Here you will find answers to Cisco SONA Architecture Questions

Question 1

The Cisco Data Center Network Architecture comprises which two Cisco SONA layers? (Choose two)

A. Interactive Services
B. Business Applications
C. Network Infrastructure
D. Collaboration Applications
E. WAN/Internet

Answer: A C

Explanation

The SONA framework defines the following three layers:

+ Networked Infrastructure layer: Where all the IT resources interconnect across a converged network foundation. The objective of this layer is to provide connectivity, anywhere and anytime.
+ Interactive Services layer: Includes both application networking services and infrastructure services. This layer enables efficient allocation of resources to applications and business processes delivered through the networked infrastructure.
+ Application layer: Includes business applications and collaboration applications. The objective of this layer is to meet business requirements and achieve efficiencies by leveraging the Interactive Services layer.

With above information, you can answer question 2 and 3 below.

Question 2

Which three of these are layers in the Cisco SONA Architecture? (Choose three)

A. Application
B. Physical
C. Presentation
D. Integrated Transport
E. Interactive Services
F. Networked Infrastructure

Answer: A E F

Question 3

A Cisco SONA architecture layer is described as follows:
The layer’s IT resources are interconnected across a converged network foundation.
The layer’s IT resources include servers, storage, and clients.
The layer represents how resources exist across the network.
The customer objective for the layer is to have anywhere/anytime connectivity.

Which Cisco SONA architecture layer is being described?

A. Application
B. Physical
C. Integrated Transport
D. Interactive Services
E. Networked Infrastructure

Answer: E

Note:

Cisco has formalized a network’s life cycle into six phases: Prepare, Plan, Design, Implement, Operate, and
Optimize. These phases are collectively known as PPDIOO.

Question 1

At which stage in the PPDIOO process would you analyze a customer’s network in order to discover opportunities for network improvement?

A. Plan
B. Prepare
C. Design
D. Implement
E. Operate
F. Design Assessment

Answer: C

Explanation

Design phase: Developing a detailed design is essential to reducing risk, delays, and the total cost of network deployments. A design aligned with business goals and technical requirements can improve network performance while supporting high availability, reliability, security, and scalability.

(Reference: http://www.ciscozine.com/2009/01/29/the-ppdioo-network-lifecycle/)

Question 2

Which of these is the next step after the design phase in the PPDIOO process?

A. Order the equipment.
B. Develop a high-level migration plan.
C. Create a pilot or a prototype network.
D. Develop the implementation plan in as much detail as possible.
E. Identify which network management protocol will be used for which function.

Answer: D

Explanation

The Implement phase begins after the design phase has been finished. In this phase, new devices are installed, configured and tested according to the design specifications.

Question 3

According to Cisco, which four improvements are the main benefits of the PPDIOO lifecycle approach to network design? (Choose four)

A. faster ROI
B. improved business agility
C. increased network availability
D. faster access to applications and services
E. lower total cost of network ownership
F. better implementation team engagement

Answer: B C D E

Explanation

The PPDIOO life cycle provides four main benefits:

+ It improves business agility by establishing business requirements and technology strategies.
+ It increases network availability by producing a sound network design and validating the network
operation.
+ It speeds access to applications and services by improving availability, reliability, security, scalability, and
performance.
+ It lowers the total cost of ownership by validating technology requirements and planning for infrastructure
changes and resource requirements.

(Reference: Cisco CCDA Official Exam Certification Guide, 3rd Edition)

Question 4

Refer to the exhibit

During which stage of the PPDIOO process are implementation procedures prepared?

A. Prepare
B. Plan
C. Design
D. Implement
E. Operate
F. Optimize

Answer: C

Explanation

The Design phase includes network diagrams and an equipment list. The project plan is updated with more granular
information for implementation. This is the so-called “prepare implementation procedures”.

Question 5

Which two design methodology steps relate, at least in part, to the implement phase of the PPDIOO process? (Choose two)

A. verifying the network
B. testing design
C. determining customer requirements
D. characterizing the existing network
E. establishing the organizational requirements

Answer: A B

Explanation

The Implement phase relates to implement new devices, including verifying and testing so A and B are the most suitable options.

