Cisco 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) Exam Dumps and Practice Test Questions Set 2 Q 21-40

Visit here for our full Cisco 350-401 exam dumps and practice test questions.

Question 21

A network engineer is configuring OSPF on a router and wants to ensure that a specific interface does not send or receive OSPF hello packets while still advertising the network. Which command should be used?

1. A) passive-interface
2. B) ip ospf priority 0
3. C) network area silent
4. D) no ip ospf hello-interval

Answer: A

Explanation:

The correct answer is option A. The passive-interface command prevents an OSPF interface from sending or receiving hello packets, stopping neighbor adjacencies from forming on that interface. However, the connected network is still advertised into the OSPF domain, making it reachable by other routers.

This command is essential for interfaces connected to end-user networks or stub segments where no OSPF neighbors exist. Using passive-interface conserves bandwidth, prevents unauthorized routers from forming adjacencies, reduces CPU overhead, and enhances security. You can configure it globally with “passive-interface default” then selectively enable OSPF on specific interfaces using “no passive-interface [interface]”. This approach is particularly useful on distribution routers connecting to access layer networks.

Option B is incorrect because setting OSPF priority to 0 only prevents the router from becoming DR or BDR on broadcast networks. The interface continues sending and receiving hello packets and maintains full OSPF adjacencies.

Option C is incorrect because “network area silent” is not valid OSPF syntax. OSPF network statements follow the format “network [address] [wildcard] area [area-id]” without a silent option.

Option D is incorrect because “no ip ospf hello-interval” would revert the hello interval to default settings rather than disabling hello packets. This isn’t a valid method for preventing OSPF hellos. The proper command is passive-interface.

Question 22

Which OSPF network type requires manual neighbor configuration and does not automatically discover neighbors through multicast?

1. A) Point-to-multipoint non-broadcast
2. B) Broadcast
3. C) Point-to-point
4. D) Point-to-multipoint

Answer: A

Explanation:

The correct answer is option A. Point-to-multipoint non-broadcast is designed for NBMA networks that don’t support multicast, such as Frame Relay or certain VPN configurations. Since multicast isn’t available for automatic neighbor discovery, administrators must manually configure neighbors using the “neighbor” command under the OSPF process.

You configure this type using “ip ospf network point-to-multipoint non-broadcast” on interfaces, then add neighbor statements like “neighbor [ip-address] cost [value]” in router OSPF configuration. This network type doesn’t elect DR/BDR, treats all neighbors as point-to-point links, and requires explicit neighbor definitions. It’s ideal for hub-and-spoke topologies where the hub must manually define all spoke neighbors.

Option B is incorrect because broadcast networks automatically discover neighbors using multicast address 224.0.0.5 and 224.0.0.6. This is the default for Ethernet interfaces, requiring no manual neighbor configuration.

Option C is incorrect because point-to-point networks automatically discover the single neighbor on the link using multicast hellos. No manual configuration is needed for this network type.

Option D is incorrect because standard point-to-multipoint (without non-broadcast) uses multicast for automatic neighbor discovery. Only the non-broadcast variant requires manual neighbor statements.

Question 23

An engineer needs to configure a router to prefer a specific path for OSPF routing. Which method provides the most granular control over path selection for specific routes?

1. A) Adjusting interface cost on specific interfaces
2. B) Modifying the reference bandwidth
3. C) Changing the administrative distance
4. D) Configuring OSPF priority

Answer: A

Explanation:

The correct answer is option A. Adjusting interface cost using “ip ospf cost [value]” provides granular control over OSPF path selection for traffic traversing specific interfaces. OSPF calculates the best path based on cumulative cost, so modifying individual interface costs influences routing decisions precisely.

Interface cost manipulation allows you to prefer faster links, implement traffic engineering, avoid congested paths, or create primary/backup path scenarios. You can set costs manually to override automatic calculations based on bandwidth. For example, setting a lower cost on a preferred interface makes OSPF select that path. This method affects only routes using that interface without impacting the entire OSPF domain. Cost values range from 1 to 65,535, with lower values preferred. This approach is more precise than adjusting reference bandwidth, which affects all interfaces globally.

