Download - Actule Test 642-892

Transcript
Page 1: Actule Test 642-892

Cisco 642-892

CISCO 642-892 Composite Exam

Practice TestVersion 2.2

Page 2: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 1

Which two statements are true about IBGP neighbor relationships? (Choose two.)

A. The BGP split-horizon rule specifies that routes learned via EBGP are never propagated to

other IBGP peers.

B. A full-mesh IBGP requires that neighbor relationships be established between all BGP enabled

routers in the autonomous system.

C. The BGP split horizon rule specifies that routes learned via IBGP are never propagated to other

IBGP peers.

D. An EGP or static routing is required between IBGP neighbors.

E. IBGP neighbors must be in different autonomous systems.

Answer: B,C

QUESTION NO: 2

Which three IP multicast group concepts are true? (Choose three.)

A. If a packet is sent to a multicast group address, all members of the multicast group will receive

it.

B. A router must be a member of a multicast group to send to the group.

C. If a packet is sent to a multicast group address, the multicast frame contains the source

multicast address.

D. A router must be a member of a multicast group to receive multicast data.

E. A router does not have to be a member of a multicast group to send to the group.

Answer: A,D,E

QUESTION NO: 3

Which two features or capabilities are valid options for both an Autonomous and a Lightweight

WLAN solution? (Choose two)

A. use of Cisco Secure Access Control Server (ACS) for security

B. Cisco IOS software for configuration

C. PoE capability

D. use of a Cisco Wireless Location Appliance for location tracking

E. Cisco Wireless Control System (WCS) for management

Answer: A,C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 2

Page 3: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

Cisco Aironet access points provide secure manageable, high-performance, and reliable

connectivity with exceptional range and performance. Lightweight access points operate in

conjunction with Cisco wireless LAN controllers and the Wireless Control System (WCS).

Standalone (autonomous) access points are managed by CiscoWorks Wireless LAN Solution

Engine (WLSE) or CiscoWorks WLSE Express

Cisco Aironet Access Points

When originally deployed, the Cisco Aironet 350 Series Access Point was selected as the

standard access point for both autonomous and lightweight solutions. The Cisco Aironet 350

Series was the most advanced, fully featured wireless access point available. It supported the

802.11b protocol standard (the most advanced at that time), which provides data rates of up to 11

Mbps. The Cisco Aironet 350 Series also supported inline Power over Ethernet (PoE), which

greatly simplifies installation and reduces costs by eliminating the need for separate, dedicated

power cabling to the main supply.

Cisco Secure Access Control Server ( ACS)

The Cisco Secure ACS is used as the standard AAA server for the global WLAN and for other

recently introduced services such as 802.1x-based port authentication for wired Ethernet ports in

public areas and Network Access Control (NAC), part of the Cisco Self-Defending Network

security strategy. Pairs of Cisco Secure ACSs were deployed at strategic locations worldwide.

The value of using a globally distributed AAA architecture instead of a single AAA server was

highlighted by the WLAN deployment. Because of the greater load that a WLAN creates for AAA,

due to authentications and reauthentications (as the client device roams from AP to AP), it was

important to ensure that all users did not have to rely upon a single, centralized server. This would

have introduced unacceptable delays for users in geographically remote areas. As such, at 13

different locations around the world, Cisco placed two ACS servers, in a load-balanced

configuration, that served as AAA servers for that local geographical region.

The ACS servers are fully integrated with the Cisco Active Directory domain structure, enabling a

single sign-on (SSO) capability. Effectively, AD user credentials are used not only for access to

their laptops and wired network but also to provide transparent authentication to the wireless

network. SSO has greatly reduced the client impact for users and has helped ensure a common,

user-friendly experience across platforms and transport media. Users need only remember their

normal ID and password for access to their laptop, the wired network, and the wireless network,

and they only have to enter their credentials once each session regardless of the transport

medium they are using.

Reference: http://www.wireless-center.net/Business-Wireless/Technology-Considerations.html

QUESTION NO: 4

Which statement is true concerning 6to4 tunneling?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 3

Page 4: Actule Test 642-892

Actu

alTe

sts.

com

A. IPv4 traffic is encapsulated with an IPv6 header.

B. The edge routers can use any locally configured IPv6 address.

C. An edge router must use IPv6 address of 2002::/16 in its prefix.

D. Hosts and routers inside a 6to4 site will need a special code.

Answer: C

Explanation:

A 6to4 tunnel is an automatic IPv6 tunnel where a 6to4 border router in an isolated IPv6 network

creates a tunnel to a 6to4 border router in another isolated IPv6 network over an IPv4

infrastructure. The tunnel destination is determined by the globally unique, 32-bit IPv4 address of

the remote 6to4 border router that is concatenated to the prefix 2002: :/ 16. 6to4 tunnels are

configured between 6to4 border routers or between 6to4 border routers and hosts.

A 6to4 relay service is a 6to4 border router that offers traffic forwarding to the IPv6 Internet for

remote 6to4 border routers. A 6to4 relay forwards packets that have a 2002: :/ 16 source prefix.

Reference: IPv6: Providing IPv6 Services over an IPv4 Backbone Using Tunnels

http://www.cisco.com/en/US/docs/ios/solutions_docs/ipv6/v6sertun.html

QUESTION NO: 5

Which two statements about WLAN components are true? (Choose two.)

A. In the lightweight access point solution, WLAN management is provided by the WLAN Solution

Engine (WLSE).

B. In the autonomous access point solution, control is provided by the WLAN controller.

C. Cisco Aironet lightweight access points cannot be supported by the Cisco Unified Wireless

Network.

D. In the autonomous access point solution, control is provided by the Wireless Domain Services

(WDS).

E. In the lightweight access point solution, WLAN management is provided by the WLAN Control

System (WCS).

F. Cisco Aironet autonomous access points cannot be supported by the Cisco Unified Wireless

Network.

Answer: D,E

Explanation:

Part 1 Answer:

There is a trend in the WLAN space toward centralized intelligence and control. In this new

architecture, aWLAN controller system is used to create and enforce policies across many

different lightweight access points.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 4

Page 5: Actule Test 642-892

Actu

alTe

sts.

com

As more vendors migrate to a hierarchical design, and as larger networks are built using

lightweight access points, there is a need for a standardized protocol that governs how lightweight

access points communicate with WLAN systems. This is the role of the Internet Engineering Task

Force's (IETF's) latest draft specification, Lightweight Access Point Protocol (LWAPP). With

LWAPP, large multivendor wireless networks can be deployed with maximum capabilities and

increased flexibility.

Part 2 Answer:

Q. Is Cisco SWAN WDS required for RF management when the Cisco SWAN autonomous access

point solution is used?

A. Yes. A WDS device is required for the Cisco SWAN autonomous access-point solution. For

deployments that use access-point-based WDS, at least one Cisco SWAN WDS access point per

subnet is required for RF management of that subnet. For deployments that use the switch-based

WDS on the Cisco Catalyst 6500 Series WLSM, up to 300 access points per device across

subnets can be supported by a single Cisco Catalyst 6500 Series WLSM.

References:

www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6306/prod_white_paper0900aecd802c18

ee_ns337_Networking_Solutions_White_Paper.html

www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/prod_qas0900aecd80278

d08.html

QUESTION NO: 6

Refer to the exhibit. Which statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 5

Page 6: Actule Test 642-892

Actu

alTe

sts.

com

A. IP traffic matching access list ABC is forwarded through VLANs 5-10.

B. All VLAN traffic matching VLAN list 5-10 will be forwarded, and all traffic matching access list

ABC is dropped.

C. All VLAN traffic in VLANs 5-10 that match access list ABC will be forwarded, and all else will be

dropped.

D. IP traffic matching VLAN list 5-10 will be forwarded, and all other traffic will be dropped.

Answer: C

Explanation:

VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN

maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or

are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router

ACLs, VLAN maps are not defined by direction (input or output).

To create a VLAN map and apply it to one or more VLANs, perform these steps: Create the

standard or extended IP ACLs or named MAC extended ACLs to be applied to the VLAN. This

access-list will select the traffic that will be either forwarded or dropped by the access-map. Only

traffic matching the 'permit' condition in an access-list will be passed to the access-map for further

processing. Enter the vlan access-map access-map-name [ sequence ] global configuration

command to create a VLAN ACL map entry. Each access-map can have multiple entries. The

order of these entries is determined by the sequence . If no sequence number is entered, access-

map entries are added with sequence numbers in increments of 10. In access map configuration

mode, optionally enter an action forward or action drop . The default is to forward traffic. Also enter

the match command to specify an IP packet or a non-IP packet (with only a known MAC address),

and to match the packet against one or more ACLs (standard or extended). Use the vlan filter

access-map-name vlan-list vlan-list global configuration command to apply a VLAN map to one

or more VLANs. A single access-map can be used on multiple VLANs.

QUESTION NO: 7

Refer to the exhibit. On the basis of the information provided in the exhibit, which two sets of

procedures are best practices for Layer 2 and 3 failover alignment? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 6

Page 7: Actule Test 642-892

Actu

alTe

sts.

com

A. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11

and 110. Configure the D-SW2 switch as the active HSRP router and the backup STP root for

VLANs 12 and 120.

B. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs.

Configure the D-SW1 switch as the standby HSRP router and backup STP root for all VLANs.

C. Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs

12 and 120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root

for VLANs 11 and 110.

D. Configure the D-SW1 switch as the standby HSRP router and the STP root for VLANs 11 and

110. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and

120.

E. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs.

Configure the D-SW2 switch as the standby HSRP router and backup STP root for all VLANs.

F. Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and

110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and

120.

Answer: C,F

Explanation:

Basically, each of the routers that provides redundancy for a given gateway address is assigned to

a common HSRP group. One router is elected as the primary, or active, HSRP router, another is

elected as the standby HSRP router, and all the others remain in the listen HSRP state. The

routers exchange HSRP hello messages at regular intervals, so they can remain aware of each

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 7

Page 8: Actule Test 642-892

Actu

alTe

sts.

com

other's existence, as well as that of the active router.

HSRP election is based on a priority value (0 to 255) that is configured on each router in the

group. By default, the priority is 100. The router with the highest priority value (255 is highest)

becomes the active router for the group. If all router priorities are equal or set to the default value,

the router with the highest IP address on the HSRP interface becomes the active router. To set the

priority, use the following interface configuration command:

Switch( config-if)# standby group priority priority

When HSRP is configured on an interface, the router progresses through a series of states before

becoming active. This forces a router to listen for others in a group and see where it fits into the

pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,

Active.

You can configure a router to preempt or immediately take over the active role if its priority is the

highest at any time. Use the following interface configuration command to allow preemption:

Switch( config-if)# standby group preempt [delay seconds]

QUESTION NO: 8

A router is running BGP and receives more than one route for a particular prefix. Assume all the

routes for this prefix have the same attributes. Which three path features would be reasons be for

the router to ignore some of the routes and not consider them as candidates for the best path?

(Choose three.)

A. paths for which the NEXT_HOP is inaccessible

B. paths that are marked as not synchronized in the show ip bgp output

C. paths for which the NEXT_HOP is accessible

D. paths from an internal BGP (iBGP) neighbor if the local autonomous system (AS) appears in

the AS_PATH

E. paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in

the AS_PATH

F. paths that are marked as synchronized in the show ip bgp output

Answer: A,B,E

QUESTION NO: 9 DRAG DROP

Drop

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 8

Page 9: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

QUESTION NO: 10

What are the two reasons for the appearance of 0.0.0.0 as the next hop for a network in the show

ip bgp command output? (Choose two.)

A. The network was learned via EBGP.

B. The network was learned via IBGP.

C. The network was originated via a network or aggregate command.

D. The network was originated via redistribution of an interior gateway protocol into BGP.

E. The network was defined by a static route.

Answer: C,D

QUESTION NO: 11

A Cisco Aironet Wireless LAN Adapter CB21AG is inserted into a PC cardbus slot. Both the green

status LED and the amber activity LED are blinking slowly. What is the condition of the adapter?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 9

Page 10: Actule Test 642-892

Actu

alTe

sts.

com

A. The adapter is not receiving power.

B. The adapter is in power save mode.

C. The adapter is scanning for the wireless network for which it is configured.

D. The adapter is transmitting or receiving data while associated to an access point or another

client.

E. The adapter is associated to an access point or another client.

Answer: E

Explanation:

The client adapter shows messages through its two LEDs.

Reference:

http://www.cisco.com/en/US/products/hw/wireless/ps4555/products_installation_and_configuration

_guide_chapter09186a00801f0d77.html

QUESTION NO: 12

Refer to the exhibit. On the basis of the information displayed in the exhibit, which statement is

true?

A. Wireless clients will first attempt to authenticate with MAC authentication and if this fails, EAP

authentication will be attempted.

B. Wireless clients will attempt EAP authentication first, then MAC authentication.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 10

Page 11: Actule Test 642-892

Actu

alTe

sts.

com

C. Wireless clients will first attempt to authenticate with MAC authentication and if this succeeds,

EAP authentication will then be performed.

D. Wireless clients will be successfully authenticated only if both their MAC address and EAP key

match.

E. Wireless clients will be successfully authenticated only if their WEP key is configured as

"adam".

Answer: A

Explanation:

The following example sets the authentication type for the SSID batman to open with a

combination of MAC-address and EAP authentication. Client devices using the batman SSID first

attempt MAC-address authentication using a server named adam . If MAC authentication

succeeds, they join the network, but if it fails, they attempt EAP authentication using the same

server.

ap1100# configure terminal

ap1100( config)# configure interface dot11radio 0

ap1100( config-if)# ssid batman

ap1100( config-ssid)# authentication open mac adam alternate eap adam

ap1100( config-ssid)# end

Reference: Configuring Authentication Types

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/ap11icg/ivicgaut.htm

QUESTION NO: 13

Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and

configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled

during the installation and the icon appears in the system tray area in the lower right of the

desktop. What is the significance of the icon?

A. It indicates that the radio of the client adapter is disabled.

B. It indicates that the client adapter is associated to an access point or another client, but the user

is not EAP authenticated.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 11

Page 12: Actule Test 642-892

Actu

alTe

sts.

com

C. It indicates that the client adapter is associated to an access point or another client, that the

user is authenticated if the client adapter is configured for EAP authentication, and that the signal

strength is poor.

D. It indicates that the client adapter is associated to an access point or another client, that the

user is authenticated if the client adapter is configured for EAP authentication, and that the signal

strength is fair.

E. It indicates that the client adapter is associated to an access point or another client, that the

user is authenticated if the client adapter is configured for EAP authentication, and that the signal

strength is excellent or good.

F. It indicates that the client adapter is not associated to an access point or another client.

Answer: C

Explanation:

he appearance of the ASTU icon indicates the connection status of your client adapter. ASTU

reads the client adapter status and updates the icon every 1 to 5 seconds, depending on the value

entered for the Refresh Interval on the Display Settings window.

QUESTION NO: 14

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 12

Page 13: Actule Test 642-892

Actu

alTe

sts.

com

Which command lists the system IDs of all known IS-IS routers?

A. show is-is neighbors detail

B. showisis topology

C. showisis database

D. show clns neighbors

E. show clns neighbors detail

Answer: D

Explanation:

The command " show CLNS neighbors" database gives you information about the known system

ID's, while the "show isis database" shows LSP ID information. Here is a sample output from a

router's IS-IS link-state database:

Example:

QUESTION NO: 15

Above is the output from show ip bgp neighbors command. What is line 21 stating about the BGP

connection?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 13

Page 14: Actule Test 642-892

Actu

alTe

sts.

com

A. the number of consecutive TCP connections to the specified remote neighbor

B. the number of neighbors that the router has

C. the number of times the router has established a TCP connection

D. the number of total TCP connections that the router has

Answer: C

QUESTION NO: 16

Refer to the exhibit. Which statement is true about where trust boundaries should be established

in a network?

Exhibit: 55-1.gif

A. Endpoints 1 and 2 are optimal places to establish a trust boundary. Endpoint 3 is an acceptable

place to establish a trust boundary.

B. Endpoint 1 is the only acceptable place to establish a trust boundary.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 14

Page 15: Actule Test 642-892

Actu

alTe

sts.

com

C. Endpoint 2 is the optimal place to establish a trust boundary. Endpoints 1 and 3 are acceptable

places to establish a trust boundary.

D. Endpoints 2 and 3 are optimal places to establish a trust boundary. Endpoint 1 is an acceptable

place to establish a trust boundary.

E. Endpoint 1 is the optimal place to establish a trust boundary. Endpoints 2 and 3 are acceptable

places to establish a trust boundary.

F. Endpoint 2 is the only acceptable place to establish a trust boundary.

Answer: E

Explanation:

Trust Boundaries:

When connected by a single cable, the IP phone is the edge of the managed network. An integral

part of the Cisco network design architecture has always been the classification, or coloring, of

traffic as close to the edge of the network as possible. As such, the IP phone can and should

classify traffic flows.

Try to maintain the trust boundary in the wiring closet. If necessary, move it down to the

distribution layer on a case-by-case basis, but avoid moving it to the core of the network. This

advice conforms to the general guidelines for keeping the trust boundary as close to the source as

possible.

By default, Cisco IP phones mark all VoIP traffic with CoS =5 and DSCP=46. However, it is critical

to make sure that the PC connected to the access port of the IP phone is not also classifying

traffic. The recommended method for ensuring this is to extend the trust boundary of the Ethernet

switch to the IP phone and not beyond, meaning the IP phone will re-classify all traffic coming from

the PC with CoS=0.

References:

www.cisco.com/en/US/products/sw/cscowork/ps2064/products_user_guide_chapter09186a00800

7ff73.html

www.cisco.com/en/US/products/hw/video/ps1870/products_implementation_design_guide_chapte

r09186a00808f10a7.html

QUESTION NO: 17

Refer to the exhibit. What statement is true about the configuration on switch CAT1?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 15

Page 16: Actule Test 642-892

Actu

alTe

sts.

com

A. Two IP phones with the MAC addresses of 0008.8595.d1a7 and 0007.8595.d2b7 are

connected to CAT1 ports Fa0/11 and Fa0/12, respectively.

B. The configuration establishes policed DSCP on ports Fa0/11 and Fa0/12 with values ranging

from 8 to 56.

C. Security violation shutdown mode has been activated for ports Fa0/11 and Fa0/12.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 16

Page 17: Actule Test 642-892

Actu

alTe

sts.

com

D. The configuration overrides 802.1p priorities on packets entering ports Fa0/11 and Fa0/12 with

a value of 48.

E. The configuration overrides the Quality of Service value in packets entering ports Fa0/11 and

Fa0/12 with a value of 45.

F. Untagged Port VLAN ID (PVID) frames will carry voice traffic on VLAN 40.

Answer: A

Explanation:

Port security is a feature supported on Cisco Catalyst switches that restricts a switch port to a

specific set or number of MAC addresses. Those addresses can be learned dynamically or

configured statically. The port will then provide access to frames from only those addresses. If,

however, the number of addresses is limited to four but no specific MAC addresses are

configured, the port will allow any four MAC addresses to be learned dynamically, and port access

will be limited to those four dynamically learned addresses.

Port Security Implementation:

QUESTION NO: 18

Refer to the exhibit.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 17

Page 18: Actule Test 642-892

Actu

alTe

sts.

com

Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via internal

BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network

131.25.0.0/16.

A. It advertises the best MED.

B. It advertises the best AS-path.

C. It has a better router ID.

D. It advertises the best local preference.

E. It advertises a lower autonomous system.

F. It advertises the best origin code.

Answer: C

Explanation:

After BGP receives updates about different destinations from different autonomous systems, it

chooses the best path to reach a specific destination.

The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the

route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router

only.) If multiple routes have the same weight, prefer the route with the highest local preference

value. (The local preference is used within an autonomous system.) If multiple routes have the

same local preference, prefer the route that the local router originated. A locally originated route

has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the

route with the shortest autonomous system path. If the autonomous system path length is the

same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same,

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 18

Page 19: Actule Test 642-892

Actu

alTe

sts.

com

prefer the path with the lowest MED. (The MED is exchanged between autonomous systems.) The

MED comparison is made only if the neighboring autonomous system is the same for all routes

considered, unless the bgp always-compare-med command is enabled If the routes have the

same MED, prefer external paths to internal paths. If synchronization is disabled and only internal

paths remain, prefer the path through the closest IGP neighbor, which means that the router

prefers the shortest internal path within the autonomous system to reach the destination (the

shortest path to the BGP next hop). For EBGP paths, select the oldest route to minimize the effect

of routes going up and down (flapping). Prefer the route with the lowest neighbor BGP router ID

value. If the BGP router IDs are the same, prefer the router with the lowest neighbor IP address.

.

QUESTION NO: 19

Which three statements are true about IP multicast configuration? (Choose three.)

A. PIM sparse mode and PIM dense mode require an RP on the network.

B. PIM sparse mode and PIM sparse-dense mode require an RP on the network.

C. PIM dense mode interfaces are always added to the multicast routing table in a router.

D. PIM sparse mode interfaces are always added to the multicast routing table in a router.

E. PIM sparse-dense mode and PIM dense mode require an RP on the network.

F. PIM sparse-dense mode acts as PIM dense mode if an RP is not known.

Answer: B,C,F

Explanation:

Sparse-mode routing protocols require the use of an Rendezvous Point (RP) and use shared trees

. In a shared tree, sources forward multicast datagrams to a directly connected router, the

designated router. The designated router encapsulates the datagram and unicasts it to an

assigned RP router, which then forwards the datagram to members of multicast groups. In PIM

sparse-dense mode, if an RP is not known for a group, the router sends data using PIM dense

mode. However, if the router discovers an RP or you configure an RP statically, PIM sparse mode

takes over.

QUESTION NO: 20

What is the difference between the IPv6 addresses ::/0 and ::/128?

A. ::/0 is the default route, and ::/128 is the unspecified address.

B. ::/0 is the unicast address, and ::/128 is the anycast address.

C. ::/0 is the unicast address, and ::/128 is the multicast address.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 19

Page 20: Actule Test 642-892

Actu

alTe

sts.

com

D. ::/0 is the unspecified address, and ::/128 is the multicast address.

E. ::/0 is the anycast address, and ::/128 is the multicast address.

F. ::/0 is the anycast address, and ::/128 is the default address.

Answer: A

Explanation:

: :/ 128 is the unspecified address (RFC4291).

: :/ 0 is the default unicast route address.

Reference: Special-Use IPv6 Addresses - draft-ietf-v6ops-rfc3330-for-ipv6-04.txt

http://tools.ietf.org/html/draft-ietf-v6ops-rfc3330-for-ipv6-04

QUESTION NO: 21

Which three are benefits of IS-IS over OSPF? (Choose three.)

A. requires fewer neighbor relationships in a broadcast multiaccess network

B. supports network layer protocols other than IP

C. supports route tags

D. supports more routers in an area

E. does not require Hello packets to establish neighbor relationships

F. produces fewer link state advertisements for a given network

Answer: B,D,F

Explanation:

IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS

distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is

used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS.

Differences between IS-IS and OSPF.

Although IS-IS and OSPF share many common features, they do have quite a few differences:

* Whereas OSPF routers can be part of multiple areas, an IS-IS router belongs to only one area

per routing process.

* In OSPF, the boundaries of areas are set in the router. The boundaries of areas are on the

network connections between routers for IS-IS, reiterating that each router is in only one area per

routing process.

* IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of

using IP packets, like OSPF does.

* IS-IS allows for the preempting of DRs, where OSPF does not.

* OSPF DROthers do not form adjacencies with other DROthers on broadcast multi-access

networks, while in the same environment, all IS-IS intermediate systems form adjacencies with

one another.

* The backbone of an IS-IS network is designated by the type of routers in it instead of being

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 20

Page 21: Actule Test 642-892

Actu

alTe

sts.

com

designated by an area number (0, in the case of OSPF).

QUESTION NO: 22

Which statement describes the difference between a manually configured IPv6 in IPv4 tunnel

versus an automatic 6to4 tunnel?

A. An automatic 6to4 tunnel allows multiple IPv4 destinations.

B. A manually configured IPv6 in IPv4 tunnel does not require dual-stack (IPv4 and IPv6) routers

at the tunnel endpoints.

C. An automatic 6to4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel

endpoints.

D. A manually configured IPv6 in IPv4 tunnel allows multiple IPv4 destinations.

Answer: A

QUESTION NO: 23

Based on the exhibited output, which three statements are true? (Choose three.)

A. The route to 10.2.0.0/16 was redistributed into EIGRP.

B. A default route has been redistributed into the EIGRP autonomous system.

C. R1 is configured with the ip summary-address command.

D. R1 is sourcing an external EIGRP route from Null0.

E. The router at 10.1.1.2 is configured with the ip default-network 0.0.0.0 command.

F. R1 is configured with the variance command.

Answer: B,C,F

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 21

Page 22: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 24

Refer to the exhibit. Routers R1 and R2 are IPv6 BGP peers that have been configured to support

a neighbor relationship over an IPv4 internetwork. Which three neighbor IP addresses are valid

choices to use in the highlighted section of the exhibit? (Choose three.)

A. ::10.67.0.2

B. 0A43:0002::

C. 10.67.0.2::

D. 10.67.0.2:0:0:0:0:0:0

E. ::0A43:0002

F. 0:0:0:0:0:0:10.67.0.2

Answer: A,E,F

QUESTION NO: 25

A router has two paths to reach another network in a different autonomous system. Neither route

was generated by the local router and both routes have the same default weight and local

preference values. Which statement is true about how BGP would select the best path?

A. The router will prefer the shortest autonomous system path.

B. The router will prefer the route with the lower MED.

C. To influence one route to bepreferred, its default local preference value will be changed via the

use of the command bgp default local-preference 50.

D. If the command bgp always-compare-med has been given, then the router will prefer the route

with the highest MED.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 22

Page 23: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A

Explanation:

The shortest AS path is the fourth item checked by BGP routers, while the MED values are one of

the last items looked at by BGP routers. The following is a partial list of rules used by BGP to

determine the best path. Prefer the path with the highest WEIGHT.

Note: WEIGHT is a Cisco-specific parameter, local to the router on which it's configured. Prefer

the path with the highest LOCAL_PREF. Prefer the path that was locally originated via a network

or aggregate BGP subcommand, or through redistribution from an IGP. Local paths sourced by

network or redistribute commands are preferred over local aggregates sourced by the aggregate-

address command. Prefer the path with the shortest AS_PATH. Note the following: Prefer the path

with the lowest origin type: IGP is lower than EGP, and EGP is lower than INCOMPLETE. Prefer

the path with the lowest multi-exit discriminator (MED).

Reference:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

QUESTION NO: 26

Which two multicast protocol statements are true? (Choose two.)

A. Sparse mode uses reverse path forwarding (RPF) to prune off redundant flows.

B. Dense mode multicast requires explicit join messages from their members.

C. The primary use of sparse mode multicast is for test labs and router performance testing.

D. Dense mode multicast uses a push model to flood traffic throughout the network and then

prunes the unwanted traffic.

E. Sparse mode multicast uses a pull model to send multicast traffic to where it is requested.

Answer: D,E

QUESTION NO: 27

Identify three characteristics of EIGRP feasible successors? (Choose three.)

A. A feasible successor is selected by comparing the advertised distance of a non-successor route

to the feasible distance of the best route.

B. If the advertised distance of the non-successor route is less than the feasible distance of best

route, then that route is identified as a feasible successor.

C. The feasible successor can be found in the routing table.

D. If the successor becomes unavailable, then the feasible successor can be used immediately

without recalculating for a lost route.

E. Traffic will be load balanced between feasible successors with the same advertised distance.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 23

Page 24: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,B,D

Explanation:

Once a neighbor relationship has been formed, called an Adjacency , the routers exchange routing

update information and each router builds its own topology table. The Updates contain all the

routes known by the sender. For each route, the receiving router calculates a distance for that

route based on the distance that is conveyed and the cost to that neighbor that advertised the

particular route. If the receiving router sees several routes to a particular network with different

metrics, then the route with the lowest metric becomes the Feasible Distance (FD) to that network.

The Feasible Distance is the metric of a network advertised by the connected neighbor plus the

cost of reaching that neighbor . This path with the best metric is entered into the routing table

because this is the quickest way to get to that network.

With the other possible routes to a particular network with larger metrics, the receiving router also

receives the Reported Distance (RD) to this network via other routers. The Reported Distance

being the total metric along a path to a destination network as advertised by an upstream

neighbor. The Reported Distance for a particular route is compared with the Feasible Distance that

it already has for that route. If the Reported Distance is larger than the Feasible Distance then this

route is not entered into the Topology Table as a Feasible Successor. This prevents loops from

occurring. If the Reported Distance is smaller than the Feasible Distance, then this path is

considered to be a Feasible Successor and is entered into the Topology table. The Successor for

a particular route is the neighbor/peer with the lowest metric/distance to that network.

If the receiving router has a Feasible Distance to a particular network and it receives an update

from a neighbor with a lower advertised distance (Reported Distance) to that network, then there is

a Feasibility Condition . In this instance, the neighbor becomes a Feasible Successor for that route

because it is one hop closer to the destination network. There may be a number of Feasible

Successors in a meshed network environment, up to 6 of them are entered into the Topology table

thereby giving a number of next hop choices for the local router should the neighbor with the

lowest metric fail. What you should note here, is that the metric for a neighbor to reach a particular

network (i.e. the Reported Distance) must always be less than the metric (Feasible Distance) for

the local router to reach that same network. This way routing loops are avoided. This is why routes

that have Reported Distances larger than the Feasible Distance are not entered into the Topology

table, so that they can never be considered as successors, since the route is likely to loop back

through that local router.

QUESTION NO: 28

Refer to the exhibit. Which configuration is reflected in the output that is displayed in the exhibit?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 24

Page 25: Actule Test 642-892

Actu

alTe

sts.

com

A. neighbor 192.168.28.1 route-map cisco in

!

access-list 66 permit 10.30.0.0 0.0.255.255

!

route-map cisco permit 10

match ip address 66

set local-preference 90

B. neighbor 192.168.28.1 route-map cisco in

!

access-list 66 permit 10.0.0.0 0.0.0.255

!

route-map cisco permit 10

match ip address 66

set local-preference 90

C. neighbor 192.168.28.1 route-map cisco out

!

access-list 66 permit 10.30.0.0 0.0.255.255

!

route-map cisco permit 10

match ip address 66

set metric 90

D. neighbor 192.168.28.1 route-map cisco out

!

access-list 66 permit 10.0.0.0 0.0.0.255

!

route-map cisco permit 10

match ip address 66

set metric 90

Answer: A

Explanation:

In this example, the route map must be applied to incoming updated from the 192.168.28.1 peer

since we are looking at the local BGP information that has been received by the peers. Also, as

shown, the 10.30.0.0/16 route has had its local preference modified to 90 from the default value of

100.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 25

Page 26: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 29

Which statement is true about IP telephony calls?

A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP

header, and Layer 2 link header.

B. The sum of bandwidth necessary for each major application, including voice, video, and data,

should not exceed 75 percent of the total available bandwidth for each link.

C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual

voice samples.

D. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints.

Answer: B

Explanation:

Voice over Internet Protocol (VOIP) is probably the most feasible among today's technologies for

data, voice and video integration. VOIP is the technology that uses Internet Protocol to transmit

voice conversations over a data network such as an intranet or the Internet.

The multisite IP WAN with distributed call processing has the following design characteristics:

* Cisco CallManager or Cisco CallManager cluster at each location (10,000 users maximum per

site)

* Cisco CallManager clusters are confined to a single campus and may not span the WAN

* IP WAN as the primary voice path between sites, with the PSTN as the secondary voice path

* Transparent use of the PSTN if the IP WAN is unavailable

* Cisco IOS gatekeeper for E.164 address resolution

* Cisco IOS gatekeeper for admission control to the IP WAN

* Maximum of 100 sites interconnected across the IP WAN using hub and spoke topologies

* Compressed voice calls supported across the IP WAN

* Single WAN codec supported

* DSP resources for conferencing and WAN transcoding at each site

* Voice mail and unified messaging components at each site

* Minimum bandwidth requirement for voice and data traffic is 56 kbps. For voice, interactive

video, and data, the minimum requirement is 768 kbps. In each case, the bandwidth allocated to

voice, video, and data should not exceed 75% of the total capacity

* Remote sites can use Cisco IOS as well as gateways based on the Skinny Gateway Protocol

QUESTION NO: 30

Refer to the exhibit. Router RTA is the hub router for routers RTB and RTC. The Frame Relay

network is configured with EIGRP, and the entire network is in autonomous system 1. However,

router RTB and RTC are not receiving each other's routes. What is the solution?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 26

Page 27: Actule Test 642-892

Actu

alTe

sts.

com

A. Configure the auto summary command under router eigrp 1 on router RTA.

B. Issue the no ip split horizon command on router RTA.

C. Issue the no ip split horizon eigrp 1 command on router RTA.

D. Configure a distribute list on router RTA that allows it to advertise all routes to the spoke

routers.

E. Configure subinterfaces on the spoke routers and assign different IP address subnets for each

subinterface.

F. Check and change the access lists on router RTA.

Answer: C

Explanation:

Split horizon controls the sending of EIGRP update and query packets. When split horizon is

enabled on an interface, these packets are not sent for destinations for which this interface is the

next hop. This reduces the possibility of routing loops.

By default, split horizon is enabled on all interfaces.

Split horizon blocks route information from being advertised by a router out of any interface from

which that information originated. This behavior usually optimizes communications among multiple

routing devices, particularly when links are broken. However, with nonbroadcast networks (such

as Frame Relay and SMDS) , situations can arise for which this behavior is less than ideal. For

these situations, you may want to disable split horizon. In this example, routes received by RTB

and RTC are not being sent back out the same serial interface on RTA, so they are not receiving

each other's routes. Disabling Split horizons on interface S0/0 on RTA will fix this issue.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 27

Page 28: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 31

Refer to the exhibit and the partial configuration on routers R1 and R2. Hot Standby Routing

Protocol (HSRP) is configured on the network to provide network redundancy for the IP traffic. The

network administrator noticed that R2 does not became active when the R1 serial0 interface goes

down. What should be changed in the configuration to fix the problem?

A. R2 should be configured with a HSRP virtual address.

B. R2 should be configured with a standby priority of 100.

C. The Serial0 interface on router R2 should be configured with a decrement value of 20.

D. The Serial0 interface on router R1 should be configured with a decrement value of 20.

Answer: D

Explanation:

You can configure a router to preempt or immediately take over the active role if its priority is the

highest at any time. Use the following interface configuration command to allow preemption:

Switch( config-if)# standby group preempt [delay seconds]

By default, the router can preempt another immediately, without delay. You can use the delay

keyword to force it to wait for seconds before becoming active. This is usually done if there are

routing protocols that need time to converge.

QUESTION NO: 32

Which two statements are true about using IPv4 and IPv6 simultaneously on a network segment?

(Choose two.)

A. IPv4 and IPv6 addresses can be simultaneously assigned to a host but not to a router interface.

B. IPv6 allows a host to create its own IPv6 address that will allow it to communicate to other

devices on a network configured via DHCP. IPv4 does not provide a similar capability for hosts.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 28

Page 29: Actule Test 642-892

Actu

alTe

sts.

com

C. Hosts can be configured to receive both IPv4 and IPv6 addresses via DHCP.

D. IPv6 provides for more host IP addresses but IPv4 provides for more network addresses.

E. Host configuration options for IPv4 can be either statically assigned or assigned via DHCP.

Host configuration options for IPv6 can be statically assigned only.

Answer: B,C

Explanation:

The original specification of the Dynamic Host Configuration Protocol (DHCP) was made with only

IPv4 in minD. That specification has been subsequently revised, up to the latest version of DHCP.

With the arrival of IPv6, a new DHCP specification for IPv6 has been designed and published as

DHCPv6.

These protocols allow nodes to communicate via IPv4 or IPv6 (respectively) to retrieve

configuration settings for operation in a managed environment. While an IPv6 node may acquire

address-related configuration settings via IPv6 stateless address autoconfiguration, such a node

may wish to use stateless DHCPv6 [5] for other administratively configured options, such as DNS

or NTP.

Reference: RFC 4477: Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack

Issues

http://www.ietf.org/rfc/rfc4477.txt

QUESTION NO: 33

Which two reductions are the correct reductions of the IPv6 address

2001:0d02:0000:0000:0014:0000:0000:0095? (Choose two.)

A. 2001:0d02:::0014:0:0:0095

B. 2001:d02:0:0:14::95

C. 2001:0d02:::0014:::0095

D. FF::0014:0:0:0095

E. 2001:d02::14:0:0:95

F. 2001:d02::14::95

Answer: B,E

QUESTION NO: 34

Refer to the exhibit. Which router configuration command can be given that will restrict router RTB

from sharing its routing information with router RTA?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 29

Page 30: Actule Test 642-892

Actu

alTe

sts.

comA. the eigrp stub command on router RTB

B. the eigrp stub receive-only command on router RTA

C. the eigrp stub command on router RTA

D. the eigrp stub receive-only command on router RTB

E. the eigrp stub connected command on router RTB

F. the eigrp stub connected command on router RTA

Answer: D

Explanation:

A router that is configured as a stub with the eigrp stub command shares connected and summary

routing information with all neighbor routers by default. Four optional keywords can be used with

the eigrp stub command to modify this behavior:

receive-only

connected

static

summary

The eigrp stub command can be modified with several options, and these options can be used in

any combination except for the receive-only keyword. The receive-only keyword will restrict the

router from sharing any of its routes with any other router in that EIGRP autonomous system, and

the receive-only keyword will not permit any other option to be specified because it prevents any

type of route from being sent. In this example, the "eigrp stub receive-only" command needs to be

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 30

Page 31: Actule Test 642-892

Actu

alTe

sts.

com

placed on router Hub to prevent it from sending any route information to Hub.

