host name is specified correctly in the username command on Router3, the password is specified incorrectly? the password “boson” does not match the password “Boson”. To enable Router3 to connect, you should issue the username RouterMain password Boson command.

Exam Question 179

In a three-node OpenStack architecture, the network node consists of services from which of the following OpenStack components? (Select the best answer.)

A. Glance
B. Horizon
C. Keystone
D. Neutron
E. Nova
Correct Answer:
D. Neutron
Answer Description:
In a three-node OpenStack architecture, the network node consists of services from the Neutron component. OpenStack is an open-source cloud-computing platform. Each OpenStack modular component is responsible for a particular function, and each component has a code name. The following list contains several of the most popular OpenStack components:

  • Nova -OpenStack Compute: manages pools of computer resources
  • Neutron -OpenStack Networking: manages networking and addressing
  • Cinder -OpenStack Block Storage: manages blocklevel storage devices
  • Glance -OpenStack Image: manages disk and server images
  • Swift -OpenStack Object Storage: manages redundant storage systems
  • Keystone -OpenStack Identity: is responsible for authentication
  • Horizon -OpenStack Dashboard: provides a graphical user interface (GUI)
  • Ceilometer -OpenStackTelemetry: provides counterbased tracking that can be used for customer usage billing

A three-node OpenStack architecture consists of the network node, the controller node, and the compute node. The network node consists of the following Neutron services:

  • Neutron Modular Layer 2 (ML2) PlugIn
  • Neutron Layer 2 Agent
  • Neutron Layer 3 Agent
  • Neutron Dynamic Host Configuration Protocol (DHCP) Agent

The controller node consists of the following services:

  • Keystone
  • Glance
  • Nova Management
  • Neutron Server
  • Neutron ML2 Plug-In
  • Horizon
  • Cinder
  • Swift
  • Ceilometer Core

The compute node consists of the following services:

  • Nova Hypervisor
  • Kernel-based Virtual Machine (KVM) or Quick Emulator (QEMU)
  • Neutron ML2 Plug-In
  • Neutron Layer 2 Agent
  • Ceilometer Agent

Exam Question 180

Which of the following statements is true regarding hypervisors? (Select the best answer.)

A. Both KVM and Xen are Type1 hypervisors.
B. Both KVM and Xen are Type2 hypervisors.
C. Type1 hypervisors are generally slower than Type2 hypervisors.
D. Type2 hypervisors are also called native hypervisors.
Correct Answer:
A. Both KVM and Xen are Type1 hypervisors.
Answer Description:
Both Kernel based Virtual Machine (KVM) and Xen are Type1 hypervisors. A hypervisor is used to create and run virtual machines (VMs). A Type1 hypervisor runs directly on the host computer’s hardware. Other Type1 hypervisors include HyperV and VMware ESX/ESXi.

KVM and Xen are not Type2 hypervisors. A Type2 hypervisor runs within an operating system on the host computer. VMware Workstation, Parallels Desktop for Mac, and Quick Emulator (QEMU) are Type2 hypervisors.

Type-1 hypervisors are generally faster than Type-2 hypervisors because Type-1 hypervisors run directly on the host computer’s hardware and because Type-2 hypervisors have a host operating system that consumes system resources.

Type-1 hypervisors are also called native hypervisors or baremetal hypervisors. Type-2 hypervisors are also
called hosted hypervisors.