Option B is incorrect because modifying reference bandwidth using “auto-cost reference-bandwidth [value]” affects how OSPF calculates costs for all interfaces based on their bandwidth. This is a global change impacting the entire router, not providing granular per-route or per-interface control.

Option C is incorrect because changing administrative distance affects route preference between different routing protocols (OSPF vs EIGRP), not path selection within OSPF. AD determines which protocol’s routes are installed when multiple protocols advertise the same destination.

Option D is incorrect because OSPF priority controls DR/BDR election on broadcast networks, not path selection. Priority doesn’t influence which path OSPF chooses for forwarding traffic.

Question 24

What is the default OSPF hello interval on broadcast networks?

1. A) 10 seconds
2. B) 30 seconds
3. C) 5 seconds
4. D) 40 seconds

Answer: A

Explanation:

The correct answer is option A. The default OSPF hello interval on broadcast and point-to-point networks is 10 seconds. OSPF routers send hello packets at this interval to discover and maintain neighbor relationships. The hello interval must match between neighbors for adjacency to form successfully.

Along with the hello interval, OSPF uses a dead interval (four times the hello interval by default, or 40 seconds) to determine when a neighbor is unreachable. If no hello packets are received within the dead interval, OSPF declares the neighbor down and removes its routes. These timers balance network convergence speed with stability—shorter intervals enable faster failure detection but increase overhead and can cause instability on congested links. You can adjust hello intervals using “ip ospf hello-interval [seconds]” on interfaces, but both neighbors must use matching values. Common practice is reducing intervals on critical links for faster convergence.

Option B is incorrect because 30 seconds is the default hello interval for NBMA networks, not broadcast networks. Different network types have different default timers based on their characteristics.

Option C is incorrect because 5 seconds isn’t a default OSPF hello interval, though administrators can configure this custom value for faster convergence on critical links.

Option D is incorrect because 40 seconds is the default dead interval for broadcast networks (4 times the 10-second hello interval), not the hello interval itself.

Question 25

Which EIGRP metric component is disabled by default but can be enabled to influence routing decisions based on link reliability?

1. A) Reliability (K5)
2. B) Load (K4)
3. C) MTU
4. D) Hop count

Answer: A

Explanation:

The correct answer is option A. Reliability (K5) is an EIGRP metric component that measures link reliability as a fraction of 255, where 255/255 represents 100% reliability. By default, K5 is set to 0, effectively disabling reliability from metric calculations. Administrators can enable it to prefer more reliable links.

EIGRP’s composite metric uses K-values (K1 through K5) to weight different components: K1 for bandwidth, K2 for load, K3 for delay, K4 for reliability calculation, and K5 for reliability itself. The default configuration (K1=1, K2=0, K3=1, K4=0, K5=0) uses only bandwidth and delay. Enabling K5 allows EIGRP to factor link reliability into path selection, preferring more reliable paths even if they have slightly higher delay or lower bandwidth. You modify K-values using “metric weights [tos] [K1] [K2] [K3] [K4] [K5]” under the EIGRP process. All EIGRP neighbors must use identical K-values to form adjacencies.

Option B is incorrect because while load (K2) is also disabled by default, the K4 value controls whether reliability calculation is used, and K5 is the actual reliability value. K4 and K5 work together for reliability consideration.

Option C is incorrect because MTU is not part of EIGRP’s metric calculation at all. While EIGRP tracks MTU values and includes them in routing updates, MTU doesn’t influence metric computation or path selection.

Option D is incorrect because hop count isn’t a metric component in EIGRP. EIGRP does track hop count for loop prevention (maximum 100 hops by default) but doesn’t use it in metric calculations.

Question 26

An engineer configures EIGRP named mode. Which command initiates the EIGRP configuration in named mode?

1. A) router eigrp [name]
2. B) router eigrp [AS-number]
3. C) ip routing eigrp [name]
4. D) eigrp [name] autonomous-system [AS-number]

Answer: A

Explanation:

The correct answer is option A. EIGRP named mode uses the command “router eigrp [name]” where [name] is a descriptive identifier for the EIGRP instance. This differs from classic EIGRP configuration which uses “router eigrp [AS-number]”. Named mode provides enhanced features and hierarchical configuration structure.