Reference:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a0080087

026.html

QUESTION NO: 35

In the hardware address 0000.0c07.ac0a what does 07.ac represent?

A. HSRP group number

B. HSRP well-known physical MAC address

C. vendor code

D. HSRP router number

E. HSRP well-known virtual MAC address

Answer: E

Explanation:

HSRP code (HSRP well-known virtual MAC address) - The fact that the MAC address is for an

HSRP virtual router is indicated in the next two bytes of the address. The HSRP code is always

07.aC. The HSRP protocol uses a virtual MAC address, which always contains the 07.ac

numerical value.

Reference: Building Cisco Multilayer Switched Networks (Cisco Press) page 268

QUESTION NO: 36

Which is the most effective technique to contain EIGRP queries?

A. using a hierarchical addressing scheme

B. configuring route filters

C. establishing separate autonomous systems

D. route summarization

Answer: D

Explanation:

EIGRP automatically summarizes routes at the classful boundary, the boundary where the

network address ends as defined by class-based addressing. In most cases, auto summarization

is a good thing, keeping the routing tables as compact as possible

In the presence of discontiguous subnetworks, automatic summarization must be disabled for

routing to work properly. To turn off auto-summarization, use the following command:

Router( config-router)# no auto-summary

EIGRP also enables manual configuration of a prefix to use as a summary address. Manual

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 31

Page 32: Actule Test 642-892

Actu

alTe

sts.

com

summary routes are configured on a per-interface basis. The interface that will propagate the route

summary must first be selected and then defined with the ip summary-address eigrp command,

which has the following syntax:

Router( config-if)#ip summary-address eigrp autonomous-system-number ip-address mask

administrative-distance

QUESTION NO: 37

Which two statements are true about trust boundaries? (Choose two.)

A. At the trust boundaries, the untrusted traffic will be marked with a new QoS value appropriate

for the policy in place at the point where the traffic entered the campus network.

B. Trust boundaries are used to determine which QoS mechanism will be applied to the traffic.

C. Setting trust boundaries at the edge of the network allows intermediate hop devices to

administer QoS policies without detailed packet identification.

D. Trust boundaries are configured in the core of the network to provide the most efficient

forwarding based upon QoS markings.

Answer: A,C

Explanation:

The packets that enter your network or hardware can be marked into different classes; you can

define the trust boundaries in your network. You can define some devices as trusted devices and

some as untrusted devices. The packets that come from trusted devices are considered trusted

because the trusted devices classify the packets correctly. The packets that come from untrusted

devices are considered untrusted because they might not classify the packets correctly. After you

have marked the packets and defined the trust boundaries, you can force the scheduling of the

packets into different queues. These queues invoke at the time of congestion.

Defining trust boundaries is important in your network. Setting the trust boundary at the IP phone

means that you can accept all the IP phone markings into the network without modifications.

You should always try to do classification close to the edge of the network, for scalability.

On an IP phone, the tagged data (802.1Q/p) from the PC or any other device that is attached to

the access port of the IP phone can be trusted or untrusted. In trusted mode, the IP phone passes

all the data unchanged. In untrusted mode, the IP phone re-marks the Layer 2 CoS value to the

new value (if configured on the access layer switch) or changes it to 0, if nothing is configured.

The default is untrusted mode, which is the recommend method.

Reference: http://www.ciscopress.com/articles/article.asp?p=385336&seqNum=2

QUESTION NO: 38 HOTSPOT

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 32

Page 33: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 33

Page 34: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

QUESTION NO: 39

In which three HSRP states do routers send hello messages? (Choose three.)

A. standby

B. learn

C. speak

D. listen

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 34

Page 35: Actule Test 642-892

Actu

alTe

sts.

com

E. active

Answer: A,C,E

Explanation:

When HSRP is configured on an interface, the router progresses through a series of states before

becoming active. This forces a router to listen for others in a group and see where it fits into the

pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,

Active.

Only the standby (second highest priority) router monitors the hello messages from the active

router. By default, hellos are sent every 3 seconds. If hellos are missed for the duration of the

holdtime timer (default 10 seconds, or 3 times the hello timer), the active router is presumed down.

The standby router is then clear to assume the active role. If other routers are sitting in the Listen

state, the next-highest priority router is allowed to become the new standby router.

QUESTION NO: 40

Which two statements are true about HSRP, VRRP, and GLBP? (Choose two.)

A. HSRP allows for multiple upstream active links being simultaneously used, whereas GLBP

does not.

B. GLBP allows for router load balancing of traffic from a network segment by utilizing the creation

of multiple standby groups.

C. GLBP allows for router load balancing of traffic from a network segment without the different

host IP configurations required to achieve the same results with HSRP.

D. Unlike HSRP and VRRP, GLBP allows automatic selection and simultaneous use of multiple

available gateways.

E. GLBP and VRRP allow for MD5 authentication, whereas HSRP does not.

Answer: C,D

Explanation:

1. GLBP

To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group.

Rather than having just one active router performing forwarding for the virtual router address, all

routers in the group can participate and offer load balancing by forwarding a portion of the overall

traffic.

2. VRRP

The Virtual Router Redundancy Protocol (VRRP) is a standards-based alternative to HSRP,

defined in IETF standard RFC 2338. VRRP is so similar to HSRP that you need to learn only

slightly different terminology and a couple of slight functional differences. VRRP provides one

redundant gateway address from a group of routers. The active router is called the master router ,

while all others are in the backup state . The master router is the one with the highest router

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 35

Page 36: Actule Test 642-892

Actu

alTe

sts.

com

priority in the VRRP group. VRRP group numbers range from 0 to 255; router priorities range from

1 to 254 (254 is the highest; 100 is the default). The virtual router MAC address is of the form

0000.5e00.01 xx , where xx is a two-digit hex VRRP group number. VRRP advertisements are

sent at 1-second intervals. Backup routers can optionally learn the advertisement interval from the

master router. By default, all VRRP routers are configured to preempt the current master router, if

their priorities are greater. VRRP has no mechanism for tracking interfaces to allow more capable

routers to take over the master role.

3. HSRP

HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to

appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically,

each of the routers that provides redundancy for a given gateway address is assigned to a

common HSRP group. One router is elected as the primary, or active, HSRP router, another is

elected as the standby HSRP router, and all the others remain in the listen HSRP state. The

routers exchange HSRP hello messages at regular intervals, so they can remain aware of each

other's existence, as well as that of the active router.

QUESTION NO: 41 HOTSPOT

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 36

Page 37: Actule Test 642-892

Actu

alTe

sts.

comAnswer:

Explanation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 37

Page 38: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 42

Which statement is true regarding the configuration of ISL trunks?

A. ISL trunking requires that native VLANs match.

B. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.

C. All Catalyst switches support ISL trunking.

D. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.

Answer: B

Explanation:

The Inter-Switch Link (ISL) protocol is a Cisco proprietary method for preserving the source VLAN

identification of frames passing over a trunk link. ISL performs frame identification in Layer 2 by

encapsulating each frame between a header and trailer. Any Cisco switch or router device

configured for ISL can process and understand the ISL VLAN information. ISL is primarily used for

Ethernet media, although Cisco has included provisions to carry Token Ring, FDDI, and ATM

frames over Ethernet ISL. (A Frame-Type field in the ISL header indicates the source frame type.)

When a frame is destined out a trunk link to another switch or router, ISL adds a 26-byte header

and a 4-byte trailer to the frame. The source VLAN is identified with a 10-bit VLAN ID field in the

header. The trailer contains a cyclic redundancy check (CRC) value to ensure the data integrity of

the new encapsulated frame. Figure 6-3 shows how Ethernet frames are encapsulated and

forwarded out a trunk link. Because tagging information is added at the beginning and end of each

frame, ISL is sometimes referred to as double tagging .

QUESTION NO: 43

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 38

Page 39: Actule Test 642-892

Actu

alTe

sts.

com

What are the basic configuration steps to enable IS-IS?

A. Configure the network net-id command(s) and the is-type level-1-2 command under routerisis.

B. Configure the net system-id command under routerisis and enable IS-IS on each interface with

the ip router isis command.

C. Configure the net system-id and the network net-id commands under routerisis and enable IS-

IS on each interface with the ip router isis command.

D. Configure the network net-id command(s) under routerisis and enable IS-IS on each interface

with the ip router isis command.

E. Configure the net system-id and the network net-id commands under routerisis.

Answer: B

Explanation:

In order to enable IS-IS for IP on a Cisco router and have it exchange routing information with

other IS-IS enabled routers, you must perform the following two tasks: Enable the IS-IS process

and assign area Enable IS-IS for IP routing on an interface

The sample configuration below configures an IS-IS router with the following parameters: Area

49.0001 Level 1 (L1) and Level 2 (L2) routers (this is the default unless otherwise specified) No

optional parameters Running IS-IS for IP only Loopback interfaces (loopbacks are advertised by

IS-IS, not IS-IS enabled)

Reference:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f38.s

html

QUESTION NO: 44

Refer to the exhibit. On all routers in the network, EIGRP has been configured for load balancing

across the three links. However, traffic destined for Network B from R1 is only load balanced over

paths R1-R2-R5 and R1-R3-R5. What is the cause of the problem?

A. Because Router R4 is not a feasible successor, EIGRP will not select path R1-R4-R5 for load

balancing.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 39

Page 40: Actule Test 642-892

Actu

alTe

sts.

com

B. EIGRP will not select path R1-R4-R5 for load balancing unless the value of the variance

parameter is increased.

C. EIGRP will not select more than two links for unequal cost path load balancing.

D. Because the path has a different link type, EIGRP will not select path R1-R4-R5 for load

balancing.

Answer: A

QUESTION NO: 45

Which statement is true about EBGP?

A. An internal routing protocol can be used to reach an EBGP neighbor.

B. A static route can be used to form an adjacency between neighbors.

C. EBGP requires a full mesh.

D. The next hop does not change when BGP updates are exchanged between EBGP neighbors.

Answer: B

Explanation:

Only choice C is correct. To reach a EBGP peer, a static route can be used with the EBGP multi-

hop command to establish a neighbor adjacency. Unlike interior routing protocols, EBGP

neighbors do not need to physically be connected to each other. All that is needed is a path to the

peer IP address, and a valid TCP port 179 connection between the BGP routers.

QUESTION NO: 46

A client is searching for an access point (AP). What is the correct process order that the client and

access point go through to create a connection?

A. association request/response, authentication request/response, probe request/response

B. probe request/response, association request/response, authentication request/response

C. probe request/response, authentication request/response, association request/response

D. association request/response, probe request/response, authentication request/response

Answer: C

Explanation:

From the Cisco FAQ on Cisco Aironet Wireless Security:

What steps does Open Authentication involve for a client to associate with the AP? The client

sends a probe request to the APs. The APs send back probe responses. The client evaluates the

AP responses and selects the best AP. The client sends an authentication request to the AP. The

AP confirms authentication and registers the client. The client then sends an association request

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 40

Page 41: Actule Test 642-892

Actu

alTe

sts.

com

to the AP. The AP confirms the association and registers the client.

Reference:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.sht

ml

QUESTION NO: 47

Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch?

(Choose three.)

A. The default CoS value for incoming traffic is set to 0.

B. The voice VLAN feature is disabled by default.

C. The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to

4.

D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default

CoS priority of the port.

E. PortFast is is automatically disabled when a voice VLAN is configured.

F. The CoS value is trusted for 802.1p or 802.1q tagged traffic.

Answer: A,B,D

Explanation:

Default Voice VLAN Configuration The voice VLAN feature is disabled by default. When the voice

VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the

port. The default CoS value is 0 for incoming traffic. The CoS value is not trusted for 802.1P or

802.1Q tagged traffic. The IP Phone overrides the priority of all incoming traffic (tagged and

untagged) and sets the CoS value to 0.

Note:

In software releases earlier than Cisco IOS Release 12.1(13 )EA1 , the CoS value is trusted for all

802.1P or 802.1Q tagged traffic, and the IP Phone does not override the priority of the incoming

traffic.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/config

uration/guide/swvoip.html

QUESTION NO: 48

Refer to the exhibit. How will interface FastEthernnet0/1 respond when an 802.1x-enabled client

connects to the port?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 41

Page 42: Actule Test 642-892

Actu

alTe

sts.

com

A. The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the

client to authenticate.

B. The switch port will disable 802.1x port-based authentication and cause the port to transition to

the authorized state without any further authentication exchange.

C. The switch will uniquely authorize the client by using the client MAC address.

D. The switch port will enable 802.1x port-based authentication and begin relaying authentication

messages between the client and the authentication server.

Answer: B

Explanation:

The IEEE 802.1x standard defines a port-based access control and authentication protocol that

restricts unauthorized workstations from connecting to a LAN through publicly accessible switch

ports. The authentication server authenticates each workstation that is connected to a switch port

before making available any services offered by the switch or the LAN. Until the workstation is

authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN

(EAPOL) traffic through the port to which the workstation is connected. After authentication

succeeds, normal traffic can pass through the port.

You control the port authorization state by using the dot1x port-control interface configuration

command and these keywords:

force-authorized : Disables 802.1x port-based authentication and causes the port to transition to

the authorized state without any authentication exchange required. The port transmits and

receives normal traffic without 802.1x-based authentication of the client. This is the default

setting.

force-unauthorized : Causes the port to remain in the unauthorized state, ignoring all attempts by

the client to authenticate. The switch cannot provide authentication services to the client through

the interface.

auto : Enables 802.1x port-based authentication and causes the port to begin in the unauthorized

state, allowing only EAPOL frames to be sent and received through the port. The authentication

process begins when the link state of the port transitions from down to up (authenticator initiation)

or when an EAPOL-start frame is received (supplicant initiation). The switch requests the identity

of the client and begins relaying authentication messages between the client and the

authentication server. The switch uniquely identifies each client attempting to access the network

by using the client MAC address.

Example:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 42

Page 43: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 49

Refer to the network of Layer 3 switches in the exhibit. The RPI Multicast Server only multicasts to

hosts connected to multilayer switches 5 and 6. The CMU Multicast Server multicasts to hosts on

multilayer switches 1-6. Given the number of configuration steps involved, what is the most

efficient way to configure the network while meeting the requirements for multicast data flow?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 43

Page 44: Actule Test 642-892

Actu

alTe

sts.

com

A. Configure each switch with PIM sparse-dense mode. Configure switch 3 as a rendezvous point

for the RPI multicast stream.

B. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.

Allow the switches to elect their own root for each multicast tree.

C. Configure each switch with PIM sparse mode.

D. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.

Leave each multicast server as the root of its own multicast tree.

E. Configure each switch with PIM dense mode.

F. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.

Specify switch 1 as the root for the RPI Multicast Server. Specify switch 2 as the root for the CMU

Multicast Server.

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 44

Page 45: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 50

Which protocol allows for the automatic selection and simultaneous use of multiple available

gateways as well as automatic failover between those gateways?

A. IRDP

B. GLBP

C. HSRP

D. VRRP

Answer: B

Explanation:

To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group.

Rather than having just one active router performing forwarding for the virtual router address, all

routers in the group can participate and offer load balancing by forwarding a portion of the overall

traffic. The advantage is that none of the clients have to be pointed toward a specific gateway

address-they can all have the same default gateway set to the virtual router IP address. The load

balancing is provided completely through the use of virtual router MAC addresses in ARP replies

returned to the clients. As a client sends an ARP request looking for the virtual router address,

GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group.

The result is that all clients use the same gateway address but have differing MAC addresses for

it.

QUESTION NO: 51

Refer to the exhibit. EIGRP is enabled on all routers on the network. What additional configuration

is required for the routers connected over the Frame Relay multipoint interfaces to compensate for

a low-speed NBMA connection?

A. Configure the bandwidth on all EIGRP Frame Relay interfaces to the committed information

rate (CIR).

B. Configure the EIGRP hold time on all Frame Relay interfaces to 15 seconds.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 45

Page 46: Actule Test 642-892

Actu

alTe

sts.

com

C. Configure the EIGRP hold time on all Frame Relay interfaces to 180 seconds.

D. Configure the bandwidth on all EIGRP Frame Relay interfaces to the lowest CIR multiplied by

the number of PVCs for the multipoint connection.

E. Configure the EIGRP hello interval on all Frame Relay interfaces to 60 seconds.

F. Configure the EIGRP hello interval on all Frame Relay interfaces to 5 seconds.

Answer: D

QUESTION NO: 52

Refer to the exhibit. On basis of the configuration that is provided, where will the trust boundary be

established in this network?

Exhibit: 10-c.gif

A. at the IP phone

B. at the PC

C. at the distribution switch

D. at the access switch

Answer: D

Explanation:

The example shown is a properly configured switch where the trust boundary is being set at the

access port on the switch itself. The "switchport voice vlan vlan-id dot1q" command enables voice

VLAN on switch port and associated VLAN.

The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of

service).

The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to

switch port.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 46

Page 47: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 53

Refer to the exhibit. What is the correct output of the command show ip route on router R2?

A. R2# show ip route

<output omitted>

10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0

i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1

i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 47

Page 48: Actule Test 642-892

Actu

alTe

sts.

com

C 10.1.2.0/24 is directly connected, Serial1/0

i su 10.1.2.0/23 [115/10] via 0.0.0.0, Null0

C 10.1.0.0/24 is directly connected, Serial1/1

i L2 10.1.0.0/23 [115/20] via 10.1.0.1, Serial1/1

B. R2# show ip route

<output omitted>

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0

i L1 10.200.200.13/32 [115/30] via 10.1.2.4, Serial1/0

[115/30] via 10.1.0.1, Serial1/1

i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0

C 10.1. 2.0/24 is directly connected, Serial1/0

i L1 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1

C 10.1.0.0/24 is directly connected, Serial1/1

C. R2# show ip route

<output omitted>

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0

i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1

i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0

C 10.1.2.0/24 is directly connected, Serial1/0

i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1

C 10.1.0.0/24 is directly connected, Serial1/1

D. R2# show ip route

<output omitted>

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

i L2 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0

i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1

i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0

C 10.1.2.0/24 is directly connected, Serial1/0

i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1

C 10.1.0.0/24 is directly connected, Serial1/1

E. R2# show ip route

<output omitted>

10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0

i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1

i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0

i L1 10.1.2.0/24 is directly connected, Serial1/0

i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1

i L2 10.1.0.0/24 is directly connected, Serial1/1

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 48

Page 49: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C

QUESTION NO: 54

What two steps can be taken to help prevent VLAN hopping? (Choose two.)

A. Enable BPD guard.

B. Place unused ports in a common unrouted VLAN.

C. Implement port security.

D. Disable CDP on ports where it is not necessary.

E. Prevent automatic trunk configurations.

Answer: B,E

Explanation:

To prevent VLAN hoping you should disable unused ports and put them in an unused VLAN, or a

separate unrouted VLAN. By not granting connectivity or by placing a device into a VLAN not in

use, unauthorized access can be thwarted through fundamental physical and logical barriers.

Another method used to prevent VLAN hopping is to prevent automatic trunk configuration.

Hackers used 802.1Q and ISL tagging attacks, which are malicious schemes that allow a user on

a VLAN to get unauthorized access to another VLAN. For example, if a switch port were

configured as DTP auto and were to receive a fake DTP packet, it might become a trunk port and

it might start accepting traffic destined for any VLAN. Therefore, a malicious user could start

communicating with other VLANs through that compromised port.

Reference: VLAN Security White Paper, Cisco Systems

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a00801315

9f.shtml

QUESTION NO: 55

Which command displays statistics on EIGRP hello, updates, queries, replies, and

acknowledgments?

A. show ip eigrp neighbors

B. show ip eigrp topology

C. show ip eigrp traffic

D. debug eigrp packets

Answer: C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 49

Page 50: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 56

Refer to the exhibit. A network administrator consoles into the ASw1 switch and attempts to save

the switch configuration to the TFTP server that is located at IP address 10.1.2.10/24. However,

whenever the copy running-config tftp command is issued with default options on switch ASw1, an

error is produced. Which configuration would correct this situation?

A. ASw1(config)# interface range fastethernet 0/1 - 24

ASw1(config-if-range)# ip forward-protocol udp 69

B. RTA(config)# interface fastethernet0/1

RTA(config-if)# ip forward-protocol udp 69

C. RTA(config)# interface fastethernet0/0

RTA(config-if)# ip helper-address 10.1.2.10

D. RTA(config)# interface fastethernet0/1

RTA(config-if)# ip helper-address 10.1.2.10

E. RTA(config)# interface fastethernet0/0

RTA(config-if)# ip forward-protocol udp 69

F. ASw1# copy tftp running-config

Answer: C

Explanation:

DHCP is not the only critical service that uses broadcasts. Cisco routers and other devices might

use broadcasts to locate TFTP servers. Some clients might need to broadcast to locate a

TACACS security server. In a complex hierarchical network, clients might not reside on the same

subnet as key servers. Such remote clients broadcast to locate these servers, but routers, by

default, do not forward client broadcasts beyond their subnet. Some clients are unable to make a

connection without services such as DHCP. For this reason, the administrator must provide DHCP

and DNS servers on all subnets or use the Cisco IOS software helper address feature. Running

services such as DHCP or DNS on several computers creates overhead and administrative

problems, so the first option is not very appealing. When possible, administrators use the ip

helper-address command to relay broadcast requests for these key User Datagram Protocol

(UDP) services.

By using the ip helper-address command, a router can be configured to accept a broadcast

request for a UDP service and then forward it as a unicast to a specific IP address

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 50

Page 51: Actule Test 642-892

Actu

alTe

sts.

com

By default, the ip helper-address command will forward these 8 UDP ports:

Reference: http://www.ciscopress.com/articles/article.asp?p=330807&seqNum=9

QUESTION NO: 57

Refer to the exhibit. What does the command channel-group 1 mode desirable do?

A. enables PAgP only if a PAgP device is detected

B. enables LACP only if a LACP device is detected

C. enables Etherchannel only

D. enables LACP unconditionally

E. enables PAgP unconditionally

Answer: A,E

Explanation:

The PAgP modes are explained below. Off: PAgP will not run. The channel is forced to remain

down. Auto: PAgP is running passively. The formation of a channel is desired; however, it is not

initiated. Desirable: PAgP is running actively. The formation of a channel is desired and initiated.

On: PAgP will not run. The channel is forced to come up.

There are four user-configurable channel modes: on, off, auto, and desirable. PAgP packets are

exchanged only between ports in auto and desirable mode. Ports configured in on or off mode do

not exchange PAgP packets. For switches to which you want to form an EtherChannel, it is best to

have both switches set to desirable mode. This gives the most robust behavior if one side or the

other encounters error situations or is reset. The default mode of the channel is auto. Both the

auto and desirable modes allow ports to negotiate with connected ports to determine if they can

form a channel. The determination is based on criteria such as port speed, trunking state, and

native VLAN. Ports can form an EtherChannel when they are in different channel modes as long

as the modes are compatible. This list provides examples:

Reference: http://www.cisconet.com/index.php/EtherChannel/EtherChannel-configure-mode-with-

PAgP.html

QUESTION NO: 58

Which statement is true about IPv6?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 51

Page 52: Actule Test 642-892

Actu

alTe

sts.

com

A. Each host can autoconfigure its address without the aid of a DHCP server.

B. Only one IPv6 address can be assigned to each interface.

C. Only one IPv6 address is assigned per node.

Answer: A

QUESTION NO: 59

Examine the router output above. Which two items are correct? (Choose two.)

A. If Ethernet 0/2 goesdown, the standby router will take over.

B. The local IP address of Router A is 10.1.0.6.

C. When Ethernet 0/3 of RouterA comes back up, the priority will become 105.

D. Router A will assume the active state if its priority is the highest.

E. The local IP address of Router A is 10.1.0.20.

Answer: C,D

Explanation:

Since preemption has been configured, we know that when any router comes back up, it will

become the active router as long as it has a higher priority value.

In this example, the current priority shows it to be 95. If the interface were to come up, it would

now be 95 + 10 (which is the default value) so the total value would then become 105. If fast0/2

were to come up as well, it would then be 105 + 15 (special override as seen in the command) =

120.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi

guration/guide/swhsrp.html

HSRP election is based on a priority value (0 to 255) that is configured on each router in the

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 52

Page 53: Actule Test 642-892

Actu

alTe

sts.

com

group. By default, the priority is 100. The router with the highest priority value (255 is highest)

becomes the active router for the group. If all router priorities are equal or set to the default value,

the router with the highest IP address on the HSRP interface becomes the active router. To set the

priority, use the following interface configuration command:

Switch( config-if)# standby group priority priority

When HSRP is configured on an interface, the router progresses through a series of states before

becoming active. This forces a router to listen for others in a group and see where it fits into the

pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,

Active.

QUESTION NO: 60

How is authentication handled with OSPFv3?

A. OSPFv3 for IPv6 authentication is supported by SHA-1 authentication.

B. OSPFv3 for IPv6 authentication is supported by MD5 authentication.

C. OSPFv3 for IPv6 authentication is supported by IPv6 IPsec.

D. OSPFv3 for IPv6 authentication is supported by IPv4 IPsec.

Answer: C

QUESTION NO: 61

A network administrator assigns a multicast address of 239.255.8.5 to an application running on a

device with an Ethernet MAC address of 01.b2.7d.05.f1.80. Which Layer 2 multicast address will

this device use?

A. 01.00.5e.05.f1.80

B. ff.ff.ff.ff.ff.ff

C. 01.00.5e.7F.08.05

D. 01.b2.7d.0a.08.05

E. 01.b2.7d.05.f1.80

Answer: C

QUESTION NO: 62

Refer to the exhibit. Which two statements are correct? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 53

Page 54: Actule Test 642-892

Actu

alTe

sts.

com

A. All the routes were redistributed into BGP from an IGP.

B. Four routes will be installed in the routing table.

C. All the routes were originated by BGP with the network command.

D. Two routes will be installed in the routing table.

E. All six routes will be installed in the routing table.

Answer: A,B

QUESTION NO: 63

Refer to the exhibit. Which statement is true about the configuration that is shown?

A. Untagged ingress traffic will be marked with the default CoS value of the port.

B. Ingress traffic from the host will be tagged with theCoS value of 5.

C. Tagged and untagged ingress traffic will be carried on VLAN 1.

D. Untagged ingress traffic will be dropped.

Answer: A

Explanation:

The "Switchport voice vlan vlan-id dot1q" command enables voice VLAN on switch port and

associated VLAN.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 54

Page 55: Actule Test 642-892

Actu

alTe

sts.

com

The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of

service)

The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to

switch port. Since this has not been explicitly configured, the default CoS value of the port will be

used.

QUESTION NO: 64

For what purpose is the command config network webmode enable used?

A. to allow HTTPS access to the WLAN controller

B. to allow SSH access to the CLI of the WLAN controller

C. to allow HTTP access to the WLAN controller

D. to allow SSL access to the CLI of the WLAN controller

Answer: C

Explanation:

(WLAN_Controller) >config network webmode enable

This command Enables HTTP access to the WLAN controller

Note: HTTPS access is enabled by default; unsecured HTTP is not.

Reference: Cisco Press BCMSN Portable command guide

QUESTION NO: 65

Refer to the exhibit. Which two statements are true about the partial configuration that is provided.

(Choose two.)

A. The peer group shortens the EBGP configuration.

B. Three AS-path filters are applied to each BGP neighbor.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 55

Page 56: Actule Test 642-892

Actu

alTe

sts.

com

C. All the configured neighbors are in autonomous system 100.

D. The peer group shortens the IBGP configuration.

E. Only the outgoing filters are applied to BGP updates.

Answer: C,D

QUESTION NO: 66

Which statement is true about utilizing a data network for voice traffic?

A. Because voice traffic volume cannot be calculated, network bandwidth requirements must be

determined from an existing installation.

B. Voice traffic will require some form of QoS implementation only in congested networks.

C. Network congestion must be totally eliminated to provide proper voice traffic performance.

D. Adding bandwidth to the data network is the primary solution to provide for the needs of voice

traffic.

E. Voice traffic will require some form of QoS mechanisms in most networks.

Answer: E

Explanation:

For VoIP to be a realistic replacement for standard public switched telephone network (PSTN)

telephony services, customers need to receive the same quality of voice transmission they receive

with basic telephone services-meaning consistently high-quality voice transmissions. Like other

real-time applications, VoIP is extremely bandwidth- and delay-sensitive . For VoIP transmissions

to be intelligible to the receiver, voice packets should not be dropped, excessively delayed, or

suffer varying delay (otherwise known as jitter).

VoIP can guarantee high-quality voice transmission only if the voice packets, for both the signaling

and audio channel, are given priority over other kinds of network traffic. For VoIP to be deployed

so that users receive an acceptable level of voice quality, VoIP traffic must be guaranteed certain

compensating bandwidth, latency, and jitter requirements. QoS ensures that VoIP voice packets

receive the preferential treatment they require. In general, QoS provides better (and more

predictable) network service by providing the following features:

Supporting dedicated bandwidth

Improving loss characteristics

Avoiding and managing network congestion

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 56

Page 57: Actule Test 642-892

Actu

alTe

sts.

com

Shaping network traffic

Setting traffic priorities across the network

Reference:

http://www.cisco.com/en/US/docs/ios/solutions_docs/qos_solutions/QoSVoIP/QoSVoIP.html

QUESTION NO: 67

An IPv6 overlay tunnel is required to communicate with isolated IPv6 networks across an IPv4

infrastructure. There are currently five IPv6 overlay tunnel types. Which three IPv6 overlay tunnel

statements are true? (Choose three.)

A. An manual overlay tunnel supports point-to-multipoint tunnels capable of carrying IPv6 and

Connectionless Network Service (CLNS) packets.

B. Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4

infrastructure.

C. Overlay tunnels can only be configured between border routers capable of supporting IPv4 and

IPv6.

D. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv6-compatible, 4to6, and

Multiprotocol Label Switching (MPLS) overlay tunneling mechanisms.

E. Overlay tunnels can be configured between border routers or between a border router and a

host capable of supporting IPv4 and IPv6.

F. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv4-compatible, 6to4, and

Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) overlay tunneling mechanisms.

Answer: B,E,F

QUESTION NO: 68

For the accompanying router output, which of the following statements describes the state that

neighbor 172.16.254.3 is in?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 57

Page 58: Actule Test 642-892

Actu

alTe

sts.

com

A. The router is listening on its server port for connection requests from the peer.

B. The router will not accept connections from the peer.

C. The router has sent out an active TCP connection request to the peer.

D. BGP can exchange routing information in this state.

Answer: A

QUESTION NO: 69

Refer to the exhibit. What radio button option on the Aironet Desktop Utility (ADU) Security tab

includes the option of Advanced Encryption Standard (AES) and Extensible Authentication

Protocol-Flexible Authentication via Secure Tunneling?

A. WPA/WPA2/CCKM

B. 802.1x

C. WPA/WPA2 Passphrase

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 58

Page 59: Actule Test 642-892

Actu

alTe

sts.

com

D. Pre-Shared Key (Static WEP)

Answer: A

Explanation:

EAP-FAST- This authentication type (Flexible Authentication via Secure Tunneling) uses a three-

phased tunneled authentication process to provide advanced 802.1X EAP mutual authentication.

WPA uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data

protection while WPA2 uses the stronger Advanced Encryption Standard encryption algorithm

using Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-

CCMP), so WPA2 will be required to use AES.

Reference:

http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/2.0/configuration/guide/winc

h5kh.html

QUESTION NO: 70

Based on the show ip route isis output on R1, which statement is true?

A. The i su 10.1.0.0/23 route is a suppressed route.

B. The i su 10.1.0.0/23 route is a summary route.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 59

Page 60: Actule Test 642-892

Actu

alTe

sts.

com

C. The R1 IS-IS router is an ABR that belongs to multiple IS-IS areas.

D. The R1 IS-IS router is an ASBR.

E. The R1 IS-IS router is performing route aggregation and is suppressing the more specific

10.1.0.0/23 prefix.

F. The i su 10.1.0.0/23 route is an IS-IS external route.

Answer: B

Explanation:

The "su" in the routing table denotes an IS-IS summary null route. This route is automatically

created within the router when IS-IS route summarization is configured.

QUESTION NO: 71

Which three are characteristics of IPv6? (Choose three.)

A. An IPv6 header contains the protocol field.

B. An IPv6 header contains the header checksum field.

C. An IPv6 header contains the next header field.

D. An IPv6 header is 20 bits long.

E. IPv6 routers send RA messages.

F. An IPv6 address is 128 bits long.

Answer: C,E,F

Explanation:

All IPv6 addresses are 128 bits long to accommodate a far larger number of stations than what

was possible with the 32 bit IPv4 addresses.

The following displays the IPv6 header field in detail:

IPv6 header:

Version . 4 bits. IPv6 version number.

Traffic Class . 8 bits. Internet traffic priority delivery value.

Flow Label . 20 bits. Used for specifying special router handling from source to destination(s) for a

sequence of packets.

Payload Length . 16 bits unsigned. Specifies the length of the data in the packet. When cleared to

zero, the option is a hop-by-hop Jumbo payload.

Next Header . 8 bits. Specifies the next encapsulated protocol. The values are compatible with

those specified for the IPv4 protocol field.

Hop Limit . 8 bits unsigned. For each router that forwards the packet, the hop limit is decremented

by 1. When the hop limit field reaches zero, the packet is discarded. This replaces the TTL field in

the IPv4 header that was originally intended to be used as a time based hop limit.

Source address . 16 bytes. The IPv6 address of the sending node.

Destination address . 16 bytes. The IPv6 address of the destination node.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 60

Page 61: Actule Test 642-892

Actu

alTe

sts.

com

Reference: http://www.networksorcery.com/enp/protocol/ipv6.htm

QUESTION NO: 72

What is the effect of enabling a voice VLAN on a Catalyst switch port?

A. Port security is automatically enabled on a voice VLAN port.

B. PortFast is disabled on the port.

C. The CoS is trusted for 802.1P or 802.1Q tagged traffic.

D. Untagged traffic is sent according to the default CoS priority of the port.

Answer: D

Explanation:

Default Voice VLAN Configuration:

The voice VLAN feature is disabled by default.

When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS

priority of the port. The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi

guration/guide/swvoip.html

QUESTION NO: 73

Which two statements correctly describe the association process between a lightweight access

point and a WLAN controller? (Choose two.)

A. Once an access point associates with a controller in LWAPP Layer 3 mode, it receives an IP

address from the controller.

B. An access point first searches for a controller in LWAPP Layer 2 mode. If the search is not

successful, the access point then attempts to locate a controller in LWAPP Layer 3 mode.

C. An access point will search for a controller using a broadcast address if using LWAPP Layer 2

mode and a unicast address if using LWAPP Layer 3 mode.

D. If multiple wireless controllers are detected by an access point, the controller with the fewest

associated access points is chosen to associate with.

E. In order to associate in Layer 3 mode, the access point must have been preconfigured with an

IP address.

Answer: B,D

Explanation:

This procedure for a LAP to register with a WLC is: The LAP issues a DHCP request to a DHCP

server in order to get an IP address, unless an assignment was made previously with a static IP

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 61

Page 62: Actule Test 642-892

Actu

alTe

sts.

com

address. If Layer 2 LWAPP mode is supported on the LAP, the LAP broadcasts an LWAPP

discovery message in a Layer 2 LWAPP frame. Any WLC that is connected to the network and

that is configured for Layer 2 LWAPP mode responds with a Layer 2 discovery response. If the

LAP does not support Layer 2 mode, or if the WLC or the LAP fails to receive an LWAPP

discovery response to the Layer 2 LWAPP discovery message broadcast, the LAP proceeds to

step 3. If step 1 fails, or if the LAP or the WLC does not support Layer 2 LWAPP mode, the LAP

attempts a Layer 3 LWAPP WLC discovery. If step 3 fails, the LAP resets and returns to step 1.

The LAP uses this information to make a controller selection, with use of these precedence rules:

If the LAP has previously been configured with a primary, secondary, and/or tertiary controller, the

LAP examines the controller sysName field (from the LWAPP discovery responses) in an attempt

to find the WLC that is configured as "primary". If the LAP finds a matching sysName for the

primary controller, the LAP sends an LWAPP join request to that WLC. If the LAP cannot find its

primary controller or if the LWAPP join fails, the LAP tries to match the secondary controller

sysName to the LWAPP discovery responses. If the LAP finds a match, it then sends an LWAPP

join to the secondary controller. If the secondary WLC cannot be found or the LWAPP join fails,

the LAP repeats the process for its tertiary controller. The LAP looks at the Master Controller flag

field in the LWAPP discovery responses from the candidate WLCs if one of these items is true: No

primary, secondary, and/or tertiary controllers have been configured for an AP. These controllers

cannot be found in the candidate list. The LWAPP joins to those controllers have failed.

If a WLC is configured as a Master Controller, the LAP selects that WLC and send it an LWAPP

join request. If the LAP cannot successfully join a WLC on the basis of the criteria in step 1 and

step 2, the LAP attempts to join the WLC that has the greatest excess capacity.

