Here you will find answers to Wireless Questions

Question 1

Which two of these are functions of an access point in a Split MAC Network Architecture? (Choose two)

A. EAP Authentication
B. MAC layer encryption or decryption
C. 802.1Q encapsulation
D. Process probe response

Answer: B D

Question 2

Lightweight access points are being deployed in remote locations where others are already operational.
The new access points are in a separate IP subnet from the wireless controller. OTAP has not been enabled at any locations.

Which two methods can the AP use to locate a wireless controller? (Choose two)

A. local subnet broadcast
B. NV-RAM IP address
C. DHCP
D. primary, secondary, tertiary
E. DNS
F. master

Answer: C E

Question 3

Which two of the following statements represent a preferred wireless LWAPP implementation? (Choose two)

A. verify open ports for:
Layer 2 LWAPP on ethertype OxABAB
Layer 3 LWAPP on TCP 12222 and TCP 12223

B. verify open ports for:
Layer 2 LWAPP on ethertype OxBBBB
Layer 3 LWAPP on UDP 12222 and UDP 12223

C. verify open ports for:
Layer 2 LWAPP on ethertype OxBABA
Layer 3 LWAPP on UDP 12222 and TCP 12223

D. use of Layer 3 LWAPP is preferred over Layer 2 LWAPP
E. use of Layer 2 LWAPP is preferred over Layer 3 LWAPP

Answer: B D

Question 4

A lightweight access point is added to a working network. Which sequence will it use to associate itself with a wireless LAN controller?

A. master, primary, secondary, tertiary, greatest AP capacity
B. greatest AP capacity, primary, secondary, tertiary, master
C. primary, secondary, tertiary, master, greatest AP capacity
D. primary, secondary, tertiary, greatest AP capacity, master

Answer: C

Question 5

Which three of these describe the best practice for Cisco wireless outdoor Mesh network deployment? (Choose three)

A. RAP implemented with 20 to 32 MAP nodes
B. RAP implemented with 20 or fewer MAP nodes
C. mesh hop counts of 8 to 4
D. mesh hop counts of 4 or fewer
E. client access via 802.11 b/g and backhaul with 802.11 a
F. client access via 802.11 a and backhaul with 802.11 b/g

Answer: B D E

Question 6

Which two of these represent a best practice implementation of a Split MAC LWAPP deployment in a Cisco Unified Wireless Network? (Choose two)

A. Each wireless client authentication type maps to a shared SSID which in turn maps to a common shared VLAN.
B. Each wireless client authentication type maps to a unique SSID which in turn maps to a unique VLAN.
C. Each wireless client authentication type maps to a unique SSID which in turn maps to a common shared VLAN.
D. 802.1 Q trunking extends from the wired infrastructure to the access point for translation into SSID(s).
E. 802.1 Q trunking extends from the wired infrastructure to a wireless LAN controller for translation into SSID(s).
F. 802.1 Q trunking extends from the wired infrastructure to a wireless LAN controller.
Then the 802.1 Q packet is encapsulated in LWAPP and sent to the access point for transmission over the SSID(s).

Answer: B E

Question 7

Which two of these are required for wireless client mobility deployment when using a Cisco Unified Wireless Network? (Choose two)

A. assigned master controller
B. matching mobility group name
C. matching RF group name
D. matching RF power
E. matching security
F. matching RF channel

Answer: B E

Question 8

Which two wireless attributes should be considered during a wireless site survey procedure? (Choose two)

A. encryption
B. channel
C. authentication
D. power
E. SSID

Answer: B D

Question 9

Which two statements best describe Cisco Wireless LAN Guest Access in a Cisco Unified Wireless Network? (Choose two)

A. Dedicated guest VLANs are extended throughout the network to the access points for path isolation.
B. Dedicated guest VLANs are only extended to the wireless controllers in the network to ensure path isolation.
C. Dedicated guest access in the DMZ extends from the origination to the termination controllers without dedicated guest VLANs.
D. Guest tunnels can originate and terminate on any wireless controller platform.
E. Guest tunnels have limitations on which wireless controllers can originate the tunnel.
F. Guest tunnels have limitations on which wireless controllers can terminate the tunnel.

Answer: C F

Here you will find answers to Voice Design Questions

Question 1

Which type of trunk is required in order to connect a fax machine to a PBX?

A. inter-office
B. Foreign Exchange Office
C. central office
D. Foreign Exchange Station
E. intra-office

Answer: D

Question 2

When monitoring voice traffic on a converged network, which are the three most important QoS characteristics to pay attention to? (Choose three)

A. delay
B. jitter
C. packet loss
D. bit error rate
E. CRTP hop configuration

Answer: A B C

Question 3

Which H.323 protocol is responsible for the exchanging of capabilities and the opening and closing of logical channels?