Named mode, introduced in IOS 15.0, organizes configuration into address-family sections (IPv4, IPv6), supports multiple topologies, simplifies wide-area deployments, and provides better scalability. After entering “router eigrp [name]”, you specify the autonomous system number using “address-family ipv4 autonomous-system [AS-number]” under the router configuration. This structure allows cleaner configuration with shared parameters across address families. Named mode supports features like EIGRP over the Top (Easy Virtual Network) and provides better multi-topology routing capabilities. Converting from classic to named mode requires careful planning as configurations aren’t directly compatible.

Option B is incorrect because “router eigrp [AS-number]” is the classic EIGRP configuration command, not named mode. Classic mode has been the traditional method but lacks named mode’s advanced features and hierarchical structure.

Option C is incorrect because “ip routing eigrp [name]” is not valid Cisco IOS syntax for any EIGRP configuration mode. The “ip routing” command enables IP routing globally without parameters.

Option D is incorrect because while you do specify the autonomous system number in named mode, this isn’t the initial command. You first enter “router eigrp [name]”, then configure the AS number within the address-family configuration section.

Question 27

What is the administrative distance of EIGRP internal routes?

1. A) 90
2. B) 100
3. C) 110
4. D) 170

Answer: A

Explanation:

The correct answer is option A. EIGRP internal routes have an administrative distance of 90, making them more preferred than OSPF (110) or RIP (120) when multiple routing protocols advertise the same destination network. Administrative distance determines which routing protocol’s information is trusted and installed in the routing table when conflicts occur.

EIGRP uses two administrative distance values: 90 for internal routes (routes learned from directly connected EIGRP neighbors within the same autonomous system) and 170 for external routes (routes redistributed into EIGRP from other routing sources). The lower administrative distance of 90 makes EIGRP internal routes highly trusted. This distinction helps prevent routing loops during redistribution scenarios. When comparing routes from different sources, routers first compare administrative distance before examining metric values. Only routes from the lowest AD source are considered for installation. Understanding AD values is crucial for multi-protocol environments and proper redistribution design.

Option B is incorrect because 100 is the administrative distance for IGRP, not EIGRP. IGRP is EIGRP’s predecessor and is now obsolete.

Option C is incorrect because 110 is OSPF’s administrative distance. EIGRP’s internal AD of 90 makes it preferred over OSPF when both protocols advertise the same route.

Option D is incorrect because 170 is the administrative distance for EIGRP external routes (redistributed routes), not internal routes. This higher AD makes external routes less preferred than internal routes.

Question 28

Which EIGRP packet type is sent to all neighbors to build the topology table initially and after topology changes?

1. A) Update
2. B) Query
3. C) Hello
4. D) Acknowledgment

Answer: A

Explanation:

The correct answer is option A. Update packets contain routing information that EIGRP neighbors use to build and maintain their topology tables. When an EIGRP neighbor relationship is first established, routers exchange full routing updates containing all known routes. Subsequently, updates are sent only when topology changes occur, implementing EIGRP’s partial update mechanism.

Update packets are sent using reliable transmission, requiring acknowledgment from receiving neighbors. They contain route prefixes, metrics (bandwidth, delay, reliability, load), hop count, and other path information. EIGRP’s efficiency comes from sending updates only to affected neighbors about specific changed routes rather than broadcasting entire routing tables periodically like distance-vector protocols. Updates can be sent as unicast to specific neighbors or multicast to 224.0.0.10 for multiple neighbors. This selective update approach minimizes bandwidth consumption and convergence time while maintaining accurate topology information across the network.

Option B is incorrect because query packets are sent when a router loses its successor route and has no feasible successor. Queries ask neighbors if they have paths to the destination, supporting EIGRP’s DUAL algorithm for loop-free convergence.

Option C is incorrect because hello packets discover and maintain neighbor relationships through periodic keepalives but don’t carry routing information. Hellos establish adjacencies; updates populate topology tables.