Reference:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

QUESTION NO: 74

Which three statements about STP timers are true? (Choose three.)

A. The root bridge passes the timer information in BPDUs to all routers in the Layer 3

configuration.

B. A switch is not concerned about its local configuration of the STPtimers values. It will only

consider the value of the STP timers contained in the BPDU it is receiving.

C. If any STP timer value (hello, forward delay, max age) needs to be changed, it should at least

be changed on theroot bridge and backup root bridge.

D. To successfully exchange BPDUs between two switches, their STPtimers value (hello, forward

delay, max age) must be the same.

E. On a switched network with a small network diameter, the STP hello timer can be tuned to a

lower value to decrease the load on the switch CPU.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 62

Page 63: Actule Test 642-892

Actu

alTe

sts.

com

F. STPtimers values (hello, forward delay, max age) are included in each BPDU.

Answer: B,C,F

Explanation:

STP operation is controlled by three timers. The Hello Time is the amount of time between the

sending of Configuration BPDUs. The 802.1D standard specifies a default value of 2 seconds.

This value controls Configuration BPDUs as the Root Bridge generates them. Other bridges

propagate BPDUs from the Root Bridge as they are received.

If BPDUs stop arriving for the time interval ranging from 2 to 20 seconds because of a network

disturbance, or if the Root Bridges stop sending periodic BPDUs during this time, the timer will

expire. 2 to 20 seconds is the range between the expected receipt of a BPDU and the expiration of

the Max Age time. If the outage lasts for more than 20 seconds, the default Max Age time, the

bridge invalidates the saved BPDUs and begins looking for a new Root Port.

Forward Delay is the amount of time the bridge spends in the Listening and Learning states. This

is a single value that controls both states. The default value of 15 seconds was originally derived

assuming a maximum network size of seven bridge hops, a maximum of three lost BPDUs, and a

Hello Time of 2 seconds. The Forward Delay timer also controls the bridge table age-out period

after a change in the active topology.

Max Age is the STP timer that controls how long a bridge stores a BPDU before discarding it. Max

Age is only an issue when the link failure is not on a directly connected link. When a failure occurs

on a directly connected link, the switch knows there will not be any BPDUs coming in on that link,

so Max Age is not considered in transitioning the port to Forwarding mode. Recall that each port

saves a copy of the best BPDU it has seen. As long as the bridge receives a continuous stream of

BPDUs every 2 seconds, the receiving bridge maintains a continuous copy of the BPDU values.

However, if the device sending this best BPDU fails, a mechanism must exist to allow other

bridges to take over.

QUESTION NO: 75

Refer to the exhibit. What happens when the router stops receiving advertisements for the

10.1.2.0/24 network?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 63

Page 64: Actule Test 642-892

Actu

alTe

sts.

com

A. The summary route will remain in the table.

B. The more specific routes will be advertised from the table.

C. 10.1.2.0/24 will still be advertised but packets destined for it will be dropped when they reach

this router.

D. The summary route will be removed from the table.

Answer: A

QUESTION NO: 76

Refer to the exhibit. Which two statements are true about the output from the show standby vlan

50 command? (Choose two.)

A. The command standby 1 preempt was added to Catalyst_A.

B. Catalyst_A is load sharing traffic in VLAN 50.

C. Hosts using the default gateway address of 192.168.1.1 will have their traffic sent to

192.168.1.11 even after Catalyst_A becomes available again.

D. Hosts using the default gateway address of 192.168.1.2 will have their traffic sent to

Catalyst_A.

Answer: A,B

Explanation:

HSRP uses a priority scheme to determine which HSRP-configured router is to be the default

active router. To configure a router as the active router, you assign it a priority that is higher than

the priority of all the other HSRP-configured routers. The default priority is 100, so if you configure

just one router to have a higher priority, that router will be the default active router.

HSRP works by the exchange of multicast messages that advertise priority among HSRP-

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 64

Page 65: Actule Test 642-892

Actu

alTe

sts.

com

configured routers. When the active router fails to send a hello message within a configurable

period of time, the standby router with the highest priority becomes the active router. The transition

of packet- forwarding functions between routers is completely transparent to all hosts on the

network.

HSRP-configured routers exchange three types of multicast messages:

Hello - The hello message conveys to other HSRP routers the router's HSRP priority and state

information. By default, an HSRP router sends hello messages every three seconds.

Coup - When a standby router assumes the function of the active router, it sends a coup message.

Resign - A router that is the active router sends this message when it is about to shut down or

when a router that has a higher priority sends a hello message.

At any time, HSRP-configured routers are in one of the following states:

Active - The router is performing packet-transfer functions.

Standby - The router is prepared to assume packet-transfer functions if the active router fails.

Speaking and listening - The router is sending and receiving hello messages.

Listening - The router is receiving hello messages.

The standby preempt interface configuration command allows the router to become the active

router when its priority is higher than all other HSRP-configured routers in this Hot Standby group.

The configurations of both routers include this command so that each router can be the standby

router for the other router. The 1 indicates that this command applies to Hot Standby group 1. If

you do not use the standby preempt command in the configuration for a router, that router cannot

become the active router.

QUESTION NO: 77

Refer to the exhibit. Dynamic ARP inspection (DAI) is enabled on switch SW_A only. Both Host_A

and Host_B acquire their IP addresses from the DHCP server connected to switch SW_A. What

would the outcome be if Host_B initiated an ARP spoof attack toward Host_A ?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 65

Page 66: Actule Test 642-892

Actu

alTe

sts.

com

A. The spoof packets will not be inspected at the ingress port of switch SW_A and will be dropped.

B. The spoof packets will not be inspected at the ingress port of switch SW_A and will be

permitted.

C. The spoof packets will be inspected at the ingress port of switch SW_A and will be dropped.

D. The spoof packets will be inspected at the ingress port of switch SW_A and will be permitted.

Answer: B

Explanation:

When configuring DAI, follow these guidelines and restrictions:

DAI is an ingress security feature; it does not perform any egress checking.

DAI is not effective for hosts connected to routers that do not support DAI or that do not have this

feature enabled. Because man-in-the-middle attacks are limited to a single Layer 2 broadcast

domain, separate the domain with DAI checks from the one with no checking. This action secures

the ARP caches of hosts in the domain enabled for DAI.

DAI depends on the entries in the DHCP snooping binding database to verify IP-to-MAC address

bindings in incoming ARP requests and ARP responses. Make sure to enable DHCP snooping to

permit ARP packets that have dynamically assigned IP addresses.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 66

Page 67: Actule Test 642-892

Actu

alTe

sts.

com

When DHCP snooping is disabled or in non-DHCP environments, use ARP ACLs to permit or to

deny packets.

DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.

In our example, since SW_B does not have DAI enabled (bullet point 2 above) packets will not be

inspected and they will be permitted.

Reference:

http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SXF/configuration/guide/dynarp.html

QUESTION NO: 78

Which three WLAN statements are true? (Choose three.)

A. A WLAN client will operate in half-duplex mode.

B. The Aironet 1230 access point is an example of an access point that operates solely as a

lightweight access point.

C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP.

D. WLANs are designed to share the medium and can easily handle an increased demand of

channel contention.

E. A lightweight AP receives control and configuration from a WLAN controller to which it is

associated.

F. Another term for infrastructure mode is independent service set (IBSS).

Answer: A,C,E

Explanation:

The 802.11 standard specifies a Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)

transmit-recieve environment. Therefore, all 802.11 are half-duplex/simplex in nature .

Lightweight access points first search for a WLAN controller using LWAPP in Layer 2 mode. Then

the access point searches for a WLAN in Layer 3 mode. The control traffic between the access

point and the controller is encapsulated with the LWAPP. The control traffic is encrypted via the

Advanced Encryption Standard (AES). Lightweight APs need configuration and control

information from a WLAN controller

QUESTION NO: 79

Refer to the exhibit. EIGRP is configured with the default configuration on all routers.

Autosummarization is enabled on routers R2 and R3, but it is disabled on router R1. Which two

EIGRP routes will be seen in the routing table of router R3? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 67

Page 68: Actule Test 642-892

Actu

alTe

sts.

com

A. 172.16.10.0/24

B. 10.0.0.0/8

C. 172.16.0.0/16

D. 172.16.0.0/24

E. 10.10.0.0/16

F. 10.10.10.0/24

Answer: C,F

QUESTION NO: 80

In a comparison of an IPv4 header with an IPv6 header, which three statements are true? (Choose

three.)

A. An IPv6 header has twice as many octets as an IPv4 header.

B. An IPv4 header includes a checksum. However, an IPv6 header does not include one.

C. An IPv6 header is half the size of an IPv4 header.

D. An IPv6 header is simpler and more efficient than an IPv4 header.

E. A router has to recompute the checksum of an IPv6 packet when decrementing the TTL.

F. The 128-bit IPv6 address makes the IPv6 header more complicated than an IPv4 header.

Answer: A,B,D

QUESTION NO: 81

Refer to the exhibit. A network administrator has configured DHCP services on the router as

shown. DHCP clients connected to the FastEthernet0/0 interface are working properly. DHCP

clients connected to the FastEthernet0/1 interface are not receiving addresses. Which two

statements contain recommendations that will solve the problem? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 68

Page 69: Actule Test 642-892

Actu

alTe

sts.

com

A. The network shown in the output under the ip dhcp pool Central command should be changed

to network 10.10.0.0 with a mask of 255.255.255.0.

B. A second DHCP pool for network 10.10.0.0/24 should be configured.

C. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to

the FastEthernet0/0 configuration.

D. An ip dhcp excluded-address global configuration command for network 10.10.0.0/24 should be

issued.

E. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to

the FastEthernet0/1 configuration.

Answer: B,D

QUESTION NO: 82

When an IPv6 enabled host boots, it sends a router solicitation (RS) message. An IPv6 router

responds with a router advertisement (RA). Which two items are contained in the RA? (Choose

two.)

A. request for the local host IP address

B. IPv6 address for the host

C. prefixes for the link

D. keepalive timers

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 69

Page 70: Actule Test 642-892

Actu

alTe

sts.

com

E. any route advertisements it has received

F. lifetime of the prefix

Answer: C,F

Explanation:

In IP Version 6, Router Advertisements have the following attributes:

Routers advertise periodically

- Max. time between advertisements can be in the range from 4 and

1800 seconds

- The advertisement has a lifetime (= 0 if not a default router)

Advertisement contains one or more prefixes

- Prefixes have a lifetime

Preferred lifetime

Valid lifetime

Specifies if stateful or stateless autoconfiguration is to be

used

Plays a key role in site renumbering

QUESTION NO: 83

Which statement is correct about 802.1Q trunking?

A. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.

B. The encapsulation type on both ends of the trunk does not have to match.

C. 802.1Q trunking can only be configured on a Layer 2 port.

D. The native VLAN on both ends of the trunk must be VLAN 1.

E. Both switches must be in the same VTP domain.

Answer: A

Explanation:

A is correct because, "frames from the native VLAN of an 802.1Q trunk are not tagged with the

VLAN number." By default, the native VLAN is VLAN 1 but this can be effectively changed to a

different VLAN and the trunk will still be functional. Trunks can be established with router

interfaces using sub-interfaces, which are layer 3.

Reference: http://www.cisco.com/warp/public/473/27.html

QUESTION NO: 84

Refer to the exhibit. This network is running IS-IS. Router RTC is inside Cloud#1. From the output

on RTD, which two statements are true? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 70

Page 71: Actule Test 642-892

Actu

alTe

sts.

comA. The SNPA for RTE is the source data link address that is used to transmit frames to RTD.

B. Because it is running IS-IS in IP-only mode, RTD will not transmit CLNS packets.

C. IP routing updates between RTC and RTD will be CLNS datagrams that are encapsulated by

HDLC.

D. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by

CLNS.

E. The NET for RTE will be 49.0150.0019.06b7.fd5f.00.

F. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by

HDLC.

Answer: A,C

QUESTION NO: 85

Which EIGRP packet statement is true?

A. Update packets route reliable change information only to the affected routers.

B. Reply packets are multicast to IP address 224.0.0.10 using RTP.

C. On high-speed links, hello packets are broadcast every 5 seconds for neighbor discovery.

D. Reply packets are used to send routing updates.

E. On low-speed links, hello packets are broadcast every 15 seconds for neighbor discovery.

Answer: A

QUESTION NO: 86

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 71

Page 72: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. What is the effect on the trust boundary of configuring the command mls qos

trust cos on the switch port that is connected to the IP phone?

A. The host is now establishing theCoS value and has effectively become the trust boundary.

B. The switch will no longer tag incoming voice packets and will trust the distribution layer switch

to set theCoS.

C. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link.

D. The switch is rewriting packets it receives from the IP phone and determining theCoS value.

E. Effectively the trust boundary has been moved to the IP phone.

Answer: E

Explanation:

Configuring Trusted Boundary:

In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the

telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header

contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.

For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted

to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using

the "mls qos trust cos" interface configuration command, you can configure the switch port to

which the telephone is connected to trust the CoS labels of all traffic received on that port.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config

uration/guide/swqos.html

QUESTION NO: 87

Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the

reason Router RT-1 chooses this "best" path.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 72

Page 73: Actule Test 642-892

Actu

alTe

sts.

comA. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.

B. IP address 128.107.2.2 is lower than 128.107.255.2.

C. In making its decision about the best path, RT-1 prefers the IGP metrics.

D. In making its decision about the best path, RT-1 gives precedence to the origin code.

E. RT-1 prefers internal BGP routes.

F. IP address 128.107.254.2 is lower than 128.107.255.2.

Answer: D

Explanation:

After BGP receives updates about different destinations from different autonomous systems, it

chooses the best path to reach a specific destination.

The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the

route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router

only.) If multiple routes have the same weight, prefer the route with the highest local preference

value. (The local preference is used within an autonomous system.) If multiple routes have the

same local preference, prefer the route that the local router originated. A locally originated route

has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the

route with the shortest autonomous system path. If the autonomous system path length is the

same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same,

prefer the path with the lowest MED. (The MED is exchanged between autonomous systems.) The

MED comparison is made only if the neighboring autonomous system is the same for all routes

considered, unless the bgp always-compare-med command is enabled If the routes have the

same MED, prefer external paths to internal paths. If synchronization is disabled and only internal

paths remain, prefer the path through the closest IGP neighbor, which means that the router

prefers the shortest internal path within the autonomous system to reach the destination (the

shortest path to the BGP next hop). For EBGP paths, select the oldest route to minimize the effect

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 73

Page 74: Actule Test 642-892

Actu

alTe

sts.

com

of routes going up and down (flapping). Prefer the route with the lowest neighbor BGP router ID

value. If the BGP router IDs are the same, prefer the router with the lowest neighbor IP address.

QUESTION NO: 88

Observe the exhibit. If the command variance 3 were added to RTE, which path or paths would be

chosen to route traffic to network X?

A. E-C-A and E-D-A

B. E-B-A, E-C-A and E-D-A

C. E-B-A

D. E-B-A and E-C-A

Answer: D

Explanation:

Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway

Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. Use the

variance n command in order to instruct the router to include routes with a metric of less than n

times the minimum metric route for that destination. The variable n can take a value between 1

and 128. The default is 1, which means equal cost load balancing. Traffic is also distributed

among the links with unequal costs, proportionately, with respect to the metric.

Reference:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009437d.shtml

QUESTION NO: 89

Which two statements about 6to4 tunneling are accurate? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 74

Page 75: Actule Test 642-892

Actu

alTe

sts.

com

A. 6to4 is a manual tunnel method.

B. Prepending 0x2002 with the IPv4 address creates an IPv6 address that is used in 6to4

tunneling.

C. Prepending a reserved IPv6 code to the hexadecimal representation of 192.168.0.1 facilitates

6to4 tunneling.

D. 2002::/48 is the address range specifically assigned to 6to4.

E. Each 6to4 site receives a /48 prefix in a 6to4 tunnel.

Answer: B,E

QUESTION NO: 90

Which three statements are true about implementing Cisco wireless LANs? (Choose three.)

A. One of the advantages of the lightweight WLAN solution is that the devices act independently.

B. Characteristics of antennas are directionality, gain, and polarization.

C. LWAPP allows encrypted communication between lightweight access points and WLAN

controllers.

D. Antenna power is a relative value reference to dBi.

E. The WLAN Solution Engine (WLSE) is used to control lightweight access points.

F. Power over Ethernet (PoE) is only available when a WLAN controller is integrated into the

network.

Answer: B,C,D

Explanation:

DBi is a unit measuring the gain of an antenna. The reference level or dBi is the strength of the

signal that would be transmitted by a non-directional isotropic antenna i.e.radiates equally in all

directions. This antenna exists as a mathematical concept used only as a known reference to

measure antenna gain per dBi. In electronics, the term "gain" is often repeated but misunderstood.

Gain implies increase e.g 20 dBi but without respect to where the increase originated.

LWAPP is a draft Internet Engineering Task Force (IETF) standard, authored by Cisco Systems,

that standardizes the communications protocol between lightweight access points and WLAN

systems such as controllers, switches, and routers. Its goals are to:

Reduce the amount of processing within access points, freeing up their computing resources to

focus exclusively on wireless access instead offiltering and policy enforcement

Enable centralized traffic handling, authentication, encryption , and policy enforcement for an

entire WLAN system

Provide a generic encapsulation and transport mechanism for multivendor access point

interoperability, using either a Layer 2 infrastructure oranIP-routed network

When a Cisco LWAPP-enabled access point boots up, it immediately looks for a wireless LAN

controller within the network. After it finds a wireless LAN controller, the LWAPP-enabled access

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 75

Page 76: Actule Test 642-892

Actu

alTe

sts.

com

point sends out encrypted "neighbor" messages.

An antenna gives the wireless system three fundamental properties: gain, direction and

polarization. Gain is a measure of increase in power. Gain is the amount of increase in energy that

an antenna adds to a radio frequency (RF) signal. Direction is the shape of the transmission

pattern. Polarization is the physical orientation of the element on the antenna that actually emits

the RF energy. An omnidirectional antenna, for example, is usually a vertical polarized antenna.

References:

http://wireless-network.wireless-computer-networking.com/dBi.htm

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00807f34d3.shtml

QUESTION NO: 91

What three statements are true for networks that are enabled for voice as well as data traffic?

(Choose three.)

A. An uptime of 99.999 percent is achieved using a 4-hour service response contract for system

problems.

B. High availability networks must be created to avoid network congestion and overcome a lack of

redundancy and poor engineering.

C. Auxiliary VLANs provide the ability to apply QoS to voice traffic without affecting the flow of data

from the client PC.

D. For ease of implementation, most VoIP phones use in-line power to get power through the

same cable on which data is sent.

E. The increased costs of voice enabled networks are offset by increased worker productivity.

F. Redundant hardware, redundant links, UPS, and proactive network management are data

network standards that do not apply to voice networks.

Answer: B,C,D

Explanation:

When adding voice or video to an existing network, you should examine several things in advance

to provide the high level of availability users expect in their phone system: What features are

needed?- Power for IP phones, voice VLANs on the switches, network redundancy for high

availability, security for voice calls, and Quality of Service (QoS) settings. Electrical power for the

IP phones- Use either inline power from Catalyst switch or power patch panel. Need

uninterruptible power supply (UPS) with auto-restart, monitoring, and 4-hour response contract.

May need generator backup. Maintain correct operating temperatures.

Auxiliary (or Voice) VLANs

Cisco switches can be configured to dynamically place IP telephones into a VLAN separate from

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 76

Page 77: Actule Test 642-892

Actu

alTe

sts.

com

the data VLANs. They can do this even when the phone and PC are physically connected to the

same switch port. This is called an auxiliary VLAN or a voice VLAN. Voice VLANs allow phones to

be dynamically placed in a separate IP subnet from hosts, to have QoS (using 802.1Q/p headers)

and security policies applied, and makes troubleshooting easier.

Reference: Cisco CCNP BCMSN Quick Reference Sheets, chapter 7, page 53

QUESTION NO: 92

Which two statements about the IS-IS routing protocol are true? (Choose two.)

A. IS-IS is only capable of supporting IPv4 and CLNS.

B. IS-IS routers use ES-IS hellos (ESH) to establish and to maintain neighbor relationships.

C. IS-IS is capable of supporting IPv4 and IPv6.

D. Level 2 routers learn about paths both within areas and between areas.

E. Level 1 routers learn about paths within the area of which they are a part.

F. IS-IS routers run the Bellman-Ford algorithm against their LSDBs to pick the best paths.

Answer: C,E

QUESTION NO: 93

Which two statements correctly describe features of Lightweight Access Point Protocol (LWAPP)?

(Choose two.)

A. VLAN tagging and QoS markings are applied at the access point.

B. Control traffic between an access point and a controller is encrypted within LWAPP.

C. Data traffic between an access point and a controller is encapsulated within LWAPP.

D. Data traffic between an access point and a controller is encrypted within LWAPP.

E. Layer 3 mode packets are transmitted in TCP frames.

Answer: B,C

Explanation:

The LAP and WLC pair use the lightweight access point protocol (LWAPP) as the tunneling

mechanism.

? LWAPP control messages-Exchanges that are used to configure the LAP and manage its

operation. The control messages are authenticated and encrypted so that the LAP is securely

controlled by only the WLC.

? LWAPP data-Packets to and from wireless clients associated with the LAP. The data is

encapsulated within LWAPP, but is not encrypted or otherwise secured between the LAP and

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 77

Page 78: Actule Test 642-892

Actu

alTe

sts.

com

WLC.

Data traffic between Access Point( AP) and Controller is encapsulated with LWAPP.

QUESTION NO: 94

Which two provide intra-area routing services? (Choose two.)

A. L2 ES

B. L1 IS

C. L1 ES

D. L1/L2 IS

E. L2 IS

Answer: B,D

Explanation:

An IS-IS network is termed a domain, analogous to an autonomous system (AS) in TCP/IP. The

following shows IS-IS within the domain as a two-level hierarchy: Level 1 (L1) ISs, closely

equivalent to OSPF internal non-backbone routers, are responsible for routing to ESs inside an

area. L1 ISs enable communication between ESs in an area. L1 routers are also referred to as

station routers because they enable stations to communicate with each other and the rest of the

network. A contiguous group of L1 routers defines an area. The L1 routers maintain the L1 link-

state PDU database (LSPD), which defines the picture of the area itself and the exit points to

neighboring areas. Level 2 (L2) ISs, closely equivalent to backbone routers in OSPF, route

between areas only. Level 1 and Level 2 (L1L2) Intermediate ISs, closely equivalent to area

border routers (ABRs) in OSPF, route between areas and the backbone. They participate in the L1

intra-area routing and the L2 inter-area routing.

L1L2 routers support an L1 function to communicate with the other L1 routers in their area and

maintain the L1 LSP information in an L1 LSPD. They inform other L1 routers that they are an exit

point for the area. They also support an L2 function to communicate with the rest of the backbone

and maintain an L2 topology database separately from their L1 LSPD. IS-IS does not share the

concept of an Area 0 with OSPF. An IS-IS domain appears as a set of distinct areas

interconnected by a chain of L2 routers, weaving their way through and between the Level 1

areas.

QUESTION NO: 95

Refer to the exhibit. Router RTR is attempting to establish BGP neighbor relationships with routers

RT1 and RT3. On the basis of the information that is presented in the exhibit, which two

statements are true? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 78

Page 79: Actule Test 642-892

Actu

alTe

sts.

comA. RTR has a BGP password set but neighbor 10.0.0.1 does not.

B. RTR has a BGP password set but neighbor 10.0.0.5 does not.

C. Neighbor 10.0.0.1 has a BGP password set but RTR does not.

D. RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set.

E. RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set.

F. Neighbor 10.0.0.5 has a BGP password set but RTR does not.

Answer: A,D

QUESTION NO: 96

Refer to the exhibit. Routers R1 and R2 are running EIGRP and have converged. On the basis of

the information that is presented, which statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 79

Page 80: Actule Test 642-892

Actu

alTe

sts.

com

A. All outgoing routing updates from router R1 to router R2 will be suppressed, but the inbound

updates will continue to be received.

B. All incoming routing updates from R2 will be suppressed, but the outgoing updates will continue

to be sent.

C. Both outgoing and incoming routing updates on R1 will be permitted because the distribute-list

20 out Serial0/0 command cannot be used with association with the outgoing interface.

D. Both outgoing and incoming routing updates on R1 will be stopped because of the passive-

interface Serial0/0 configuration statement.

Answer: D

Explanation:

You can use the passive-interface command to control the advertisement of routing information.

The command enables the suppression of routing updates over some interfaces while it allows

updates to be exchanged normally over other interfaces.

With most routing protocols, the passive-interface command restricts outgoing advertisements

only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is

slightly different. With EIGRP running on a network, the passive-interface command stops both

outgoing and incoming routing updates, since the effect of the command causes the router to stop

sending and receiving hello packets over an interface.

Reference:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml

QUESTION NO: 97

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 80

Page 81: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the show interface Gi0/1 switchport command output shown in the exhibit. Which two

statements are true about this interface? (Choose two.)

A. This interface is a member of a voice VLAN.

B. This interface is a dot1q trunk passing all configured VLANs.

C. This interface is a member of VLAN7.

D. This interface is configured for access mode.

E. This interface is a member of VLAN1.

Answer: C,D

Explanation:

In Exhibit, Operation mode is in static access and Access mode VLAN is 7 so it means this port is

operating on access mode as a member of VLAN 7.

QUESTION NO: 98

Refer to the exhibit. Which switch interface configuration command would automatically configure

quality of service (QoS) for voice over IP (VoIP) within a QoS domain?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 81

Page 82: Actule Test 642-892

Actu

alTe

sts.

com

A. mls qos trust

B. switchport priority extend cos 7

C. switchport priority extend trust

D. auto qos voip cisco-phone

Answer: D

Explanation:

You can use the auto-QoS feature to simplify the deployment of existing QoS features. Auto-QoS

makes assumptions about the network design, and as a result, the switch can prioritize different

traffic flows and appropriately use the ingress and egress queues instead of using the default QoS

behavior. (The default is that QoS is disabled. The switch then offers best-effort service to each

packet, regardless of the packet contents or size, and sends it from a single queue.)

When you enable auto-QoS, it automatically classifies traffic based on the traffic type and ingress

packet label. The switch uses the resulting classification to choose the appropriate egress queue.

When you enable auto-QoS by using the auto "qos voip cisco-phone", the "auto qos voip cisco-

softphone", or the "auto qos voip trust" interface configuration command, the switch automatically

generates a QoS configuration based on the traffic type and ingress packet label and applies the

appropriate commands automatically.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_40_se/configur

ation/guide/swqos.html#wp1231112

QUESTION NO: 99

What technique should be used on BGP edge routers to prevent a multi-homed autonomous

system from becoming a transit system?

A. Set the no-export community attribute on all networks that are advertised externally.

B. Advertise with a high MED value all networks that are discovered via external BGP.

C. Only advertise networks externally if they have been discovered via internal BGP.

D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous

system.

E. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.

F. Set the origin code to incomplete for all networks that are discovered via external BGP.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 82

Page 83: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

Explanation:

The minimum configuration that guarantees you won't become a transit AS is shown in the

following example:

router bgp 65000 neighbor 10.1.1.1 filter-list 1 out ! ip as-path access-list 1 permit ^$

In this example, the outgoing filter list says that all traffic not sourced from the local AS, should not

be advertiseD. This will prevent the announcement of routes that originated from other

Autonomous Systems, and prevent traffic destined for networks in another AS from going through

your AS. This is useful real-world information to know and if you configure your network with BGP

in a multi-homed environmet, odds are good that you will want to implement this kind of filter.

QUESTION NO: 100

What can be determined about the HSRP relationship from the displayed debug output?

A. Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router

172.16.11.112.

B. The IP address 172.16.11.112 is the virtual HSRP router IP address.

C. The nonpreempt feature is enabled on the 172.16.11.112 router.

D. The IP address 172.16.11.111 is the virtual HSRP router IP address.

E. Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router

172.16.11.111.

F. The preempt feature is not enabled on the 172.16.11.111 router.

Answer: F

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 83

Page 84: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

The standby preempt interface configuration command allows the router to become the active

router when its priority is higher than all other HSRP-configured routers in this Hot Standby group.

The configurations of both routers include this command so that each router can be the standby

router for the other router. The 1 indicates that this command applies to Hot Standby group 1. If

you do not use the standby preempt command in the configuration for a router, that router cannot

become the active router.

QUESTION NO: 101

Which statement is true about Protocol Independent Multicast Dense Mode (PIM DM) multicast

routing?

A. The (S,G) state exists in every router, regardless of the presence of an RPF interface.

B. Flooding of traffic only occurs in the beginning stages of routing. Afterwards, all necessary ports

are pruned and multicast traffic is not sent across those interfaces.

C. PIM DM supports shared distribution trees.

D. If a port is pruned, the administrator must re-enable the port to support multicast traffic.

Answer: A

QUESTION NO: 102

A network administrator would like to configure an EIGRP router as a stub router that advertises

directly connected and summary routes only. What command must the administrator issue to

accomplish this?

A. eigrp stub connected

B. eigrp stub connected static

C. eigrp stub summary

D. eigrp stub

E. eigrp stub receive-only

Answer: D

QUESTION NO: 103

EIGRP is configured to run across serial interfaces. What will EIGRP assume about the speed of

the serial links if the bandwidth command is not used?

A. EIGRP will not use any bandwidth value for route calculations.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 84

Page 85: Actule Test 642-892

Actu

alTe

sts.

com

B. EIGRP will assume that the link is the default speed of 128 kb/s.

C. EIGRP will assume that the bandwidth value is the actual speed of the interface.

D. EIGRP will assume that the link is the default speed of 768 kb/s.

E. EIGRP will assume the default speed of a T1 link.

Answer: E

QUESTION NO: 104

Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been

configured as a NSSA. Which statement is true about the NSSA Area 1?

A. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs.

B. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5

LSAs.

C. No redistributed routes can appear in Area 1, only summary routes.

D. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.

Answer: A

QUESTION NO: 105

Refer to the exhibit. Based upon the information that is given, how will voice traffic from the phone

and data traffic from the PC be handled by SW_1?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 85

Page 86: Actule Test 642-892

Actu

alTe

sts.

com

A. The switch port will trust theCoS value of the ingress voice and data traffic that comes into the

switch port.

B. The switch port will trust theCoS value of the ingress data traffic. Voice traffic will be marked at

the switch port with the default CoS value.

C. The switch port will perform marking for the ingress voice and data traffic by using the

defaultCoS value at the switch port.

D. The switch port will trust theCoS value of the ingress voice traffic. Data traffic will be marked at

the switch port with the default CoS value.

Answer: A

Explanation:

In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the

telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header

contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.

For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted

to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using

the mls qos trust cos interface configuration command, you can configure the switch port to which

the telephone is connected to trust the CoS labels of all traffic received on that port.

After you enter the mls qos trust cos command, the DSCP values are changed according to the

default values, which are listed below:

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config

uration/guide/swqos.html

QUESTION NO: 106

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 86

Page 87: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. What is the problem with this configuration?

A. Spanning tree PortFast cannot be configured on a port where a voice VLAN is configured.

B. Sticky secure MAC addresses cannot be used on a port when a voice VLAN is configured.

C. The switch port must be configured as a trunk.

D. Spanning tree PortFast cannot be configured on a port when a sticky secure MAC address is

used.

Answer: B

Explanation:

These are the voice VLAN configuration guidelines according to Cisco:

You should configure voice VLAN on switch access ports.

The voice VLAN should be present and active on the switch for the IP phone to correctly

communicate on the voice VLAN.

The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable

voice VLAN, the Port Fast feature is not automatically disabled.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 87

Page 88: Actule Test 642-892

Actu

alTe

sts.

com

When you enable port security on an interface that is also configured with a voice VLAN, you must

set the maximum allowed secure addresses on the port to at least two plus the maximum number

of secure addresses allowed on the access VLAN. When the port is connected to a Cisco IP

phone, the IP phone requires up to two MAC addresses. The address of the IP phone is learned

on the voice VLAN, and it might or might not be learned on the access VLAN. Connecting a PC to

the IP phone requires additional MAC addresses.

If any type of port security is enabled on the access VLAN, dynamic port security is automatically

enabled on the voice VLAN.

You cannot configure port security on a per-VLAN basis.

You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_22_ea2/config

uration/guide/swvoip.html

QUESTION NO: 107

Refer to the exhibit. What two statements are true? (Choose two.)

A. The IP address of the backup designated router (BDR) is FE80::205:5FFF:FED3:5808.

B. This is the designated router (DR) on the FastEthernet 0/0 link.

C. Interface FastEthernet 0/0 was configured with the ipv6 ospf 1 area 1 command.

D. OSPF version 2 has been enabled to support IPv6.

E. The output was generated by the show ip interface command.

F. The router was configured with the commands:

router ospf 1

network 172.16.6.0 0.0.0.255 area 1

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 88

Page 89: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,C

Explanation:

OSPFv3 supports IPv6. The configuration of OSPFv3 is not a subcommand mode of the router

ospf command as it is in OSPFv2 configuration. For example, instead of using the network area

command to identify networks that are part of the OSPFv3 network, the interfaces are directly

configured to specify that IPv6 networks are part of the OSPFv3 network.

The following describes the steps to configure OSPF for IPv6:

There are several commonly used OSPFv3 show commands, including the show ipv6 ospf [

process-id ] [ area-id ] interfacee [ interface ] command.

QUESTION NO: 108

Which two statements are true about the operation of voice VLANs on a Catalyst switch? (Choose

two.)

A. When voice VLANs are configured on a trunk link, UplinkFast must alsobe enabled.

B. Voice VLANs are configured to enable the switch to forward frames marked with the properCoS

values over separate physical links.

C. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default

CoS priority of the port.

D. Enabling voice VLANs enables the switch to create multiple queues for traffic that is entering a

port.

E. Enabling voice VLANs enables the switch to forward frames with a specific 802.1P marking.

Answer: C,E

QUESTION NO: 109

What are three examples of call control signaling? (Choose three.)

A. MGCP

B. G.729

C. SIP

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 89

Page 90: Actule Test 642-892

Actu

alTe

sts.

com

D. G.711

E. H.323

F. RTP

Answer: A,C,E

Explanation:

Call Control Signaling:

Packets belonging to one of several protocols-those used to set up, maintain, tear down, or

redirect a call, depending upon call endpoints. Examples are H.323, Media Gateway Control

Protocol (MGCP), and SIP (Session Initiation Protocol)

QUESTION NO: 110

In IPv6, the interfaces running OSPF can be configured with multiple address prefixes. Which

statement is true about the IPv6 addresses that can be included into the OSPF process?

A. Specific addresses can be selected using a prefix list.

B. Specific addresses cannot be selected for importation into the OSPF process.

C. Specific addresses can be selected using a route map.

D. Specific addresses can be selected using an ACL.

Answer: B

QUESTION NO: 111

What does the global configuration command ip arp inspection vlan 10-12,15 accomplish?

A. intercepts all ARP requests and responses on trusted ports

B. validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15

C. discards ARP packets with invalid IP-to-MAC address bindings on trusted ports

D. intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings

Answer: D

Explanation:

The "ip arp inspection" command enables Dynamic ARP Inspection (DAI) for the specified

VLANs. DAI is a security feature that validates Address Resolution Protocol (ARP) packets in a

network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid

MAC address to IP address bindings. This capability protects the network from certain "man-in-

the-middle" attacks.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/20ew/configuration/guide/dynarp

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 90

Page 91: Actule Test 642-892

Actu

alTe

sts.

com

.html

QUESTION NO: 112

Refer to the exhibit. Assume that Switch_A is active for the standby group and the standby device

has only the default HSRP configuration. What conclusion is valid?

A. If port Fa1/1 on Switch_A goes down, the standby device will take over as active.

B. If the current standby device were to have the higher priority value, it would take over the role of

active for the HSRP group.

C. If Switch_A had the highest prioritynumber, it would not take over as active router.

D. If port Fa1/1 on Switch_A goes down, the new priority value for the switch would be 190.

Answer: D

Explanation:

HSRP has a mechanism for detecting link failures and swaying the election, giving another router

an opportunity to take over the active role. When a specific interface is tracked, HSRP reduces the

router's priority by a configurable amount as soon as the interface goes down.

Switch( config-if)# standby group track type mod/num [decrementvalue]

By default, the decrement value for an interface is 10. So, when fa1/1 on Switch_A goes down, the

priority will be decreased by 10 from 200 to 190.

QUESTION NO: 113

If no metric is specified for the routes being redistributed into IS-IS, what metric value is assigned

to the routes?

A. 0

B. 1

C. 20

D. 10

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 91

Page 92: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A

QUESTION NO: 114

Refer to the exhibit. On the basis of the output, what two conclusions can be reached? (Choose

two.)

A. There are two neighboring routers sendingIS-IS routing information.

B. IS-IS is not enabled.

C. The default administrative distance has been changed.

D. Address summarization is configured.

E. IS-IS is not redistributing any other routing protocols.

F. Three physical interfaces are taking part in integrated IS-IS.

Answer: A,E

Explanation:

Verifying IS-IS Configuration

To verify the IS-IS configuration and IP functionality of an Integrated IS-IS network, use the

following commands; these commands can also be useful for troubleshooting problems with the

IS-IS network: show ip protocols- Displays the active IP routing protocols, the interfaces on which

they are active, and the networks for which they are routing. show ip route [address [mask]] |

[protocol [process-id]]- Displays the IP routing table. You can specify the details for a particular

route or a list of all routes in the routing table from a particular routing protocol process.

