Cisco 200-105

Interconnecting Cisco Networking Devices Part 2 (ICND2 v3.0)

(Page 1 out of 14)
Showing 15 of 204 Questions
Exam Version: 6.0
Question No : 1 - Topic 1

Which component of the Cisco SDN solution serves as the centralized management
system?

  • A. Cisco OpenDaylight
  • B. Cisco ACI
  • C. Cisco APIC
  • D. Cisco IWAN

Answer : B

Explanation: Cisco ACI is a comprehensive SDN architecture. This policy-based automation solution supports a business-relevant application policy language, greater scalability through a distributed enforcement system, and greater network visibility. These benefits are achieved through the integration of physical and virtual environments under one policy model for networks, servers, storage, services, and security.

Question discussion

pocito94

In others simulators say CISCO APIC.

zeonooi

I believed B is the answer. http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/application-policy-infrastructure-controller-apic/datasheet-c78-732414.html Cisco ACI consists of (Figure 1): ●   Cisco Application Policy Infrastructure Controller (APIC) ●   Cisco Nexus® 9000 Series Switches (Cisco ACI spine and leaf switches) ●   Cisco ACI ecosystem



Question No : 2 - Topic 1

Which two switch states are valid for 802.1w? (Choose two.)

  • A. listening
  • B. backup
  • C. disabled
  • D. learning
  • E. discarding

Answer : D,E

Explanation: Port States There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D disabled, blocking, and listening states are merged into a unique 802.1w discarding state.

Question discussion



Question No : 3 - Topic 1

Which two pieces of information are provided by the show controllers serial 0 command?
(Choose two.)

  • A. the type of cable that is connected to the interface.
  • B. The uptime of the interface
  • C. the status of the physical layer of the interface
  • D. the full configuration of the interface
  • E. the interface's duplex settings

Answer : A,C

Explanation: The show controller command provides hardware-related information useful to troubleshoot and diagnose issues with Cisco router interfaces. The Cisco 12000 Series uses a distributed architecture with a central command-line interface (CLI) at the Gigabit Route Processor (GRP) and a local CLI at each line card.

Question discussion



Question No : 4 - Topic 1

Which option is the benefit of implementing an intelligent DNS for a cloud computing
solution?

  • A. It reduces the need for a backup data center.
  • B. It can redirect user requests to locations that are using fewer network resources.
  • C. It enables the ISP to maintain DNS records automatically.
  • D. It eliminates the need for a GSS.

Answer : B

Question discussion



Question No : 5 - Topic 1

What is the default VLAN on an access port?

  • A. 0
  • B. 1
  • C. 10
  • D. 1024

Answer : B

Question discussion



Question No : 6 - Topic 1

What is the best way to verify that a host has a path to other hosts in different networks?

  • A. Ping the loopback address.
  • B. Ping the default gateway.
  • C. Ping the local interface address.
  • D. Ping the remote network.

Answer : D

Explanation: Ping is a tool that helps to verify IP-level connectivity; PathPing is a tool that detects packet loss over multiple-hop trips. When troubleshooting, the ping command is used to send an ICMP Echo Request to a target host name or IP address. Use Ping whenever you want to verify that a host computer can send IP packets to a destination host. You can also use the Ping tool to isolate network hardware problems and incompatible configurations. If you call ipconfig /all and receive a response, there is no need to ping the loopback address and your own IP address Ipconfig has already done so in order to generate the report. It is best to verify that a route exists between the local computer and a network host by first using ping and the IP address of the network host to which you want to connect. The command syntax is: ping < IP address > Perform the following steps when using Ping: ✑ Ping the loopback address to verify that TCP/IP is installed and configured correctly on the local computer. ping 127.0.0.1 If the loopback step fails, the IP stack is not responding. This might be because the TCP drivers are corrupted, the network adapter might not be working, or another service is interfering with IP. ✑ Ping the IP address of the local computer to verify that it was added to the network correctly. Note that if the routing table is correct, this simply forwards the packet to the loopback address of 127.0.0.1. ping < IP address of local host > ✑ Ping the IP address of the default gateway to verify that the default gateway is functioning and that you can communicate with a local host on the local network. ping < IP address of default gateway > ✑ Ping the IP address of a remote host to verify that you can communicate through a router. ping < IP address of remote host > ✑ Ping the host name of a remote host to verify that you can resolve a remote host name. ping < Host name of remote host > ✑ Run a PathPing analysis to a remote host to verify that th

Question discussion



Question No : 7 - Topic 1

Which protocol authenticates connected devices before allowing them to access the LAN?
802.1d
802.11
802.1w
802.1x

Answer : D

Explanation: 802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN. The term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicants identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

Question discussion



Question No : 8 - Topic 1

Which process is associated with spanning-tree convergence?

