Question No: 1

Refer to the exhibit.

The Cisco Nexus 1000V in the VMware vSphere solution effectively creates an additional access layer in the virtualized data center network; which of the following 1000V characteristics can thedesigner take advantage of?

A. Offloads the STP requirement from the external Access layer switches

B. If upstream access switches do not support vPC or VSS the dual-homed ESX host traffic can still be distributed using virtual port channel host mode using subgroups automatically discovered through CDP

C. Allows transit traffic to be forwarded through the ESX host between VMNICs

D. Can be divided into multiple virtual device contexts for service integration, enhanced security, administrative boundaries, and flexibility of deployment

Answer: B


"Virtual Port Channel Host Mode Virtual Port Channel Host Mode (vPC-HM), shown in Figure 5-33 , allows a port channel from the Cisco Nexus 1000V to be terminated on two separate upstream switches, even if these switches do not support a clustering technology, such as vPC or VSS."

Question No: 2

Which three major points are important for network virtualization to separate logical networks on a shared

physical infrastructure? (Choose three.)


B. data plane

C. control plane



F. management plane

Answer: B,C,F

Question No: 3

Which algorithm does IS-IS use to determine the shortest path through a network?

A. Bellman-Ford routing algorithm

B. Johnson's algorithm

C. Dijkstra's algorithm

D. Floyd-Warshall algorithm

Answer: C

Question No: 4

Which protocol is best when there are circuit connections with two different ISPs in a multihoming scenario ?



C. IPsec


Answer: B

Question No: 5

What is an advantage of having an out-of-band management?

A. It is less expensive to have an out-of-band management.

B. Network devices can still be managed, even in case of network outage.

C. There is no separation between the production network and the management network.

D. SSH protocol must be used to manage network devices.

Answer: B

Question No: 6

Which of the following facts must be considered when designing for IP telephony within an Enterprise Campus network?

A. Because the IP phone is a three-port switch, IP telephony extends the network edge, impacting the

Distribution layer.

B. Video and voice are alike in being bursty and bandwidth intensive, and thus impose requirements to be lossless, and have minimized delay and jitter.

C. IP phones have no voice and data VLAN separation, so security policies must be based on upper layer traffic characteristics.

D. Though multi-VLAN access ports are set to dot1q and carry more than two VLANs they are not trunk ports.

Answer: D

Question No: 7

Which of these is least important when determining how many users a NAS can support?

A. bandwidth

B. number of plug-ins per scan

C. total number of network devices

D. number of checks in each posture assessment

Answer: A


NAS = Cisco NAC Appliance Server

(not Network-Attached Storage as I first thought) guide/9780132652933/ch08.html

"Cisco NAS Scaling

There are three levels of Cisco NAM for supporting Cisco NAC Appliance solutions:

u2022 Cisco NAC Appliance Lite Manager manages up to 3 Cisco NAS devices, supporting 100, 250, or 500 users per server.

u2022 Cisco NAC Appliance Standard Manager manages up to 20 Cisco NAS devices,

supporting from 1500 to

5000 users per (NAS) depending on which model is deployed.

u2022 Cisco NAC Appliance Super Manager manages up to 40 Cisco NAS devices, supporting from 1500 to 5000

users per (NAS) depending on which model is deployed.

The number of users supported on a server is a measure of concurrent users that have been scanned for

posture compliance, not network devices such as printers or IP phones.

The number of users supported per server is influenced by many factors that consume CPU and server

resources, such as the following:

u2022 The number of new user authentications per second

u2022 The number of posture assessments per second

u2022 How many checks are in each posture assessment

u2022 The number of agentless network scans per second

u2022 The number of plug-ins per scan

u2022 Rescan timer intervals

u2022 Per-role and total online timer intervals

u2022 Bandwidth controls

u2022 Filters and access controls Note

Interface bandwidth is the least important calculation for determining how many users a Cisco NAS

can support."

Question No: 8

Addressing QoS design in the Enterprise Campus network for IP Telephony applications means what?

A. It is critical to identify aggregation and rate transition points in the network, where preferred traffic and congestion QoS policies should be enforced

B. Suspect traffic should be dropped closest to the source, to minimize wasting network resources

C. An Edge traffic classification scheme should be mapped to the downstream queue configuration

D. Applications and Traffic flows should be classified, marked and policed within the

Enterprise Edge of the Enterprise Campus network

Answer: A

Explanation: switches/69632-configuring-cat-ip-phone.html#topic1

When you connect an IP phone to a switch using a trunk link, it can cause high CPU utilization in the switches. As all the VLANs for a particular interface are trunked to the phone, it increases the number of STP instances the switch has to manage. This increases the CPU utilization. Trunking also causes unnecessary broadcast / multicast / unknown unicast traffic to hit the phone link. In order to avoid this, remove the trunk configuration and keep the voice and access VLAN configured along with Quality of Service (QoS). Technically, it is still a trunk, but it is called a Multi-VLAN

Access Port (MVAP). Because voice and data traffic can travel through the same port, you should specify a different VLAN for each type of traffic. You can configure a switch port to forward voice and data traffic on different VLANs. Configure IP phone ports with a voice VLAN configuration. This configuration creates a pseudo trunk, but does not require you to manually prune the unnecessary VLANs.

Question No: 9

Which technology allows network managers to centrally manage the VLAN database?




D. vPC

Answer: A

Question No: 10

The network designer needs to consider the number of multicast applications and sources in the network to provide the most robust network possible. Which of the following is a consideration the designer must also address?

A. The IGPs should utilize authentication to avoid being the most vulnerable component

B. With SSM source or receiver attacks are not possible

C. With Shared Trees access control is always applied at the RP

D. Limit the rate of Register messages to the RP to prevent specific hosts from being attacked on a PIM-SM network

Answer: B