Example 6-3 is sample output from the show ip protocols command that displays information

about IP routing being done by Integrated IS-IS. IS-IS is running, it is not redistributing any other

protocols, and address summarization has not been configured. Example 6-3 also shows that

interfaces FastEthernet 0/0, Loopback 0, and Serial 0/0/1 are taking part in Integrated IS-IS, that

there are two sources of routing information (the neighboring routers), and that the administrative

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 92

Page 93: Actule Test 642-892

Actu

alTe

sts.

com

distance of Integrated IS-IS is 115.

Example 6-3, "show ip protocols" Command to Examine IS-IS:

Reference : Authorized Self-Study Guide Building Scalable Cisco Internetworks (BSCI), Third

Edition

http://safari.ibmpressbooks.com/1587052237/ch06lev1sec4

QUESTION NO: 115

Which two WLAN client utility statements are true? (Choose two.)

A. The Microsoft Wireless Configuration Manager can be configured to display the Aironet System

Tray Utility (ASTU) icon in the Windows system tray.

B. In a Windows XP environment, a client adapter can only be configured and managed with the

Microsoft Wireless Configuration Manager.

C. The Aironet Desktop Utility (ADU) can be used to enable or disable the adapter radio and to

configure LEAP authentication with dynamic WEP.

D. The Cisco Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can

both be enabled at the same time to setup WLAN client cards.

Answer: A,C

Explanation:

Enable/Disable Radio:

On the ADU, this option enables you to disable or enable the client adapter's radio. Disabling the

radio prevents the adapter from transmitting RF energy. You might want to disable the client

adapter's radio in the following situations:

You are not transmitting data and want to conserve battery power.

You are using a laptop on an airplane and want to prevent the adapter's transmissions from

potentially interfering with the operation of certain devices.

ASTU is an optional application that provides a small subset of the features available through

ADU. Specifically, it enables you to access status information about your client adapter and

perform basic tasks. ASTU is accessible from an icon in the Windows system tray, making it easily

accessible and convenient to use. The ASTU icon appears only if a client adapter is installed in

your computer and you did not disable ASTU during installation.

Reference:

http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/1.0/configuration/guide/khic

g1.pdf

QUESTION NO: 116

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 93

Page 94: Actule Test 642-892

Actu

alTe

sts.

com

Which three statements are true about EIGRP route summarization? (Choose three.)

A. The ip summary-address eigrp command generates a default route with an AD of 90.

B. Manual route summarization is configured on the interface.

C. The ip summary-address eigrp command generates a default route with an AD of 5.

D. When manual summarization is configured, the router immediately creates a route that point to

null0 interface.

E. Manual route summarization is configured in router configuration mode when the router is

configured for EIGRP routing.

F. When manual summarization is configured, EIGRP will advertise the summary address out the

interface with a metric equal to the minimum of all more specific routes.

Answer: B,D,F

Explanation:

The purpose of route summarization is small routing tables, smaller updates. On major network

boundaries, subnetworks are summarized to a single classful network and automatic route

summarization is enabled by default. Manual route summarization can be configured on per

interface basis. When summarization is configured on an interface, the router immediately creates

a route pointing to null0.

Route summarization works in conjunction with the ip summary-address eigrp interface

configuration command, in which additional summarization can be performed. If automatic

summarization is in effect, there usually is no need to configure network level summaries using the

ip summary-address eigrp command. You can configure a summary aggregate address for a

specified interface. If there are any more specific routes in the routing table, EIGRP will advertise

the summary address out the interface with a metric equal to the minimum of all more specific

routes.

Reference: http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1ceigrp.html

QUESTION NO: 117

Refer to the exhibit. Based upon the information in the exhibit, which statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 94

Page 95: Actule Test 642-892

Actu

alTe

sts.

comA. To complete this configuration, the R2 fa0/0 interface must be configured with the ip helper-

addresses command.

B. R1 will forward DHCP requests to 192.168.100.1. If there is no response, R1 will then forward

the requests to 192.168.200.1.

C. DHCP requests from the host will be rebroadcasted to R2.

D. R1 will forward all DHCP requests to both 192.168.100.1 and 192.168.200.1 as unicast

messages.

E. To complete this configuration, the R1 fa0/0 interface must be configured with the ip helper-

addresses command.

Answer: B

Explanation:

A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay

agents receive DHCP messages and then generate a new DHCP message to send out on another

interface. The agents forward requests and replies between clients and servers when they are not

on the same physical subnet.

The Cisco IOS DHCP relay agent is enabled on an interface only when the ip helper-address is

configured.

If multiple helper-addresses are configured, it tries to get response from first, if no response got

from the first helper address then sends the request to second one.

QUESTION NO: 118 HOTSPOT

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 95

Page 96: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

Explanation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 96

Page 97: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 119

What are three characteristics of the wireless repeater topology? (Choose three.)

A. Lightweight access points are required.

B. The recommended overlap of the access point on the wired LAN and the wireless repeater is

25%.

C. The recommended overlap of the access point on the wired LAN and the wireless repeater is

50%.

D. The SSID of the root access point must be configured on the repeater access point.

E. Autonomous access points are required.

F. The SSID of the root access point must be distinct from that of the repeater access point.

Answer: C,D,E

Explanation:

Use APs in Repeater Mode

You can configure APs to act as repeaters. In this mode, the AP is not connected to the wired

LAN. Instead, the AP is placed within the radio range of the AP that is connected to the wired LAN

(the root AP). In this scenario, the repeater AP associates with the root AP, and extends the range

of the radio coverage area. This enables Wireless Clients that reside away from the root AP to

gain access to the WLAN network. You can configure either the 2.4 GHz radio or the 5 GHz radio

as a repeater. In APs with two radios, only one radio can be a repeater. You must configure the

other radio as a root radio.

When you configure an AP as a repeater, the Ethernet port on that AP does not forward traffic.

The advantage with the repeater mode in APs is that this mode helps to extend the radio coverage

area of a WLAN in situations where connectivity to the wired LAN is not possible. Also, there must

be a fifty percent overlap in coverage area with the root AP for the repeater mode to function.

Part of the configuration guide for setting up the wireless AP states:

In the next step, designate this SSID as an infrastructure SSID.

!--- If you created an infrastructure SSID on the root AP,

!--- create the same SSID on the repeater.

Reference:

http://www.cisco.com/en/US/products/hw/wireless/ps441/products_tech_note09186a00805190f1.s

html

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 97

Page 98: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 120

Which two statements about HSRP priority are true? (Choose two.)

A. To assign the HSRP router priority in a standby group, the standby group-number priority

priority-value global configuration command must be used.

B. The no standby priority command assigns a priority of 100 to the router.

C. When two routers in an HSRP standby group are configured with identical priorities, the router

with the highest configured IP address will become the active router.

D. Assuming that preempting has also been configured, the router with the lowest priority in an

HSRP group would become the active router.

E. The default priority of a router is zero (0).

Answer: B,C

Explanation:

HSRP election is based on a priority value (0 to 255) that is configured on each router in the

group. By default, the priority is 100. The router with the highest priority value (255 is highest)

becomes the active router for the group. If all router priorities are equal or set to the default value,

the router with the highest IP address on the HSRP interface becomes the active router.

QUESTION NO: 121

What are two rules for compacting IPv6 addresses? (Choose two.)

A. The leading zeroes in any 16-bit segment do not have to be written.

B. Two zeroes in the middle of any 16-bit segment do not have to be written.

C. Any single, continuous string of one or more 16-bit segments that consists of all zeroes can be

represented with a double colon.

D. The trailing zeroes in any 16-bit segment do not have to be written.

E. The maximum number of times a double colon can replace a 16-bit segment that consists of all

zeroes is two.

F. Every 16-bit segment segment that consists of all zeroes can be represented with a single

colon.

Answer: A,C

QUESTION NO: 122

Refer to the exhibit. What type of message will be used by the lightweight access point (LAP) in an

attempt to locate the wireless LAN controller (WLC)?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 98

Page 99: Actule Test 642-892

Actu

alTe

sts.

com

A. The LAP will send out a DHCP request. In return, the DHCP server will provide the IP

addresses for the LAP and the WLC.

B. The LAP will send out a DNS request. In return, the DNS server will provide the WLC domain

name.

C. The LAP will send out a Layer 3 LWAPP discovery request to the WLC on the wireless network.

D. The LAP will send out a Layer 2 LWAPP discovery request to the WLC on the wireless network.

Answer: C

Explanation:

Here is an example. Assume that, in the subnet 172.16.1.0/16, you have an LAP that is already

registered with the WLC, and OTAP is enabled on the WLC. When the new LAP in the

192.168.1.0/24 subnet comes up, the LAP looks for a DHCP server and gets an IP address (if no

assignment was made previously with a static IP address). The LAP then sends out a discovery

request to the local subnet. Because in this scenario there is no WLC in the local subnet, the LAP

tries to use OTAP in order to discover WLCs. The LAP listens to neighbor messages that are sent

over the air by the LAPs (in the 172.16.1.0/16 subnet) that are already registered and looks for

WLC IP addresses. From the list of WLC IP addresses that the new LAPs learn from the neighbor

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 99

Page 100: Actule Test 642-892

Actu

alTe

sts.

com

messages, the new LAPs send out a Layer 3 LWAPP discovery request to the WLCs . The WLCs

that receive this discovery request respond with a Layer 3 LWAPP discovery response.

Reference:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml#t

opic2

QUESTION NO: 123

Which type of IGMP message is sent when a network client wants to join a multicast group?

A. host membership notification

B. host membership report

C. host membership status

D. host membership query

Answer: B

Explanation:

When a host wants to join a multicast group it sends an unsolicited Host Membership Report to

the All-hosts Group Address 224.0.0.1

QUESTION NO: 124

Which command will display EIGRP packets sent and received, as well as statistics on hello

packets, updates, queries, replies, and acknowledgments?

A. show ip eigrp interfaces

B. debug ip eigrp

C. show ip eigrp traffic

D. debug eigrp packets

Answer: C

Explanation:

The show ip eigrp traffic command displays the number of Enhanced IGRP (EIGRP) packets sent

and received.

Example:

The following is sample output from the show ip eigrp traffic command:

Router# show ip eigrp traffic

IP-EIGRP Traffic Statistics for process 77

Hellos sent/received: 218/205

Updates sent/received: 7/23

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 100

Page 101: Actule Test 642-892

Actu

alTe

sts.

com

Queries sent/received: 2/0

Replies sent/received: 0/2

Acks sent/received: 21/14

Reference

:http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_reference_chapter

09186a00800ca5a9.html#wp1018815

QUESTION NO: 125

Refer to the exhibit. Which two statements are true? (Choose two.)

A. The eigrp stub command prevents queries from being sent from R2 to R1.

B. Router R1 will advertise connected and static routes. The sending of summary routes will not

be permitted.

C. The eigrp stub command will automatically enable summarization of routes on R2.

D. Router R1 will advertise connected and summary routes only.

E. Router R1 is configured as a receive-only neighbor and will not send any connected, static, or

summary routes.

F. The eigrp stub command prevents all routes except a default route from being advertised to R1.

Answer: A,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 101

Page 102: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 126

How is the designated querier elected in IGMPv2?

A. The host with the lowest MAC address on a segment is designated.

B. The first router to appear on a subnet is designated.

C. The host that responds first to the election query is designated.

D. The router with the lowest IP address on a subnet is designated.

Answer: D

Explanation:

Multicast routers send host membership query messages (host query messages) to discover

which multicast groups have members on the attached networks of the router. Hosts respond with

IGMP report messages indicating that they want to receive multicast packets for specific groups

(that is, indicating that the host wants to become a member of the group). Host query messages

are addressed to the all-hosts multicast group, which has the address 224.0.0.1, and has an IP

time-to-live (TTL) value of 1.

The designated router for a LAN is the only router that sends IGMP host query messages:

For IGMP Version 1, the designated router is elected according to the multicast routing protocol

that runs on the LAN.

For IGMP Version 2, the designated querier is the lowest IP-addressed multicast router on the

subnet . If the router hears no queries for the timeout period (controlled by the ip igmp querier-

timeout command), it becomes the querier.

Reference:

http://www.cisco.com/en/US/docs/ios/ipmulti/command/reference/imc_02.html#wp1012967

QUESTION NO: 127

Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on

both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been

configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able

to reach Host B?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 102

Page 103: Actule Test 642-892

Actu

alTe

sts.

com

A. No. Traffic will loop back and forth between switch S5 and S2.

B. No. Traffic willeither pass from switch S6 to to S5 and dead-end, or traffic will pass from switch

S6 to S3 to S2 and dead-end.

C. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to

S1.

D. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0.

E. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.

Answer: E

Explanation:

The BPDU filtering feature can be globally enabled on the switch or can be enabled per interface,

but the feature operates with some differences.

At the global level, you can enable BPDU filtering on Port Fast-enabled ports by using the

spanning-tree portfast bpdufilter default global configuration command. This command prevents

ports that are in a Port Fast-operational state from sending or receiving BPDUs . The ports still

send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should

globally enable BPDU filtering on a switch so that hosts connected to these ports do not receive

BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational

status, and BPDU filtering is disabled.

At the interface level, you can enable BPDU filtering on any port by using the spanning-tree

bpdufilter enable interface configuration command without also enabling the Port Fast feature.

This command prevents the port from sending or receiving BPDUs.

QUESTION NO: 128

Refer to the exhibit. Which two statements are true about the required switch configurations to

support a voice VLAN? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 103

Page 104: Actule Test 642-892

Actu

alTe

sts.

com

A. CDP must be disabled on the switch port to prevent interference between CDP messages and

voice traffic.

B. Port security cannot be configured on a port that is configured for a voice vlan.

C. CDP must be enabled on the switch port to allow configuration information to be passed to the

IP phone.

D. Static secure MAC addresses should be configured on voice vlan ports to prevent access by

devices other than IP phones.

E. Portfast must be enabled on the switch port.

F. 802.1x authentication cannot be configured on a port configured for a voice vlan.

Answer: C,E

Explanation:

CDP (Cisco Discovery Protocol) must be enabled on switch port connected to IP Phone to

recognize the IP Phone by switch and enable Port Fast to bring switch port directly from blocking

to forwarding state. The Port Fast feature is automatically enabled when voice VLAN is

configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.

QUESTION NO: 129

Refer to the exhibit. Which statement is true about the configuration?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 104

Page 105: Actule Test 642-892

Actu

alTe

sts.

com

A. Hosts belonging to DHCP pool 1 and pool 2 will retain their IP settings for 30 hours before they

must renew.

B. Hosts in the 10.10.20.0/24 subnet will use 10.10.20.50 as its DNS server.

C. Hosts will receive IP settings from pool 1 until the addresses run out, and then hosts will receive

the settings from pool 2.

D. DHCP pool 0 needs to have the ip dhcp excluded-address command to exclude the default

router and DNS servers.

Answer: B

QUESTION NO: 130

Which statement is true about 802.1x port-based authentication?

A. Before transmitting data, an 802.1x host must determine the authorization state of the switch.

B. Hosts are required to havea 802.1x authentication client or utilize PPPoE.

C. RADIUS is the only supported authentication server type.

D. If a host initiates the authentication process and does not receive a response, it assumes it is

not authorized.

Answer: C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 105

Page 106: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

The IEEE 802.1x standard defines a port-based access control and authentication protocol that

restricts unauthorized workstations from connecting to a LAN through publicly accessible switch

ports. The authentication server authenticates each workstation that is connected to a switch port

before making available any services offered by the switch or the LAN. Until the workstation is

authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN

(EAPOL) traffic through the port to which the workstation is connected. After authentication

succeeds, normal traffic can pass through the port.

Authentication server: Performs the actual authentication of the client. The authentication server

validates the identity of the client and notifies the switch whether or not the client is authorized to

access the LAN and switch services. Because the switch acts as the proxy, the authentication

service is transparent to the client. The RADIUS security system with Extensible Authentication

Protocol (EAP) extensions is the only supported authentication server.

QUESTION NO: 131

Refer to the exhibit. All multilayer switches are running PIM dense mode. Recipient A and

Recipient B are sending IGMPv2 join messages to their respective multilayer switches. Which

statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 106

Page 107: Actule Test 642-892

Actu

alTe

sts.

com

A. The Multicast Server is the root of the multicast tree. Switches 4 and 5 will participate in the

multicast tree once pruning has taken place.

B. Switch 1 is the root of the multicast tree. Switches 1,4, and 5 will participate in the multicast tree

once pruning has taken place.

C. Switch 3 is the root of the multicast tree. Switches 3,4, and 5 will participate in the multicast tree

once pruning has taken place.

D. Switch 3 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast

tree once pruning has taken place.

E. Switch 1 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast

tree once pruning has taken place.

F. The Multicast Server is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the

multicast tree once pruning has taken place.

Answer: F

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 107

Page 108: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 132

When the passive-interface command is used on a router, which two routing protocols will

continue to receive routing updates on an interface that is configured as passive? (Choose two.)

A. RIPv2

B. OSPF

C. EIGRP

D. RIP

Answer: A,D

Explanation:

You can use the passive-interface command to control the advertisement of routing information.

The command enables the suppression of routing updates over some interfaces while it allows

updates to be exchanged normally over other interfaces.

With most routing protocols, such as RIP version 1 and 2, the passive-interface command restricts

outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing

Protocol (EIGRP) and OSPF, the effect is slightly different. The use of the passive-interface

command in EIGRP suppresses the exchange of hello packets between two routers, which results

in the loss of their neighbor relationship. This stops not only routing updates from being

advertised, but it also suppresses incoming routing updates.

The same is true for OSPF. To stop routers from becoming OSPF neighbors on a particular

interface, issue the passive-interface command at the interface.

References:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml

http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml

QUESTION NO: 133

Which three statements are true regarding the above diagram? (Choose three.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 108

Page 109: Actule Test 642-892

Actu

alTe

sts.

comA. A trunk link will be formed.

B. The native VLAN for Switch B is vlan 1.

C. Only VLANs 1-1001 will travel across the trunk link.

D. DTP packets are sent from Switch B.

E. DTP is not running on Switch A.

Answer: A,B,D

Explanation:

You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In

addition, Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking

Protocol (DTP) that negotiates a common trunking mode between two switches. The negotiation

covers the encapsulation (ISL or 802.1Q) as well as whether the link becomes a trunk at all.

You can configure the trunk encapsulation with the switchport trunk encapsulation command, as

one of the following: isl - VLANs are tagged by encapsulating each frame using the Cisco ISL

protocol. dot1q -VLANs are tagged in each frame using the IEEE 802.1Q standard protocol. The

only exception is the native VLAN, which is sent normally and not tagged at all. negotiate (the

default)-The encapsulation is negotiated to select either ISL or IEEE 802.1Q, whichever is

supported by both ends of the trunk. If both ends support both types, ISL is favored. (The Catalyst

2950 switch does not support ISL encapsulation.)

In the switchport mode command, you can set the trunking mode to any of the following: trunk -

This setting places the port in permanent trunking mode. The corresponding switch port at the

other end of the trunk should be similarly configured because negotiation is not allowed. You

should also manually configure the encapsulation mode. dynamic desirable (the default)-The port

actively attempts to convert the link into trunking mode. If the far-end switch port is configured to

trunk , dynamic desirable , or dynamic auto mode, trunking is successfully negotiated. dynamic

auto -The port converts the link into trunking mode. If the far-end switch port is configured to trunk

or dynamic desirable , trunking is negotiated. Because of the passive negotiation behavior, the link

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 109

Page 110: Actule Test 642-892

Actu

alTe

sts.

com

never becomes a trunk if both ends of the link are left to the dynamic auto default.

QUESTION NO: 134

Refer to the exhibit. Based upon the debug output that is shown, which three statements about

HSRP are true? (Choose three.)

A. The router with IP address 172.16.11.112 is using default HSRP priority.

B. The IP address 172.16.11.115 is the virtual HSRP IP address.

C. The priority of the router with IP address 172.16.11.112 is preferred over the router with IP

address 172.16.11.111.

D. The router with IP address 172.16.11.111 haspreempt configured.

E. The final active router is the router with IP address 172.16.11.111.

F. The router with IP address 172.16.11.112 has nonpreempt configured.

Answer: B,D,E

Explanation:

Each router in an HSRP group has its own unique IP address assigned to an interface. This

address is used for all routing protocol and management traffic initiated by or destined to the

router. In addition, each router has a common gateway IP address, the virtual router address, that

is kept alive by HSRP. This address is also referred to as the HSRP address or the standby

address . Clients can point to that virtual router address as their default gateway, knowing that a

router always keeps that address active. Keep in mind that the actual interface address and the

virtual (standby) address must be configured to be in the same IP subnet. You can assign the

HSRP address with the following interface command:

Switch( config-if)# standby group ip ip-address [secondary]

When HSRP is used on an interface that has secondary IP addresses, you can add the secondary

keyword so that HSRP can provide a redundant secondary gateway address.

You can configure a router to preempt or immediately take over the active role if its priority is the

highest at any time. Use the following interface configuration command to allow preemption:

Switch( config-if)# standby group preempt [delay seconds]

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 110

Page 111: Actule Test 642-892

Actu

alTe

sts.

com

By default, the router can preempt another immediately, without delay. You can use the delay

keyword to force it to wait for seconds before becoming active. This is usually done if there are

routing protocols that need time to converge.

QUESTION NO: 135

Refer to the exhibit. What are two important facts in interpreting the output of the show ip pim

interface command? (Choose two.)

A. Point-to-Point links do not display DR information.

B. Multiaccess segments elect a DR based on highest IP address.

C. Multiaccess segments elect a DR based on lowest IP address.

D. The RP is only seen in version 2 of Sparse-Dense mode.

E. Multiaccess, multicast segments do not elect a DR.

Answer: A,B

Explanation:

show ip pim interface: Use this command to display information about interfaces configured for

PIM. In addition, you can use this command to verify that the correct PIM mode (dense or sparse)

is configured on the interface, the neighbor count is correct, and the designated router (DR) is

correct (which is critical for PIM sparse mode). Multi-access segments (such as Ethernet, Token

Ring, FDDI ) elect a DR based on highest IP address. Point-to-Point links do not display DR

information.

Reference:

http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml

QUESTION NO: 136

Refer to the exhibit. What statement is true based upon the configuration in the exhibit?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 111

Page 112: Actule Test 642-892

Actu

alTe

sts.

com

A. If a rendezvous point is configured, the interface cannot operate in dense mode.

B. CGMP version 2 is being used.

C. IGMP version 2 is being used.

D. A rendezvous point must be configured in order for the interface to operate in sparse mode.

E. The switch will use sparse mode first, dense mode second.

F. The rendezvous point is IP address 172.16.4.16.

Answer: D

Explanation:

A rendezvous point (RP) is required only in networks running Protocol Independent Multicast

sparse mode (PIM-SM). The protocol is described in RFC 2362. In PIM-SM, only network

segments with active receivers that have explicitly requested multicast data will be forwarded the

traffiC. An interface configured in sparse-dense mode is treated in either sparse mode or dense

mode of operation, depending on which mode the multicast group operates. If a multicast group

has a known RP, the interface is treated in sparse mode. If a group has no known RP, the

interface is treated in dense mode and data will be flooded over this interface.

Reference: Configuring a Rendezvous Point

http://www.cisco.com/en/US/docs/ios/solutions_docs/ip_multicast/White_papers/rps.html

QUESTION NO: 137

Which statement is true about the Lightweight Access Point Protocol (LWAPP)?

A. The control traffic between the client and the access point is encapsulated with the LWAPP.

B. Real-time frame exchange is accomplished within the access point.

C. Authentication, security, and mobility are handled by the access point.

D. Data traffic between the client and the access point is encapsulated with LWAPP.

Answer: B

Explanation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 112

Page 113: Actule Test 642-892

Actu

alTe

sts.

com

When LWAPP was first introduced to the WLAN industry in 2002, it revolutionized the way WLAN

deployments were managed with the concept of a "split MAC" the ability to separate the real-time

aspects of the 802.11 protocol from most of its management aspects. In particular, real-time frame

exchange and certain real-time portions of MAC management are accomplished within the access

point, while authentication, security management, and mobility are handled by WLAN controllers.

Reference:

http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6306/prod_white_paper0900aecd8

02c18ee_ns337_Networking_Solutions_White_Paper.html

QUESTION NO: 138

Refer to the exhibit. On the basis of the information in the exhibit, which two statements are true?

(Choose two.)

A. The output was generated by entering the show ip bgp command on the ISP router.

B. The serial 0/0/1 interface on the ISP router has been configured with the set metric 50

command.

C. The serial 0/0/1 interface on the ISP router has been configured with the set metric 75

command.

D. The output was generated by entering the show ip bgp command on the SanJose1 router.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 113

Page 114: Actule Test 642-892

Actu

alTe

sts.

com

E. When traffic is sent from the ISP to autonomous system 64512, the traffic will be forwarded to

SanJose2 because of the higher MED value of SanJose2.

F. When traffic is sent from the ISP to autonomous system 64512, the traffic will be forwarded to

SanJose1 because of the lower MED value of SanJose1.

Answer: B,C

Explanation:

The "show ip route bgp" command will display any BGP-learned routes that make it into the IP

routing table, the command "show ip bgp" is required to display the contents of the actual BGP

routing table. This output was seen on ISP because the local router ID is 192.168.100.1 (ISP).

Since we know that this output must have been seen by ISP, we know the serial 0/0/1 interface

has been configured with a metric of 75, as this is the metric to the peer with IP address

192.168.1.2 (the other side of the serial 0/0/1 interface).

QUESTION NO: 139

Which description correctly describes a MAC address flooding attack?

A. The attacking device spoofs a source MAC address of a valid host currently in theCAM table.

The switch then forwards frames destined for the valid host to the attacking device.

B. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the

attacking device then becomes the destination address found in the Layer 2 frames sent by the

valid network device.

C. The attacking device spoofs a destination MAC address of a valid host currently in theCAM

table. The switch then forwards frames destined for the valid host to the attacking device.

D. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the

attacking device then becomes the source address found in the Layer 2 frames sent by the valid

network device.

E. Frames with unique, invalid destination MAC addresses flood the switch and exhaustCAM table

space. The result is that new entries cannot be inserted because of the exhausted CAM table

space, and traffic is subsequently flooded out all ports.

F. Frames with unique, invalid source MAC addresses flood the switch and exhaustCAM table

space. The result is that new entries cannot be inserted because of the exhausted CAM table

space, and traffic is subsequently flooded out all ports.

Answer: F

Explanation:

A common Layer 2 or switch attack is MAC flooding, resulting in a switch's CAM table overflow,

which causes flooding of regular data frames out all switch ports. This attack can be launched for

the malicious purpose of collecting a broad sample of traffic or as a denial of service (DoS) attack.

A switch's CAM tables are limited in size and therefore can contain only a limited number of

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 114

Page 115: Actule Test 642-892

Actu

alTe

sts.

com

entries at any one time. A network intruder can maliciously flood a switch with a large number of

frames from a range of invalid source MAC addresses. If enough new entries are made before old

ones expire, new valid entries will not be accepted. Then, when traffic arrives at the switch for a

legitimate device that is located on one of the switch ports that was not able to create a CAM table

entry, the switch must flood frames to that address out all ports. This has two adverse effects: The

switch traffic forwarding is inefficient and voluminous. An intruding device can be connected to any

switch port and capture traffic that is not normally seen on that port.

If the attack is launched before the beginning of the day, the CAM table would be full when the

majority of devices are powered on. Then frames from those legitimate devices are unable to

create CAM table entries as they power on. If this represents a large number of network devices,

the number of MAC addresses for which traffic will be flooded will be high, and any switch port will

carry flooded frames from a large number of devices.

QUESTION NO: 140

Refer to the exhibit. What should be taken into consideration when using the Cisco Aironet

Desktop Utility (ADU) to configure the static WEP keys on the wireless client adapter?

A. The client adapter WEP key should be generated by the authentication server and forwarded to

the client adapter before the client adapter can establish communication with the wireless network.

B. In infrastructure mode the client adapter WEP key must match the WEP key used by the

access point. In ad hoc mode all client WEP keys within the wireless network must match each

other.

C. The client adapter WEP key should be generated by the AP and forwarded to the client adapter

before the client adapter can establish communication with the wireless network.

D. Before the client adapter WEP key is generated, all wireless infrastructure devices (such as

access points, servers, etc.) must be properly configured for LEAP authentication.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 115

Page 116: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

Explanation:

Your client adapter's WEP key must match the WEP key used by the access point (in

infrastructure mode) or clients (in ad hoc mode) with which you are planning to communicate.

Reference:

http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/3.5/configuration/guide/wina

pekh.html

QUESTION NO: 141

Refer to the exhibit.

On the basis of the configuration that is provided, how would the BGP updates that come from

router R1 be replicated inside autonomous system 65200?

A. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.

B. All BGP updates that are received on router R2 will be sent directly to router R5.

C. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3

and R4 will then forward those BGP updates to router R5.

D. None of the BGP updates that are received on router R2 will ever be received by router R5.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 116

Page 117: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

QUESTION NO: 142

Which statement is true about RSTP topology changes?

A. Any loss of connectivity generates a TC BPDU.

B. Only nonedge ports moving to the forwarding state generate a TC BPDU.

C. If either an edge port or a nonedge port moves to a block state, then a TC BPDU is generated.

D. Only nonedge ports moving to the blocking state generate a TC BPDU.

E. Any change in the state of the port generates a TC BPDU.

Answer: B

Explanation:

The IEEE 802.1D Spanning Tree Protocol was designed to keep a switched or bridged network

loop free, with adjustments made to the network topology dynamically. A topology change typically

takes 30 seconds, where a port moves from the Blocking state to the Forwarding state after two

intervals of the Forward Delay timer. As technology has improved, 30 seconds has become an

unbearable length of time to wait for a production network to failover or "heal" itself during a

problem.

Topology Changes and RSTP

Recall that when an 802.1D switch detects a port state change (either up or down) , it signals the

Root Bridge by sending topology change notification (TCN) BPDUs. The Root Bridge must then

signal a topology change by sending out a TCN message that is relayed to all switches in the STP

domain. RSTP detects a topology change only when a nonedge port transitions to the Forwarding

state. This might seem odd because a link failure is not used as a trigger. RSTP uses all of its

rapid convergence mechanisms to prevent bridging loops from forming. Therefore, topology

changes are detected only so that bridging tables can be updated and corrected as hosts appear

first on a failed port and then on a different functioning port.

When a topology change is detected, a switch must propagate news of the change to other

switches in the network so they can correct their bridging tables, too. This process is similar to the

convergence and synchronization mechanism-topology change (TC) messages propagate through

the network in an ever-expanding wave.

QUESTION NO: 143

Which command displays the IBGP and EBGP neighbors that are configured?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 117

Page 118: Actule Test 642-892

Actu

alTe

sts.

com

A. show ip bgp peers

B. show ip bgp summary

C. show ip bgp paths

D. show ip bgp

Answer: B

Explanation:

The "show ip bgp summary" command displays the summary of all BGP connections.

QUESTION NO: 144

Refer to the exhibit. Given the output of a debug ip mrouting command, which two statements are

true? (Choose two.)

A. Multicast route to 224.69.15.0

B. 24 will be out Ethernet 0.

C. 24 was added to the mroute table and created by a source directly connected to the router.

D. This router received an IGMP host report from a group member or a PIM join message.

E. The reverse path forwarding (RPF) for the route 224.2.0.1 failed to find the interface on which

the multicast packet was received.

F. 16 was added to the mroute table and created by a source directly connected to the router.

G. Multicast route to 10.16.0.0

H. The route to 224.69.15.0

Answer: D,G

Explanation:

The following is sample output from the debug ip mrouting command:

Router# debug ip mrouting 224.2.0.1

MRT: Delete (10.0.0.0/8, 224.2.0.1)

MRT: Delete (10.4.0.0/16, 224.2.0.1)

MRT: Delete (10.6.0.0/16, 224.2.0.1)

MRT: Delete (10.9.0.0/16, 224.2.0.1)

MRT: Delete (10.16.0.0/16, 224.2.0.1)

MRT: Create (*, 224.2.0.1), if_input NULL

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 118

Page 119: Actule Test 642-892

Actu

alTe

sts.

com

MRT: Create (224.69.15.0/24, 225.2.2.4), if_input Ethernet0, RPF nbr 224.69.61.15

MRT: Create (224.69.39.0/24, 225.2.2.4), if_input Ethernet1, RPF nbr 0.0.0.0

MRT: Create (10.0.0.0/8, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

MRT: Create (10.4.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

MRT: Create (10.6.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

The following lines show that multicast IP routes were deleted from the routing table:

MRT: Delete (10.0.0.0/8, 224.2.0.1)

MRT: Delete (10.4.0.0/16, 224.2.0.1)

MRT: Delete (10.6.0.0/16, 224.2.0.1)

The (*, G) entries are generally created by receipt of an Internet Group Management Protocol

(IGMP) host report from a group member on the directly connected LAN or by a Protocol

Independent Multicast (PIM) join message (in sparse mode) that this router receives from a router

that is sending joins toward the RP. This router will in turn send a join toward the Route Processor

(RP) that creates the shared tree (or RP tree).

MRT: Create (*, 224.2.0.1), if_input NULL

The following lines are an example of creating an (S, G) entry that shows that an IP multicast

packet (mpacket) was received on Ethernet interface 0. The second line shows a route being

created for a source that is on a directly connected LAN. The RPF means "Reverse Path

Forwarding," whereby the router looks up the source address of the multicast packet in the unicast

routing table and determines which interface will be used to send a packet to that source.

MRT: Create (224.69.15.0/24, 225.2.2.4), if_input Ethernet0, RPF nbr 224.69.61.15

MRT: Create (224.69.39.0/24, 225.2.2.4), if_input Ethernet1, RPF nbr 224.0.0.0

The following lines show that multicast IP routes were added to the routing table. Note the

224.0.0.0 as the RPF, which means the route was created by a source that is directly connected to

this router.

MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0

If the source is not directly connected, the neighbor address shown in these lines will be the

address of the router that forwarded the packet to this router.

The shortest path tree state maintained in routers consists of source (S), multicast address (G),

outgoing interface (OIF), and incoming interface (IIF). The forwarding information is referred to as

the multicast forwarding entry for (S, G).

An entry for a shared tree can match packets from any source for its associated group if the

packets come through the proper incoming interface as determined by the RPF lookup. Such an

entry is denoted as (*, G). A (*, G) entry keeps the same information a (S, G) entry keeps, except

that it saves the rendezvous point address in place of the source address in sparse mode or as

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 119

Page 120: Actule Test 642-892

Actu

alTe

sts.

com

24.0.0.0 in dense mode.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/debug/command/reference/dbftipdv.html

QUESTION NO: 145

Which two statements about voice traffic are true? (Choose two.)

A. Voice packets are typically around 60 to 120 bytes.

B. For voice quality, packet loss should be less than 2 percent and delay should be no more than

250 ms.

C. Voice packets are typically around 600 to 1200 bytes.

D. For voice quality, packet loss should be less than 1 percent and delay should be no more than

150 ms.

E. A typical voice call requires 17 kbps to 106 kbps of guaranteed priority bandwidth plus an

additional 15 kbps per call for voice-control traffic.

F. Voice packets are typically around 60 to 120 KB.

Answer: D,E

Explanation:

QoS Requirements for Voice:

Voice calls, either one-to-one or on a conference connection capability, require the following:

? 150 ms of one-way latency from mouth to ear (per the ITU G.114 standard)

? 30 ms jitter

? 1 percent packet loss

17 to 106 kbps of guaranteed priority bandwidth per call (depending on the sampling rate, codec,

and Layer 2 overhead)

150 bps (plus Layer 2 overhead) per phone of guaranteed bandwidth for voice control traffic

The choice of codec has impacts in many areas. The most important is the capacity planning on

the network, because the bandwidth consumed in different codecs varies.

Reference:

http://www.informit.com/content/images/1587051915/samplechapter/1587051915content.pdf

QUESTION NO: 146

Which two statements are true about the rendezvous point (RP) in a multicast network? (Choose

two.)

A. The multicast receivers must register with the RP to form the multicast distribution tree.

B. To form the multicast distribution tree, the multicast sources register with and the receivers join

the RP.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 120

Page 121: Actule Test 642-892

Actu

alTe

sts.

com

C. The multicast sources must register with the RP to form the multicast distribution tree.

D. An RP is required only in networks running Protocol Independent Multicast sparse mode (PIM

SM).

E. An RP is required only in networks running Protocol Independent Multicast sparse-dense mode

(PIM-SDM).

F. An RP is required only in networks running Protocol Independent Multicast dense mode (PIM

DM).

Answer: B,D

QUESTION NO: 147

Which three IP multicast related statements are true? (Choose three.)

A. Multicast addresses 224.0.0.0 through 224.0.0.255 are used for network protocols on local LAN

segments. Because they are always transmitted with a Time to Live (TTL) of 1, they are never

forwarded by a router.

B. Multicast addresses 224.0.0.5 and 224.0.0.6 are limited scoped addresses that have been

reserved for OSPF.

C. Multicast addresses 224.0.1.0 through 238.255.255.255 are called globally scoped addresses.

They are used to multicast data between organizations and across the Internet.

D. Multicast addresses 239.0.0.0 through 239.255.255.255 are called limited scope addresses.

They are constrained to a local group or organization.

