Question 241
A network operator working for a private outsourcing company with an employee id: 4261:72:778 needs to limit the malicious traffic on their network. Which configuration must the engineer use to implement URPF loose mode on the GigabitEthernet0/1 interface?
A. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via any router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via any
B. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via rx router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via rx
C. router(config)# interface gigabitethernet0/1 router(config if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via rx router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via any
D. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via any router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via rx
Question 242
Which type of attack is an application attack?
A. ping of death
B. ICMP (ping) flood
C. HTTP flood
D. SYN flood
Question 243
Refer to the exhibit A user is performing QoS marking on internet traffic and sending it with IPv4 and IPv6 headers on the provider edge device PE1. IPv4 traffic is classified with DSCP 4 and IPv6 traffic is classified with DSCP 6.
Which action must the engineer take to begin implementing a QoS configuration on PE1 for theIPv6 traffic?
A. Create an access list that includes any IPv6 traffic and apply it to CM-20.
B. Create access list IPv6-match and configure match ip dscp 4 and match ip dscp 6 in class maps CM-10 and CM-20.
C. Configure match ip dscp 4 in class map CM-10 and match ip dscp 6 in class map CM-20.
D. Create access list IPv6-filter and remove DSCP value 4 and 6 in class maps CM-10 and CM-20.
Question 244
A company is expanding its existing office space to a new floor of the building, and the networking team is installing a new set of switches. The new switches are running IGMPv2, and the engineers configured them for VLAN10 only. The rest of the existing network includes numerous Layer 2 switches in multiple otherVLANs, all running IGMPv3.
Which additional task must the team perform when deploying the new switches so that traffic is switched correctly through the entire network?
A. Configure the new switches to use IGMPv3 on all VLANs on the network.
B. Configure all switches on the network to support IGMPv2 and IGMPv3 on all VLANs on the network.
C. Configure the new switches to use IGMPv3 on VLAN10 only.
D. Configure all switches on the network to support IGMPv2 and IGMPv3 on VLAN10 only.
Question 245
Refer to the exhibit. LDP peering between routers R1 and R2 is dropped when the link between R1 and R2 is taken offline. However, LDP peering between R2 and R3 stays up when the link between R2 and R3 is taken offline.
Which action allows MPLS traffic forwarding to continue normally if the link between R1 and R2 goes down?
A. Enable IGP and LDP Synchronization on R1.
B. Implement LDP Session Protection on R1.
C. Enable IGP and LDP Synchronization on R2.
D. Implement LDP Session Protection on R2.
Question 246
Refer to the exhibit. Tier 2 ISP A on AS 653 is connected to two Tier 1 ISPs on AS 321 and AS 51 respectively. The network architect at ISP A is planning traffic flow inside the network to provide predictable network services. Cisco Express Forwarding is disabled on the edge router. How should the architect implementBGP to direct all traffic via the Tier 1 ISP with next-hop 7.4.5.2?
A. Implement the BGP routing protocol and run the bgp deterministic-med command.
B. Implement MP-BGP with a 4-byte AS number with the bgp best path compare-routerid command.
C. Implement the BGP routing protocol and the maximum-paths 2 configuration.
D. Implement BGP route-reflector functionality with the bgp always-compare-med configuration.
Question 247
Which two features describe TI-LFA? (Choose two.)
A. TI-LFA uses PQ or P and Q nodes on the post-convergence path to compute the backup path.
B. Post-convergence, TI-LFA considers the next-hop neighbor to calculate the backup repair path.
C. TI-LFA works with point of local repair when the PQ node supports only LDP capability.
D. Unlike RLFA, TI-LFA works without the PQ node and provides double segment failure protection.
E. TI-LFA leverages the post-convergence path that carries data traffic after a failure.
Question 248
How does SR policy operate in Segment Routing Traffic Engineering?
A. An SR policy for color and endpoint is deactivated at the headend as soon as the headend learns a valid candidate path for the policy.
B. When "invalidation drop" behavior occurs, the SR policy forwarding entry is removed and the router drops all traffic that is steered into the SR policy.
C. When a set of SID lists is associated with the SR policy designated path, traffic steering is ECMP-based according to the qualified cost of each SID-list.
D. An active SR policy installs a BSID-keyed entry in the forwarding table to steer the packets that match the entry to the SR policy SID-list.
Question 249
An engineering team must implement Unified MPLS to scale an MPLS network. Devices in the core layer use different IGPs, so the team decided to split the network into different areas. The team plans to keep the MPLS services as they are and introduce greater scalability.
Which additional action must the engineers take to implement the Unified MPLS?
A. Redistribute the IGP prefixes from one IGP into the other routers to ensure end-to-end LSPs.
B. Configure the ABR routers as route reflectors that redistribute IGP into BGP.
C. Redistribute the IGP prefixes into another IGP to ensure end-to-end LSPs.
D. Move the IGP prefixes into IS-IS as the loopback prefixes of the PE routers to distribute the prefixes to other routers to create end-to-end LSPs.
Question 250
Refer to the exhibit. A network engineer is configuring router RB to secure BGP advertisements against route hijacking activity. RB must validate all prefixes that it receives from origin AS 200 before installing them in the BGP route table.
Which configuration meets the requirement?
A. RB(config)# router bgp 100 RB(config-router)# address-family ipv4 unicast RB(config-router-af)# bgp bestpath origin-as use validity
B. RB(config-bgp)# router bgp 100 RB(config-bgp)# bgp origin-as validation signal ibgp RB(config-bgp)# bgp bestpath origin-as allow invalid
C. RB(config-bgp)# router bgp 100 RB(config-bgp)# bgp origin-as validation time off
D. RB(config)# router bgp 100 RB(config-router)# address-family ipv4 unicast PB(config-router-af)# bgp origin-as validation enable
