Share your ARCH Experience
Please share with us your experience after taking the ARCH v2.1 642-874 exam, your materials, the way you learned, your recommendations…
Your posts are warmly welcome!
Please don’t ask for links to download copyright materials here…
@bd – how may drag n drop u got?
others also share ur experience…total how many qns?
@Sri
Mmm. If you about my last attempt.. Many qns were from first 5.0 actualtest. But many of them were are incorrect. Right answers was really difficult to choose in may be ten qns. Don’t remember in detail those qns. Qns about 55. D&D about 4, I guess. My score was about 750/1000.
Last days I am reading 5.8 actualtest and trying to find incorrect answers..
5.8
QUESTION NO: 40
When designing remote access to the Enterprise Campus network for teleworkers and mobile
workers, which of the following should the designer consider?
A. It is recommended to place the VPN termination device in line with the Enterprise Edge Edge
firewall, with ingress traffic limited to SSL only
B. Maintaining access rules, based on the source IP of the client, on an internal firewall drawn
from a headend RADIUS server is the most secure deployment
C. VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended
when the remote user community is small and dedicated DHCP scopes are in place
D. Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick),
including at Layer 7
Answer: A
I am not fully shure, that A is right. From the guide “…The firewall policies should limit incoming traffic to the VPN termination device to IPsec AND SSL.”
Answer C not right 100%. So, in my opinion, D looks more good. “…Clientless SSL VPNs can provide more granular Layer 7 access control including URL-based access or file server directory level access control.”
Need to discuss.
5.8
QUESTION NO: 42
When designing the routing for an Enterprise Campus network it is important to keep while of the following filtering aspects in mind?
A. Filtering is only useful when combined with route summarization
B. It is best to filter (allow) the default and summary prefixes only in the Enterprise Edge to remote sites or site-to-site IPsec VPN networks
C. IGPs (for example EIGRP or OSPF) are superior to route filtering in avoiding in inappropriate
transit traffic through remote nodes or inaccurate or inappropriate routing updates
D. The primary limitation of router filtering is that it can only be applied on outbound updates
Answer: D
The same. I think D is strange answer. I guess we can to filter inbound like outbound. So.. I think B is more good.
@ bd
Those are pretty weird questions, I had a separate section for those. 873 Guide makes you wonder…I guess Cisco tries to make sure that engineers don’t think anymore, but rely solely on they guidance.
Chapter 5 of the Rough Cuts, which includes the Nexus design..
http://mir.cr/1UC0AEN6
:)
QUESTION NO: 49
Which two design concerns must be addressed when designing a multicast implementation?
(Choose two)
A. only the low-order 23 bits of the MAC address are used to map IP addresses
B. only the low-order 24 bits of the MAC address are used to map IP addresses
C. only the high-order 23 hits of the MAC address are used to map IP address
D. only the low-order 23 bits of the IP address are used to map MAC addresses
E. the 0x01 uu4t MAC address prefix is used for mapping IP addresses to MAC addresses
F. the 0x01005e MAC address prefix is used for mapping IP addresses to MAC addresses
Answer: A,F
I think A is wrong,D is right answer,am i right? IP address are used to map MAC addresses
QUESTION NO: 58
Which four Cisco proprietary Spanning Tree Protocol enhancements are supported with rapid per-
VLAN Spanning-Tree plus? (Choose four.)
A. PortFast
B. UnlinkFast
C. loop guard
D. root guard
E. BPDU guard
F. BackboneFast
Answer: A,B,E,F
A,C,D,E are right
QUESTION NO: 59
There are three steps to confirm whether a range if IP addresses can be summarized. Which of
the following is used in each of three 3 steps?
A. The first number in the contiguous block of addresses
B. The last number in the contiguous block of addresses
C. The size of the contiguous block of addresses
D. The subnet mask of the original network address
Answer: B
but Q7’s Answer is A? I think D is right,because summarized or not depend by mask,am i right?
QUESTION NO: 68
What two choices can you make when redundancy is required from a branch office to a regional
office? (Choose two.)
A. multiple Frame Relay PVCs
B. dual Wan links to the regional office
C. dual Wan links to another branch office
D. single links – one to the regional office and one to another branch office
Answer: B,D
i don’t know why B,D , but i also don’t know what is right
QUESTION NO: 99
It’s a configuration that experts are calling a “firewall sandwich,” with the second firewall providing a second level of load balancing after traffic down. What is meant by the term “firewall sandwich”?
A. single layer of firewalling
B. multiple layers of firewalling
C. firewall connections in either an active or standby state
D. an architecture in which all traffic between firewalls goes through application-specific servers
Answer: D
I think B is also right,otherwise, why call “firewall sandwich”
Hi,
As per my knowledge,correct answers for above questions:
Q19 – A
Q49 – AF ryt
Q42 – B seems to be ryt
Q58 – ACDE ryt
If i get the right answers for rest other question will post you.