E. The multicast address 224.0.0.1 is a globally scoped address that has been reserved for the

Network Time Protocol (NTP) by the IANA.

Answer: A,C,D

Explanation:

These addresses are never forwarded off the local subnet (regardless of TL, usually set to 1).

224.0.0.1: all hosts 224.0.0.2: all multicast routers (PIMv1, all routers due to transport inIGMPv1)

224.0.0.4: all DVMRP routers 224.0.0.5: all OSPF routers 224.0.0.6: all OSPF DR routers (DR:

Designated Router) 224.0.0.9: all RIP2 routers 224.0.0.13: all PIMv2 routers 224.0.1.39: CISCO-

RP-ANNOUNCE 224.0.1.40: CISCO-RP-DISCOVERY Global scope: 224.0.1.0 to

238.255.255.255 (allocated dynamically throuh Internet) Limited scope: 239.0.0.0 to

239.255.255.255 (reserved for use inside prvate domains) See

http://www.iana.org/assignments/multicast-addresses for a complete lst.

QUESTION NO: 148

Refer to the exhibit. IP multicast for group address 224.1.1.1 has been enabled on all routers in

the network. Hosts on Network A receive the multicast traffic. However, hosts on Network B do

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 121

Page 122: Actule Test 642-892

Actu

alTe

sts.

com

not. On the basis of outputs provided, what could be the cause of the problem?

A. Router R2 does not see the upstream router R1 as a PIM neighbor.

B. Router R2 does not have an RP configured on the multicast network.

C. The multicast packets are sourced from a server with an unspecified IP address.

D. Becauseof RPF failure, Router R2 does not forward multicast packets to Network B.

Answer: D

Explanation:

Multicast routing uses a mechanism called Reverse Path Forwarding (RPF) to prevent forwarding

loops and to ensure the shortest path from the source to the receivers. If there is RPF failure, the

router does not forward the multicast packets to neighbor.

QUESTION NO: 149

Refer to the exhibit. Which two conclusions can be drawn from the debug ip igmp output? (Choose

two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 122

Page 123: Actule Test 642-892

Actu

alTe

sts.

com

A. IP PIM RP mapping is static.

B. The router sent an IGMP version 2query out interface Ethernet1 at multicast address 224.0.0.1.

C. Reverse Path Forwarding (RPF) is enabled for 192.168.9.4.

D. The IP multicast groups are 224.0.0.1, 224.0.1.40, and 239.255.0.1.

E. Reverse Path Forwarding (RPF) is enabled for 224.0.1.40.

F. Router RTA received an IGMP report version 1 from host 192.168.9.1.

Answer: B,F

Explanation:

Use the debug ip igmp command to display IGMP packets received and transmitted, as well as

IGMP-host related events. The no form of this command disables debug output.

This output helps you discover whether the IGMP processes function. In general, if IGMP does not

work, the router process never discovers another host on the network that is configured to receive

multicast packets. In PIM dense mode, this means the packets are delivered intermittently (a few

every three minutes). In PIM sparse mode, they are never delivered.

R1# debug ip igmp

12:32:51.065: IGMP: Send v2 Query on Ethernet1 to 224.0.0.1

12:32:51.069: IGMP: Set report delay time to 9.4 seconds for 224.0.1.40 on Ethernet1

12:32:56.909: IGMP: Received v1 Report from 192.168.9.1 (Ethernet1) for 239.255.0.1

12:32:56.917: IGMP: Starting old host present timer for 239.255.0.1 on Ethernet1

12:33:01.065: IGMP: Send v2 Report for 224.0.1.40 on Ethernet1

12:33:01.069: IGMP: Received v2 Report from 192.168.9.4 (Ethernet1) for 224.0.1.40

12:33:51.065: IGMP: Send v2 Query on Ethernet1 to 224.0.0.1

The output above shows that the router sends an IGMP version 2 query out interface Ethernet 1 at

multicast address 224.0.0.1 (All multicast systems on this subnet). Interface Ethernet 1 itself is a

member of group 224.0.1.40 (you can use the show ip igmp interface command to determine this),

which sets a report delay time of 9.4 seconds (randomly determined). Because it does not receive

any report from another system for multicast group 224.0.1.40 for the next 9.4 seconds, it sends a

version 2 report of its membership, which is received by the router itself on Ethernet 1. It also

receives IGMP report version 1 from host 192.168.9.1, which is directly connected to the interface

Ethernet 1 for group 239.255.0.1.

This debug output is useful when you verify that the router interface sends queries and to

determine the query interval (in the above case, 60 seconds). You can also use the command to

determine the version of IGMP used by the clients.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 123

Page 124: Actule Test 642-892

Actu

alTe

sts.

com

Reference: Basic Multicast Troubleshooting Tools

http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml

QUESTION NO: 150

Refer to the exhibit. The user who is connected to interface FastEthernet 0/1 is on VLAN 10 and

cannot access network resources. On the basis of the information in the exhibit, which command

sequence would correct the problem?

A. SW1(config)# interface fastethernet 0/1

SW1(config-if)# no shut

B. SW1(config)# interface fastethernet 0/1

SW1(config-if)# switchport mode access

SW1(config-if)# switchport access vlan 10

C. SW1(config)# vlan 10

SW1(config-vlan)# state active

D. SW1(config)# interface fastethernet 0/1

SW1(config-if)# switchport mode access

E. SW1(config)# vlan 10

SW1(config-vlan)# no shut

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 124

Page 125: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A

Explanation:

In Exhibit Operation Mode is down, it means interface is in down state. Just bring into up state

using no shutdown command

QUESTION NO: 151

What are two methods of mitigating MAC address flooding attacks? (Choose two.)

A. Implement VLAN access maps.

B. Implement DHCP snooping.

C. Place unused ports in a common VLAN.

D. Implement private VLANs.

E. Implement port security.

Answer: A,E

QUESTION NO: 152

What is one method that can be used to prevent VLAN hopping?

A. password combinations.

B. Configure all frames with two 802.1Q headers.

C. Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports.

D. Configure ACLs.

E. Configure VACLs.

F. Enforce username

Answer: C

Explanation:

When securing VLAN trunks, also consider the potential for an exploit called VLAN hopping. Here,

an attacker positioned on one access VLAN can craft and send frames with spoofed 802.1Q tags

so that the packet payloads ultimately appear on a totally different VLAN, all without the use of a

router.

For this exploit to work, the following conditions must exist in the network configuration:

? The attacker is connected to an access switch port.

? The same switch must have an 802.1Q trunk.

? The trunk must have the attacker's access VLAN as its native VLAN.

To prevent from VLAN hopping turn off Dynamic Trunking Protocol on all unused ports.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 125

Page 126: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 153

Refer to the exhibit. Host A has sent an ARP message to the default gateway IP address

10.10.10.1. Which statement is true?

A. DSw1 will reply with the MAC address of the next AVF.

B. DSw2 will reply with the MAC address of the next AVF.

C. Because of the invalid timers that are configured, DSw1 will not reply.

D. Because of the invalid timers that are configured, DSw2 will not reply.

E. DSw1 will reply with the IP address of the next AVF.

F. DSw2 will reply with the IP address of the next AVF.

Answer: B

Explanation:

The Gateway Load Balancing Protocol (GLBP) is a Cisco-proprietary protocol designed to

overcome the limitations of existing redundant router protocols. Some of the concepts are the

same as with HSRP/VRRP, but the terminology is different and the behavior is much more

dynamic and robust.

The trick behind this load balancing lies in the GLBP group. One router is elected the active virtual

gateway (AVG). This router has the highest priority value, or the highest IP address in the group, if

there is no highest priority. The AVG answers all ARP requests for the virtual router address.

Which MAC address it returns depends on which load-balancing algorithm it is configured to use.

In any event, the virtual MAC address supported by one of the routers in the group is returned.

According to exhibit, Router DSW2 is the Active Virtual Gateway (AVG) router because it has

highest IP address even having equal priority. When router DSW1 sends the ARP message to

10.10.10.1 Router DSW 2 will reply to DSW 1 as a Active Virtual Router.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 126

Page 127: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 154

What is the IPv6 address FF02::2 used for?

A. all routers in a local segment

B. all hosts in a particular multicast group

C. all hosts in a local segment

D. all routers in an autonomous system

Answer: A

Explanation:

To identify all nodes for the node-local and link-local scopes, the following multicast addresses are

defined:

FF01::1 (node-local scope all-nodes address)

FF02::1 (link-local scope all-nodes address)

To identify all routers for the node-local, link-local, and site-local scopes, the following multicast

addresses are defined:

FF01::2 (node-local scope all-routers address)

FF02::2 (link-local scope all-routers address)

FF05::2 (site-local scope all-routers address)

Reference: http://technet2.microsoft.com/windowsserver/en/library/8c07faf2-35b3-4f2a-920f-

d61ad76581ad1033.mspx?mfr=true

QUESTION NO: 155

Based on the exhibited output, which three statements are true? (Choose three.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 127

Page 128: Actule Test 642-892

Actu

alTe

sts.

com

A. The best path for R1 to reach the 192.168.1.48/28 prefix is via 192.168.1.66.

B. R1 is in AS 200.

C. All the routes are in the passive mode because these routes are in the hold-down state.

D. All the routes are in the passive mode because R1 is in the query process for those routes.

E. R1 will load balance between three paths to reach the 192.168.1.48/28 prefix because all three

paths have the same advertised distance (AD) of 40512000.

F. 40512000 is the advertised distance (AD) via 192.168.1.66 to reach the 192.168.1.48/28 prefix.

Answer: A,B,F

Explanation:

The R1 router resides in AS 200, as displayed by the "IP EIGRP topology for process 200" output.

Regarding the numbers specified in the parenthesis, the first number is the EIGRP metric that

represents the cost to the destination. The second number is the EIGRP metric that this peer

advertised.

Based on this, the best path to the 192.168.1.48/28 destination is via 192.168.1.66, because the

metric is less than the alternatives.

QUESTION NO: 156

Which three components are included in the Cisco autonomous WLAN solution? (Choose three.)

A. Wireless Control System (WCS)

B. Access Control Server (ACS)

C. Lightweight Access Point Protocol (LWAPP)

D. Wireless Domain Services (WDS)

E. Wireless LAN Solution Engine (WLSE)

F. Wireless Services Module (WiSM)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 128

Page 129: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B,D,E

Explanation:

CiscoWorks WLSE is a complete solution for managing Cisco Aironet autonomous WLAN

networks. As the management component of the Cisco Autonomous WLAN Solution, CiscoWorks

WLSE provides comprehensive air/radio frequency (RF) and device-management capabilities in

ways that simplify deployment, reduce operational complexity, and provide administrators visibility

into the WLAN.

CiscoWorks WLSE provides an easy-to-use deployment wizard to specify the configuration criteria

up front. This allows administrators to automate deployment and simultaneously maintain control

in rapidly expanding environments. The deployment wizard also simplifies and automates the

setup of the Wireless Domain Services (WDS) that plays an important role in the Cisco

Autonomous WLAN Solution for seamless mobility and RF aggregation services.

WLSE also enables centralized user administration by integrating with Cisco Secure ACS . Users

can be defined and mapped to a user role centrally on Cisco Secure ACS.

Reference:

http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/ps6839/product_dat

a_sheet0900aecd80410b92.html

QUESTION NO: 157

Which protocol enables a group of routers to form a single virtual router and use the real IP

address of a router as the gateway address?

A. HSRP

B. IRDP

C. Proxy ARP

D. VRRP

E. GLBP

Answer: B

Explanation:

ICMP Internet Router Discovery Protocol (IRDP) uses Internet Control Message Protocol (ICMP)

router advertisements and router solicitation messages to allow a host to discover the addresses

of operational routers on the subnet. With this, hosts can discover the real IP addresses of the

default gateways. VRRP, HSRP, and GLBP all require the use of a virtual IP address. Hosts then

use this virtual IP address as their default gateways.

Reference: Configuring IRDP

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_irdp_ps6350_TSD_Product

s_Configuration_Guide_Chapter.html

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 129

Page 130: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 158

Which three statements are correct about the differences in IS-IS and OSPF? (Choose three.)

A. New additions to the protocol are easily implemented in OSPF but not with IS-IS.

B. OSPF has more area types than does IS-IS.

C. For greater fine tuning there are more IS-IS timers.

D. IS-IS is more CPU-intensive than is OSPF.

E. IS-IS LSP contains TLV fields and OSPF LSU contains the LSAs.

Answer: B,C,E

Explanation:

The configuration of OSPF is based on a central backbone, Area 0, with all other areas being

physically attached to Area 0. Because of this, certain design constraints will inevitably exist. A

good, consistent IP addressing structure is necessary when this type of hierarchical model is used.

It is used to summarize addresses into the backbone, and reduce the amount of information that is

carried in the backbone and advertised across the network. In comparison, IS-IS also has a

hierarchy with Level 1 and Level 2 routers. With IS-IS, the area borders lie on the links. However,

significantly fewer link-state PDUs (LSPs) are used. Therefore, many more routers, up to 1000,

can reside in a single area. This capability makes IS-IS more scalable than OSPF. IS-IS allows a

more flexible approach to extending the backbone. Adding Level 2 routers can extend the

backbone. This process is less complex than with OSPF.

With regard to CPU use and the processing of routing updates, IS-IS is more efficient. Not only are

there fewer LSPs to process, as compared to OSPF LSAs, but also the mechanism by which IS-IS

installs and withdraws prefixes is less intensive.

Both OSPF and IS-IS are link-state protocols and therefore provide fast convergence. The

convergence time depends on a number of factors, such as timers, number of nodes, and types of

routers. Based on the default timers, IS-IS will detect a failure quicker than OSPF and therefore

should converge more rapidly. If there are many neighbors and adjacencies to consider, the

convergence time depends on the processing power of the router. IS-IS is typically less CPU

intensive than OSPF.

The timers in IS-IS allow more tuning than OSPF. There are more timers to adjust, and therefore

finer granularity can be achieved. By tuning the timers, convergence time can be significantly

decreased. However, this speed may be at the expense of stability, so a compromise may have to

be made. A network engineer should understand the implications of adjusting these timers.

QUESTION NO: 159

When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to

gather information?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 130

Page 131: Actule Test 642-892

Actu

alTe

sts.

com

A. The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic

that is allowed on the trunk

B. The attacking station tags itself with all usable VLANs to capture data that is passed through

the switch, regardless of the VLAN to which the data belongs.

C. The attacking station will generate frames with two 802.1Q headers to cause the switch to

forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means.

D. The attacking station uses VTP to collect VLAN information that is sent out and then tags itself

with the domain information in order to capture the data.

Answer: A

Explanation:

DTP should be disabled for all user ports on a switch. If the port is left with DTP auto-configured

(default on many switches), an attacker can connect and arbitrarily cause the port to start trunking

and therefore pass all VLAN information.

Reference:

http://www.cisco.com/en/US/solutions/ns340/ns517/ns224/ns376/net_design_guidance0900aecd8

00ebd1e.pdf

QUESTION NO: 160

Refer to the exhibit.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 131

Page 132: Actule Test 642-892

Actu

alTe

sts.

com

Which Virtual Router Redundancy Protocol (VRRP) statement is true about the roles of the master

virtual router and the backup virtual router?

A. Router B is the master virtual router, and Router A is the backup virtual router. When Router B

fails, Router A will become the master virtual router. When Router B recovers, Router A will

maintain the role of master virtual router.

B. Router B is the master virtual router, and Router A is the backup virtual router. When Router B

fails, Router A will become the master virtual router. When Router B recovers, it will regain the

master virtual router role.

C. Router A is the master virtual router, and Router B is the backup virtual router. When Router A

fails, Router B will become the master virtual router. When Router A recovers, Router B will

maintain the role of master virtual router.

D. Router A is the master virtual router, and Router B is the backup virtual router. When Router A

fails, Router B will become the master virtual router. When Router A recovers, it will regain the

master virtual router role.

Answer: D

Explanation:

An important aspect of the VRRP redundancy scheme is VRRP router priority. Priority determines

the role that each VRRP router plays and what happens if the master virtual router fails.

If a VRRP router owns the IP address of the virtual router and the IP address of the physical

interface, this router functions as a master virtual router.

Priority also determines if a VRRP router functions as a backup virtual router and determines the

order of ascendancy to becoming a master virtual router if the master virtual router fails. You can

configure the priority of each backup virtual router with a value of 1 through 254, using the vrrp

priority command.

For example, if Router A, the master virtual router in a LAN topology, fails, an election process

takes place to determine if backup virtual Routers B or C should take over. If Routers B and C are

configured with the priorities of 101 and 100, respectively, Router B is elected to become master

virtual router because it has the higher priority. If Routers B and C are both configured with the

priority of 100, the backup virtual router with the higher IP address is elected to become the

master virtual router.

By default, a preemptive scheme is enabled whereby a higher-priority backup virtual router that

becomes available takes over for the backup virtual router that was elected to become master

virtual router. You can disable this preemptive scheme using the no vrrp preempt command. If

preemption is disabled, the backup virtual router that is elected to become master virtual router

remains the master until the original master virtual router recovers and becomes master again.

Reference:

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.5/addr_serv/configuration/guide/ic35vrrp.htm

l

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 132

Page 133: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 161 DRAG DROP

Drop

Answer:

Explanation:

QUESTION NO: 162

Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the

spanning-tree topology of a network?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 133

Page 134: Actule Test 642-892

Actu

alTe

sts.

com

A. BPDU guard can guarantee proper selection of the root bridge.

B. BPDU guard can be utilized along with PortFast to shut down ports when a switch is connected

to the port.

C. BPDU guard can be utilized to prevent the switch from transmitting BPDUs and incorrectly

altering the root bridge election.

D. BPDU guard can be used to prevent invalid BPDUs from propagating throughout the network.

Answer: A

Explanation:

As long as a port participates in STP, some device can assume the root bridge function and affect

active STP topology. To assume the root bridge function, the device would be attached to the port

and would run STP with a lower bridge priority than that of the current root bridge. If another

device assumes the root bridge function in this way, it renders the network suboptimal. This is a

simple form of a denial of service (DoS) attack on the network. The temporary introduction and

subsequent removal of STP devices with low (0) bridge priority cause a permanent STP

recalculation.

The STP PortFast BPDU guard enhancement allows network designers to enforce the STP

domain borders and keep the active topology predictable. The devices behind the ports that have

STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the

BPDU guard operation disables the port that has PortFast configured. The BPDU guard transitions

the port into errdisable state, and a message appears on the console.

Reference: Spanning Tree PortFast BPDU Guard Enhancement

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml

QUESTION NO: 163

Refer to the exhibit. Which two statements are true about the router configuration? (Choose two.)

A. This configuration is referred to as a dual-stack 6to4 tunnel.

B. This configuration will attempt to route packets using IPv4 first, and if that fails, then IPv6.

C. This configuration allows applications on the same segment to communicate via IPv4 or IPv6.

D. This configuration is referred to as a dual stack.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 134

Page 135: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C,D

Explanation:

This router demonstrates an example of an IPv6 Dual Stack configuration. Dual stack (Figure 1

below) runs both IPv4 and IPv6 protocol stacks on a router in parallel, making it similar to the

multiprotocol network environments of the past, which often ran Internetwork Packet Exchange

(IPX), AppleTalk, IP, and other protocols concurrently. The technique of deploying IPv6 using

dual-stack backbones allows IPv4 and IPv6 applications to coexist in a dual IP layer routing

backbone. The IPv4 communication uses the IPv4 protocol stack, and the IPv6 communication

uses the IPv6 stack.

As a transition strategy, dual stack is ideal for campus networks with a mixture of IPv4 and IPv6

applications.

Figure 1: Dual-Stack Example

Reference:

http://www.cisco.com/en/US/products/ps6553/products_white_paper0900aecd805c54d0.shtml

QUESTION NO: 164

Which two statements are true about the Hot Standby Router Protocol (HSRP)?

(Choose two.)

A. Load sharing with HSRP is achieved by creating multiple subinterfaces on the HSRP routers.

B. All routers configured for HSRP load balancing must be configured with the same priority.

C. Routers configured for HSRP can belong to multiple groups and multiple VLANs.

D. Routers configured for HSRP must belong to only one group per HSRP interface.

E. Load sharing with HSRP is achieved by creating HSRP groups on the HSRP routers.

Answer: C,E

Explanation:

HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to

appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically,

each of the routers that provides redundancy for a given gateway address is assigned to a

common HSRP group. One router is elected as the primary, or active, HSRP router, another is

elected as the standby HSRP router, and all the others remain in the listen HSRP state. The

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 135

Page 136: Actule Test 642-892

Actu

alTe

sts.

com

routers exchange HSRP hello messages at regular intervals, so they can remain aware of each

other's existence, as well as that of the active router.

An HSRP group can be assigned an arbitrary group number, from 0 to 255. If you configure HSRP

groups on several VLAN interfaces, it can be handy to make the group number the same as the

VLAN number. However, most Catalyst switches support only up to 16 unique HSRP group

numbers. If you have more than 16 VLANs, you will quickly run out of group numbers. An

alternative is to make the group number the same (that is, 1) for every VLAN interface. This is

perfectly valid because the HSRP groups are only locally significant on an interface. HSRP Group

1 on interface VLAN 10 is unique from HSRP Group 1 on interface VLAN 11.

QUESTION NO: 165 HOTSPOT

Answer:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 136

Page 137: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 166

Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and

internal users. For security reasons, the servers should not communicate with each other,

although they are located on the same subnet. The servers do need, however, to communicate

with a database server located in the inside network. What configuration will isolate the servers

from each other?

A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports

connecting to the two firewalls will be defined as primary VLAN promiscuous ports.

B. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as

primary VLAN promiscuous ports.

C. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports

connecting to the two firewalls will be defined as primary VLAN promiscuous ports.

D. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as

primary VLAN community ports.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 137

Page 138: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C

Explanation:

Service providers often have devices from multiple clients, in addition to their own servers, on a

single Demilitarized Zone (DMZ) segment or VLAN. As security issues proliferate, it becomes

necessary to provide traffic isolation between devices, even though they may exist on the same

Layer 3 segment and VLAN. Catalyst 6500/4500 switches implement PVLANs to keep some

switch ports shared and some switch ports isolated, although all ports exist on the same VLAN.

The 2950 and 3550 support "protected ports," which are functionality similar to PVLANs on a per-

switch basis.

A port in a PVLAN can be one of three types:

Isolated: An isolated port has complete Layer 2 separation from other ports within the same

PVLAN, except for the promiscuous port. PVLANs block all traffic to isolated ports, except the

traffic from promiscuous ports. Traffic received from an isolated port is forwarded to only

promiscuous ports.

Promiscuous: A promiscuous port can communicate with all ports within the PVLAN, including the

community and isolated ports. The default gateway for the segment would likely be hosted on a

promiscuous port, given that all devices in the PVLAN will need to communicate with that port.

Community: Community ports communicate among themselves and with their promiscuous ports.

These interfaces are isolated at Layer 2 from all other interfaces in other communities, or in

isolated ports within their PVLAN.

QUESTION NO: 167

Which two statements are true about 6to4 tunnels? (Choose two.)

A. In a 6to4 tunnel, the first two bytes of the IPv6 address will be0x2002 and the next four bytes

will be the hexadecimal equivalent of the IPv4 address.

B. In a 6to4 tunnel, the first two bytes of the IPv6 address will be locally derived and the next two

bytes will be the hexadecimal equivalent of the IPv4 address.

C. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/48

IPv6 address.

D. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the

2002:1315:4463:1::/64 IPv6 address.

E. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/16

IPv6 address.

Answer: A,C

QUESTION NO: 168 HOTSPOT

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 138

Page 139: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 139

Page 140: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 169

Which statement is true about Layer 2 security threats?

A. MAC spoofing attacks allow an attacking device to receive frames intended for a different

network host.

B. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.

C. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP

snooping attacks.

D. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure

against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable

attack points.

E. Port scanners are the most effective defense against dynamic ARP inspection.

F. DHCP snooping sends unauthorized replies to DHCP queries.

Answer: D

Explanation:

DAI is a security feature that intercepts and verifies IP-to-MAC address bindings and discards

invalid ARP packets. DAI uses the DHCP snooping database to validate bindings. It associates a

trust state with each interface on the switch. Packets arriving on trusted interfaces bypass all DAI

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 140

Page 141: Actule Test 642-892

Actu

alTe

sts.

com

validation checks, and those arriving on untrusted interfaces undergo the DAI validation process.

In a typical network, all ports on the switch connected to host are configured as untrusted, and

switch ports are considered trusted. Use the ip arp inspection trust interface command to configure

the trust settings. When the switch is configured for DAI, it will rate-limit incoming ARP packets to

prevent DoS attacks.

QUESTION NO: 170

Refer to the exhibit. Which two problems are the most likely cause of the exhibited output?

(Choose two.)

A. VRRP misconfiguration

B. spanning tree issues

C. transport layer issues

D. physical layer issues

E. HSRP misconfiguration

Answer: D,E

Explanation:

Each router in an HSRP group has its own unique IP address assigned to an interface. This

address is used for all routing protocol and management traffic initiated by or destined to the

router. In addition, each router has a common gateway IP address, the virtual router address that

is kept alive by HSRP. This address is also referred to as the HSRP address or the standby

address . Clients can point to that virtual router address as their default gateway, knowing that a

router always keeps that address active. Keep in mind that the actual interface address and the

virtual (standby) address must be configured to be in the same IP subnet. You can assign the

HSRP address with the following interface command:

Switch( config-if)# standby group ip ip-address [secondary]

When HSRP is used on an interface that has secondary IP addresses, you can add the secondary

keyword so that HSRP can provide a redundant secondary gateway address.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 141

Page 142: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 171

Refer to the exhibit. EIGRP is configured on all routers in the network. On the basis of the output

provided, which statement is true?

A. Because the key strings do not match, router R1 will not be able to ping routers R2 and R3.

B. Because the key chain names do not match, router R1 will not be able to ping routers R2

andR3 .

C. Because autosummarization needs to be turned on for EIGRP on all routers, router R1 will not

be able to ping routers R2 and R3.

D. Because authentication is misconfigured on interfaces Gi0/0 and Gi0/1 on router R2, router R1

will not be able to ping routers R2 and R3.

E. Router R1 will be able to ping routers R2 and R3.

Answer: E

Explanation:

This is a valid example of EIGRP MD5 authentication. Since the networks lie in different network

boundaries, summarization will not be an issue.

QUESTION NO: 172

Which three statements are true about the Internet Group Management Protocol (IGMP)? (Choose

three.)

A. IGMP snooping runs on Layer 3 routers.

B. IGMP is used to register individual hosts with a multicast group.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 142

Page 143: Actule Test 642-892

Actu

alTe

sts.

com

C. There are three IGMP modes: dense mode, sparse mode, and sparse-dense mode.

D. IGMP version 3 enables a multicast receiving host to specify to the router which sources it

should forward traffic from.

E. IGMP messages are IP datagrams with a protocol value of 2, destination address of 224.0.0.2,

and a TTL value of 1.

F. IGMP is a multicast routing protocol that makes packet-forwarding decisions independent of

other routing protocols such as EIGRP.

Answer: B,D,E

Explanation:

IGMP ( Internet Group Management Protocol ) - is used to register individual hosts with a multicast

group IGMPv2- the router with the lowest IP on a subnet is designated querier IGMPv3 - enables a

multicast receiving host to specify to the router which sources it should forward traffic from (source

filtering)

IGMP Messages are IP datagrams with a protocol value of 2, a destination address of 224.0.0.2,

and a TTL value of 1

Reference: http://wilcagre.com/index.php?n=IT.IPMulticast

QUESTION NO: 173

Refer to the exhibit. All multilayer switches are running PIM sparse mode. Host B and Host F are

sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 143

Page 144: Actule Test 642-892

Actu

alTe

sts.

com

A. Switches 2 and 6 will participate in the multicast tree once pruning has taken place.

B. Switches 1, 2, 3, and 6 will participate in the multicast tree once prune has taken place.

C. Switch 1 is the rendezvous of the multicast tree.

D. The multicast server is the rendezvous point of the multicast tree.

Answer: B

QUESTION NO: 174

Which two are characteristics of the IS-IS protocol but not OSPF? (Choose two.)

A. utilizes SPF algorithm

B. three layers of hierarchical routing

C. provides for network scalability by allowing the network to be separated into areas

D. supports demand circuit routing

E. provides routing support for multiple network layer protocols

F. forms adjacencies with all neighbors

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 144

Page 145: Actule Test 642-892

Actu

alTe

sts.

com

Answer: E,F

Explanation:

IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS

distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is

used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS.

Differences between IS-IS and OSPF.

Although IS-IS and OSPF share many common features, they do have quite a few differences:

* Whereas OSPF routers can be part of multiple areas, an IS-IS router belongs to only one area

per routing process.

* In OSPF, the boundaries of areas are set in the router. The boundaries of areas are on the

network connections between routers for IS-IS, reiterating that each router is in only one area per

routing process.

* IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of

using IP packets, like OSPF does.

* IS-IS allows for the preempting of DRs, where OSPF does not.

* OSPF DROthers do not form adjacencies with other DROthers on broadcast multi-access

networks, while in the same environment, all IS-IS intermediate systems form adjacencies with

one another.

* The backbone of an IS-IS network is designated by the type of routers in it instead of being

designated by an area number (0, in the case of OSPF).

QUESTION NO: 175

Which three conditions can cause BGP neighbor establishment to fail? (Choose three.)

A. BGP synchronization is enabled in a transit autonomous system with fully-meshed IBGP

neighbors.

B. The EBGP neighbor ebgp-multihop option is set to the default value.

C. The BGP update interval is different between the two BGP neighbors.

D. The IBGP neighbor is not directly connected.

E. There is an access list blocking all TCP traffic between the two BGP neighbors.

F. The BGP neighbor is referencing an incorrect autonomous system number in its neighbor

statement.

Answer: B,E,F

Explanation:

BGP uses TCP port 179 to establish and maintain neighbor relationships, so any access lists or

firewalls must permit this port for BGP to function.

By default, EBGP multi-hop is not enabled, so the EBGP peer must be directly connected in order

for the local BGP router to know how to reach the EBGP peer.

BGP uses neighbor statements that specify the AS number of the BGP peer. If it is the same

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 145

Page 146: Actule Test 642-892

Actu

alTe

sts.

com

number as the local BGP router process, then the BGP router knows that IBGP is useD. If the AS

number for the specified peer is different, then EBGP is useD. Either way, the specified neighbor

must be configured correctly, or the BGP peers will not become neighbors.

QUESTION NO: 176

Refer to the exhibit. Which protocol establishes an optimal path to the root in a wireless mesh

network?

A. Layer 2 Roaming (IAPP)

B. Lightweight Access Point Protocol (LWAPP)

C. WLAN Quality of Service (WQoS)

D. Adaptive Wireless Path (AWP)

E. 802.1Q WLAN trunking protocol

Answer: D

Explanation:

Mesh networks are scalable outdoor networks that continuously communicate with each other to

determine link paths. If a link is degraded, the AP will determine whether a better path exists and

will route traffic through a more optimal node.

Intelligent wireless routing is provided by the patent-pending Adaptive Wireless Path (AWP)

protocol. This enables each AP to identify its neighbors and intelligently choose the optimal path to

the wired network by calculating the cost of each path in terms of signal strength and the number

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 146

Page 147: Actule Test 642-892

Actu

alTe

sts.

com

of hops required to get to a controller.

Reference: Authorized Self-Study Guide Building Cisco Multilayer Switched Networks (BCMSN),

Chapter 18

http://safari.oreilly.com/1587052733/ch18lev1sec5

QUESTION NO: 177 HOTSPOT

Answer:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 147

Page 148: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 178 HOTSPOT

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 148

Page 149: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

QUESTION NO: 179

You work as a network technician, study the exhibit below carefully. IP multicast for group address

224.1.1.1 has been enabled on all routers in the network. Hosts on Network A receive the

multicast traffic. However, hosts on Network B do not. Based on the outputs provided in the

exhibit, what could cause this problem?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 149

Page 150: Actule Test 642-892

Actu

alTe

sts.

com

A. The multicast packets are sourced from a server with an unspecified IP address.

B. Router CK2 does not have an RP configured on the multicast network.

C. Becauseof RPF failure, Router CK2 does not forward multicast packets to Network B.

D. Router CK2 does not see the upstream router CK1 as a PIM neighbor.

Answer: C

QUESTION NO: 180

Look at the following exhibit carefully then select a command which can generate a default route

on CK-R2 to reach all other networks except CK-R1?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 150

Page 151: Actule Test 642-892

Actu

alTe

sts.

com

A. ip route 0.0.0.0 0.0.0.0 192.168.2.2

B. ip route 192.168.1.0 255.255.255.0 s0/0/0

C. ip route 10.0.0.0 255.255.255.0 s0/0/0

D. ip route 0.0.0.0 255.255.255.0 192.168.2.2

Answer: A

QUESTION NO: 181

What can be drawn from the following partial configuration on Router A? (Choose two.)

interface serial 0

ip address 10.1.1.1 255.255.255.0

encapsulation frame-relay

ip ospf network point-to-multipoint

router ospf 7

network 10.1.1.0 0.0.0.255 area 0

A. DR/BDR elections do not take place.

B. The area 0 NBMA cloud is configured as more than one subnet.

C. The router is restricted to a hub and spoke topology.

D. OSPF neighbor statements are not necessary.

Answer: A,D

QUESTION NO: 182

An ABR (area border router) will inject a default route into which two types of areas? (Choose

two.)

A. NSSA

B. area 0

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 151

Page 152: Actule Test 642-892

Actu

alTe

sts.

com

C. totally stubby

D. stub

Answer: C,D

QUESTION NO: 183

Which item is the correct description of the repeater access point deployed in this wireless

network?

A. The repeater access point needs a 10 percent channel overlap with channel of the root access

point.

B. The repeater access point will deploy a different SSID than the SSID configured on the parent

access point.

C. The repeater access point reduces the throughput in half because it receives and then re-

transmits each packet on the same channel.

D. The repeater access point will apply a different WEP encryption method than the WEP

encryption that is enabled on the parent access point.

Answer: C

QUESTION NO: 184

Select three attributes applied to IS-IS instead of OSPF? (Choose three.)

A. encapsulates PDUs directly into a data-link frame

B. uses stubby areas to improve network scalability

C. uses a default IOS metric of 10 on each interface

D. runs PRC (Partial Route Calculations) to calculate IP reachability information

Answer: A,C,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 152

Page 153: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 185

Static VLAN membership is perhaps the most widely used method because of the relatively small

administration overhead and security it provides. Which feature is of a static VLAN membership

assignment?

A. VMPS server lookup

B. easy to configure

C. ease ofadds, moves, and changes

D. based on MAC address of the connected device

Answer: B

QUESTION NO: 186

Study the following graphic carefully Host1 and Host2, which belong to different VLANs, are in the

same subnet. According to the information displayed, which description is correct when trying to

ping from host to host?

A. A trunk port should be configured on the link between CK-SW1 and CK-SW2 to ping

successfully.

B. The two hosts should be in the same VLAN in order to ping successfully.

C. A Layer 3 device is a must in order for the ping command to be successful.

D. The ping command will be successful without any further configuration changes.

Answer: D

QUESTION NO: 187

Which description regarding OSPF Network LSAs is correct?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 153

Page 154: Actule Test 642-892

Actu

alTe

sts.

com

A. They are originated by Area Border Router and are sent into a single area to advertise an

Autonomous System Border Router.

B. They are originated by the DR on every multi-access network. They include all attached routers

including the DR itself.

C. They are originated by every router in the OPSF network. They include all routers on the link,

interfaces, the cost of the link, and any known neighbor on the link.

D. They are originated by Area Border Routers and are sent into a single area to advertise

destinations outside that area.

Answer: B

QUESTION NO: 188

VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a

new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This

reduces the need to configure the same VLAN everywhere. While using VTP, a Catalyst switch

will advertise what VTP information on its trunk ports?

A. negotiation status

B. STP root status

C. management domain

D. configuration revision number

Answer: C,D

QUESTION NO: 189

In the following provided network, the hub router is CK-RTC, while the spokes are CK-RTA and

CK-RTB. No virtual circuits exist between the spoke locations. In order to route traffic to the

11.11.11.0/24 network from CK-RTA successfully, what is necessary?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 154

Page 155: Actule Test 642-892

Actu

alTe

sts.

com

A. Nothing is required. This is the default behavior on this topology.

B. The neighbor 10.10.10.1 next-hop-self command on CK-RTA.

C. The neighbor 10.10.10.1 next-hop-self command on CK-RTC.

D. The neighbor 10.10.10.1 next-hop-self command on CK-RTB.

Answer: C

QUESTION NO: 190

in tne network presented in tne following exnmit, an routers are conrigurea witn EteRP. in oraer to

advertise a aerault route to CK-R4"s neighbors, which configuration command need to be added?

A. CK-R4(config)# ip default-network 10.0.0.0

B. CK-R4(config-router)# default-information originate

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 155

Page 156: Actule Test 642-892

Actu

alTe

sts.

com

C. CK-R4(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1

D. CK-R4(config)# ip route 10.0.0.0 255.0.0.0 10.1.1.1

Answer: A

QUESTION NO: 191

The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a

table of IP networks or 'prefixes' which designate network reachability among autonomous

systems (AS). In routing updates, which BGP feature will not be advertised to o its neighboring

routers?