  • A. determining the path cost
  • B. electing designated ports
  • C. learning the sender bridge ID
  • D. assigning the port ID

Answer : B

Explanation: Spanning Tree Protocol (STP) convergence (Layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. When layer 2 is converged, Root Switch is elected and Root Ports, Designated Ports and Non-Designated ports in all switches are selected. At Converged condition, the Root Ports and the Designated ports are in forwarding state, and all other ports are in blocking state.

Question discussion



Question No : 9 - Topic 1

How can you disable DTP on a switch port?

  • A. Configure the switch port as a trunk.
  • B. Add an interface on the switch to a channel group.
  • C. Change the operational mode to static access.
  • D. Change the administrative mode to access.

Answer : A

Question discussion

kav.nand@gmail.com

When the port is configured as a trunk, DTP is still turned on until the "switchport negotiate" command is used. When a port is an access port DTP is turned off, so shouldn't the answer by C?

fikka

I THINK THAT SO

clevie8

I think A is indeed the correct answer. The operational mode will display depending on what's connected. If a user device is connected, it will display static access, if another switch is connected, it will display trunk, if nothing's connected it will display down, so that makes C incorrect. D is incorrect also as the administrative mode displays what the port is configured as so it would display either static access, trunk, dynamic desirable or dynamic auto. In order to disable DTP you have to either configure the port manually as a trunk or access port and then use switchport nonegotiate. The difference between them is that a trunk would still respond to DTP from another switch but the access port ignores it, but in both cases it is still enabled.

AlexTomas

Except the command would be: Switch(config-if)#switchport mode access So wouldn't that be answer D? Operational mode would follow afterwards

kav.nand@gmail.com

I think your right mate :)

Luisgrc

Your answer is correct (y)

clevie8

D is incorrect, administrative mode will show what the port is currently configured as, which would be either static access, trunk, dynamic desirable or dynamic auto. DTP is still enabled even if a port has been configured as an access port, it just don't repond to dtp messages. To disable DTP you first configure the port as either a trunk or access port and then use switchport nonegotiaite

kav.nand@gmail.com

I agree with you. But how is A correct then? If you configure it as a trunk DTP is still enabled. To me it seems like all the answers are incorrect.

clevie8

A is correct as it would be one part of the process to disable DTP. After configuring the port manually as a trunk (or access port), you would then have to sue the switchport nonegotiate command. I think the question is a bit tricky though. I guess asking how to disable dtp and only put half of the process is confusing. Maybe it could have been a multiple answer and list both commands or ask Which of the following is part of the process to disable DTP.



Question No : 10 - Topic 1

Which two circumstances can cause collision domain issues on VLAN domain? (Choose
two.)

  • A. duplex mismatches on Ethernet segments in the same VLAN
  • B. multiple errors on switchport interfaces
  • C. congestion on the switch inband path
  • D. a failing NIC in an end device
  • E. an overloaded shared segment

Answer : A,C

Explanation: Collision Domains A collision domain is an area of a single LAN where end stations contend for access to the network because all end stations are connected to a shared physical medium. If two connected devices transmit onto the media at the same time, a collision occurs. When a collision occurs, a JAM signal is sent on the network, indicating that a collision has occurred and that devices should ignore any fragmented data associated with the collision. Both sending devices back off sending their data for a random amount and then try again if the medium is free for transmission. Therefore, collisions effectively delay transmission of data, lowering the effective throughput available to a device. The more devices that are attached to a collision domain, the greater the chances of collisions; this results in lower bandwidth and performance for each device attached to the collision domain. Bridges and switches terminate the physical signal path of a collision domain, allowing you to segment separate collision domains, breaking them up into multiple smaller pieces to provide more bandwidth per user within the new collision domains formed.