Regards
Sateesh
I appeared today and failed with 748 Has any one got real dump i spotted some serious errors in the dump … but i have booked again next friday i would really appreciate if some one can share updated dump
sorry Kash,
all questions were 5.8 actualtest ?
sorry dear didnt get what dose this mean 5.8 actual test is it with correct questions if yes where i can get it from ?
soRry i prepared from Version: 5.5 ca any one please share 5.8
Hi Kash,
http://depositfiles.com/files/vjmaxxnm3
thanks Did any one passed with this … I am bit worried because my ccnp will expire in two weeks time i cannot take chance s
49 … DF
58 .. ACDE checked
can any one please suggets
@Kash Thank you
Q49
follow http://routemyworld.com/2009/03/04/ip-multicast-to-mac-address-mapping/
In order to achieve the translation between a Layer 3 IP multicast address and Layer 2 multicast MAC address, the low-order 23 bits of the IP address (Layer 3) is mapped into the low-order 23 bits of the MAC address (Layer 2).
but ip map mac ?or mac map ip ?look like the same?
thanks Winer i got 55 questions i still cannot understand how i fail i got 748/ 790 was passing . what is the latest dump you have ccnp2011 gave me 5.8 whihc seems covering couple of questions .
any one please confirm Question 36 and 59.
QUESTION NO: 146
When designing a converged network, which measures can be taken at the building access layer
to help eliminate latency and ensure end-to-end quality of service can be maintained? (Choose
three.)
A. rate limit voice traffic
B. configure spanning-tree for fast link convergence
C. isolate voice traffic on separate VLANs
D. classify and mark traffic close to the source
Answer: B,C,D Explanation:Because A’ answer access switch didn’t support rate limit ?
A.T 5.8
QUESTION NO: 148
Which IP telephony deployment model uses an H.225 Gatekeeper-Controlled trunk for call
admission control within existing H.323 environments?
A. single site with centralized call processing
B. single site with distributed call processing
C. multisite with centralized call processing
D. multisite with distributed call processing
Answer: D ? why not B?i don’t sure .The gatekeeper usually connect with remote ip-phone , but why multi-site ? single site connect remote ip-phone also use gatekeeper.
A.T 5.8
QUESTION NO: 156
What is one of the reasons that custom QoS ACLs are recommended over automatic QoS when configuring ports on a Catalyst 6500 for use with IP phones?
A. 79xx IP phones do not automatically mark voice packets with non-zero DSCP values.
B. 79xx IP phones do not mark protocol packets such as DHCP, DNS, or TFTP with non-zero
DSCP values.
C. 79xx IP phones do not mark voice packets with optimal DSCP values.
D. 79xx IP phones use a custom protocol to communicate CDP information to the switch.
Answer: C ? i don’t sure
i think D,because autoQoS must be enable CDP, it used to deliver Qos information to switch
A.T 5.8
QUESTION NO: 164
…
You suggest using integrated blades. What is one advantage and one disadvantage of your
design proposal? (Choose two.)
A. The data center would need several devices to achieve its goal.
B. Increased usage of standalone devices is cost-effective.
C. Using integrated blades would only require two devices.
D. Putting all security devices in a single chassis provides a single point of failure.
Answer: C,D ? does B has any wrong ? increased usage is one of advantage for many services integrate to one appliance.
A.T 5.8
QUESTION NO: 166
Which content networking device allows bandwidth configuration settings so that streaming
content will not interfere with other network traffic?
A. IP/TV Control Server
B. Content Distribution Manager
C. Content Engine
D. IP/TV Broadcast Server
Answer: A ?
A.T 5.8
QUESTION NO: 197
Under which two circumstances should Spanning Tree Protocol be implemented? (Choose two.)
A. to ensure a loop-free topology
B. to protect against user-side loops
C. when a VLAN spans access layer switches
D. for the most deterministic and highly available network topology
E. because of the risk of lost connectivity without Spanning Tree Protocol
Answer: B,C ? or A and B ? A. loop-free topology mean loop-free physically? if not, why STP can’t ensure loop-free ?
@ 5.8
197 answers are B and C
Reference book Cisco ARCH Version 2
Page 46
For the most deterministic and highly available network topology, the requirement to support STP convergence should be avoided by design. You may need to implement STP for several reasons:
• When a VLAN spans access layer switches to support business applications.
• To protect against user-side loops. Even if the recommended design does not depend on STP to resolve link or node failure events, STP is required to protect against user-side loops. There are many ways that a loop can be introduced on the user-facing access layer ports. Wiring mistakes, misconfigured end stations, or malicious users can create a loop. STP is required to ensure a loop-free topology and to protect the rest of the network from problems created in the access layer.