Option D is incorrect because acknowledgment packets confirm receipt of reliable packets (updates, queries, replies) but don’t contain routing information. ACKs ensure reliable delivery but don’t build topology tables.

Question 29

An engineer wants to configure an EIGRP router to advertise a default route to all EIGRP neighbors. Which command accomplishes this?

1. A) ip default-network or redistribute static with a default route
2. B) default-information originate
3. C) ip route 0.0.0.0 0.0.0.0 eigrp
4. D) network 0.0.0.0

Answer: A

Explanation:

The correct answer is option A. EIGRP can advertise default routes using “ip default-network [network]” or by redistributing a static default route. The ip default-network command marks a classful network as the default, which EIGRP then advertises to neighbors as a candidate default route. Alternatively, creating a static default route and redistributing it into EIGRP explicitly advertises 0.0.0.0/0.

The redistribution method is more commonly used and straightforward: configure “ip route 0.0.0.0 0.0.0.0 [next-hop or exit-interface]” to create the static default, then use “redistribute static” under the EIGRP configuration. This injects the default route into EIGRP as an external route with AD 170. The ip default-network method is legacy and requires the specified network to be in the routing table and classful. Both approaches accomplish default route advertisement but redistribution provides clearer configuration and better control. Some administrators combine this with route-maps for conditional default route advertisement based on specific criteria.

Option B is incorrect because “default-information originate” is an OSPF command, not used in EIGRP. OSPF uses this command to advertise default routes; EIGRP requires different methods.

Option C is incorrect because “ip route 0.0.0.0 0.0.0.0 eigrp” is invalid syntax. Static routes point to next-hop addresses or interfaces, not routing protocols. You create a static default route then redistribute it into EIGRP.

Option D is incorrect because “network 0.0.0.0” would attempt to enable EIGRP on all interfaces, not advertise a default route. The network command identifies interfaces for EIGRP participation, not routes to advertise.

Question 30

What is the purpose of the EIGRP stuck-in-active (SIA) timer?

1. A) To prevent indefinite waiting for query responses
2. B) To determine when to send hello packets
3. C) To calculate the feasible distance
4. D) To trigger immediate convergence

Answer: A

Explanation:

The correct answer is option A. The SIA timer prevents routers from waiting indefinitely for query responses from neighbors during convergence. When an EIGRP router loses its successor and queries neighbors for alternate paths, it expects replies within the SIA timer period (default 3 minutes). If replies aren’t received before timeout, the router declares neighbors SIA and resets adjacencies.

Stuck-in-Active occurs when routers don’t respond to queries promptly, usually due to network issues, CPU overload, or poorly designed networks causing query propagation across many routers. SIA can cause routing instability and adjacency flapping. To prevent SIA conditions, design networks with route summarization to limit query scope, ensure adequate router resources, and implement stub routing where appropriate. Enhanced EIGRP features like SIA-Query and SIA-Reply messages (sent at 90 seconds) provide status updates during long queries, helping maintain adjacencies while waiting for responses. Proper network design minimizing query domains is crucial for preventing SIA situations.

Option B is incorrect because hello packets have their own separate interval timer (5 seconds by default on LANs) unrelated to the SIA timer. Hello timers maintain neighbor relationships through keepalives.

Option C is incorrect because feasible distance is calculated immediately when routes are received using the DUAL algorithm, not based on the SIA timer. FD represents the metric to reach a destination.

Option D is incorrect because the SIA timer is a safety mechanism that triggers adjacency reset after timeout, not a convergence acceleration mechanism. Proper convergence happens through query/reply exchanges before SIA timeout.

Question 31

Which BGP attribute is used to prevent routing loops in BGP by tracking autonomous systems that a route has traversed?

1. A) AS_PATH
2. B) NEXT_HOP
3. C) LOCAL_PREF
4. D) MED

Answer: A

Explanation:

The correct answer is option A. AS_PATH is a well-known mandatory BGP attribute that lists all autonomous systems a route advertisement has traversed. BGP uses AS_PATH for loop prevention—routers reject routes containing their own AS number in the path, preventing routing loops between autonomous systems.

