An untrusted interface at the boundary of an administrative domain handles incoming packets by remarking all Class of Service (CoS) values to 0. This ensures consistent QoS treatment within the domain, preventing external sources from manipulating priority levels.
Table of Contents
Question
How does an untrusted interface at the boundary of an administrative domain handle incoming packets?
A. It remarks all values to a CoS of 0.
B. It forwards only traffic with a DSCP value of 48.
C. It translates the IP precedence value to the corresponding DSCP value.
D. It drops all traffic ingressing the network.
Answer
A. It remarks all values to a CoS of 0.
Explanation
The correct answer is A: An untrusted interface at the boundary of an administrative domain remarks all CoS values to 0.
When an interface is configured as untrusted, it does not trust the CoS or DSCP values marked by devices outside the administrative domain. To maintain consistent QoS policies within the network, the untrusted interface remarks all incoming packets’ CoS values to 0, the default priority level. This prevents external sources from manipulating the priority of traffic entering the domain.
The other options are incorrect:
B is wrong because an untrusted interface does not selectively forward traffic based on DSCP values.
C is incorrect as untrusted interfaces remark CoS, not translate IP precedence to DSCP.
D is false since untrusted interfaces do not drop all incoming traffic, but rather remark CoS to ensure QoS consistency.
In summary, untrusted interfaces at administrative boundaries remark the CoS of all incoming packets to 0, establishing a consistent starting point for internal QoS policies to appropriately prioritize and handle traffic.
Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR) 350-501 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR) 350-501 exam and earn Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR) 350-501 certification.