“Determining customer requirements” occurs in the Prepare phase, which identifies requirements and builds a conceptual architecture.

“Characterizing the existing network” belongs to the Plan phase; this step is performed to determine the infrastructure necessary to meet the requirements.

In the “establishing the organizational requirements” step, the network topology is designed to meet the requirements and close the network gaps identified in the previous steps. This step is related to the Design Phase of the PPDIOO process.

Question 6

Which two statements represent advantages that the top-down network design process has over the bottom-up network design process? (Choose two)

A. is able to provide the big picture
B. utilizes previous experience
C. takes less time to design a network
D. identifies appropriate technologies first
E. provides a design for current and future development

Answer: A E

Explanation

By incorporating the organization’s requirements, the top-down network design process provide the big picture that meets current and future requirements.

Question 7

Which statement identifies a benefit obtained when using a top-down network design plan?

A. allows quick responses to design requests
B. facilitates design based on previous experience
C. incorporates customer organizational requirements
D. is less time-consuming than using a bottom-up approach
E. provides a more detailed picture of the desired network

Answer: C

Explanation

The top-down approach begins with the organization’s requirements before looking at technologies. Network designs are tested using a pilot or prototype network before moving into the Implement phase.

Here you will find answers to Network Management Questions

Question 1

What are three valid methods of gathering information about an existing data network? (Choose three)

A. Use organizational input.
B. Perform a traffic analysis.
C. Analyze the user-mapping of a running application.
D. Perform a packet-level audit to verify carrier service guarantees.
E. Perform a network audit to gather more detail about the network.
F. Use reports that analyze the metrics of the customer’s existing network.

Answer: A B E

Question 2

Which of the following Cisco router services performs network traffic analysis to assist in documenting a customer’s existing network?

A. MRTG
B. NetMon
C. NetFlow
D. SNMP MIB compiler

Answer: C

Question 3

You are performing an audit of a customer’s existing network and need to obtain the following router information:
interfaces
running processes
IOS image being executed

Which command should you use?

A. show version
B. show tech-support
C. show startup-config
D. show running-config
E. show processes memory

Answer: B

Question 4

Which Cisco device management feature is most suited to metering network traffic and providing data for billing network usage?

A. BGP
B. Cisco Discovery Protocol
C. QoS
D. RMON 
E. NetFlow

Answer: E

Question 5

Which network management protocol allows a network device to have vendor-specific objects for management?

A. SNMPv1
B. SNMP v2
C. SNMP v3
D. MIB
E. RMON1
F. RMON2

Answer: D

Question 6

Which three sources does a network designer use to collect information for characterizing an existing network? (Choose three)

A. staff input
B. visual inventory
C. network audit
D. traffic analysis
E. server statistics

Answer: A C D

Here you will find answers to Wireless Questions

Question 1

Which two of these are functions of an access point in a Split MAC Network Architecture? (Choose two)

A. EAP Authentication
B. MAC layer encryption or decryption
C. 802.1Q encapsulation
D. Process probe response

Answer: B D

Question 2

Lightweight access points are being deployed in remote locations where others are already operational.
The new access points are in a separate IP subnet from the wireless controller. OTAP has not been enabled at any locations.

Which two methods can the AP use to locate a wireless controller? (Choose two)

A. local subnet broadcast
B. NV-RAM IP address
C. DHCP
D. primary, secondary, tertiary
E. DNS
F. master

Answer: C E

Question 3

Which two of the following statements represent a preferred wireless LWAPP implementation? (Choose two)

A. verify open ports for:
Layer 2 LWAPP on ethertype OxABAB
Layer 3 LWAPP on TCP 12222 and TCP 12223

B. verify open ports for:
Layer 2 LWAPP on ethertype OxBBBB
Layer 3 LWAPP on UDP 12222 and UDP 12223

C. verify open ports for:
Layer 2 LWAPP on ethertype OxBABA
Layer 3 LWAPP on UDP 12222 and TCP 12223

D. use of Layer 3 LWAPP is preferred over Layer 2 LWAPP
E. use of Layer 2 LWAPP is preferred over Layer 3 LWAPP

Answer: B D

Question 4

A lightweight access point is added to a working network. Which sequence will it use to associate itself with a wireless LAN controller?