A. weight

B. next hop

C. local preference

D. origin

Answer: A

QUESTION NO: 192

A Link State Advertisement (LSA) is an OSPF data packet containing link-state and routing

information that's shared among OSPF routers. The topology database contains information from

all of the Link State Advertisement packets that have been received for an area. In the OSPF

topology database, which of the following commands can show the Type 5 LSAs?

A. show ip route ospf

B. show ip ospf database summary

C. show ip ospf database nssa-external

D. show ip ospf database external

Answer: D

QUESTION NO: 193

Which three descriptions are correct concerning the diagram below? (Choose three.)

A. A trunk link will be formed.

B. Only VLANs 1-1001 will travel across the trunk link.

C. The native VLAN for CK-B is vlan 1.

D. DTP packets are sent from CK-B.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 156

Page 157: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,C,D

QUESTION NO: 194

The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. Which two

options best describe voice VLANs?

A. Voice VLANs permit IP phones to be moved around without worrying about subnets.

B. Voice VLANs permit logically combining voice and data packets.

C. Voice VLANs can be applied on all Cisco switches.

D. Using voice VLANs makes it easier for network administrators to identify and troubleshoot

network problems.

Answer: A,D

QUESTION NO: 195

Refer to the following commands, which one can show the times of performing the OSPF

algorithm?

A. show ip ospf database

B. show ip ospf interface

C. show ip ospf

D. show ip protocol

Answer: C

QUESTION NO: 196

During selecting the BGP path on a Cisco router, which BGP feature will be first used to determine

the best path?

A. origin

B. next-hop

C. weight

D. AS-path

Answer: C

QUESTION NO: 197

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 157

Page 158: Actule Test 642-892

Actu

alTe

sts.

com

Which two statements are correct for EIGRP to form a neighbor relationship?

(Choose two)

A. The holddown timer must be the same.

B. The K-values of the metric must be the same on both routers.

C. The autonomous system number must be the same on both routers.

D. Authentication must be enabled.

Answer: B,C

QUESTION NO: 198

Which two statements correctly describe the distribution layer switches? (Choose two.)

A. The distribution layer is the aggregation point for multiple access switches.

B. The switches deployed at this layer must be able to handle connecting individual desktop

devices to the internetwork.

C. This is where users gain access to the internetwork.

D. The distribution layer can participate in MLS and handle a router processor.

Answer: A,D

QUESTION NO: 199

What will the debug ip eigrp summary command display?

A. A summary of the contents of the neighbor database

B. A summary of the topology database when a change is made in a summary route

C. The process taken

D. A summary of EIGRP activity

Answer: D

QUESTION NO: 200

Which two descriptions are correct about the STP blocked state of a port? (Choose two)

A. No frames are transmitted or received on the blocked port.

B. Frames are sent or received on the blocked port.

C. BPDUs are still received on the blocked port.

D. BPDUs are sent and received on the blocked port.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 158

Page 159: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,C

QUESTION NO: 201

Which of the following information is contained in the neighbor table?

A. The feasible distance between neighbors

B. The administrative distance

C. The metric of neighbors

D. The status of the links between neighbors

Answer: D

QUESTION NO: 202

On the basis of the exhibit below Host CK has sent an ARP message to the default gateway IP

address 10.10.10 description is correct?

A. CK1 will reply with the MAC address of the next AVF.

B. Because of the invalid timers that are configured, CK2 will not reply.

C. CK2 will reply with the IP address of the next AVF.

D. CK2 will reply with the MAC address of the next AVF

Answer: D

QUESTION NO: 203

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 159

Page 160: Actule Test 642-892

Actu

alTe

sts.

com

Which two ways can an administrator configure VLAN memberships? (Choose two.)

A. VTP database

B. Static

C. Dynamic

D. DHCP server

Answer: B,C

QUESTION NO: 204

Which of the following commands can be used to show that EIGRP is able to contact neighbors?

A. debug ip eigrp events

B. debug ip eigrp packets

C. debug ip eigrp

D. debug ip eigrp traffic

Answer: B

QUESTION NO: 205

Online Incorporated is an internet game provider. The game service network had recently added

an additional switch block with multiple VLANs configured. Unfortunately, system administrators

neglected to document the spanning-tree topology during configuration. For baseline purpose, you

will be required to identify the spanning-tree topology for the switch block. Using the output of

"show spanning-tree" command on switch SW-C and the provided physical topology, answer the

following questions:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 160

Page 161: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 161

Page 162: Actule Test 642-892

Actu

alTe

sts.

com

Which bridge ID belongs to switch SW-B?

A. 24623.000f.34f5.0138

B. 32768.000d.bd03.0380

C. 32769.000d.65db.0102

D. 32815.000d.db03.0380

Answer: A

QUESTION NO: 206

Online Incorporated is an internet game provide. The game service network had recently added an

additional switch block with multiple VLANs configured. Unfortunately, system administrators

neglected to document the spanning-tree topology during configuration. For baseline purpose, you

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 162

Page 163: Actule Test 642-892

Actu

alTe

sts.

com

will be required to identify the spanning-tree topology for the switch block. Using the output of???

Show spanning-tree??? Command on switch SW-C and the provided physical topology, answer

the following questions:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 163

Page 164: Actule Test 642-892

Actu

alTe

sts.

com

Which port state is interface FaO/2 of switch SVV-B in for VLANs 1 and 106?

A. blocking

B. discarding

C. learning

D. listening

Answer: A

QUESTION NO: 207

Online Incorporated is an internet game provide. The game service network had recently added an

additional switch block with multiple VLANs configured. Unfortunately, system administrators

neglected to document the spanning-tree topology during configuration. For baseline purpose, you

will be required to identify the spanning-tree topology for the switch block. Using the output of

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 164

Page 165: Actule Test 642-892

Actu

alTe

sts.

com

"show spanning-tree" command on switch SW-C and the provided physical topology, answer the

following questions:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 165

Page 166: Actule Test 642-892

Actu

alTe

sts.

com

Which Spanning tree Protocol has been implemented on switch SW-B?

A. PVST+

B. PVRST

C. MSTP/IEEE 802.1s

D. STP/IEEE802.1D

Answer: A

QUESTION NO: 208

Online Incorporated is an internet game provide. The game service network had recently added an

additional switch block with multiple VLANs configured. Unfortunately, system administrators

neglected to document the spanning-tree topology during configuration. For baseline purpose, you

will be required to identify the spanning-tree topology for the switch block. Using the output of

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 166

Page 167: Actule Test 642-892

Actu

alTe

sts.

com

Show spanning-tree??? Command on switch SW-C and the provided physical topology, answer

the following questions:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 167

Page 168: Actule Test 642-892

Actu

alTe

sts.

com

Which port role has interface FaO/2 of switch SVV-A adopted for VLAN 47?

A. alternate port

B. designated port

C. root port

D. nondesignated port

Answer: B

QUESTION NO: 209

Which statement accurately describes BPDUs?

A. BPDUs are used to set the bridge ID of a switch.

B. BPDUs are used to send configuration messages by using multicast frames.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 168

Page 169: Actule Test 642-892

Actu

alTe

sts.

com

C. BPDUs are used to send configuration messages by using IP packets.

D. BPDUs are used to set the cost of STP links.

Answer: B

QUESTION NO: 210

What is an adjacency in OSPF?

A. Routers connected across a WAN but not directly connected, for example Frame Relay, are

considered adjacent to each other.

B. An adjacency is the state that two neighbors can achieve after they have synchronized their

OSPF databases.

C. An adjacency is when another router has received an LSA from another area. The areas are

adjacent.

D. An adjacent router is one that has received a hello packet from a neighbor.

Answer: B

QUESTION NO: 211

Which Cisco standard encapsulates a frame and even adds a new FCS field?

A. ISL

B. 802.3u

C. 802.1Q

D. 8023z

Answer: A

QUESTION NO: 212

Which type of OSPF network can a workaround used to account for the lack of multicast and

broadcast support inherent in the default behavior of Cisco router interfaces in a nonbroadcast

environment?

A. Nonbroadcast multi-access

B. Broadcast multi-access

C. Point-to-multipoint

D. Point-to-point

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 169

Page 170: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C

QUESTION NO: 213

When a frame is received on an interface and the destination hardware address is unknown or not

in the filter table, what does a switch do?

A. Sends back a message to the originating station asking for a name resolution

B. Forwards the switch to the first available link

C. Floods the network with the frame looking for the device

D. Drops the frame

Answer: C

QUESTION NO: 214

When an interface shows that it is in the init state, what is the meaning?

A. That this is a point-to-multipoint interface and is waiting to connect to the WAN cloud

B. That a router sees a hello packet from a neighbor but the packet does not contain its own router

ID

C. Seen only on broadcast links, it shows that the election of the DR is in progress

D. That an interface is coming online, determining the IP address and OSPF parameters

Answer: B

QUESTION NO: 215

How to determine the root port on a switch?

A. By sending and receiving BPDUs between switches. The fastest BPDU transfer rate on an

interface becomes the root port.

B. The switch determines the lowest cost of a link to the root bridge.

C. The root bridge broadcasts the bridge ID, and the receiving bridge determines what interface

this broadcast was received on and makes this interface the root port.

D. The switch determines the highest cost of a link to the root bridge.

Answer: B

QUESTION NO: 216

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 170

Page 171: Actule Test 642-892

Actu

alTe

sts.

com

Which command can be used to set up a newly created point-to-point subinterface to use the

OSPF point-to-point network type?

A. No additional commands required

B. Router(config-subif)# ip ospf network point-to-point

C Router(config-subif)# ip ospf network point-to-multipoint non-broadcast

D. Router(config-subif)# ip ospf network point-to-multipoint

E. Router(config-subif)# ip ospf network non-broadcast

Answer: A

QUESTION NO: 217

Which two statements are true if this topology were configured with the NBMA OSPF network

type? (Choose two)

A. There are three adjacencies.

B. CK-8 must be the DR.

C. CK-A must be the DR.

D. There are four adjacencies.

E. Any router may be the DR.

F. CK-C must be the DR.

G. CK-D must be the DR

Answer: A,C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 171

Page 172: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 218

Which description is correct about VTP?

A. Changing the VTP version on one switch changes all switches in a domain.

B. All switches are VTP clients by default

C. If you change the VTP version on one switch, you must change the version on all switches.

D. VTP is on by default with a domain name of Cisco on all Cisco switches.

Answer: A

QUESTION NO: 219

When learning a new route, in the event that a received LSA is not found in the topological

database, what will an internal OSPF router do?

A. The LSA is flooded immediately out of all the OSPF interfaces, except the interface from which

the LSA was received.

B. The sequence numbers are checked, and if the LSA is valid, it is entered into the topology

database.

C. The LSA is dropped and a message is sent to the transmitting router.

D. The LSA is placed in the topological database and an acknowledgement is sent to the

transmitting router.

Answer: A

QUESTION NO: 220

In order to advertise internal networks to external ISPs through BGP, which two approaches, can

be used?

A. using aggregate routes

B. forcing the next-hop address

C. disabling synchronization

D. defining routes via the network statement

Answer: A,D

QUESTION NO: 221

If a router has an OSPF priority set to 0, what does it mean?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 172

Page 173: Actule Test 642-892

Actu

alTe

sts.

com

A. A router with the OSPF priority set to 0 is one that will switch OSPF packets before it does

anything else.

B. A router with the OSPF priority set to 0 is one that cannot participate in the election of a DR. It

can become neither a DR nor a BDR.

C. A router with the OSPF priority set to 0 is one that can participate in the election of a DR. It has

the highest priority.

D. A router with the OSPF priority set to 0 is one that cannot participate in the election of a DR, but

it can become a BDR.

Answer: B

QUESTION NO: 222

Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like

Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while

allowing packet load sharing between a group of redundant routers. Refer to the following

methods, which one could enable GLBP to forward traffic from a LAN segment through multiple

routers simultaneously?

A. Multiple AVG designated routers respond to ARP requests.

B. Clients need to have different default gateway IP addresses coded.

C. The AVG assigns different virtual MAC addresses.

D. Proxy ARP allows multiple routers to respond to ARP requests from clients.

Answer: C

QUESTION NO: 223

Which command will you use when you want to set up an interface to use a DR, but do not want to

have to manually identify neighbors?

A. Router(config-if)# ip ospf network broadcast

B. Router(config-if)# ip ospf network point-to-point

C Router(config-if)# ip ospf network point-to-multipoint non-broadcast

D. Router(config-if)# ip ospf network point-to-multipoint

Answer: A

QUESTION NO: 224

On the basis of the following exhibit, what can be drawn from the output of the debug command on

VRRP router?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 173

Page 174: Actule Test 642-892

Actu

alTe

sts.

com

A. CK-RTA does not have VRRP preempt active.

B. VRRP is not active on CK-RTA.

C. CK-RTB does not have VRRP active.

D. CK-RTB has a different IP address coded for VRRP group 1 than CK-RTA.

Answer: D

QUESTION NO: 225

Study the following configuration, which areas will have default routes automatically transmitted to

the routers in the respective areas?

A. Area 3

B. Neither area

C. Area 2

D. Both areas

Answer: D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 174

Page 175: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 226

Study the following configuration and exhibit seriously. CK-RTB is using the command aggregate-

address to summarize its networks from AS 64100. But, the command show ip route on CK-RTA

displays the CK-RTB individual networks and its summary route. Which of the following items can

make sure that the summary route appears in the CK-RTA routing table?

A. Clear the four network statements and leave only the aggregate-address statement in the BGP

configuration.

B. Add the keyword summary-only to the aggregate-address command.

C. Increase a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null0

interface.

D. Create a route map allowing only the summary address.

Answer: B

QUESTION NO: 227

Which one of the following commands can be used to set a virtual hardware address on a VLAN

interface?

A. mac-address mac_address

B. set mac mac-address

C. config mac slot/port mac-address

D. set vlan mac-address mac-address

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 175

Page 176: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 228

According to the following graphic, in order to summarize all routes from area 0 to area 1, which of

the following should be configured on CK-RTA?

A. area 0 range 172.16.96.0 255.255.224.0

B. area 1 range 172.16.96.0 255.255.0.0

C. summary-address 172.16.96.0 255.255.224.0

D. summary-address 172.16.96.0 0.0.63.255

Answer: A

QUESTION NO: 229

Which item provides a separate instance of Spanning Tree Protocol for every VLAN?

A. Port Aggregation Protocol (PAgP)

B. Common Spanning Tree (CST)

C. Spanning Tree Algorithm (STA)

D. Per-VLAN Spanning Tree (PVST)

Answer: D

QUESTION NO: 230

Which OSPF router types are allowed inside a not-so-stubby area?(Choose two)

A. Virtual Link Router

B. Area Border Router

C. Autonomous System Border Router

D. Backbone Router

Answer: B,C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 176

Page 177: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 231

Where will the trust boundary be established in this network based on the configuration provided in

the exhibit?

A. at the IP Phone

B. attheCK-PC

C. at the access switch CK-S1

D. at the distribution switch CK-S2

Answer: C

QUESTION NO: 232

Which two options will be taken into consideration when you need to have inter-VLAN

communication and you have only an external router? (Choose two.)

A. Two router interfaces for every switch in the internetwork

B. One router interface for every single VLAN

C. One router interface for every switch in the internetwork

D. One router interface into one switch port running a trunking protocol

QUESTION NO: 233

DR (Designated Router) is for environments where many routers on the same network such as

Ethernet. In the following presented network, all routers are reloaded simultaneously, and DR is

selected as expected. What is the CK-RTC status?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 177

Page 178: Actule Test 642-892

Actu

alTe

sts.

com

A. 2WAY/DR

B. FULL/DROTHER

C. FULL/BDR

D. FULL/DR

Answer: C

QUESTION NO: 234

A BGP attribute, or path attribute, is a metric used to describe the characteristics of a BGP path.

Which of the following is a Cisco proprietary BGP path attribute?

A. weight

B. origin

C. next-hop

D. AS-path

Answer: A

QUESTION NO: 235

One of the main features of OSPF is Multiple areas. Which statement explains the reason that this

feature is such an important enhancement to earlier routing protocols?

A. The use of multiple areas allows for the use of prioritization.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 178

Page 179: Actule Test 642-892

Actu

alTe

sts.

com

B. All computation is kept within the area, with minimum communication between the areas,

allowing the network to scale to larger sizes.

C. It is easier to implement security.

D. The network domain, when divided into areas, allows for the use of both IANA classful

addressing and private addressing.

Answer: B

QUESTION NO: 236

Which of the following items can PAgP form a bundle from?

A. Only statically assigned VLAN ports

B. Ports using different duplex types

C. Dynamically assigned VLAN ports

D. Dynamically and statically assigned VLAN ports

Answer: A

QUESTION NO: 237

According to the displayed configuration in the exhibit below, do you know how CK-R5 will handle

the hello packets sent by CK-R2 in OSPF area 5?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 179

Page 180: Actule Test 642-892

Actu

alTe

sts.

com

A. The Hello packets are to be exchanged but the routers CK-R2 and CK-R5 would be neighbors

only.

B. The Hello packets are to be discarded but the routers CK-R2 and CK-R5 will be neighbors.

C. The Hello packets will be dropped and no adjacency will be built between routers CK-R2 and

CK-R5.

D. The Hello packets are to be exchanged and adjacency are to be established between routers

CK-R2 and CK-R5.

Answer: C

QUESTION NO: 238

Which three statements correctly describe PVST+? (Choose three.)

A. It is a Cisco proprietary protocol.

B. It adds checking mechanisms to make sure there are no configuration problems on trucked

ports and VLAN IDs across switches.

C. It is set on a port-by-port basis.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 180

Page 181: Actule Test 642-892

Actu

alTe

sts.

com

D. It enables Cisco switches to support the IEEE 802.1Q standard.

Answer: A,B,D

QUESTION NO: 239

When using the route map presented in the following exhibit, what will happen?

(Choose three.)

A. The map prohibits the redistribution of all type 2 external OSPF routes with tag 6 set.

B. The map prohibits the redistribution of all external OSPF routes with tag 6 set.

C. All routes that do no match clauses 10 and 20 of the route map are redistributed with their tags

set to

D. The map allows the redistribution of all type 1 external OSPF routes.

Answer: A,C,D

QUESTION NO: 240

Which two statements are correct concerning Level 2 routers?(choose two)

A. Level 2 routers can send updates between routing areas.

B. Level 2 routers must be placed contiguously.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 181

Page 182: Actule Test 642-892

Actu

alTe

sts.

com

C. Level 2 routers must be in the same area.

D. Level 2 routers are similar to OSPF stub routers.

Answer: A,B

QUESTION NO: 241

A trunk link is the other type of Layer 2 port supported on Cisco switches. When a trunk port is

configured, it begins marking frames as they exit the port to indicate which VLAN each frame is

associated with. If a trunk link is configured with IEEE 802.1Q encapsulation, which of the

following will be the maximum Ethernet frame size?

A. 1548 Bytes

B. 1518 Bytes

C. 1500 Bytes

D. 1522 Bytes

Answer: D

QUESTION NO: 242

For an IS-IS adjacency to be formed and maintained, which of the following should both interfaces

agree on?(choose two)

A. If Level 1, both must be in the same area.

B. The system ID must be unique.

C. Hello timers.

D. Both must be configured at the same level of routing (1 or 2).

Answer: A,B

QUESTION NO: 243

On the basis of the output provided below, in order to create a default route into the OSPF

domain, which command sequence should be added to CK-R1?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 182

Page 183: Actule Test 642-892

Actu

alTe

sts.

com

A. ip default-gateway

B. default-router

C. default-information originate always

D. ip default-network

Answer: C

QUESTION NO: 244

Which three options can be used by STP to determine the best path to the root bridge? (Choose

three.)

A. STP protocol

B. Port cost

C. Path cost

D. Port priority

Answer: B,C,D

QUESTION NO: 245

If RTA wants to advertise all local interfaces over OSPF, which configuration command should be

used?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 183

Page 184: Actule Test 642-892

Actu

alTe

sts.

com

A. RTA(config)# router ospf 1

RTA(config-router)# network 0.0.0.0

B. RTA(config)# router ospf 1

RTA(config-router)# network 0.0.0.0 0.0.0.0

C. RTA(config)# router ospf 1

RTA(config-router)# redistribute static

D. RTA(config)# router ospf 1

RTA(config-router)# redistribute connected

Answer: D

QUESTION NO: 246

VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages

the addition, deletion, and renaming of VLANs on a network-wide basis. VTP reduces

administration in a switched network. VTP information will be prevented from transmitting between

switches by lacking which two?

A. VLAN 1

B. a trunk port

C. a root VTP server

D. VTP priority

Answer: A,B

QUESTION NO: 247

What will the command show isis database display?(choose three)

A. The root of the SPF tree

B. The LSPs in the local database

C. Whether an LSP has been fragmented

D. The sequence number of the LSPs

Answer: B,C,D

QUESTION NO: 248

For the following configuration tasks, which three are necessary to enable multicast Auto-RP?

(Choose three.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 184

Page 185: Actule Test 642-892

Actu

alTe

sts.

com

A. Perform IP multicast routing.

B. Assign the default RP (for existing multicast networks).

C. Assign the RP Mapping Agent.

D. Advertise RP/group associations.

Answer: B,C,D

QUESTION NO: 249

Observe the exhibit carefully. Both Routers CK1 and CK2 advertise network 131.25.0.0/16 to

router CK3 via internal BGP. Why does router CK3 chose router CK1 as its best path to network

131.25.0.0/16.

A. It advertises the best origin code.

B. It advertises the best MED.

C. It advertises the best local preference.

D. It has a better router ID.

Answer: D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 185

Page 186: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 250

Observe the following exhibit seriously; the neighbor relationship has been built between CK-R1

and CK-R2 which are exchanging routing information. Assume that you are a network technician,

how will you design the network to make CK-R1 receive routing updates from CK-R2 without

advertising any routes to CK-R2?

A. CK-R2(config)# access-list 20 deny any CK-R2(config)# router eigrp 1 CK-R2(config-router)#

distribute-list 20 out serial 0

B. CK-Rl(config)# access-list 20 permit any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)#

distribute-list 20 in serial 0

C. CK-Rl(config)# access-list 20 deny any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)#

distribute-list 20 out serial 0

D. CK-R2(config)# access-list 20 permit any CK-R2(config)# router eigrp 1 CK-R2(config-router)#

distribute-list 20 in serial 0

Answer: C

QUESTION NO: 251

Which statement is true regarding the MLSP discovery process?

A. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs

then record the hello packet information.

B. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs

then respond to these hello packets.

C. The MLS-RP sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- SEs

then record the hello packet information.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 186

Page 187: Actule Test 642-892

Actu

alTe

sts.

com

D. The MLS-RP sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- SEs

then respond to these hello packets.

Answer: C

QUESTION NO: 252

According to the following graphic, a wireless customer is moving towards CK-AP2 from right to

left, why the wireless client will initiate roaming?

A. The client has missed too many beacons from MS-API.

B. The client data rate from CK-AP2 has been increased.

C. The client data rate from CK-AP1 has been reduced.

D. The maximum data retry count from CK-AP1 is exceeded.

Answer: A,C,D

QUESTION NO: 253

Look at the graphic below, the connectivity between Cisco IP phone access port and the

workstation CK-PC has been established, how to manage the traffic?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 187

Page 188: Actule Test 642-892

Actu

alTe

sts.

com

A. The IP phone access port will override the priority of the frames received from the CK-PC.

B. The IP phone access port would trust the priority of the frames received from the CK-PC.

C. The switch port FaO/4 would neglect the priority of the frames received from the CK-PC.

D. The switch port FaO/4 would trust the priority for the frames received from the CK-PC.

Answer: A

QUESTION NO: 254

Which action will be taken if no seed or default metric is configured for OSPF when redistributing

EIGRP?

A. The route is entered with a cost of 20 (type 1)

B. The route is not entered into the routing table.

C. The route is read into OSPF with a cost of 20 (type E2).

D. The route is entered with a cost of 0.

Answer: C

QUESTION NO: 255

Voice traffic is random in nature and competes for a limited number of shared resources or voice

channels. Much of today's voice traffic has migrated to wireless, cable, internet and other media

while the traditional Public Switched Telephone Network (PSTN) provides legacy voice

connectivity. Which three features are of voice traffic in the campus network?

A. TCP retransmits

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 188

Page 189: Actule Test 642-892

Actu

alTe

sts.

com

B. drop sensitive

C. delay sensitive

D. UDP priority

Answer: B,C,D

QUESTION NO: 256

Within the Internet, an Autonomous System (AS) is a collection of connected IP routing prefixes

under the control of one or more network operators that presents a common, clearly defined

routing policy to the Internet In the following diagram, each router in AS100 is configured with IGP

and routing updates are successfully exchanging between those routers. AS200 and AS300 have

established EBGP sessions via their directly connected routers in AS 100. Traffic from AS200 is

unable to reach the destination AS300. How to configure the routers in AS100 to forward traffic

coming from AS200 to AS300?

A. IBGP session should be established between CK-R1 and CK-R2 and CK-R2 and CK-R3, and

the synchronization must be enabled.

B. IBGP session should be established between routers CK-R1 and CK-R2 and CK-R2 and CK-

R3, and the synchronization must be disabled.

C. IBGP speakers within autonomous 100 should be fully meshed, and the synchronization should

be disabled.

D. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be

turned off.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 189

Page 190: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

QUESTION NO: 257

What is the purpose of the XTAG, and what is its significance?

A. The XTAG is the MLS-SE ID and is used to identify each MLS-SE in the layer 2 network.

Therefore, it must be unique across all switches.

B. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It is locally

significant.

C. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It must be unique

throughout the VTP domain.

D. The XTAG is the MLS-RP router ID and is used to uniquely identify the MLS-RP to the MLS-

SE. It is a unique value throughout the layer 2 network.

Answer: B

QUESTION NO: 258

Which command displays whether the ATT bit has been set?

A. debugisis interface

B. showisis database

C. debug dns interface

D. showisis hello packets

Answer: B

QUESTION NO: 259

Which of the following criteria qualify a packet as a candidate packet?

A. Any AC address associated with the MLS-RP

B. Outbound packets destined for a remote host

C. Incoming packets sourcing from 224.0.0.1 and destined for the MAC address of the MLS-SE

D. Incoming packets sourcing a MAC address associated with the MLS-RP

Answer: A

QUESTION NO: 260

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 190

Page 191: Actule Test 642-892

Actu

alTe

sts.

com

All the following descriptions are correct, which action will be taken first?

A. If no match is found in the distribute list, the implicit deny any at the end of the access list will

cause the update to be dropped.

B. Advertise the route if matched by a permit statement.

C. If a filter is present, the router examines the access list to see if there is a match on any of the

networks in the routing update.

D. Do not advertise the route if it is matched by a deny statement.

Answer: C

QUESTION NO: 261

Which method is to limit the scope of a multicast network?

A. RPF settings within the RP routers

B. Passive interface applied to border interfaces

C. TTL threshold setting on border interfaces

D. Distribution lists within an IGP such as BGRP or OSPF

Answer: C

QUESTION NO: 262

Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a

fault-tolerant default gateway. Which three of the following are possible HSRP router states on a

LAN?

A. standby

B. established

C. active

D. initial

Answer: A,C,D

QUESTION NO: 263

Route filtering is the process by which certain routes are not considered for inclusion in the local

route database, or not advertised to one's neighbors. Route filtering is particularly important for

BGP on the global Internet, where it is used for a variety of reasons. Which three statements best

describe route filtering?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 191

Page 192: Actule Test 642-892

Actu

alTe

sts.

com

A. After issuing the router rip and passive-interface s0/0 commands, the s0/0 interface will not

send any RIP updates, but will receive routing updates on that interface.

B. When using the passive-interface command with RIPv2, multicasts are sent out the specified

interface.

C. When you use the passive-interface command with EIGRP, hello messages are not sent out

the specified interface.

D. When you use the passive-interface command with OSPF, hello messages are not sent out the

specified interface.

Answer: A,C,D

QUESTION NO: 264

Study the exhibit carefully. Which Virtual Router Redundancy Protocol (VRRP) description is

correct regarding the roles of the master virtual router and the backup virtual router?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 192

Page 193: Actule Test 642-892

Actu

alTe

sts.

com

A. Router CKB is the master virtual router, and Router CKA is the backup virtual router. When

Router CKB fails, Router CKA will become the master virtual router. When Router CKB recovers, it

will regain the master virtual router role.

B. Router CKA is the master virtual router, and Router CKB is the backup virtual router. When

Router CKA fails, Router CKB will become the master virtual router. When Router CKA recovers, it

will regain the master virtual router role.

C. Router CKA is the master virtual router, and Router CKB is the backup virtual router. When

Router CKA fails, Router CKB will become the master virtual router. When Router CKA recovers,

Router CKB will maintain the role of master virtual router.

D. Router CKB is the master virtual router, and Router CKA is the backup virtual router. When

Router CKB fails, Router CKA will become the master virtual router. When Router CKB recovers,

Router CKA will maintain the role of master virtual router.

Answer: B

QUESTION NO: 265

Route redistribution (RR) has become an integral part of IP network design as the result of a

growing need for disseminating certain routes across routing protocol boundaries. By default,

which description is true when redistributing routes from other routing protocols into OSPF?

A. Summarized routes are unacceptable.

B. They will appear in the OSPF routing table as type E2 routes.

C. All imported routes are to be automatically summarized if possible.

D. Only routes with lower administrative distances will be imported.

Answer: B

QUESTION NO: 266

For the following items, which criteria activates an interface that is configured to use dense mode?

(Choose two.)

A. Directly connected hosts

B. Directly connected PIM routers

C. When the interface receives a prune statement from a directly connected PIM router

D. Router configured as a border router

Answer: A,B

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 193

Page 194: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 267

Which feature is a must for the BGP update packet?

A. Weight

B. LOCAL. PREF

C. AS_Path

D. AGGREGATOR

Answer: C

QUESTION NO: 268

What are the differences between PIM DM and PIM SM? (Choose three.)

A. PIM DM assumes that all PIM neighbors have active members directly connected and initially

forwards multicast data out every interface.

B. PIM SM requires an explicit join from a router before the router is added to the shared tree.

C. PIM DM is based on a source root tree distribution mechanism.

D. PIM SM is based on bidirectional shared root tree distribution.

Answer: A,B,C

QUESTION NO: 269

In which way will the following route map configuration effect on OSPF routes redistributed into

EIGRP?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 194

Page 195: Actule Test 642-892

Actu

alTe

sts.

com

A. Routes matching prefix-list pfx are forward with EIGRP metric 20000 2000 255 1 1500.

B. All routes are redistributed.

C. Routes without a tag of 6 and not matching prefix-list pfx have their tag set to 8.

D. Routes with a tag of 6 are redistributed unchanged.

Answer: C

QUESTION NO: 270

On the basis of the following presented exhibit, what will happen after configuring the neighbor

10.1.1.1 weight 200 BGP configuration command on router CK-A?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 195

Page 196: Actule Test 642-892

Actu

alTe

sts.

com

A. CK-A will prefer the path through CK-B for network 172.20.0.0.

B. Packets from CK-D will prefer the path through CK-C for networks advertised by CK-A .

C CK-A will prefer the path through CK-C for network 172.20.0.0.

D. Packets from CK-D will prefer the path through CK-B for networks advertised by CK-A .

Answer: A

QUESTION NO: 271

On the basis of the following configuration, users can not communicate through the router. What

should be changed to fix the configuration?

A. Illegal/inappropriate mask

B. Pool is not applied

C. Illegal IP address

D. No default gateway in DHCP

Answer: D

QUESTION NO: 272

As presented in the figure, OSPF has been configured over a FR network. Each PVC is active.

But, CK-R1 and CK-R3 are unable to see all OSPF routes in their routing tables. The command

show ip ospf neighbor is issued on CK-R2 to display the neighbors' status. How to fix the

problem?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 196

Page 197: Actule Test 642-892

Actu

alTe

sts.

com

A. The ip ospf network broadcast command need to be issued on each Frame Relay interface.

B. The neighbor command needs to be issued under the OSPF routing process on all routers.

C. The ip ospf priority value on the hub router needs to be set to 0.

D. The ip ospf priority value on the spoke routers should be set to 0.

Answer: D

QUESTION NO: 273

Which option will be used to search the bridging tables in a 3550 switch?

A. Bridging database

B. CAM

C. TCAM

D. DCAH

Answer: C

QUESTION NO: 274

Intermediate system to intermediate system (IS-IS), is a protocol used by network devices

(routers) to determine the best way to forward datagrams through a packet-switched network, a

process called routing. Which three attributes are of the IS-IS routing protocol?

A. link-state routing protocol

B. operation is similar to BGP

C. supports VLSM

D. supports two routing levels within an autonomous system

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 197

Page 198: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,C,D

QUESTION NO: 275

What is the meaning of the term non-blocking when referring to an Ethernet switch?

A. The switch has more than one bus.

B. The switch has sufficient capacity to forward without delay.

C. The switch has dual power supplies.

D. The switch has enhanced management to allow frames to pass through undelayed.

Answer: B

QUESTION NO: 276

The following output is generated by which command? IP address Hardware address Lease

expiration Type 172.16.1.11 00a0.9802.32de Feb 01 1998 12:00 AM Automatic

A. dhow ip dhcp database

B. show ip dhcp conflict

C. show ip dhcp binding

D. show ip dhcp pool

Answer: C

QUESTION NO: 277

Which statement is correct about DiffServe?

A. Packets forwarded using DiffServe parameters

B. Packets forwarded by each DiffServe router using per-hop forwarding according to TOS

C. Packets marked and forwarded by each DiffServe router

D. Packets following a predetermined path through the DiffServe cloud

Answer: B

QUESTION NO: 278

Which description is true about the routers that utilize eBGP to communicate with each other?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 198

Page 199: Actule Test 642-892

Actu

alTe

sts.

com

A. Routers running different IGPs

B. Routers within an autonomous system

C. Routers in different autonomous systems

D. Routers in different countries

Answer: C

QUESTION NO: 279

You work as a network engineer. If a switch is running 'hybrid IOS,' what do you understand it to

be using?

A. IOS on the switch and CatOS on the router

B. CatOS on the switch and IOS on the routing module

C. Software that is a combination of CatOS and IOS

D. Software that has commands from both operating systems running in tandem

Answer: B

QUESTION NO: 280

Select three OSPF areas types.

A. stub

B. remote

C. backbone

D. ordinary or standard

Answer: A,C,D

QUESTION NO: 281

Which queuing mechanisms will the 2950 switches support, running standard edition IOS

software? (Choose three.)

A. First in, first out queuing

B. Low Latency Priority Queuing

C. Weighted Round Robin Queuing

D. Strict Priority Queuing

Answer: A,C,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 199

Page 200: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 282

Based on the graphic below, which Catalyst switch interface command should be issued in order

for the switch to instruct the phone to override the incoming CoS from the CK-PC before sending

the packet to the switch?

A. switchport priority extend cos 11

B. switchport priority extend cos 2

C. mis qos cos 2

D. mis qos cos 2 override

Answer: B

QUESTION NO: 283

In computer networking a multicast address is an identifier for a group of hosts that have joined a

multicast group. Multicast addressing can be used in the Link Layer (OSI Layer 2), such as

Ethernet Multicast, as well as at the Internet Layer (OSI Layer 3) as IPv4 or IPv6 Multicast. Which

two descriptions are correct regarding multicast addressing?

A. The last 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved

value that indicates a multicast application.

B. To calculate the Layer 2 multicast address, the host maps the last 23 bits of the IP address into

the last 24 bits of the MAC address. The high-order bit is set to 0.

C. The first 23 bits of the multicast MAC address are 0x01-00-5E. This is a reserved value that

indicates a multicast application.

D. The first 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved

value that indicates a multicast application.

Answer: B,D

QUESTION NO: 284

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 200

Page 201: Actule Test 642-892

Actu

alTe

sts.

com

Which one of the following commands is used to display the non-configured entries in a CAM table

on a 2950 series switch?

A. show cam dynamic

B. show cam

C. Show Bridge dynamic

D. show dynamic cam

Answer: A

QUESTION NO: 285

When a show port capabilities command on a 4000 series router shows that a port is type 2qlt,

what does that mean?

A. The port has two configurable queues, with one drop threshold.

B. The port has two queues but a single timer.

C. The port has one configurable queue with two drop thresholds.

D. The port has the option of one or two configurable queues.

Answer: A

QUESTION NO: 286

According to the following output, can you tell me which command can redistribute IGRP into

EIGRP?

Router eigrp 123 Network 10.10.10.0 No auto-summary i

Router igrp 123 Network 172.16.0.0 Network 172.17.0.0

A. Under the router eigrp mode add redistribute igrp 123 subnets

B. Under the router igrp mode add redistribute eigrp 123

C. Under the router eigrp mode add redistribute igrp 123

D. None, BGRP and IGRP are automatically redistributed in this instance.

Answer: D

QUESTION NO: 287

Given the following items, which IP is used for the source address of BGP traffic in the absence of

the command update-source?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 201

Page 202: Actule Test 642-892

Actu

alTe

sts.

com

A. Router ID

B. 0.0.0.0

C. Derived from the AS

D. Output interface

Answer: D

QUESTION NO: 288

Which statement is correct about Weighted Round Robin Queuing?