AS_PATH serves multiple purposes: loop prevention (primary), path selection (shorter AS paths preferred), and policy implementation (administrators can filter or modify based on AS_PATH contents). Each time a route passes through an AS, that AS number is prepended to the path. This creates a sequence showing the route’s history through the internet. Administrators can artificially lengthen AS_PATH through AS prepending to make routes less attractive, implementing traffic engineering for inbound traffic. AS_PATH is also used with regular expressions in route-maps for sophisticated filtering based on path patterns. Understanding AS_PATH manipulation is crucial for BGP traffic engineering and policy implementation.

Option B is incorrect because NEXT_HOP specifies the IP address of the next router toward the destination, not preventing loops. While NEXT_HOP is essential for forwarding, it doesn’t provide loop prevention across autonomous systems.

Option C is incorrect because LOCAL_PREF is used within an AS to influence outbound routing decisions by indicating preferred exit points. It doesn’t prevent loops and isn’t shared between autonomous systems.

Option D is incorrect because MED (Multi-Exit Discriminator) influences inbound traffic from neighboring AS by suggesting preferred entry points. MED doesn’t prevent loops and is only shared between directly connected AS pairs.

Question 32

An engineer needs to configure eBGP between two routers in different autonomous systems. What is the default Time To Live (TTL) value for eBGP packets?

1. A) 1
2. B) 32
3. C) 64
4. D) 255

Answer: A

Explanation:

The correct answer is option A. eBGP (External BGP) uses a TTL value of 1 by default, meaning BGP packets can traverse only one hop. This security measure ensures eBGP sessions are established only between directly connected routers, preventing unauthorized BGP sessions from distant routers.

The TTL of 1 restricts eBGP peering to directly connected neighbors unless administrators explicitly configure eBGP multihop using “neighbor [ip] ebgp-multihop [hops]”. This command increases the TTL value, allowing eBGP sessions across multiple routers, useful for peering through firewalls, load balancers, or when loopback interfaces are used for peering. In contrast, iBGP (Internal BGP) uses a TTL of 255, allowing sessions anywhere within the AS. The TTL difference reflects security considerations—eBGP peers are external entities requiring stricter controls. Understanding TTL behavior is essential for troubleshooting eBGP adjacency issues, especially when routers aren’t directly connected or when intermediate devices modify TTL values.

Option B is incorrect because 32 is not a default TTL value for any BGP session type. While this value might be configured using ebgp-multihop, it’s not the default.

Option C is incorrect because 64 is a common IP TTL value for various protocols but not the BGP default. General IP packets often use this value, but BGP has specific requirements.

Option D is incorrect because 255 is the default TTL for iBGP sessions, not eBGP. The difference allows iBGP neighbors anywhere in the AS while restricting eBGP to direct connections.

Question 33

Which BGP message type is used to advertise feasible routes, withdraw previously advertised routes, or both?

1. A) Update
2. B) Keepalive
3. C) Open
4. D) Notification

Answer: A

Explanation:

The correct answer is option A. Update messages carry routing information in BGP, including newly advertised routes (NLRIs – Network Layer Reachability Information), withdrawn routes, and path attributes. Update messages are the core of BGP’s routing information exchange, sent only when topology changes occur or during initial neighbor establishment.

A single update message can contain multiple components: withdrawn routes (networks no longer reachable), path attributes (AS_PATH, NEXT_HOP, LOCAL_PREF, etc.), and feasible routes being advertised. This efficient design allows BGP to communicate multiple routing changes in one packet. Unlike distance-vector protocols that periodically send full updates, BGP sends updates only when necessary (triggered updates), conserving bandwidth and processing resources. After initial full table exchange between new neighbors, only incremental updates reflecting changes are transmitted. Understanding update message structure is crucial for BGP troubleshooting and traffic analysis, particularly when diagnosing route propagation issues or convergence problems.

Option B is incorrect because keepalive messages maintain BGP sessions by confirming the connection is active. Sent periodically (every 60 seconds by default), they contain no routing information and simply prevent session timeout.