A. H.225
B. H.245
C. RAS
D. RTCP

Answer: B

Question 4

Which statement best describes Call Admission Control?

A. It extends QoS capabilities to protect voice from excessive data traffic.
B. It provides endpoint registration control.
C. It protects voice from voice.
D. It provides endpoint bandwidth control.

Answer: C

Question 5

Which H.323 protocol monitors calls for factors such as packet counts, packet loss, and arrival jitter?

A. H.225
B. H.245
C. RAS
D. RTCP

Answer: D

Question 6

Given a VoIP network with these attributes:
Codec: G.728
Bit rate: 16 Kbps
WAN Bandwidth: 256 Kbps
Packet Header: 6 bytes
Payload: 40 bytes
CRTP: Yes

How many calls can be made?

A. 7 calls
B. 8 calls
C. 13 calls
D. 14 calls

Answer: C

Question 7

Which H.323 protocol controls call setup between endpoints?
A. H.225
B. H.245
C. RAS
D. RTCP

Answer: A

Question 8

Which two VoIP characteristics are affected most by codec choice? (Choose two)

A. voice quality
B. silent packet handling
C. voice packet header size
D. bandwidth required for voice calls

Answer: A D

Question 9

What are the two most likely driving forces motivating businesses to integrate voice and data into converged networks? (Choose two)

A. Voice has become the primary traffic on networks.
B. WAN costs can be reduced by migrating to converged networks.
C. Their PSTNs cannot deploy features quickly enough.
D. Data, voice, and video cannot converge on their current PSTN structures.
E. Voice networks cannot carry data unless the PRI circuits aggregate the BRI circuits.

Answer: D E

Question 10

Which two techniques can reduce voice packet transfer delay across a link of less than 512 kbps? (Choose two)

A. deploy LFI
B. increase queue depth
0 C. increase link bandwidth
D. extend the trust boundary
E. deploy software compression

Answer: A C

Question 11

Given a VoIP network with these attributes:
Codec: G.711
WAN bandwidth: 768Kbps
Packet Header: 6 bytes
Payload: 160 bytes
CRTP: No

How many calls can be made?

A. 7 calls
B. 8 calls
C. 9 calls
D. 11 calls
E. 13 calls

Answer: C

Question 12

What is the benefit of deploying a gatekeeper in an H.323 IP telephony network?

A. increases redundancy by allowing each gateway to maintain a copy of the dial plan
B. reduces configuration complexity by centralizing the dial plan
C. provides spatial redundancy through the use of HSRP
D. provides load balancing via GUP when alternate gatekeepers are deployed

Answer: B

Question 13

A customer wishes to implement VoIP using centralized call-processing. In addition, the customer wishes to establish a balance between good voice quality and good bandwidth utilization. Which codec would you suggest?

A. G.711
B. G.723.1
C. G.726
D. G.729

Answer: D

Here you will find answers to Security in Design Questions

Question 1

Which Cisco security solution offers protection against “day zero” attacks?

A. Cisco Adaptive Security Appliance
B. Cisco Security Agent
C. Cisco IOS Firewall
D. Cisco IOS IPS
E. Cisco Traffic Anomaly Detector

Answer: B

Explanation

The Cisco Security Agent (CSA) software protects server and desktop endpoints from the latest threats caused by malicious network attacks. CSA can identify and prevent network attacks that are considered unknown or “Day Zero”-type threats. CSAs are packed with many features, including firewall capabilities, intrusion prevention, malicious mobile code protection, operating-system integrity assurance, and audit log consolidation.

Question 2

Which two solutions are parts of the Cisco Security Management Suite? (Choose two)

A. ASA
B. Cisco Security Agent
C. NAC Appliance
D. CSM
E. PIX
F. Cisco Security MARS

Answer: D F

Explanation

Solutions of the Cisco Security Management Suite are:

+ Cisco Security Manager (CSM) is an integrated solution for configuration management of firewall, VPN, router, switch module, and IPS devices.

+ Cisco Secure Access Control Server (ACS) provides centralized control for administrative access to Cisco devices and security applications.

+ Cisco Security Monitoring, Analysis, and Response System (MARS) is an appliance-based solution for network security administrators to monitor, identify, isolate, and respond to security threats.

+ Management Center for CSA (CSA MC) is an SSL web-based tool for managing Cisco Security Agent configurations.

+ Cisco Router and Security Device Manager (SDM) is a web-based tool for routers and supports a wide range of IOS software.