A. master, primary, secondary, tertiary, greatest AP capacity
B. greatest AP capacity, primary, secondary, tertiary, master
C. primary, secondary, tertiary, master, greatest AP capacity
D. primary, secondary, tertiary, greatest AP capacity, master

Answer: C

Question 5

Which three of these describe the best practice for Cisco wireless outdoor Mesh network deployment? (Choose three)

A. RAP implemented with 20 to 32 MAP nodes
B. RAP implemented with 20 or fewer MAP nodes
C. mesh hop counts of 8 to 4
D. mesh hop counts of 4 or fewer
E. client access via 802.11 b/g and backhaul with 802.11 a
F. client access via 802.11 a and backhaul with 802.11 b/g

Answer: B D E

Question 6

Which two of these represent a best practice implementation of a Split MAC LWAPP deployment in a Cisco Unified Wireless Network? (Choose two)

A. Each wireless client authentication type maps to a shared SSID which in turn maps to a common shared VLAN.
B. Each wireless client authentication type maps to a unique SSID which in turn maps to a unique VLAN.
C. Each wireless client authentication type maps to a unique SSID which in turn maps to a common shared VLAN.
D. 802.1 Q trunking extends from the wired infrastructure to the access point for translation into SSID(s).
E. 802.1 Q trunking extends from the wired infrastructure to a wireless LAN controller for translation into SSID(s).
F. 802.1 Q trunking extends from the wired infrastructure to a wireless LAN controller.
Then the 802.1 Q packet is encapsulated in LWAPP and sent to the access point for transmission over the SSID(s).

Answer: B E

Question 7

Which two of these are required for wireless client mobility deployment when using a Cisco Unified Wireless Network? (Choose two)

A. assigned master controller
B. matching mobility group name
C. matching RF group name
D. matching RF power
E. matching security
F. matching RF channel

Answer: B E

Question 8

Which two wireless attributes should be considered during a wireless site survey procedure? (Choose two)

A. encryption
B. channel
C. authentication
D. power
E. SSID

Answer: B D

Question 9

Which two statements best describe Cisco Wireless LAN Guest Access in a Cisco Unified Wireless Network? (Choose two)

A. Dedicated guest VLANs are extended throughout the network to the access points for path isolation.
B. Dedicated guest VLANs are only extended to the wireless controllers in the network to ensure path isolation.
C. Dedicated guest access in the DMZ extends from the origination to the termination controllers without dedicated guest VLANs.
D. Guest tunnels can originate and terminate on any wireless controller platform.
E. Guest tunnels have limitations on which wireless controllers can originate the tunnel.
F. Guest tunnels have limitations on which wireless controllers can terminate the tunnel.

Answer: C F

Here you will find answers to Voice Design Questions

Question 1

Which type of trunk is required in order to connect a fax machine to a PBX?

A. inter-office
B. Foreign Exchange Office
C. central office
D. Foreign Exchange Station
E. intra-office

Answer: D

Question 2

When monitoring voice traffic on a converged network, which are the three most important QoS characteristics to pay attention to? (Choose three)

A. delay
B. jitter
C. packet loss
D. bit error rate
E. CRTP hop configuration

Answer: A B C

Question 3

Which H.323 protocol is responsible for the exchanging of capabilities and the opening and closing of logical channels?

A. H.225
B. H.245
C. RAS
D. RTCP

Answer: B

Question 4

Which statement best describes Call Admission Control?

A. It extends QoS capabilities to protect voice from excessive data traffic.
B. It provides endpoint registration control.
C. It protects voice from voice.
D. It provides endpoint bandwidth control.

Answer: C

Question 5

Which H.323 protocol monitors calls for factors such as packet counts, packet loss, and arrival jitter?

A. H.225
B. H.245
C. RAS
D. RTCP

Answer: D

Question 6

Given a VoIP network with these attributes:
Codec: G.728
Bit rate: 16 Kbps
WAN Bandwidth: 256 Kbps
Packet Header: 6 bytes
Payload: 40 bytes
CRTP: Yes

How many calls can be made?