Option C is incorrect because open messages establish BGP sessions initially, exchanging parameters like AS number, BGP identifier, and hold time. Open messages don’t carry routing information, only session establishment parameters.

Option D is incorrect because notification messages indicate error conditions causing session termination. They contain error codes and subcodes explaining why the session is closing but don’t carry routing information.

Question 34

What is the default BGP administrative distance for eBGP-learned routes?

1. A) 20
2. B) 110
3. C) 200
4. D) 255

Answer: A

Explanation:

The correct answer is option A. eBGP-learned routes have an administrative distance of 20, making them highly preferred in the routing table. This low AD reflects the trust placed in routes learned from external BGP neighbors, ensuring they’re chosen over routes from most interior gateway protocols.

BGP uses three administrative distance values: 20 for eBGP routes (from external AS neighbors), 200 for iBGP routes (from internal AS neighbors), and 200 for local BGP routes (locally originated). The significant difference between eBGP (20) and iBGP (200) ADs ensures that routes learned from external peers are preferred over those learned from iBGP neighbors, which is important for proper route selection in transit networks. iBGP’s high AD of 200 makes it less preferred than IGP routes (OSPF=110, EIGRP=90), preventing iBGP from overriding more specific IGP routes within the AS. Understanding these AD values is essential for predicting routing behavior in networks running multiple protocols and for troubleshooting route selection issues.

Option B is incorrect because 110 is OSPF’s administrative distance, not BGP. While OSPF is commonly used alongside BGP in enterprise networks, they have different AD values.

Option C is incorrect because 200 is the administrative distance for iBGP routes and local BGP routes, not eBGP. This high value ensures iBGP doesn’t override IGP routes unnecessarily.

Option D is incorrect because 255 indicates an unreachable or untrusted route source. Routes with AD 255 are never installed in the routing table regardless of metric.

Question 35

An engineer configures BGP and wants to influence outbound traffic path selection within the autonomous system. Which BGP attribute should be modified?

1. A) LOCAL_PREF
2. B) AS_PATH
3. C) MED
4. D) WEIGHT

Answer: A

Explanation:

The correct answer is option A. LOCAL_PREF is a well-known discretionary BGP attribute used to influence outbound traffic path selection within an autonomous system. Higher LOCAL_PREF values indicate more preferred paths, and this attribute is shared among all iBGP routers within the AS.

LOCAL_PREF is evaluated early in BGP’s path selection algorithm (after weight and before AS_PATH length), making it powerful for traffic engineering. Setting higher LOCAL_PREF on routes received from preferred eBGP neighbors causes all routers in the AS to prefer those exit points for outbound traffic. This provides centralized control over outbound path selection across the entire AS. LOCAL_PREF is typically set using route-maps applied to eBGP neighbor sessions, based on criteria like destination prefix, AS_PATH, or community values. Default LOCAL_PREF is 100; administrators typically use values like 150 for preferred paths and 50 for backup paths. LOCAL_PREF is not advertised to eBGP neighbors—it affects only internal routing decisions.

Option B is incorrect because while AS_PATH can be manipulated (through prepending) to influence routing, it primarily affects inbound traffic from other autonomous systems, not outbound path selection within your AS.

Option C is incorrect because MED influences how neighboring autonomous systems send traffic into your AS (inbound traffic control), not how your AS selects outbound paths.

Option D is incorrect because WEIGHT is Cisco-proprietary, locally significant only to the router where it’s configured, and not shared with any BGP neighbors. While WEIGHT can influence local routing decisions, LOCAL_PREF provides AS-wide control.

Question 36

Which First Hop Redundancy Protocol uses virtual MAC addresses in the format 0000.0C07.ACxx, where xx represents the group number?

1. A) HSRP version 1
2. B) VRRP
3. C) GLBP
4. D) HSRP version 2

Answer: A

Explanation:

The correct answer is option A. HSRP (Hot Standby Router Protocol) version 1 uses virtual MAC addresses in the format 0000.0C07.ACxx, where xx is the hexadecimal representation of the HSRP group number (0-255). This proprietary Cisco virtual MAC address identifies the active gateway for redundancy.