+ Cisco Adaptive Security Device Manager (ASDM) is a web-based tool for managing Cisco ASA 5500 series appliances, PIX 500 series appliances (version 7.0 or higher), and Cisco Catalyst 6500 Firewall Services Modules (FWSM version 3.1 or higher).

+ Cisco Intrusion Prevention System Device Manager (IDM) is a web-based application that configures and manages IPS sensors.

(Reference: CCDA Official Exam Certification Guide 3rd)

Question 3

A manufacturing company has decided to add a website to enhance sales. The web seivers in the E-Commerce module must be accessible without compromising network security. Which two design recommendations can be made to meet these requirements? (Choose two)

A. Use private and public key encryption.
B. Move the E-Commerce seivers to the WAN module.
C. Use intrusion detection on the E-Commerce setverfarm.
D. Limit the number of incoming connections to the E-Commerce module.
E. Place E-Commerce seivers and application seivers on isolated LANs (DMZs).

Answer: C E

Question 4

Which Cisco security solution can quarantine and prevent non-compliant end stations from accessing the network until they achieve security policy compliance?

A. Cisco Secure Connectivity
B. Adaptive Security Appliance
C. Access Control Server
D. Network Admission Control
E. Network Intrusion Prevention System
F. Cisco Security Monitoring, Analysis, and Response System

Answer: D

Explanation

The Network Admission Control protects the network from threats by enforcing security compliance on all devices attempting to access the network. It only allows access to endpoints only after they have passed authentication based on security policies.

Question 5

A Cisco Self-Defending Network has been installed, but DoS attacks are still being directed at e-commerce hosts. The connection rate at the Internet firewall was limited, but the problem persists. What more can be done?

A. Move the seivers to the DMZ.
B. Install all relevant operating system patches.
C. Block the servers’ TCP traffic at the Internet firewall.
D. Block the servers’ UDP traffic at the Internet firewall.

Answer: B

Question 6

Which three security measures can be used to mitigate DoS attacks that are directed at exposed hosts within the E-Commerce module? (Choose three)

A. Partition the exposed hosts into a separate LAN or VLAN.
B. Use firewalls to block all unnecessary connections to the exposed hosts.
C. Use a VPN concentrator (IPSec) to protect and verify each connection to the exposed host or hosts.
D. Use LAN switch VTP pruning to separate hosts on the same segment.
E. Use NIDSs and HIPSs to detect signs of attack and to identify potentially successful breaches.

Answer: A B E

Question 7

Which Cisco security management solution provides the means to identify, isolate, and counter security threats to the network?

A. Adaptive Security Device Manager
B. Intrusion Prevention Device Manager
C. Security Device Manager
D. Cisco Security Manager
E. Cisco Security Monitoring, Analysis, and Response System

Answer: E

Explanation

Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based solution for network security administrators to monitor, identify, isolate, and respond to security threats. MARS understands the network topology and device configurations from routers, switches, firewalls, and IPS devices. MARS also can model
packet flows on the network.

Question 8

A large enterprise requires sensitive information be transmitted over a public infrastructure. It requires confidentiality, integrity, and authenticity. Which security solution best meets these requirements?

A. Cisco IOS Firewall
B. Intrusion Prevention
C. Secure Connectivity
D. AAA
E. Traffic Guard Protector

Answer: C

Question 9

Which technology can ensure data confidentiality, data integrity, and authentication across a public IP network?

A. GRE
B. IPsec
C. VLANs
D. VSANs
E. VPDNs

Answer: B

Question 10

For which technology is IPsec required for a site-to-site enterprise WAN/MAN architecture?

A. ATM
B. ISP Service
C. Frame Relay
D. SP MPLS VPN
E. self-deployed MPLS

Answer: B

Question 11

A Cisco security mechanism has the following attributes:
it is a sensor appliance
it searches for potential attacks by capturing and analyzing traffic
it is a “purpose-built device”
it is installed passively
it introduces no delay or overhead

Which Cisco security mechanism is this?

A. IKE
B. PIX
C. HIPS
D. NIDS
E. HMAC

Answer: D

Question 12

Which of these domain-of-trust security statements is correct?

A. Segments within a network should have the same trust models.
B. An administrator should apply consistent security controls between segments.
C. Communication between trusted entities needs to be carefully managed and controlled.
D. Segment security policy decisions are based on trust.