A. 7 calls
B. 8 calls
C. 13 calls
D. 14 calls

Answer: C

Question 7

Which H.323 protocol controls call setup between endpoints?
A. H.225
B. H.245
C. RAS
D. RTCP

Answer: A

Question 8

Which two VoIP characteristics are affected most by codec choice? (Choose two)

A. voice quality
B. silent packet handling
C. voice packet header size
D. bandwidth required for voice calls

Answer: A D

Question 9

What are the two most likely driving forces motivating businesses to integrate voice and data into converged networks? (Choose two)

A. Voice has become the primary traffic on networks.
B. WAN costs can be reduced by migrating to converged networks.
C. Their PSTNs cannot deploy features quickly enough.
D. Data, voice, and video cannot converge on their current PSTN structures.
E. Voice networks cannot carry data unless the PRI circuits aggregate the BRI circuits.

Answer: D E

Question 10

Which two techniques can reduce voice packet transfer delay across a link of less than 512 kbps? (Choose two)

A. deploy LFI
B. increase queue depth
0 C. increase link bandwidth
D. extend the trust boundary
E. deploy software compression

Answer: A C

Question 11

Given a VoIP network with these attributes:
Codec: G.711
WAN bandwidth: 768Kbps
Packet Header: 6 bytes
Payload: 160 bytes
CRTP: No

How many calls can be made?

A. 7 calls
B. 8 calls
C. 9 calls
D. 11 calls
E. 13 calls

Answer: C

Question 12

What is the benefit of deploying a gatekeeper in an H.323 IP telephony network?

A. increases redundancy by allowing each gateway to maintain a copy of the dial plan
B. reduces configuration complexity by centralizing the dial plan
C. provides spatial redundancy through the use of HSRP
D. provides load balancing via GUP when alternate gatekeepers are deployed

Answer: B

Question 13

A customer wishes to implement VoIP using centralized call-processing. In addition, the customer wishes to establish a balance between good voice quality and good bandwidth utilization. Which codec would you suggest?

A. G.711
B. G.723.1
C. G.726
D. G.729

Answer: D

Here you will find answers to Security in Design Questions

Question 1

Which Cisco security solution offers protection against “day zero” attacks?

A. Cisco Adaptive Security Appliance
B. Cisco Security Agent
C. Cisco IOS Firewall
D. Cisco IOS IPS
E. Cisco Traffic Anomaly Detector

Answer: B

Explanation

The Cisco Security Agent (CSA) software protects server and desktop endpoints from the latest threats caused by malicious network attacks. CSA can identify and prevent network attacks that are considered unknown or “Day Zero”-type threats. CSAs are packed with many features, including firewall capabilities, intrusion prevention, malicious mobile code protection, operating-system integrity assurance, and audit log consolidation.

Question 2

Which two solutions are parts of the Cisco Security Management Suite? (Choose two)

A. ASA
B. Cisco Security Agent
C. NAC Appliance
D. CSM
E. PIX
F. Cisco Security MARS

Answer: D F

Explanation

Solutions of the Cisco Security Management Suite are:

+ Cisco Security Manager (CSM) is an integrated solution for configuration management of firewall, VPN, router, switch module, and IPS devices.

+ Cisco Secure Access Control Server (ACS) provides centralized control for administrative access to Cisco devices and security applications.

+ Cisco Security Monitoring, Analysis, and Response System (MARS) is an appliance-based solution for network security administrators to monitor, identify, isolate, and respond to security threats.

+ Management Center for CSA (CSA MC) is an SSL web-based tool for managing Cisco Security Agent configurations.

+ Cisco Router and Security Device Manager (SDM) is a web-based tool for routers and supports a wide range of IOS software.

+ Cisco Adaptive Security Device Manager (ASDM) is a web-based tool for managing Cisco ASA 5500 series appliances, PIX 500 series appliances (version 7.0 or higher), and Cisco Catalyst 6500 Firewall Services Modules (FWSM version 3.1 or higher).