HSRP provides first-hop redundancy by creating a virtual router with virtual IP and MAC addresses. Multiple physical routers share the virtual IP, but only the active router responds to traffic sent to the virtual MAC address. The standby router monitors the active router through hellos and assumes the active role if failure is detected. HSRP version 1 supports 255 groups and uses multicast address 224.0.0.2 for hellos. The consistent virtual MAC format allows switches to maintain MAC address tables during failovers while endpoints see no changes. Understanding HSRP MAC addressing is crucial for troubleshooting failover issues and analyzing layer-2 forwarding behavior during redundancy events.

Option B is incorrect because VRRP uses virtual MAC addresses in the format 0000.5E00.01xx, where xx represents the VRRP group number. VRRP is standards-based (RFC 3768), not Cisco-proprietary.

Option C is incorrect because GLBP uses virtual MAC addresses in the format 0007.B400.xxyy, where xx represents the GLBP group and yy represents the virtual forwarder number. GLBP provides load balancing across multiple routers.

Option D is incorrect because HSRP version 2 uses virtual MAC addresses in the format 0000.0C9F.Fxxx, where xxx represents the group number. Version 2 supports more groups and improved features compared to version 1.

Question 37

In HSRP, which role does a router have when it is actively forwarding traffic for the virtual IP address?

1. A) Active
2. B) Standby
3. C) Listen
4. D) Primary

Answer: A

Explanation:

The correct answer is option A. The active router in HSRP is responsible for forwarding traffic sent to the virtual IP address. This router responds to ARP requests for the virtual IP with the virtual MAC address and actively routes packets for hosts using the virtual gateway.

HSRP routers exist in several states: active (forwarding traffic), standby (ready to take over), and listen (monitoring but not participating as active or standby). The active router is elected based on highest priority (default 100), with highest IP address as tiebreaker. The active router sends periodic hello messages (default every 3 seconds) to inform other routers of its status. If the standby router doesn’t receive hellos within the holdtime (default 10 seconds), it assumes active role, providing failover. Preemption can be configured to allow higher-priority routers to reclaim the active role. Understanding HSRP roles is essential for designing redundant gateway architectures and troubleshooting failover behavior in enterprise networks.

Option B is incorrect because standby is the backup role. The standby router monitors the active router and assumes forwarding responsibilities if the active router fails, but doesn’t forward traffic during normal operation.

Option C is incorrect because listen state describes routers that monitor HSRP messages but are neither active nor standby. These routers are aware of the virtual IP but don’t participate in redundancy.

Option D is incorrect because “primary” is not an HSRP role or state. While primary/backup terminology is used in other contexts, HSRP specifically uses active/standby/listen terminology.

Question 38

What protocol does VRRP use for communication between routers, and what is its IP protocol number?

1. A) IP protocol 112
2. B) UDP port 3222
3. C) TCP port 2029
4. D) IP protocol 88

Answer: A

Explanation:

The correct answer is option A. VRRP uses IP protocol number 112 for communication between routers. Unlike HSRP which uses UDP, VRRP operates directly over IP, making it more efficient by eliminating UDP overhead.

VRRP (Virtual Router Redundancy Protocol) is an open standard (RFC 5798) providing first-hop redundancy similar to HSRP but with protocol-level differences. VRRP routers communicate using multicast address 224.0.0.18, sending advertisements at one-second intervals by default. The master router (equivalent to HSRP active) owns the virtual IP and responds to traffic. Backup routers (equivalent to HSRP standby/listen) monitor the master through advertisements. VRRP uses IP protocol 112 exclusively for its operation, which switch and firewall ACLs must permit. Understanding VRRP’s protocol characteristics is important for configuring network infrastructure to support redundancy protocols and for troubleshooting adjacency formation issues in security-hardened environments.

Option B is incorrect because UDP port 3222 is not used by VRRP. While some routing protocols use UDP, VRRP operates directly at the IP layer without UDP encapsulation.

Option C is incorrect because TCP port 2029 is not associated with VRRP. VRRP doesn’t use TCP for its control plane communications—it uses raw IP protocol 112.