Question discussion

Luisgrc

I think the correct answers are A , E http://www.cisco.com/c/en/us/support/docs/lan-switching/virtual-lans-vlan-trunking-protocol-vlans-vtp/23637-slow-int-vlan-connect.html



Question No : 11 - Topic 1

Which statement about named ACLs is true?

  • A. They support standard and extended ACLs.
  • B. They are used to filter usernames and passwords for Telnet and SSH.
  • C. They are used to filter Layer 7 traffic.
  • D. They support standard ACLs only.
  • E. They are used to rate limit traffic destined to targeted networks.

Answer : A

Explanation: Named Access Control Lists (ACLs) allows standard and extended ACLs to be given names instead of numbers. Unlike in numbered Access Control Lists (ACLs), we can edit Named Access Control Lists. Another benefit of using named access configuration mode is that you can add new statements to the access list, and insert them wherever you like. With the legacy syntax, you must delete the entire access list before reapplying it using the updated rules.

Question discussion



Question No : 12 - Topic 1

You enter the show ipv6 route command on an OSPF device and the device displays a
route. Which conclusion can you draw about the environment?

  • A. OSPF is distributing IPv6 routes to BGP.
  • B. The router is designated as an ABR.
  • C. The router is designated as totally stubby.
  • D. OSPFv3 is in use.

Answer : A

Question discussion

clevie8

I think the answer should be D. OSPFv3 is in use. If the device has been configured for OSPF and there is a route when show ipv6 route is run, then the router is using OSPFv3

pocito94

The answer is OPSFv3.

ultimattt

This answer is incorrect, the answer should be 'OSPFv3' is in Use

Luisgrc

I think the correct answer is D

fikka

D is the crrect answer

jredz18

Correct answer is D

arl33323

On the actual exams says "You enter the show ipv6 route command on an OSPF device and the device displays a remote route." which is why A is the correct answer.

werral

OSPF doesn't advertise IPV6 routes, OSPFv3 does. You can have all the OSPF routes you want with BGP on your WAN link, but if you don't have ip unicast-routing enabled and ipv6 router ospf (area) running, you won't see any routes in the show ipv6 route output. D is the correct answer



Question No : 13 - Topic 1

Which identification number is valid for an extended ACL?

  • A. 1
  • B. 64
  • C. 99
  • D. 100
  • E. 299
  • F. 1099

Answer : D

Question discussion



Question No : 14 - Topic 1

Which option describes a difference between EIGRP for IPv4 and IPv6?

  • A. Only EIGRP for IPv6 advertises all connected networks.
  • B. Only EIGRP for IPv6 requires a router ID to be configured under the routing process-
  • C. AS numbers are configured in EIGRP but not in EIGRPv3.
  • D. Only EIGRP for IPv6 is enabled in the global configuration mode.

Answer : B

Explanation: Router ID - Both EIGRP for IPv4 and EIGRP for IPv6 use a 32-bit number for the EIGRP router ID. The 32-bit router ID is represented in dotted-decimal notation and is commonly referred to as an IPv4 address. If the EIGRP for IPv6 router has not been configured with an IPv4 address, the eigrp router-id command must be used to configure a 32-bit router ID. The process for determining the router ID is the same for both EIGRP for IPv4 and IPv6.

Question discussion



Question No : 15 - Topic 1








Why is the Branch2 network 10.1 0.20.0/24 unable to communicate with the Server farm1
network 10.1 0.10.0/24 over the GRE tunnel?

  • A. The GRE tunnel destination is not configured on the R2 router.
  • B. The GRE tunnel destination is not configured on the Branch2 router.
  • C. The static route points to the tunnel0 interface that is misconfigured on the Branch2 router.
  • D. The static route points to the tunnel0 interface that is misconfigured on the R2 router.

Answer : C

Question discussion

clevie8

Would have been good to see the config, but GRE can be troubleshooted by doing the following: -Check if the tunnel IP addresses are on the same network and subnet masks match use show interface tunnel0 to see the configured IP & mask (can also use show ip interface brief) -Check if the tunnel source and/or tunnel destination are configured with the correct IP address and the interfaces are up use show interface tunnel0 to see the configured IP & mask (can also use show ip interface brief) can also use show running-config to see the tunnel configuration -Check if the static or dynamic routing is properly configured show ip route also show run to see the routing config



(Page 1 out of 14)
Showing of 204 Questions
Exam Version: 6.0