Answer: D

Here you will find answers to OSPF Questions

Question 1

Which two routing protocols usually converge most quickly? (Choose two)

A. RIPv1
B. RIPv2
C. BGP
D. IGRP
E. EIGRP
F. OSPF

Answer: E F

Question 2

Which two statements best describe an OSPF deployment? (Choose two)

A. ABR provides automatic classful network boundary summarization.
B. ABR requires manual configuration for classful network summarization.
C. External routes are propagated into the autonomous system from stub areas via ASBR.
D. External routes are propagated into the autonomous system from regular areas or NSSA via ASBR.
E. External routes are propagated into the autonomous system from regular areas or NSSA via ABR.

Answer: B D

Here you will find answers to EIGRP Questions

Question 1

Which two of these are the most accurate characteristics of EIGRP deployment? (Choose two)

A. Provides features for most Ethernet, Frame Relay, and dial-up network deployment types.
B. Provides routing for IPv4, IPv6, Appletalk, and IPX.
C. Provides default hierarchical routing and summarization of a VLSM IP address deployment.
D. Provides quick convergence through neighbor relationships and topology backup routes.
E. Provides the best route selection on combined default metrics of active bandwidth,delay, load, reliability, and MTU parameters.

Answer: B D

Question 2

Your company’s Cisco routers are operating with EIGRP. You need to join networks with an acquisition’s heterogeneous routers at 3 sites, operating with EIGRP and OSPF. Which describes the best practice for routing protocol deployment?

A. apply OSPF throughout both networks
B. apply one-way redistribution exclusively at each location
C. apply two-way redistribution exclusively at each location
D. apply two-way redistribution at each location with a route filter at only one location
E. apply two-way redistribution at each location with a route filter at each location
F. apply EIGRP with the same autonomous system throughout both networks

Answer: E

Question 3

A network is being designed to meet the requirements listed. Within the enterprise network:
All routers are Cisco 3800 Series routers running the latest Cisco IOS release.
The fastest convergence time possible is required.
Unequal cost load-balancing is required.
For Internet connections:
A single link is used to connect to a single ISP.

Which two routing protocols should be used?(Choose two)

A. Use OSPF as the IGP within the enterprise.
B. Use EIGRP as the IGP within the enterprise.
C. Use Internal BGP as the IGP within the enterprise.
D. Use External BGP between the enterprise and the ISP.
E. Use EIGRP between the enterprise and the ISP.
F. Use Static (Default) routing between the enterprise and the ISP.

Answer: B F

Question 4

Which two statements best describe intradomain route summarization? (Choose two)

A. OSPF and RIP automatically summarize at classful network boundaries.
B. EIGRP and OSPF automatically summarize at classful network boundaries.
C. EIGRP and RIP automatically summarize at classful network boundaries.
D. EIGRP and OSPF must be manually configured to summarize at non-classful boundaries.
E. EIGRP and OSPF automatically summarize at non-classful boundaries.

Answer: C D

Here you will find answers to IPv4 Questions

Question 1

Which statement describes the recommended deployment of IPv4 addressing in the Cisco Enterprise Architecture model?

A. private addressing throughout with public addressing in the Internet Connectivity module
B. private addressing throughout with public addressing in the Internet Connectivity and E-Commerce modules
C. private addressing throughout with public addressing in the Internet Connectivity, E-Commerce, and Remove Access (VPN) modules
D. private addressing throughout with public addressing in the Internet Connectivity,E-Commerce, and Enterprise Branch modules

Answer: C

Question 2

Which route address is the best summary of these network addresses?

A. 192.128.0.0/24
B. 192.128.171.128/3
C. 192.128.168.0/21
D. 192.128.175.0/3
E. 192.128.0.0/16

Answer: C

Question 3

An internal network has servers with private IPv4 addresses that must be visible from the public network. Which kind of address translation should be used to ensure this?

A. many-to-one translation (PAT)
B. many-to-one translation (Dynamic NAT)
C. one-to-one translation (Static NAT)
D. one-to-one translation (NAT Traversal)

Answer: C

Question 4

You are designing IPv6 into an existing IPv4 network. Which strategy can you use to allow both address schemes to coexist, thus facilitating migration?

A. bridge between the two networks
B. deploy stateful address assignments
C. run both the IPv6 and IPv4 stacks on devices
D. redistribute between IPv6-capable and non-IPv6-capable routing protocols
E. enable anycast capability in the routing protocol

Answer: C

Question 5

You are designing IPv6 into an existing IPv4 network. Which two strategies can you use to allow both address schemes to coexist, thus facilitating migration? (Choose two)

A. translate one protocol into the other
B. redistribute between IPv6-capable and non-IPv6-capable routing protocols
C. encapsulate IPv6 packets within IPv4 packets
D. bridge between the IPv6 and IPv4 networks
E. enable anycast capability in the routing protocol

Answer: A C