Option D is incorrect because IP protocol 88 is EIGRP, not VRRP. EIGRP is a routing protocol using IP protocol 88, while VRRP uses IP protocol 112 for redundancy communications.

Question 39

An organization needs to implement a solution that provides centralized authentication, authorization, and accounting for network device access. Which protocol should be used?

1. A) SNMP
2. B) Syslog
3. C) TACACS+
4. D) NTP

Answer: C

Explanation:

TACACS+ (Terminal Access Controller Access-Control System Plus) is the Cisco protocol designed specifically to provide centralized authentication, authorization, and accounting services for network device access. This protocol separates the AAA functions into distinct processes, offering granular control over administrative access to network infrastructure.

TACACS+ operates by intercepting access requests to network devices and forwarding them to a centralized TACACS+ server for processing. When an administrator attempts to access a router or switch, the device contacts the TACACS+ server to verify credentials, determine what commands the user is authorized to execute, and log all activities for auditing purposes. This centralized approach eliminates the need to maintain local user accounts on each network device and ensures consistent access policies across the infrastructure.

The protocol provides several advantages including full encryption of all communication between the network device and the server, ensuring that credentials and authorization information cannot be intercepted. TACACS+ supports granular command authorization, allowing administrators to define precisely which commands each user or group can execute on network devices. The accounting function creates detailed logs of all user activities, providing an audit trail for compliance and troubleshooting.

SNMP is used for network monitoring and management but not for device access control. Syslog provides centralized logging of device messages but doesn’t handle authentication or authorization. NTP synchronizes time across network devices but has no role in access control or security.

TACACS+ is particularly valuable in enterprise environments where multiple administrators require different levels of access to network devices. By centralizing authentication and authorization, organizations can quickly modify user permissions, disable accounts, and maintain comprehensive records of who accessed which devices and what commands were executed. The protocol’s separation of authentication, authorization, and accounting functions provides flexibility in designing security policies.

Question 40

A network engineer needs to configure a switch port to automatically detect and configure the appropriate VLAN for an IP phone while placing the connected PC on a different VLAN. Which feature should be used?

1. A) DTP
2. B) Voice VLAN
3. C) Private VLAN
4. D) VTP

Answer: B

Explanation:

Voice VLAN is the feature specifically designed to allow a switch port to automatically detect IP phones and place their traffic on a dedicated voice VLAN while keeping data traffic from connected PCs on a separate data VLAN. This configuration enables a single physical port to support both voice and data devices on different VLANs simultaneously.

When Voice VLAN is configured on a switch port, the switch uses Cisco Discovery Protocol (CDP) to detect when an IP phone is connected. Once detected, the switch instructs the phone to tag its traffic with the voice VLAN ID using 802.1Q tagging. The phone then acts as a small switch, providing a pass-through connection for a PC while ensuring voice traffic receives appropriate QoS treatment by using the separate VLAN.

The Voice VLAN feature provides several benefits including simplified cabling by eliminating the need for separate network drops for phones and computers, improved quality of service by segregating voice traffic for priority treatment, and enhanced security by isolating voice and data traffic. The switch port operates in a special mode where it accepts both untagged frames from the PC on the access VLAN and tagged frames from the phone on the voice VLAN.

Dynamic Trunking Protocol (DTP) negotiates trunk links between switches but doesn’t handle voice and data separation. Private VLANs provide layer 2 isolation within a VLAN but don’t address voice-specific requirements. VLAN Trunking Protocol (VTP) manages VLAN database synchronization across switches but doesn’t configure individual port behavior.

The typical configuration involves assigning a data VLAN to the switch port using the switchport access vlan command and then adding the voice VLAN using the switchport voice vlan command. The switch automatically handles the necessary VLAN tagging and QoS configurations to ensure optimal voice quality while maintaining separate broadcast domains for voice and data traffic.

• < Cisco 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) Exam Dumps and Practice Test Questions Set 1 Q 1-20 
• Cisco 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) Exam Dumps and Practice Test Questions Set 3 Q 41-60  >