A. A queuing mechanism where each queue is of configurable length and is serviced using strict

priority

B. A queuing mechanism where each queue is of configurable length and is serviced in turn

C. A queuing mechanism where each queue is the same length and is serviced in turn

D. A queuing mechanism where each queue is of different length and is serviced in priority of size

Answer: B

QUESTION NO: 289

Study the following figure carefully, which address is to be listed as the next-hop address when

CK-RTB passes BGP advertisements from CK-RTA about network 192.168.2.0 to CK-RTC?

A. 192.168.1.49

B. 10.1.1.1

C. io.i.i.2

D. 192.168.1.50

Answer: D

QUESTION NO: 290

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 202

Page 203: Actule Test 642-892

Actu

alTe

sts.

com

Which interface command sets the standby IP address on VLAN1 interface to 192.168.1.200?

A. ip address 192.168.1.200 standby

B. standby 1 ip address 192.168.1.200

C. standby 1 ip 192.168.1.200

D. hsrp address 192.168.1.200

Answer: C

QUESTION NO: 291

Which of the following is BGP next hop (by default) set to?

A. Your BGP neighbor

B. The local router

C. The first router in the advertising AS

D. The first router in the AS

Answer: C

QUESTION NO: 292

In the process of designing VLAN, which two recommended practices are correct?

A. Routing will not be implemented between VLANs located on separate switches.

B. Routing should always be performed at the distribution layer.

C. VLANs will be localized to a single switch unless utilizing voice VLANs.

D. VLANs should be localized to a switch.

Answer: B,D

QUESTION NO: 293

Which statement is correct concerning the BGP local-preference attribute?

A. It is proprietary

B. BGP prefers the highest value

C. Only used outside an AS

D. Default value is zero

Answer: B

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 203

Page 204: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 294

Given the following route map, what will be the local-preference for 192.168.26.0/24?

A. 100

B. 200

C. 150

D. 0

Answer: C

QUESTION NO: 295

Voice over Internet Protocol (VoIP) is a general term for a family of transmission technologies for

delivery of voice communications over IP networks such as the Internet or other packet-switched

networks. Which of the following describes the order while placing a VoIP call I from IP phone CK-

P1 to IP phone CK-P2?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 204

Page 205: Actule Test 642-892

Actu

alTe

sts.

com

A. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. IP phone CK-P1

alerts the CK-CCM of off-hook state. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP

phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP phone CK-P2.

B. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of

off-hook state. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP

phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2.

C. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of

off-hook state. IP phone CK-P1 passes digits to CK-CCM.

RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. CK-CCM routes call to

PSTN or IP phone CK-P2.

D. IP phone CK-P1 alerts the CK-CCM of off-hook state. CK-CCM instructs IP phone CK-P1 to

provide dialtone. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP

phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2

Answer: D

QUESTION NO: 296

Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like

Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while

allowing packet load sharing between a group of redundant routers. Which method used by GLBP

permits the AVG to prefer one GLBP router as the AVF over other GLBP routers until its tracked

interface goes down, while another router will be more preferred?

A. glbp group load-balancing round-robin

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 205

Page 206: Actule Test 642-892

Actu

alTe

sts.

com

B. no glbp group load-balancing

C. glbp group load-balancing host-dependent

D. glbp group load-balancing weighted

Answer: D

QUESTION NO: 297

Multipath interference is a phenomenon in the physics of waves whereby a wave from a source

travels to a detector via two or more paths and, under the right condition the two (or more)

components of the wave interfere. Observe the following graphic seriously, at the CK-client end,

the signal transmitted from the CK-AP is reflected off a wall resulting in multipath interference.

Which description is correct?

A. If signal 2 is dose to 360 degrees out of phase with signal1, the result is essentially zero signal

or a dead spot in the WLAN.

B. Multipath interference is solved by using dual antennas.

C. Multipath interference is less of an issue when using a DSSS technology because multipath is

frequency selective.

D. The transmitted signal from the CK-AP arrives at the CK-client at slightly different times

resulting in phase shifting.

Answer: D

QUESTION NO: 298

Which command will display the multicast groups?

A. show multicast router

B. show multicast group

C. show igmp interface

D. ip igmp snooping

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 206

Page 207: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

QUESTION NO: 299

Which function is implemented with extension headers?

A. Fragmentation

B. Checksum

C Flow labels

D. TCP

Answer: A

QUESTION NO: 300

Which two of the following are correct after enabling OSPF across an NBMA network and issuing

the command ip ospf network nonbroadcast?

A. DR and BDR elections will occur.

B. All routers must be configured in a fully meshed topology with all other routers.

C. DR and BDR elections will not occur.

D. The neighbor command is required to build adjacencies.

Answer: A,D

QUESTION NO: 301

A mobile IPv6 binding is an association between which of the following?(choose two)

A. Home address

B. Prefix

C. Correspondent nodes

D. Care-of address

Answer: A,D

QUESTION NO: 302

Which item is supported by OSPFv3 instead of OSPFv2?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 207

Page 208: Actule Test 642-892

Actu

alTe

sts.

com

A. NBMA networks

B. NSSAs

C. Multiple OSPF processes

D. 128-bit prefixes

Answer: D

QUESTION NO: 303

In order to enable IPv6 routing on a Cisco router, which command will necessarily be used?

A. ipv6 routing

B. ipv6 unicast-routing

C. None, IPv6 routing is enabled by default.

D. ipv6 address

Answer: B

QUESTION NO: 304

Which statement best describes Dual stack?

A. Running IPv4 and IPv6 at the same time

B. Passing IPv6 through UDP

C. Process interception

D. Translating IPv4 traffic to IPv6

Answer: A

QUESTION NO: 305

6to4 is a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the

IPv4 internet) without the need to configure explicit tunnels. How is a 6-to-4 tunnel different than a

manually configured tunnel?

A. It is not a dual-stack solution.

B. It uses NAT-PT.

C. Automatic tunnel creation.

D. IPv6 addresses are embedded in IPv4 addresses.

Answer: C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 208

Page 209: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 306

An administrator would like to configure a switch over a virtual terminal connection from locations

outside of the local LAN. Which of the following are required in order for the switch to be

configured from a remote location? (Choose two.)

A. The switch must be configured with an IP address, subnet mask, and default gateway.

B. The switch must be connected to a router over a VLAN trunk.

C. The switch must be reachable through a port connected to its management VLAN.

D. The switch console port must be connected to the Ethernet LAN.

Answer: A,C

QUESTION NO: 307

The network administrator of the CK-A router adds the following command to the router

configuration: ip route 192.168.12.0 255.255.255.0 172.16.12.1. What are the results of adding

this command? (Choose two.)

A. The command establishes a static route.

B. The command invokes a dynamic routing protocol for 192.168.12.0.

C. Traffic for network 192.168.12.0 is forwarded to 172.16.12.1.

D. Traffic for all networks is forwarded to 172.16.12.1.

Answer: A,C

QUESTION NO: 308

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 209

Page 210: Actule Test 642-892

Actu

alTe

sts.

com

The network administrator has found the following problem. The remote networks 172.16.10.0,

172.16.20.0, and 172.16.30.0 are accessed through the Central router's serial 0/0. No users are

able to access 172.16.20.0. After reviewing the command output shown in the graphic, what is the

most likely cause of the problem?

A. no gateway of last resort on Central

B. Centra!router's not receiving 172.16.20.0 update

C. incorrect static route for 172.16.20.0

D. 172.16.20.0 not located in Central's routing table

Answer: C

QUESTION NO: 309

Which command will provide you with information regarding the Layer 3 configuration of directly

connected router interfaces?

A. show ip interface

B. show cdp neighbors

C. show cdp neighbors detail

D. show ip route

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 210

Page 211: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C

QUESTION NO: 310

Observe the following commands, which two can correctly configure a router to perform OSPF and

to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)

A. Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

B. Router(config)# router ospf 1

C. Router(config-router)# network 192.168.16.0 0.0.0.255 0

D. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0

Answer: B,D

QUESTION NO: 311

Configure a router with EIGRP as the only routing protocol. If there is no feasible successor route

to a destination network and the successor route fails, how does EIGRP respond?

A. It automatically forwards traffic to a fallback default route until a new successor route is found.

B. It immediately sends its entire routing table to its neighbors.

C. EIGRP sends a Hello packet to the DR to inform it of the route failure.

D. It sends queries out to neighbors until a new successor route is found.

Answer: D

QUESTION NO: 312

Which port of CK-Sw2 is receiving BPDUs according to the diagram presented in the network?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 211

Page 212: Actule Test 642-892

Actu

alTe

sts.

comA. Fa 0/2 only

B. Fa 0/3 only

C. Fa 0/1 and Fa 0/2 only

D. Fa 0/1 and Fa 0/3 only

Answer: D

QUESTION NO: 313

According to the following diagram, both the switches Core and Core2 are Catalyst 2950s. The

addressing scheme for each company site is as follows: Router Ethernet port - 1st usable address

Core - 2nd usable address Core2 - 3rd usable address For this network, which three commands

need to be configured on Core2 to allow it to be managed remotely from any subnet on the

network? (Choose three.)

A. Core2(config)# line con 0

Core2(config-line)# password Cisco

B. Core2(config)# interface vlan 1

Core2(config-if)#ip address 192.168.1.11 255.255.255.248

C. Core2(config)# line vty 0 4

Core2(config-line)# password Cisco

D. Core2(config)# ip default-gateway 192.168.1.9

Answer: B,C,D

QUESTION NO: 314

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 212

Page 213: Actule Test 642-892

Actu

alTe

sts.

com

Look at the figure below: the two routers CK-R1 and CK-R2 share the routing information through

EIGRP. The yellow colored is configuration for CK-R2. What do you think will be the result of the

configuration?

A. Only the 172.16.0.0 network will be advertised to neighbors on the 192.168.2.0 network.

B. All networks will be advertised to the 192.168.2.0 network neighbors, except the 172.16.0.0

network.

C. Only such routes will be advertised to the 192.168.2.0 network neighbors: routes learned by

CK-R2 and from the interface connected to the network 172.16.0.0.

D. No routes learned by CK-R2 from the interface connected to the 172.16.0.0 network will be

advertised to the 192.168.2.0 network neighbors.

Answer: A

QUESTION NO: 315

Look at the following exhibit. Presume an IGP is correctly operating inside AS64192. As to BGP

operation in AS64192, which two of the following statements are true?

(Choose two)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 213

Page 214: Actule Test 642-892

Actu

alTe

sts.

comA. CK-RT2 used the BGP command neighbor 192.168.33.1 ebgp-multihop

B. CK-RT1 used the BGP command neighbor 192.168.33.1 remote-as 64192

C. CK-RT2 used the BGP command neighbor 192.168.33.1 remote-as 64192

D. PS4-RT2 used the BGP command update-source loopback 0

Answer: C,D

QUESTION NO: 316

CK has configured EIGRP to operate over Frame Relay multipoint connections. What do you think

the bandwidth command should be set to?

A. the CIR rate of the highest speed connection

B. the CIR rate of the lowest speed connection

C. the number of connections divides the sum of all the CIRs

D. the number of circuits multiplies the CIR rate of the lowest speed connection

Answer: D

QUESTION NO: 317

Which is the right order of the BGP attributes used for determining a route?

1. Weight

2. MED

3. AS_Path

4. Originate route

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 214

Page 215: Actule Test 642-892

Actu

alTe

sts.

com

5. Local preference

A. 5, 1, 4, 3, 2

B. 1, 5, 4, 2, 3

C. 2, 3, 1, 5, 4

D. 4, 3, 2, 1, 5

Answer: B

QUESTION NO: 318

With reference to the exhibit, which statement is right about the router configuration shown?

A. This configuration will do nothing as it is also the 192.168.23.1 IP address that applies to the id

helper-address command needs.

B. Any DHCP requests received by this interface will be unicasted by the router out to all

addresses included in the ip helper-address commands.

C. Any DHCP requests received by this interface will be rebroadcasted by the router out to all

addresses included in the ip helper-address commands.

D. Any UDP broadcasts received by this interface will be rebroadcasted by the router out to all

addresses included in the ip helper-address commands.

Answer: B

QUESTION NO: 319

You are troubleshooting an EIGRP connectivity problem. Two connected EIGRP routers are found

not becoming EIGRP neighbors. You attempt to ping between the two routers and succeed. What

should you check next?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 215

Page 216: Actule Test 642-892

Actu

alTe

sts.

com

A. Confirm that EIGRP is enabled for the proper networks on the local and neighboring router.

B. Confirm that EIGRP broadcast packets are not being dropped between the two routers with the

show ip BGRP traffic command.

C. Confirm that EIGRP broadcast packets are not being dropped between the two routers with the

show ip EIGRP peer command.

D. Confirm that the EIGRP hello and hold timers match precisely.

Answer: A

QUESTION NO: 320

During the implementation of 0SPFv3, which of the following description is right for the

configuration of OSPF areas?

A. In router configuration mode, the OSPFv3 areasnetwork are allotted by the network wildcard

area ID combination.

B. In interface configuration mode, the OSPFv3 areas interfaces are allotted by the OSPFv3 area

ID combination.

C. In router configuration mode, the OSPFv3 areas interfaces are allotted by the IPv6 OSPF

interface area ID combination.

D. In interface configuration mode, the OSPFv3 areas interfaces are allotted by IPv6 OSPF

process area ID combination

Answer: D

QUESTION NO: 321

Look at the following figure. You employ Router CK-R1 as a relay device for auto configuration of

switch CK-S1. Which configuration should you use?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 216

Page 217: Actule Test 642-892

Actu

alTe

sts.

com

A. CK-Rl(config)# interface fastethernet 0/0

CK-Rl(config-if)# ip helper-address 20.0.0.2

CK-Rl(config-if)# ip helper-address 20.0.0.3

CK-Rl(config-if)# ip helper-address 20.0.0.4

CK-Rl(config-if)# exit

CK-Rl(config)# interface fastethernet 0/1

CK-Rl(config-if)# ip helper-address 10.0.0.1

B. CK-Sl(config)# interface fastethernet 0/1

CK-Sl(config-if)# ip helper-address 10.0.0.2

CK-R2(config)# interface fastethernet 0/0

CK-R2(config-if)# ip helper-address 20.0.0.1

CK-R3(config)# interface fastethernet 0/0

CK-R3(config-if)# ip helper-address 20.0.0.1

CK-R4(config)# interface fastethernet 0/0

CK-R4(config-i0# ip helper-address 20.0.0.1

C. CK-Rl(config)# interface fastethernet 0/0

CK-Rl(config-if)# ip helper-address 20.0.0.1

CK-R2(config)# interface fastethernet 0/0

CK-R2(config-if)# ip helper-address 20.0.0.1

CK-R3(config)# interface fastethernet 0/0

CK-R3(config-if)# ip helper-address 20.0.0.1

CK-R4(config)# interface fastethernet 0/0

CK-R4(config-if)# ip helper-address 20.0.0.1

D. CK-Sl(config)# interface fastethernet 0/1

CK-Sl(config-if)# ip helper-address 20.0.0.1

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 217

Page 218: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 322

Look at the following figure. You are required to build a BGP neighbor relationship between

routers CK-R1 and CK-R4. BGP packets between them could pass through CK-R2 or CK-R3.

Which do you think is the simplest configuration that will allow for failover?

A. Configure only one neighbor relationship between CK-Rl's 192.168.1.2 interface and CK-R4's

172.16.10.2 interface.

B. Configure loopback interfaces on CK-R1 and CK-R4 to supply BGP packets with the update

source address.

C. Configure BGP neighbor relationships between all interfaces on CK-R1 and CK-R4.

D. Install a direct connection between CK-R1 and CK-R4.

Answer: B

QUESTION NO: 323

Supposing that the primary path goes down, in order to reach a destination, what will EIGRP use?

A. successor

B. administrative distance

C. feasible successor

D. advertised successor

Answer: C

QUESTION NO: 324

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 218

Page 219: Actule Test 642-892

Actu

alTe

sts.

com

Look at the following exhibit. Choose two correct statements regarding the PIM sparse mode

network! (Choose two)

A. The multicast source is connected to the serial 1/4 interface.

B. The multicast source is directly connected to this router.

C. The multicast receiver is directly connected to this router.

D. The RP for this network is this router.

Answer: A,D

QUESTION NO: 325

If you want to allow a switch to decide which ports to forward IP multicast messages to, what

methods may be effective? (Choose three)

A. IGMP

B. CGMP

C. IGMP snooping

D. static assignment

Answer: B,C,D

QUESTION NO: 326

With regard to EIGRP neighbor router authentication, choose two correct statements. (Choose

two)

A. MD5 authentication is necessary.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 219

Page 220: Actule Test 642-892

Actu

alTe

sts.

com

B. Simple password or MD5 authentication may be used.

C. With MD5 authentication, the key is sent across, but it is encrypted.

D. With authentication configured, the router verifies the source of each routing update packet that

it receives from a neighboring router.

Answer: B,D

QUESTION NO: 327

Which statement is correct based upon the following output from the show command on CK-RT1?

A. OSPFv3 establishes neighbor adjacencies by using Link-local addresses.

B. OSPFv3 establishes neighbor adjacencies by using IPv4 addresses.

C. OSPFv3 establishes neighbor adjacencies by using global IPv6 addresses.

D. CK-RT1 owns a subnet mask of 64 bits.

Answer: A

QUESTION NO: 328

After we have entered the passive-interface router configuration command, which routing protocol

will keep on receiving and processing routing updates from neighbors?

A. is-is

B. OSPF

C. RIP

D. EIGRP

Answer: C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 220

Page 221: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 329

What is the MAC address that comes from the multicast address 239.255.0.1?

A. Ol-Ol-ef-ff-00-01

B. 10-00-ef-ff-OO-Ol

C. 01-00-5e-7f-00-01

D. 00-00-00-7f-00-01

Answer: C

QUESTION NO: 330

Look at the following figure. What should be done to fulfill the IPv6 routing configurations shown?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 221

Page 222: Actule Test 642-892

Actu

alTe

sts.

com

A. IP unicast routing should be enabled.

B. IPv4 addresses must be applied to the interfaces.

C

C. Interface authentication must be configured.

D. The routing processes must be configured with an area ID.

Answer: A

QUESTION NO: 331

Look at the following exhibit. You have just configured EIGRP on all routers in the network. In

order that only the delay metric is used in the path calculations, you add the command metric

weights 0 0 1 0 0 to the EIGRP process. Which router will be the successor of the CK-R1 and

possible successor of Network A?

A. CK-R2 will be the successor and will be placed in the routing table. CK-R4 becomes the

possible successor for Network A.

B. CK-R2 will be the successor and will be placed in the routing table. No possible successor will

be selected as the reported distance from CK-R4 is lower than the possible distance.

C. CK-R4 will be the successor for Network A and will be included in the routing table. No possible

successor will be selected as the advertised distance from CK-R2 is higher than the feasible

distance.

D. CK-R4 will be the successor for Network A and will be placed in the routing table. CK-R2

becomes the possible successor for Network A.

Answer: C

QUESTION NO: 332

What is the difference between the configuration of a totally stubby area and that of a stub area?

A. The totally stubby area requires the no-summary command on all routers.

B. The totally stubby area requires the totally stubby command on all routers.

C. The no-summary command should be included on the ASBR within the totally stubby area.

D. The no-summary command should be included on the ABR within the totally stubby area.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 222

Page 223: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

QUESTION NO: 333

The IP multicast global configuration command ip pim send-rp-announce loopback0 scope 31

group-list 5 issued on multicast router RTA. What are the two results?

(Choose two)

A. RTA will originate RP announcements with TTL set to 31.

B. RTA will drop all RP announcements it receives if the TTL field is greater than 31.

C. RTA will forward RP announcements provided they are within the scope of 31.

D. RTA will originate RP announcements for multicast groups that match access-list 5.

Answer: A,D

QUESTION NO: 334

From the show ip eigrp topology command output, which code is the indication of a convergence

problem for the associated network?

A. Active

B. Update

C. Query

D. SIA

Answer: D

QUESTION NO: 335

What is the meaning of the default value of the EIGRP variance command of 1?

A. Only the path that is the feasible successor should be used.

B. The router only performs equal-cost load balancing on all paths that have a metric greater than

1.

C. Load balancing is disabled on this router.

D. The router performs equal-cost load balancing.

Answer: D

QUESTION NO: 336

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 223

Page 224: Actule Test 642-892

Actu

alTe

sts.

com

Which two statements best describe Aironet enterprise solution? (Choose two.)

A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to

probe-request frames from clients.

B. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet

AP and a LAN switch.

C. A Cisco Aironet solution contains intelligent Cisco Aironet access points (APs) and Cisco

Catalyst switches.

D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN

controller handles those items which are not time sensitive.

Answer: A,D

QUESTION NO: 337

Look at the partial configurations in the following figure, what address is applied for DR and BDR

identification on CK-R1?

A. the configured router-id address

B. an arbitrarily generated internal address

C. the sequential 1/1 address

D. the sequential 2/0 address

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 224

Page 225: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 338

The following exhibit shows ipv6 route output. What would the metric be for a summary route that

summarizes all three OSPFv3 routes displayed?

A. 160

B. 140

C. 120

D. 100

Answer: D

QUESTION NO: 339

Look at the figure below: CK-F is advertising the 172.16.0.0 network to CK-B through EBGP. In

order that the path to the 172.16.0.0 network is available to all of CK-B's IBGP peers, which two

configuration options could be utilized, independently?

(Choose two)

A. Make sure that synchronization is off.

B. Configure next-hop-self on CK-B

C. Configure next-hop-self on all IBGP peers.

D. Redistribute BGP into the IGP routing protocol.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 225

Page 226: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B,D

QUESTION NO: 340

Which two advantages are of IGMP v2 over IGMPvl ?(choose two)

A. Group-specific queries

B. Source Filtering

C. Group Leaves

D. Group Joins

Answer: A,C

QUESTION NO: 341

Stub areas are areas through which or into which AS external advertisements are not flooded. An

OSPF stub area has no external routes in it, so you cannot redistribute from another protocol into

a stub area. Which three items are limitations for OSPF stub areas?

A. Prohibit virtual links.

B. The area should not be a backbone area.

C. Interarea routes are suppressed.

D. Prohibit autonomous system border routers.

Answer: A,B,D

QUESTION NO: 342

Observe the following graphic carefully, could Area 1 allow redistributed RIP routes from OSPF

Area 2? And why?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 226

Page 227: Actule Test 642-892

Actu

alTe

sts.

com

A. Because Area 1 is an NSSA, redistributed RIP routes will not be allowed.

B. RIP routes will be allowed in Area 1 only if they are first redistributed into EIGRP.

C. Redistributed RIP routes are allowed in Area 1 because they are changed into type 5 LSAs in

Area 0 and passed on into Area 1.

D. Because NSSA will drop type 7 LSAs, redistributed RIP routes will not be allowed in Area 1.

Answer: A

QUESTION NO: 343

Why are LED 0 and LED 1 on an Aironet card blinking alternately?

A. The Aironet card is joined to a network, and there is network activity.

B. The Aironet card is looking for a network association.

C. The Aironet card is in power save mode.

D. The Aironet card is joined to a network, but there is no network activity.

Answer: B

QUESTION NO: 344 HOTSPOT

Observe the following exhibit carefully the interfaces addresses on CK-RA are 192.168.1.1 and

172.16.1.1, while the interfaces addresses on CK-RB are 172.16.1.2 and 10.1.1.2. CK-RA serial

link is used to connect the two routers.

Which command can be issued to configure CK-RB with RIPv2?

s

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 227

Page 228: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

QUESTION NO: 345

Which one of the following items gives the correct sequence of the association between a wireless

client and a wireless access point?

A. 1. Client sends probe request.

2. Access point sends probe response.

3. Client initiates association.

4. Access point accepts association.

5. Access point adds client MAC address to association table.

B. 1. Client sends probe request.

2. Access point sends probe response.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 228

Page 229: Actule Test 642-892

Actu

alTe

sts.

com

3. Access point initiates association.

4. Client accepts association.

5. Access point adds client MAC address to association table.

C. 1. Access point sends probe request.

2. Client sends probe response.

3. Client initiates association.

4. Access point accepts association.

5. Access point adds client MAC address to association table.

D. 1. Access point sends probe request.

2. Client sends probe response.

3. Client initiates association.

4. Access point accepts association.

5. Client adds access point MAC address to association table.

Answer: A

QUESTION NO: 346

VTP is short for VLAN Trunking Protocol. Your customer's network is operating VTP with a domain

named main1. On this network, VLANs 1,2,3,4,5,10,20 are active. All of a sudden, the entire

network goes down. Traffic only passes on VLAN1 and all switches are working. A switch called

Test1 was added to the network just before this malfunction appeared. What is the problem with

Test1?

A. TEST1 has a lower VTP configuration revision than the current VTP revision.

B. TEST1 is configured as a VTP server with the domain name main1.

C. TEST1 has a higher VTP configuration revision than the current VTP revision.

D. TEST1 is configured with only VLAN1.

Answer: B,C,D

QUESTION NO: 347

Cisco Wireless LAN Controllers are responsible for system wide wireless LAN functions, such as

security policies, intrusion prevention, RF management, quality of service (QoS), and mobility.

Observe the following exhibit carefully the lightweight wireless architecture uses split MAC method

to split the 802.11 data processing and management protocols and the functionality of access

point between the WLAN controller and the access point. Choose three functionalities that are

handled by the WLAN controller.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 229

Page 230: Actule Test 642-892

Actu

alTe

sts.

com

A. the response to Probe Request frames from clients

B. 802.11 authentication

C. 802.11 association and re-association (mobility)

D. 802.11 frame translation and bridging

Answer: B,C,D

QUESTION NO: 348

You are a network technician of your company. Now you are tasked to configure the switches and

router in this network so that the hosts in VLAN3 and VLAN4 could communicate with the server in

VLAN2. According to the exhibit, which two Ethernet segments should be configured as trunk

links?

A. A

B. B

C. C

D. D

E. E

F. F

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 230

Page 231: Actule Test 642-892

Actu

alTe

sts.

com

Answer: C,F

QUESTION NO: 349

A wireless repeater is a computer networking device which acts as a repeater between a wireless

router and computers. Typical use of a wireless repeater is to add one when your computer is too

far away from any of the buildings' other wireless access points. If setting up properly, it will then

extend the range of the local wireless network. Which two descriptions are correct with regard to a

wireless repeater topology?

A. A wireless repeater is an access point not connecting to the wired LAN.

B. A 15 - 25 percent overlap is needed for this topology between a wired access point and the

wireless repeater.

C. The SSID of the root access point must be configured on the repeater access point.

D. The repeater access point should use a different channel from what the root access point uses

to avoid interference.

Answer: A,C

QUESTION NO: 350

The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a

table of IP networks or 'prefixes' which designate network reach ability among autonomous

systems (AS). Look at the following graphic seriously, BGP are operating on CK-RTA and CK-

RT8, but the session is active. In order to establish BGP session, which command should be

increased?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 231

Page 232: Actule Test 642-892

Actu

alTe

sts.

com

A. ip route 10.10.10.1 255.255.255.255 s0/0

ip route 10.10.10.1 255.255.255.255 s0/1

B. no synchronization

C. network 10.10.10.0

D. neighbor 10.10.10.1 next-hop-self

Answer: A

QUESTION NO: 351

According to the information presented in the following exhibit, can you tell me the reason that the

trust state of interface FastEthernet 0/3 displays "not trusted"?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 232

Page 233: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 233

Page 234: Actule Test 642-892

Actu

alTe

sts.

com

A. The command mis qos needs to be turned on in global configuration mode.

B. DSCP map needs to be configured for VOIP.

C. ToS has not been configured.

D. There is not a Cisco Phone attached to the interface.

Answer: D

QUESTION NO: 352

According to the diagram displayed below, which address can summarize the presented networks

successfully?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 234

Page 235: Actule Test 642-892

Actu

alTe

sts.

com

A. 192.168.0.0/24

B. 192.168.8.0/20

C. 192.168.8.0/21

D. 192.168.12.0/20

Answer: C

QUESTION NO: 353

Assume that you are a network technician of your company. Recently, you have designed an

access list to block the Accounting Department HTTP traffic from reaching the HR server which is

attached to the CK2 router. When grouped with the eO interface on the CKl router, which access

list can achieve this goal?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 235

Page 236: Actule Test 642-892

Actu

alTe

sts.

com

A. deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any any

B. permit ip any any deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80

C. permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80

D. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any

Answer: D

QUESTION NO: 354

The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a

table of IP networks or 'prefixes' which designate network reachability among autonomous

systems (AS). Look at the following presented BGP configuration commands from the advertising

router seriously, it is found that the 192.168.0.0 route is not being advertised in this network. Why?

router bgp 65111

neighbor 172.16.1.1 remote-as 65111

neighbor 172.16.2.1 remote-as 65112

network 192.168.0.0

network 10.0.0.0

i

ip route 192.168.0.0 255.255.0.0 null0

A. The network 192.168.0.0 statement is missing mask 255.255.0.0

B. The auto-summary configuration is missing.

C. The network 192.168.0.0 statement is missing mask 0.0.255.255.

D. The network 10.0.0.0 statement is missing mask 255.0.0.0.

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 236

Page 237: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 355

Which two of the following descriptions are correct according to the displayed output of the

command show ip bgp summary? (Choose two.)

A. The BGP session to the 10.1.1.1 neighbor is established.

B. The router is trying to create a BGP peering session with the 10.1.1.1 neighbor.

C. The BGP session to the 10.3.3.3 neighbor is created, but the router received no BGP routing

updates from the 10.3.3.3 neighbor.

D. The router is attempting to establish a BGP peering session with the 10.2.2.2 neighbor.

Answer: A,D

QUESTION NO: 356

On the basis of the following exhibit, can you tell me why VLAN updates from switch CK-P2S1 are

not applied to switch CK-P1S1? (Choose three.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 237

Page 238: Actule Test 642-892

Actu

alTe

sts.

com

A. The MD5 digests do not match.

B. Switch CK-P1S1 is in transparent mode.

C. The passwords do not match.

D. The VTP domains are different.

Answer: B,C,D

QUESTION NO: 357

OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs)

to all other routers within the same hierarchical area. In the network provided in the following

exhibit, each router is configured with OSPF. But, router CK-R1 can't receive a default route to

router CK-R2 as expected. How to solve this problem?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 238

Page 239: Actule Test 642-892

Actu

alTe

sts.

com

A. Add the ip route 5.0.0.0 255.255.255.0 0.0.0.0 command to router CK-R2.

B. Add the always keyword to the default-information originate configuration command on router

CK-R2.

C. Add the area 1 stub command on routers CK-R1.

D. Remove the default informationoriginate configuration command from router CK-R2 and place it

on router CK-R1

Answer: B

QUESTION NO: 358

A routing loop is a common problem with various types of networks, particularly computer

networks. They are formed when an error occurs in the operation of the routing algorithm, and as

a result, in a group of nodes, the path to a particular destination forms a loop. Which BGP feature

can prevent routing loops?

A. AS-path

B. weight

C. local preference

D. origin

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 239

Page 240: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 359

Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol designed to

increase the availability of the default gateway servicing hosts on the same subnet. How to

exchange VRRP messages between routers sharing a common LAN segment?

A. Unicast IP addresses with UDP port ID 112.

B. VRRP messages are directly encapsulated into the Ethernet data field using type code 0x112.

C. Destination IPaddress 224.0.0.18 with IP Protocol ID 112.

D. VRRP relies on TCP to open a connection and to maintain that connection using TCP

keepalives.

Answer: C

QUESTION NO: 360

A trunk is typically a point-to-point connection between two switches, it is very efficient and highly

recommended that it runs in full-duplex mode. In the following diagram, a trunk link interconnects

switch CK-A_SW and switch CK-D_SW. How to manage the traffic from the switch CK-A_SW

based on the presented configuration?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 240

Page 241: Actule Test 642-892

Actu

alTe

sts.

com

A. The trunk port FaO/1 on switch CK-D_SW would trust allCoS values on the frames received on

the CK-A_SW switch pott Fa0/4.

B. The trunk port FaO/1 on switch CK-A_SW would trust allCoS values on the frames from the IP

phone.

C. The trunk port Fa0/1 on switch CK-D_SW will trust allCoS values on the frames coming from

port Fa0/1 on CK-A_SW.

D. The trunk port FaO/1 on switch CK-D_SW would trust allCoS values on the frames received on

the IP phone port.

Answer: C

QUESTION NO: 361

A. The traffic coming from Hostl and Host2 is forwarded through router CK-R2 with no disruption.

B. The traffic originating from Host2 is transmitted through router CK-R2 with no disruption. The

traffic from Hostl is dropped because of the disruption of the load balancing feature configured for

the glbp group.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 241

Page 242: Actule Test 642-892

Actu

alTe

sts.

com

C. The traffic originating from Host2 is transmitted through router CK-R2 with no disruption. Hostl

forwards an ARP request to resolve the MAC address for the new virtual gateway.

D. The traffic originating from both hosts is temporarily interrupted when the switchover to make

CK-R2 active occurs.

Answer: A

QUESTION NO: 362

Refer to the following IPv6 addresses, which one could correctly compress the IPv6 unicast

address 2001:0:0:0:0DB8:0:0:417A?

A. 2001:::0DB8:0:0:417A

B. 2001:0DB8:417A

C. 2001::0DB8::417A

D. 2001::DB8:0:0:417A

Answer: D

QUESTION NO: 363

What will happen after redistributing other routing protocol routes into OSPF?

A. miss the metric option in the redistribute command.

B. miss the subnet option in the redistribute command.

C. miss the tag option in the redistribute command.

D. misconfigure the metric-type option in the redistribute command to type-1.

Answer: B

QUESTION NO: 364

Which option is correct according to the provided exhibit?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 242

Page 243: Actule Test 642-892

Actu

alTe

sts.

com

A. The 10.0.0.0/8 network is not in the routing table on CK-RB.

B. Traffic from the 172.16.0.0/16 network is blocked by the ACL.

C. The 10.0.0.0/8 network is not advertised by CK-RB because the network statement for the

10.0.0.0/8 network is missing from CK-RB.

D. CK-RB will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.

Answer: D

QUESTION NO: 365

Alex is a network technician of his company. Look at the exhibit below seriously, in this network,

he has configured each router with OSPF and configured Area 5 as an NSSA area. The RIPv2

routes are redistributed into the OSPF domain on router CK-R5.Which two LSAs types are to be

generated by router CK-R5?

A. type 1 Router LSA

B. type 2 Network LSA

C. type 3 Network Summary LSA

D. type 4 ASBR Summary LSA

E. type 5 AS External LSA

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 243

Page 244: Actule Test 642-892

Actu

alTe

sts.

com

F. type 7 NSSA External LSA

Answer: A,F

QUESTION NO: 366

Which two descriptions regarding voice VLANs are correct? (Choose two.)

A. Voice VLANs offer a trunking interface between an IP phone and an access port on a switch to

allow traffic from multiple devices connected to the port.

B. Enabling Voice VLAN on a switch port will automatically configure the port to trust the

incomingCoS markings.

C. Access ports configured with voice VLANs may ormay not override the CoS value that is

received from an IP phone.

D. Voice VLANs are configured using the switchport voice vlan vlan-ID interface configuration

command.

Answer: C,D

QUESTION NO: 367

Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP)

networks by the Interior Gateway Protocol (IGP) working group of the Internet Engineering Task

Force (IETF). Which two statements best describe the OSPF link-state routing protocol? (Choose

two.)

A. OSPF sends updates every 10 seconds.

B. When a link state is changed, the router that detected the change creates a link-state

advertisement (LSA) and propagates it to all OSPF devices using the 224.0.0.6 multicast address.

C. OSPF sends summaries of individual link-state entries every 30 minutes to ensure LSDB

synchronization.

D. OSPF sends triggered updates when a network change occurs.

Answer: C,D

QUESTION NO: 368 DRAG DROP

Drag the port states to their correct description

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 244

Page 245: Actule Test 642-892

Actu

alTe

sts.

com

Answer:

Explanation:

QUESTION NO: 369

Regarding the following exhibit, the wireless LAN can be accessed by all the three different

wireless groups of users. In order to increase the network security, which security policy should be

applied to the Guest group users?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 245

Page 246: Actule Test 642-892

Actu

alTe

sts.

com

A. open authentication with WEP plus MAC authentication

B. static WEP and MAC authentication

C

C. primary SSID with open or no WEP authentication

D. LEAP authentication

Answer: C

QUESTION NO: 370

When redistributing routes from other protocols, a metric will be required by which two routing

protocols? (Choose two.)

A. RIP

B. IS-IS

C. EIGRP

D. BGP

Answer: A,C

QUESTION NO: 371

When CDP finds out that a Cisco phone is attached, which three interface commands should be

used in order for the switch port to support a connected Cisco phone and to trust the CoS values

received on the port? (Choose three.)

A. switchport priority extend cos_value

B. mls qos trust cos

C. mls qos trust device cisco-phone

D. switchport voice vlan vlan-id

Answer: B,C,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 246

Page 247: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 372

How to exchange GLBP messages between routers sharing a common LAN segment?

A. GLBP messages are multicast to UDP port ID 3222.

B. Routers inform clients with GLBP messages and use ARP messages to exchange information

about first-hop redundancy.

C. GLBP messages are directly encapsulated into the Ethernet data field using type code 3222.

D. GLBP relies on TCP to open a connection and to maintain that connection using TCP

keepalives.

Answer: A

QUESTION NO: 373

According to the following graphic, the IS-IS backbone is composed by which routers?