+ Cisco Intrusion Prevention System Device Manager (IDM) is a web-based application that configures and manages IPS sensors.

(Reference: CCDA Official Exam Certification Guide 3rd)

Question 3

A manufacturing company has decided to add a website to enhance sales. The web seivers in the E-Commerce module must be accessible without compromising network security. Which two design recommendations can be made to meet these requirements? (Choose two)

A. Use private and public key encryption.
B. Move the E-Commerce seivers to the WAN module.
C. Use intrusion detection on the E-Commerce setverfarm.
D. Limit the number of incoming connections to the E-Commerce module.
E. Place E-Commerce seivers and application seivers on isolated LANs (DMZs).

Answer: C E

Question 4

Which Cisco security solution can quarantine and prevent non-compliant end stations from accessing the network until they achieve security policy compliance?

A. Cisco Secure Connectivity
B. Adaptive Security Appliance
C. Access Control Server
D. Network Admission Control
E. Network Intrusion Prevention System
F. Cisco Security Monitoring, Analysis, and Response System

Answer: D

Explanation

The Network Admission Control protects the network from threats by enforcing security compliance on all devices attempting to access the network. It only allows access to endpoints only after they have passed authentication based on security policies.

Question 5

A Cisco Self-Defending Network has been installed, but DoS attacks are still being directed at e-commerce hosts. The connection rate at the Internet firewall was limited, but the problem persists. What more can be done?

A. Move the seivers to the DMZ.
B. Install all relevant operating system patches.
C. Block the servers’ TCP traffic at the Internet firewall.
D. Block the servers’ UDP traffic at the Internet firewall.

Answer: B

Question 6

Which three security measures can be used to mitigate DoS attacks that are directed at exposed hosts within the E-Commerce module? (Choose three)

A. Partition the exposed hosts into a separate LAN or VLAN.
B. Use firewalls to block all unnecessary connections to the exposed hosts.
C. Use a VPN concentrator (IPSec) to protect and verify each connection to the exposed host or hosts.
D. Use LAN switch VTP pruning to separate hosts on the same segment.
E. Use NIDSs and HIPSs to detect signs of attack and to identify potentially successful breaches.

Answer: A B E

Question 7

Which Cisco security management solution provides the means to identify, isolate, and counter security threats to the network?

A. Adaptive Security Device Manager
B. Intrusion Prevention Device Manager
C. Security Device Manager
D. Cisco Security Manager
E. Cisco Security Monitoring, Analysis, and Response System

Answer: E

Explanation

Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based solution for network security administrators to monitor, identify, isolate, and respond to security threats. MARS understands the network topology and device configurations from routers, switches, firewalls, and IPS devices. MARS also can model
packet flows on the network.

Question 8

A large enterprise requires sensitive information be transmitted over a public infrastructure. It requires confidentiality, integrity, and authenticity. Which security solution best meets these requirements?

A. Cisco IOS Firewall
B. Intrusion Prevention
C. Secure Connectivity
D. AAA
E. Traffic Guard Protector

Answer: C

Question 9

Which technology can ensure data confidentiality, data integrity, and authentication across a public IP network?

A. GRE
B. IPsec
C. VLANs
D. VSANs
E. VPDNs

Answer: B

Question 10

For which technology is IPsec required for a site-to-site enterprise WAN/MAN architecture?

A. ATM
B. ISP Service
C. Frame Relay
D. SP MPLS VPN
E. self-deployed MPLS

Answer: B

Question 11

A Cisco security mechanism has the following attributes:
it is a sensor appliance
it searches for potential attacks by capturing and analyzing traffic
it is a “purpose-built device”
it is installed passively
it introduces no delay or overhead

Which Cisco security mechanism is this?

A. IKE
B. PIX
C. HIPS
D. NIDS
E. HMAC

Answer: D

Question 12

Which of these domain-of-trust security statements is correct?

A. Segments within a network should have the same trust models.
B. An administrator should apply consistent security controls between segments.
C. Communication between trusted entities needs to be carefully managed and controlled.
D. Segment security policy decisions are based on trust.

Answer: D