• To support data center applications on a server farm.
Q166
I think answer is B#
http://www.cisco.com/web/partners/pr46/tdp/solutions_content_networking.html
guys enough is enough for me .. I canot waste time on this i am going to buy … any one wan share $$ let me know .
i also failed and got only 748,the question just one i never seen , it’s about vmware vshpere . i just study A.T 5.8 , but some have issue questions i reply my answer i think. Maybe i am wrong.Good luck for everyone.
Winer you wana appear , I am going for exam this friday , I will buy Pool from P4S to clear all confusions
@Kash, good luck on exam. My 2nd attempt will be next week too.
Guys .. I see there is one more new book out from Cisco ( not the rough cuts) . did anyone get it or have it ??
Designing Cisco Network Service Architectures (ARCH) Foundation Learning Guide: (CCDP ARCH 642-874), 3rd Edition
http://www.ciscopress.com/bookstore/product.asp?isbn=1587142880
bd good luck . I have bought Pass 4 sure finally . some new questions in it .. Sorry cant share it as one of my friend shared money in it . it is 90 days update and money back
To securely transport EIGRP traffic, a network administrator will build VPNs between sites. What is the best method to accomplish the transport of EIGRP traffic?
A. IPSec in tunnel mode
B. IPSec in transport mode
C. GRE with IPSec in transport mode
D. GRE with IPSec in tunnel mode
Any reference
Hi,
AT 5.8, Q49:
DF is ryt.
Kash,
I strongly feel that ans is D.
thanks Anonymus ..
winer406,
AT 5.8, Q99: “B” shld be the ryt ans.
@kk thanks for the link, it shows the book should be available “Nov 4, 2011”
I would really appreciate if any one can help
Q 177
A. FWSM routes traffic between the VLANs.
B. FWSM switches traffic between the VLANs.
C. Routed mode is often called bump-in-the-wire mode.
D. Routed mode firewall deployments are used most often in current designs.
I am not sure if FWSM routes traffic or Switches , however book says
The aggregation switch FWSM routes traffic directly to the server subnet page 320
page 325 also says
The FWSM routes traffic between the web server VLAN and the application server VLAN.
This is one tough exam, Paid p4S failed me too. :-(
Failed 3 days ago , overall the AT/p4s will get you about 60-70% because it has errors,
All D&D’s are from the AT easy ,
based on my score report mode of the WAN/Campus/Data Centre Q’s are ok-ish from the AT.
IP /Routing / Security sections is where my score was low, so i think maybe ospf / mulitcast / vpn / layer 3 questions is where I will be reading up on
Thank you for everyone’s update
I think We should be collect more issue to discuss with each other and try our best to correct wrong answer.
Hi everyone. Was considering one of the Mock Exam Simulators, since the newest ed. of the book is still in the rough cuts phase. Can someone recommend which is best to use out of P4S, AT, Testking or any others for that matter? Thanks a lot.
5.8
QUESTION NO: 51
Which of the following two statements about Cisco NSF and SSO are the most relevant to the
network designer? (Choose two)
A. You can reduce outage 1 to 3 seconds by using SSO in Layer 2 environment or Cisco NSF with SSO in a Layer 3 environment.
B. SSO and NSF each require the device to either be graceful restart-capable or graceful-aware.
C. In a fully redundant topology adding redundant supervisor a with NSF and SSO may cause
longer convergence times than single supervisors with turned IGP times
D. The primary deployment scenario for Cisco NSF with SSO is in the Distribution and Core
layers.
E. Cisco NSF-aware neighbor relationship are independent of any turned IGP times
Answer: A,B
I think A is not right. C is good ans, I guess. So B,C. Any ideas?
To my previous post.
“…It is possible that IGP timers can be tuned low enough such that NSF/SSO is defeated because the failure is detected by adjacent nodes before it is determined to be an SSO stateful switchover..”
http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInfra_7.html
Somebody agree with me that right ans are B and C ? :)
5.8
QUESTION NO: 53
Refer to the exhibit
Which of the following is an advantage of device clustering utilizing Virtual Port Channels (vPC)?
A. A logical star topology provides a loop free environment so that all links will be used forward
traffic
B. Enhanced EtherChannel hashing load balancing using the vPC peer link internal to the VPC
C. The control plane functions of the Nexus switches are merged to hide the use of virtualization
D. Neighboring devices connect on a Layer 3 MEC for improved packet forwarding
Answer: A
The same. Think A is a strange answer. D too. I think B is right.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11_589890.html
“…When multiple members are part of the MEC, they can further be load-balanced using the hashing algorithm available on both the Cisco Catalyst 6500 and Cisco Nexus 7000 pairs…”
Good or not?