A. CK-R2, CK-R3, CK-R6, CK-R7

B. CK-R3, CK-R4, CK-R6

C. CK-R3, CK-R4, CK-R5, CK-R6

D. CK-R2, CK-R3, CK-R4, CK-R6, CK-R7

Answer: D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 247

Page 248: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 374

The routers CK-1 and CK-3 are OSPF neighbors over the Ethernet 0/0 connection. According to

the output presented of the show ip ospf neighbor command, can you tell me which of the

following descriptions is correct?

A. CK-1 is the DR because it has a higher OSPF router priority.

B. CK-3 is the DR because it has a higher OSPF router priority.

C

C. CK-3 is the DR because it has a lower OSPF router ID.

D. Both CK-1 and CK-3 are using the default OSPF router priority.

Answer: A

QUESTION NO: 375

The Autonomous WLAN solution and the Lightweight WLAN solution can be distinguished in

which two respects? (Choose two.)

A. CiscoWorks Wireless LAN Solution Engine can be used for management with the Lightweight

WLAN Solution.

B. CiscoWorks Wireless LAN Solution Engine can be used for management with the Autonomous

WLAN Solution.

V C. TACACS+ can only be used for authentication with the Cisco Lightweight WLAN solution.

D. Cisco Wireless LAN Controller is used to configure the access points in the Lightweight WLAN

solution.

Answer: B

QUESTION NO: 376

IGMP (Group Management Protocol) snooping is designed to prevent hosts on a local network

from receiving traffic for a multicast group they have not explicitly joined. Which two statements

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 248

Page 249: Actule Test 642-892

Actu

alTe

sts.

com

best describe IGMP snooping? (Choose two.)

A. IGMP snooping is enabled with the ip multicast-routing global configuration command.

B. IGMP snooping and Cisco Group Membership Protocol (CGMP) can be used simultaneously on

a switch.

C. IGMP snooping examines IGMP join/leave messages so that multicast traffic is forwarded only

to hosts that sent an IGMP message toward the router.

D. IGMP snooping is an IP multicast constraining mechanism for Layer 2 switches.

Answer: C,D

QUESTION NO: 377

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 249

Page 250: Actule Test 642-892

Actu

alTe

sts.

com

question.

During rutine maintenance,it became necessary to shut down GigabitEthernet1/0/1 on DSW1.All

other interfaces were up.During this time, DSW1 remained the active device for VLAN 102`s

HSRP group.You have determined that there is an issue with the decrement value in the track

command in VLAN 102's HSRP group.What needs to be done to make the group function

properly?

A. The DSW1'S decrement value should be configured with a value from 5 to 15.

B. The DSW1'S decrement value should be configured with a value from 9 to 15.

C. The DSW1'S decrement value should be configured with a value from 11 to 18.

D. The DSW1'S decrement value should be greater than 190 and less 200.

E. The DSW1'S decrement value should be configured with a value from 195 to less than 205.

F. The DSW1'S decrement value should be configured with a value from 200 to less than 205.

Answer: C

Explanation:

Use "show run" command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we

should decrement value in the track command from 11 to 18. Because 200 - 11 = 189 < 190 (

priority of Vlan102 on DS2 ).

QUESTION NO: 378

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 250

Page 251: Actule Test 642-892

Actu

alTe

sts.

com

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

question.

During routine maintenance,GigabitEthernet1/0/1 on DSW1 was shut down.All other interfaces

were up. DSW2 became the active HSRP deveice for VLAN101 as desired.However,after

GigabitEthernet1/0/1 on DSW1 was reactivated.Dsw1 did not become the active device as

desired.

What needs to be done to make the group for VLAN 101 function properly?

A. Enable preempt in DSW1's VLAN 101 HSRP group.

B. Disable preempt in DSW2's VLAN 101 HSRP group.

C. Decrease DSW'1 priority value for VLAN 101's HSRP group to a value that is less than the

.priority value configured on DSW2's HSRP group for VLAN 101.

D. Decrease the decrement value in the track command for DSW1's VLAN 101 HSRP group to a

value less than the value in the track command for DSW2's VLAN 101 HSRP group.

Answer: A

Explanation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 251

Page 252: Actule Test 642-892

Actu

alTe

sts.

com

A is correct. All other answers is incorrect. Because Vlan101 on DS1 ( left ) disable preempt. We

need enable preempt to after it reactive , it will be active device. If not this command, it never

become active device.

QUESTION NO: 379

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

question.

DSW2 has not become the active device for VLAN 103's HSRP group even though all interfaces

are active.As related to VLAN 103`s HSRP group,what can be done to make the group function

properly?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 252

Page 253: Actule Test 642-892

Actu

alTe

sts.

com

A. On DSW1, disable preempt.

B. On DSW1, decrease the priority value to a value less than 190 and greater 150.

C. On DSW2, increase the priority value to a value greater 241 and less than 249.

D. On DSW2, increase the decrement valus in the track command to a value greater than 10 and

less than 50.

Answer: C

QUESTION NO: 380

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

question.

If GigabitEthernet1/0/1 on DSW1 is shut down,what will be the current priority value of the VLAN

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 253

Page 254: Actule Test 642-892

Actu

alTe

sts.

com

105`s HSRP group on router DSW1?

A. 95

B. 100

C. 150

D. 200

Answer: A

Explanation:

Priority is configured 150, Track is 55. So, if shutdown interface G1/0/1 -> 150 - 55 = 95.

QUESTION NO: 381

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 254

Page 255: Actule Test 642-892

Actu

alTe

sts.

com

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

question.

What is the configured priority value of VLAN 105`s HSRP group on DSW2?

A. 50

B. 100

C. 150

D. 200

Answer: B

Explanation:

Use "show stantby brieft" command on console2 . Very easy to see priority of Vlan105 is 100.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 255

Page 256: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 382

Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and

core) switches that provide LAN connectivity from user PCs to corporate servers.

The distribution switches are configured to use HSRP to provide a high availability solution as

follows:

DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN

105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of

GigabitEthernet1/0/1 on the primary device should block the primary device from being the active

device,unless GigabitEthernet1/0/1 on the backup device has also failed.

Troubleshooting has identified several issues.Currently all interfaces are up.Use the running

configurations and the available show commands to investigate and respond to the following

question.

During routine maintenance,it became necessary to shut down GigabitEthernet1/0/1 on DSW1

and DSW2.All other interfaces were up.During this time,DSW1 became the active device for VLAN

104`s HSRP group.As related to VLAN 104`s HSRP group,what can to be done to make the group

function properly?

A. On DSW1,disable preempt.

B. On DSW2, decrease the priority value to a value less than 150.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 256

Page 257: Actule Test 642-892

Actu

alTe

sts.

com

C. On DSW1, increase the decrement value in the track command to a value greater than 6.

D. On DSW1, disable the track command.

Answer: C

Explanation:

We should NOT disable preempt on DS1. By do that, you will make Vlan104's HSRP group fail

function. Example: if we are disable preempt on DS1. It can not become active device when

G1/0/1 on DS2 fail . In this question, G0/1/0 on DS1 & DS2 is shutdown. Vlan104 (left ) : 150 - 1 =

149. Vlan104 (right ) : 200 - 155 = 145. Result is priority 149 > 145 ( Vlan104 on DS1 is active). If

increase the decrement in the track value to a value greater than 6 ( > or = 6). Vlan104 (left ) : 150

- 6 = 144. Result is priority 144 < 145 ( vlan104 on DS2 is active).

QUESTION NO: 383

Refer to the exhibit. Which statement is true?

A. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.

B. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.

C. Only traffic with a destination from 10.10.0.0/19 will be permitted.

D. Only traffic going to 10.10.0.0/19 will be permitted.

Answer: A

QUESTION NO: 384

Refer to the exhibit. Which statement is true about the 6.6.6.0/24 prefix?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 257

Page 258: Actule Test 642-892

Actu

alTe

sts.

com

A. If another path advertises the 6.6.6.0/24 path and has the default local preference, that path is

more preferred.

B. The command neighbor send-community is configured on BGP neighbor 10.10.23.3.

C. The route 10.10.23.3 is not being advertised to other BGP neighbors.

D. Route 6.6.6.0/24 is learned by an IBGP peer.

Answer: B

QUESTION NO: 385

Which three IP multicast address related statements are true? (Choose three.)

A. Multicast addresses 224.0.0.0 through 224.0.0.255 are always forwarded because they are

transmitted with Time to Live (TTL) greater than 1.

B. Multicast addresses 224.0.0.5 and 224.0.0.6 are source multicast addresses for OSPF routers.

C. Multicast addresses 224.0.0.13 and 224.0.0.22 are reserved link-local addresses used by

PIMv2 and IGMPv3.

D. Because they would map to overlapping IP multicast MAC addresses, multicast addresses

224.0.1.1 and 238.1.1.1 could not be used together.

E. Multicast address 224.0.1.1 has been reserved for the Network Time Protocol (NTP) by the

IANA.

F. The administratively scoped multicast addresses 239.0.0.0 through 239.255.255.255 are similar

in purpose to RFC 1918 private unicast addresses.

Answer: C,E,F

QUESTION NO: 386

Which command enables OSPF for IPv6?

A. router ospf process-id

B. ipv6 ospf process-id

C. ipv6 router ospf process-id

D. router ospf ipv6 process-id

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 258

Page 259: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

QUESTION NO: 387

Refer to the output. What IOS command produces this output?

A. show ip ospf

B. show ip ospf interface

C. show ipv6 ospf interface

D. show ipv6 ospf

Answer: D

QUESTION NO: 388

Refer to the exhibit. Which statement is true about a voice VLAN?

A. Physically the voice network and the data network are separate.

B. The voice traffic will normally be on a different IP subnet than will the data traffic.

C. End user intervention is necessary to place the phone into the proper VLAN.

D. The same security policy should be implemented for both voice and data traffic.

E. The data VLAN must be configured as the native VLAN.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 259

Page 260: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

QUESTION NO: 389

Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is

configured on the switch port interface connected to the IP phone?

A. Effectively, the trust boundary has been moved to the PC attached to the IP phone.

B. The computer is now establishing theCoS value and has effectively become the trust boundary.

C. The IP phone is enabled to override with aCoS value of 3 the existing CoS marking of the PC

attached to the IP phone.

D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the

distribution layer switch.

E. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link.

Answer: C

QUESTION NO: 390

In what three ways is QoS applied in the campus network? (Choose three.)

A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution

layer switches and used to prioritize and queue the traffic as it traverses the core.

B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics

that are set by the access layer as it passes traffic to the distribution layer. The distribution layer,

once it has made a switching decision to the core layer, strips these off.

C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the

Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice

submodule (distribution layer) as traffic passes to the core layer.

D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic

within a certain time frame, which is typically a fixed number internal to the switch.If a frame is

determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way

that results in the packet being dropped.

E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or

remarked) at Layers 2 and 3 by the access switch as it enters the network, or is "trusted" that it is

entering the network with the appropriate tag.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 260

Page 261: Actule Test 642-892

Actu

alTe

sts.

com

F. Traffic inbound from the access layer to the distribution layer can be trusted or reset depending

upon the ability of the access layer switches. Priority access into the core is provided based on

Layer 3 QoS tags.

Answer: A,E,F

QUESTION NO: 391

Which statement about the Lightweight Access Point Protocol (LWAPP) is true?

A. LWAPP encrypts control traffic between the AP and the controller.

B. LWAPP encrypts user traffic witha x.509 certificate using AES-CCMP.

C. LWAPP encrypts both control traffic and user data.

D. When set to Layer 3, LWAPP uses a proprietary protocol to communicate with the Cisco

Aironet APs.

Answer: A

QUESTION NO: 392

Refer to the exhibit. Which three statements accurately describe this GLBP topology? (Choose

three.)

A. Router A is responsible for answering ARP requests sent to the virtual IP address.

B. If Router A becomes unavailable, Router B will forward packets sent to the virtual MAC address

of Router A.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 261

Page 262: Actule Test 642-892

Actu

alTe

sts.

com

C. If another router were added to this GLBP group, there would be two backup AVGs.

D. Router B is in GLBP listen state.

E. Router A alternately responds to ARP requests with different virtual MAC addresses.

F. Router B will transition from blocking state to forwarding state when it becomes the AVG.

Answer: A,B,E

QUESTION NO: 393

Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?

A. reduction of processing in wireless controllers

B. distributed approach to authentication, encryption, and policy enforcement

C. provides security by blocking communication between access points and wireless clients

D. access point discovery, information exchange, and configuration

Answer: D

QUESTION NO: 394

Refer to the exhibit. When a profile is configured in the Aironet Desktop Utility, which security

option permits the configuration of host-based Extensible Authentication Protocol (EAP)?

A. WPA/WPA2/CCKM

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 262

Page 263: Actule Test 642-892

Actu

alTe

sts.

com

B. WPA/WPA2 Passphrase

C. 802.1x

D. Pre-Shared Key (Static WEP)

Answer: C

QUESTION NO: 395

Refer to the exhibit. Which three statements are true about trust boundaries in the campus

network? (Choose three.)

A. A device is trusted if it correctly classifies packets.

B. A device is trusted if it correctly declassifies packets.

C. The outermost trusted devices represent the trust boundary.

D. Classification and markingoccur using 802.1ab QoS bits before reaching the trust boundary.

E. Network trust boundaries are automatically configured in IOS version 12.3 and later.

F. For scalability, classification should be done as close to the edge as possible.

Answer: A,C,F

QUESTION NO: 396

Refer to the exhibit. The command spanning-tree bpdufilter enable is configured on interface

Fa0/1 on switch S6. The link between switch S5 and S6 fails. Will Host A be able to reach Host B?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 263

Page 264: Actule Test 642-892

Actu

alTe

sts.

com

A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at

switch S3 because of a partial spanning-tree loop.

B. No. Traffic will pass from switch S6 to S2 and dead-end at S2.

C. No. Traffic will loop back and forth between switch S6 and Host A.

D. No. Traffic will loop back and forth between switches S2 and S3.

E. Yes. Traffic will pass from switch S6 to S2 to S1.

Answer: E

QUESTION NO: 397

Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.)

A. The Aironet Desktop Utility (ADU) can be used to establish the association between the client

adapter and the access point, manage authentication to the wireless network, and enable data

encryption.

B. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be

used at the same time to configure the wireless client adapter.

C. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and

used at a time.

D. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one

profile for the wireless client adapter.

E. When the user selects a different profile in the Aironet Desktop Utility (ADU), the settings for the

wireless client adapter are changed only after a reboot.

Answer: A,C

QUESTION NO: 398

What are three required steps to configure DHCP snooping on a switch? (Choose three.)

A. Configure DHCP snooping globally.

B. Configure DHCP snooping on an interface.

C. Configure DHCP snooping on a VLAN or range of VLANs.

D. Configure the switch as a DHCP server.

E. Configure all interfaces as DHCP snooping trusted interfaces.

F. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded

DHCP request messages.

Answer: A,B,C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 264

Page 265: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 399

Which two statements are true about voice packets in a LAN? (Choose two.)

A. Voice traffic data flow involves large volumes of large packets.

B. Because a packet loss involves a small amount of data, voice traffic is less affected by packet

losses than traditional data traffic is.

C. Voice carrier stream utilizes Real-Time Transport Protocol (RTP) to carry the audio/media

portion of VoIP communication.

D. Voice packets are very sensitive to delay and jitter.

E. Voice packets are encapsulated in TCP segments to allow for proper sequencing during

delivery.

Answer: C,D

QUESTION NO: 400

What does the command udld reset accomplish?

A. allows an UDLD port to automatically reset when it has been shutdown

B. resets all UDLD enabled ports that have been shutdown

C. removes all UDLD configurations from interfaces that were globally enabled

D. removes all UDLD configurations from interfaces that were enabled per-port

Answer: B

QUESTION NO: 401

Which two types of activities does the Lightweight Access Point Protocol (LWAPP) define?

(Choose two.)

A. access point certification and software control

B. compression and Layer 3 address mapping

C. Layer 3 addressing and distribution

D. packet encapsulation, fragmentation, and formatting

E. SNMP monitoring services

Answer: A,D

QUESTION NO: 402

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 265

Page 266: Actule Test 642-892

Actu

alTe

sts.

com

Which statement about the Lightweight Access Point Protocol (LWAPP) protocol is true?

A. The processing of 802.11 data and management protocols and access point capabilities is

distributed between a lightweight access point and a centralized WLAN controller.

B. LWAPP aggregates radio management forward information and sends it to a wireless LAN

solution engine.

C. LWAPP authenticates all access points in the subnet and establishes a secure communication

channel with each of them.

D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the

wireless LAN.

Answer: A

QUESTION NO: 403

Which statement describes the function of a trust boundary?

A. Trust boundaries determine whether certain types of traffic can pass.

B. Trust boundaries are a point in the network where decisions about CoS markings on incoming

packets are made.

C. Trust boundaries are a point in the network where QoS functionality begins and ends.

D. Trust boundaries are points in the network where Layer 2 CoS markings are converted to Layer

3 DSCP or IP precedence markings.

Answer: B

QUESTION NO: 404

Which two statements about voice VLANs are correct? (Choose two.)

A. Voice VLANs eliminate the need for QoS configuration.

B. Voice VLANs are used on trunk links to eliminate the need for QoS CoS markings.

C. Voice VLANs are mainly used to reduce the number of access switch ports that are used in the

network.

D. Voice VLANs can be configured to forward existingCoS priorities or override them.

E. Voice VLANs are mainly used between access layer switches and distribution layer switches.

F. Voice VLANs can be configured on Layer 2 ports only.

Answer: D,F

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 266

Page 267: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 405

Which two statements are true about network voice traffic? (Choose two.)

A. Voice traffic is affected more by link speed than FTP traffic is.

B. Voice traffic is affected more by packet delays than FTP traffic is.

C. Voice streams involve larger packet sizes than most TCP network traffic involves.

D. Voice traffic is more sensitive to packet loss than TCP network traffic is.

E. Voice traffic requires QOS mechanisms only in heavily loaded network segments.

Answer: B,D

QUESTION NO: 406

Refer to the exhibit. Which two Lightweight Access Point statements are true? (Choose two.)

A. An AP that has been upgraded from an autonomous AP to lightweight AP will only function in

conjunction with a Cisco Wireless LAN controller.

B. Autonomous APs receive control and configuration information from a WLAN controller.

C. LWAPP increases the amount of processing within the APs, enabling them to support filtering

and policy enforcement features.

D. Real time events such as authentication, security management, and mobility are handled by the

lightweight AP.

E. Lightweight APs require local configurations using local management.

F. WLAN controllers provide a single point of management.

Answer: A,F

QUESTION NO: 407

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 267

Page 268: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. Which option correctly sequences the order in which a lightweight access

point associates with the WLAN controller?

A. B, D, C, J, I, A

B. B, D, G, J, I, A

C. D, B, G, E, I, H

D. D, F, C, E, I, H

E. F, D, C, E, I, H

F. F, D, G, J, I, A

Answer: B

QUESTION NO: 408

An attacker is launching a DoS attack with a public domain hacking tool that is used to exhaust the

IP address space available from the DHCP servers for a period of time. Which procedure would

best defend against this type of attack?

A. Configure only untrusted interfaces with root guard.

B. Configure only trusted interfaces with root guard.

C. Configure DHCP spoofing on all ports that connect untrusted clients.

D. Configure DHCP snooping only on ports that connect trusted DHCP servers.

E. Implement private VLANs (PVLANs) to carry only DHCP traffic.

F. Implement private VLANs (PVLANs) to carry only user traffic.

Answer: D

QUESTION NO: 409

Which two codecs are supported by Cisco VoIP equipment?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 268

Page 269: Actule Test 642-892

Actu

alTe

sts.

com

A. G.701 and G.719

B. G.711 and G.729

C. G.721 and G.739

D. G.731 and G.749

Answer: B

QUESTION NO: 410

Refer to the exhibit. What can be concluded about VLANs 200 and 202?

A. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous

ports in the same VLAN. VLAN 200 carries traffic between community ports and to promiscuous

ports.

B. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous

ports in the same VLAN. VLAN 200 carries traffic from isolated ports to a promiscuous port.

C. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous

ports in the same VLAN. VLAN 202 carries traffic between community ports and to promiscuous

ports.

D. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous

ports in the same VLAN. VLAN 202 carries traffic from isolated ports to a promiscuous port.

Answer: B

QUESTION NO: 411

Which three features are part of the Cisco Compatible Extensions program? (Choose three.)

A. security

B. routing and switching

C. VLAN and QoS

D. analog and digital voice

E. accounting

F. mobility

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 269

Page 270: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A,C,F

QUESTION NO: 412

What is the objective of the Cisco Compatible Extensions program?

A. to provide access to proprietary Cisco IOS software code in order to expand the number of

vendors writing wireless code

B. to provide Cisco engineers with the opportunity to certify that any wireless devices that are

made by third parties are compatible with Cisco wireless products

C. to provide customers with a broad range of WLAN client devices that have been tested for

interoperability with Cisco Aironet innovations

D. to provide third parties with Cisco hardware in order to encourage the development of radical

innovation in the area of wireless

Answer: C

QUESTION NO: 413

Refer to the exhibit. Which two statements are true about how the IP phone can be configured to

perform CoS markings? (Choose two.)

A. The IP phone can tag voice traffic in the access or voice VLAN with a Layer 2 CoS value.

B. The IP phone can only tag voice traffic with a Layer 2 CoS value in the voice VLAN.

C. The default configuration of the IP phone is to pass traffic from the host without changing

theCoS value.

D. The IP phone can be configured to pass traffic from the host without changing the CoS value.

E. By default, the IP phone tags traffic from the host with the default CoS value of 5.

Answer: A,D

QUESTION NO: 414

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 270

Page 271: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. DHCP snooping is enabled for selected VLANs to provide security on the

network. How do the switch ports handle the DHCP messages?

A. Ports Fa2/1 and Fa2/2 source DHCP requests only. Port Fa3/1 is eligible to source all DHCP

messages and respond to DHCP requests.

B. Ports Fa2/1 and Fa2/2 respond to DHCP requests only. Port Fa3/1 is eligible to source all

DHCP messages.

C. Ports Fa2/1 and Fa2/2 are eligible to source all DHCP messages and respond to DHCP

requests. Port Fa3/1 can source DHCP request only.

D. All three ports, Fa2/1, Fa2/2, and Fa3/1, are eligible to source all DHCP messages and respond

to DHCP requests.

Answer: C

QUESTION NO: 415

Refer to the exhibit. What two statements are true about the IS-IS configuration? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 271

Page 272: Actule Test 642-892

Actu

alTe

sts.

comA. The router is in area 49.0001.0002.

B. The router has a system ID of 0003.0004.

C. The router acts as a Level 1-2 router.

D. The network service access point selector (NSEL) byte has a value of 0.

E. CLNS routing is enabled for the router.

Answer: C,D

QUESTION NO: 416

Refer to the exhibit. Which two statements about the IS-IS configurations of router R1 and router

R2 are correct? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 272

Page 273: Actule Test 642-892

Actu

alTe

sts.

com

A. The IS-IS Level 2 metric that is assigned on the serial interface of router R2 is over three times

the default value.

B. Router R1 sends only Level 1 hellos out the interface that is connected to R2.

C. Router R2 sends only Level 2 hellos out the interface that is connected to R1.

D. Router R1 is configured as a Level 1-2 router.

E. Router R2 has the same metric value assigned for Level 1 and Level 2 on the serial interface.

F. The network entity titles (NETs) that are configured on L1 and L2 are incompatible.

Answer: A,B

QUESTION NO: 417

Which three options are supported as address allocation mechanisms for DHCP on Cisco routers?

(Choose three.)

A. The IP address can be automatically assigned to a host.

B. The IP address can be assigned as a random hash value of the burned-in-address of the

lowest-numbered LAN interface on the router.

C. The network administrator can assign a specific IP address to a specific host MAC address.

D. The IP address can be assigned from configured pools in a reverse lexicographical order.

E. The IP address can be assigned to a host for a limited time or until the host explicitly releases

the address.

F. The IP address can be assigned to a host until the host usurps the assigned value using its own

dynamic override mechanism.

Answer: A,C,E

QUESTION NO: 418

Refer to the exhibit. What two conclusions can be made based on the DHCP configuration?

(Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 273

Page 274: Actule Test 642-892

Actu

alTe

sts.

com

A. The second DNS server configured will never be queried.

B. The first IP address assigned by DHCP is 172.16.0.1.

C. The IP address of the default router is used for DHCP relay.

D. The DHCP clients learn the excluded address ranges that area configured.

E. The configured domain name is propagated to the DHCP clients.

Answer: B,E

QUESTION NO: 419

Refer to the exhibit. Which statement is true about the router configuration that is shown?

A. Additional DHCP options will be imported from another DHCP server.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 274

Page 275: Actule Test 642-892

Actu

alTe

sts.

com

B. The DHCP server pools need to be bound to an interface to operate.

C. This configuration will provide IP configuration information to two different subnets.

D. Additional DCHP option information needs to be imported from another DHCP server.

E. If the router hands out all the addresses in pool 1, then it will supply addresses from pool 2.

Answer: C

QUESTION NO: 420

Refer to the exhibit. Which statement is true about the router with ID 10.64.0.1?

A. It is the BDR for the local segment.

B. It is the DR for the local segment.

C. It is not running OSPF.

D. It has an OSPF priority of 1 on the attached interface.

E. It has a loopback that is configured.

F. It is not the DR or BDR for the local segment.

Answer: F

QUESTION NO: 421

The show ip route command generated routes flagged as O N2 and O N1. Which option best

describes how these routes were created?

A. Summarization was performed on an ASBR connected to a totally stubby area.

B. Static routes were redistributed into an ASBR.

C. Redistribution was performed into a totally stubby area.

D. Redistribution was performed into an NSSA area.

E. Summarization was performed on an ASBR connected to a NSSA area.

Answer: D

QUESTION NO: 422

Refer to the exhibit. RTR-38 has two possible paths to reach the indicated networks but only

chooses next hop 172.20.72.1. Which two options would cause RTR-38 to choose next hop

172.20.73.1 for network 192.168.101.0 but still use next hop 172.20.72.1 for the remaining

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 275

Page 276: Actule Test 642-892

Actu

alTe

sts.

com

networks? (Choose two)

A. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-

preference to 200 for network 192.168.101.0.

B. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-

preference to 200 for all networks accept 192.168.101.0.

C. On RTR-38 apply the command neighbor 172.20.73.1 weight 200.

D. On RTR-38 apply the command neighbor 172.20.72.1 weight 200.

E. On BGP neighbor router 172.20.73.1 apply a route map that advertises a MED of 200 for

network 192.168.101.0 to RTR-38.

F. On BGP neighbor router 172.20.72.1 apply a route map that advertises a MED of 200 for

network 192.168.101.0 to RTR-38.

Answer: A,F

QUESTION NO: 423

During BGP configuration on a router that has peered with other BGP speakers, the BGP

command aggregate-address 172.32.0.0 255.255.252.0 is issued. However, the peers do not

receive this aggregate network in BGP advertisements. Also, the router does not have this

aggregate network in its BGP table. Which option indicates a possible reason this command did

not cause the router to advertise the aggregate network to its peers?

A. Interface NULL 0 is likely shutdown.

B. The BGP command no synchronization is missing.

C. The BGP command no auto-summary is missing.

D. Subnets of 172.32.0.0/22 do not exist in the BGP table.

E. The IGP running on this router does not have network 172.32.0.0/22 installed.

F. The next hop IP address must be a loopback address.

Answer: D

QUESTION NO: 424

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 276

Page 277: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. Which statement is correct regarding the partial configuration shown?

A. The router's fa0/0 interface will be assigned the reserved address of 20.0.0.2.

B. The router will import its DHCP options from a configuration file on a TFTP server.

C. The router's fa0/0 interface will be assigned any address from the 20.0.0.0/8 network except

20.0.0.2.

D. The router will add the DHCP option parameters it learns from another server into its DHCP

server database.

Answer: D

QUESTION NO: 425

Refer to the exhibit. Routing updates for the 192.168.1.0 network are being received from all three

neighbors. Which statement is correct regarding the result of the configuration shown?

A. The router will prefer the next hop of 172.16.1.1 for packets destined for the 192.168.1.0

network.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 277

Page 278: Actule Test 642-892

Actu

alTe

sts.

com

B. The router will prefer the next hop of 172.26.1.1 for packets destined for the 192.168.1.0

network.

C. The router will advertise the 192.168.1.0 network only to 172.30.1.1.

D. The router will advertise the 192.168.1.0 network only to 172.26.1.1.

E. The router will prefer the next hop of 172.26.1.1 for packets except those destined for the

192.168.1.0 network.

Answer: B

QUESTION NO: 426

Which spanning-tree command would cause a PortFast-enabled interface to lose its PortFast-

operational status and disable BPDU filtering if it receives BPDUs?

A. spanning-tree guard root

B. spanning-tree bpduguard enable

C. spanning-tree portfast bpduguard default

D. spanning-tree bpdufilter enable

E. spanning-tree portfast bpdufilter default

Answer: E

QUESTION NO: 427

Which spanning-tree command would essentially disable spanning tree on an interface and make

that interface susceptible to spanning-tree loops?

A. spanning-tree portfast bpdufilter default

B. spanning-tree bpdufilter enable

C. spanning-tree portfast bpduguard default

D. spanning-tree bpduguard enable

E. spanning-tree guard root

Answer: B

QUESTION NO: 428

Which statement correctly describes the results of the Ethernet switch global configuration

command spanning-tree loopguard default?

A. When any port receives a BPDU, it is put it in the error-disabled state.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 278

Page 279: Actule Test 642-892

Actu

alTe

sts.

com

B. An interface is moved directly to the spanning-tree forwarding state without waiting for the

standard forwardtime delay.

C. Prevents interfaces that are in a PortFast-operational state from sending or receiving BPDUs.

D. Detects indirect link failures and starts the spanning-tree reconfiguration sooner.

E. Prevents alternate or root ports from becoming designated ports because of a failure that leads

to a unidirectional link.

F. Provides fast convergence after a direct link failure where a root port transitions to the

forwarding state immediately without going through the listening and learning states.

Answer: E

QUESTION NO: 429

Which optional feature of an Ethernet switch disables a port on a point-to-point link if the port does

not receive traffic while Layer 1 status is up?

A. BackboneFast

B. UplinkFast

C. Loop Guard

D. UDLD aggressive mode

E. Fast Link Pulse bursts

F. Link Control Word

Answer: D

QUESTION NO: 430

Which three statements are true about routed ports on a multilayer switch? (Choose three)

A. A routed port can support VLAN subinterfaces.

B. A routed port will take an IP address assignment.

C. A routed port can be configured with routing protocols.

D. A routed port is a virtual interface on the multilayer switch.

E. A routed port is only associated with one VLAN.

F. A routed port is a physical interface on the multilayer switch.

Answer: B,C,F

QUESTION NO: 431

Which three statements are true about CEF? (Choose three.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 279

Page 280: Actule Test 642-892

Actu

alTe

sts.

com

A. The FIB table is derived from the IP routing table.

B. The adjacency table is derived from the ARP table.

C. CEF IP destination prefixes are stored in the TCAM table, from the least specific to the most

specific entry.

D. When the CEF TCAM table is full, packets are dropped.

E. When the adjacency table is full, a CEF TCAM table entry points to the Layer 3 engine to

redirect the adjacency.

F. The FIB lookup is based on the Layer 3 destination address prefix (shortest match).

Answer: A,B,E

QUESTION NO: 432

Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?

A. Encapsulation on the switch is wrong.

B. Trunking needs to be enabled on Fa0/1.

C. The native VLAN is wrong.

D. VLAN 1 needs the no shutdown command.

E. IP routing needs to be enabled on the switch.

Answer: B

QUESTION NO: 433

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 280

Page 281: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. What problem is preventing users on VLAN 100 from pinging addresses on

VLAN 200?

A. No default route on DLS1.

B. Encapsulation mismatch between switches.

C. Native VLAN mismatch.

D. Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1.

E. Trunking needs to be enabled.

F. The ip routing command is missing on DLS1.

Answer: F

QUESTION NO: 434

Which three characteristics are true about voice traffic in the campus network? (Choose three.)

A. TCP retransmits

B. benign

C. greedy

D. drop sensitive

E. smooth

F. delay insensitive

Answer: B,D,E

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 281

Page 282: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 435

Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip

ospf neighbor output, what prevents R1 from establishing a full adjacency with R2?

A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess

networks.

B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area 1.

C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2.

D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2.

E. The Hello parameters on routers R1 and R2 do not match.

Answer: A

QUESTION NO: 436

In the event that two devices need access to a common server, but they cannot communicate with

each other, which security feature should be configured to mitigate attacks between these

devices?

A. port security

B. dynamic ARP inspection

C. DHCP snooping

D. private VLANs

E. BPDU guard

Answer: D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 282

Page 283: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 437

Which statement best summarizes how DHCP snooping works?

A. DHCP snooping validates the header information of all DHCP replies and only allows the reply

through if it has a matching request in the DSRT.

B. DHCP snooping validates all DHCP responses from all switch ports and only allows packets

through if the destination port sent a DHCP request in the last 5 seconds.

C. DHCP snooping validates all DHCP responses from all switch ports and only allows packets

through if the destination port specifically sent a DHCP request.

D. DHCP snooping determines which switch ports are trusted and can source all DHCP

messages.

Answer: D

QUESTION NO: 438

A network administrator would like to configure 802.1x port-based authentication, however, the

client workstation is not 802.1x compliant. What is the only supported authentication server that

can be used?

A. TACACS with LEAP extensions

B. TACACS+

C. RADIUS with EAP extensions

D. LDAP

Answer: C

QUESTION NO: 439

Which two statements are true about port security? (Choose two.)

A. With port security configured, four MAC addresses are allowed by default.

B. Port security cannot be configured for ports supporting VoIP.

C. With port security configured, only one MAC address is allowed by default.

D. The network administrator must manually enter the MAC address for each device in order for

the switch to allow connectivity.

E. Port security can be configured for ports supporting VoIP.

Answer: C,E

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 283

Page 284: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 440

A switch has been configured with PVLANs. With what type of PVLAN port should the default

gateway be configured?

A. Isolated

B. Promiscuous

C. Community

D. Primary

E. Trunk

Answer: B

QUESTION NO: 441

What is the function of the Service Set Identifier (SSID) in the wireless LAN?

A. The SSID should be configured on the client site only and provides data-privacy functions and

authentication to the access point.

B. The SSID must match on both the client and the access point. The SSID is advertised in plain-

text in the access point beacon messages.

C. The SSID must match on both the client and the access point and provides encryption keys for

authentication to the access point.

D. The SSID must match on both the client and the access point and provides MAC Address

Authentication to authenticate the client to the access point.

Answer: B

QUESTION NO: 442

Which statement is true about the data traffic between the access point and controller?

A. The data traffic is switched at the access point before being sent to the WLAN controller where

VLAN tagging and QoS are applied.

B. The data traffic is encrypted with AES.

C. The data traffic between the access point and controller is encrypted.

D. The data traffic is encapsulated with LWAPP.

Answer: D

QUESTION NO: 443

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 284

Page 285: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. If VLAN 21 does not exist before typing the commands, what is the result of

the configuration applied on switch SW1?

A. A new VLAN 21 is created and port 0/8 is assigned to that VLAN.

B. A new VLAN 21 is created, but no ports are assigned to that VLAN.

C. No VLAN 21 is created and no ports are assigned to that VLAN.

D. Configuration command vlan database should be used first to create the VLAN 21.

Answer: A

QUESTION NO: 444

Refer to the exhibit. What happens when the switch SW2 is connected to the rest of the network in

the VTP domain Lab_Network?

A. The recently introduced switch SW2 adds one more VLAN to the VLAN database in the VTP

domain.

B. The recently introduced switch SW2 creates a STP loop in the VTP domain.

C. The recently introduced switch SW2 removes all configured VLANs throughout the VTP

domain.

D. The recently introduced switch SW2 switches over to VTP transparent mode in order to be

included into the VTP domain.

E. A trunk should be configured between the two switches in order to integrate SW2 into the VTP

domain.

Answer: C

QUESTION NO: 445

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 285

Page 286: Actule Test 642-892

Actu

alTe

sts.

com

What action should a network administrator take to enable VTP pruning on an entire management

domain?

A. enable VTP pruning on any client switch in the domain

B. enable VTP pruning on every switch in the domain

C. enable VTP pruning on any switch in the management domain

D. enable VTP pruning on a VTP server in the management domain

Answer: D

QUESTION NO: 446

How does VTP pruning enhance network bandwidth?

A. by restricting unicast traffic to across VTP domains

B. by reducing unnecessary flooding of traffic to inactive VLANs

C. by limiting the spreading of VLAN information

D. by disabling periodic VTP updates

Answer: B

QUESTION NO: 447

Which technology manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces

dynamically to forward multicast traffic only to those interfaces that want to receive it?

A. IGMP

B. IGMP snooping

C. PIM-DM

D. DVMRP

E. MOSPF

Answer: B

QUESTION NO: 448

Which well-defined routing protocol would a network administrator configure on multicast routers

when member routers are widely dispersed?

A. Distance Vector Multicast Routing Protocol (DVMRP)

B. Protocol Independent Multicast Dense Mode (PIM-DM)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 286

Page 287: Actule Test 642-892

Actu

alTe

sts.

com

C. Multicast Open Shortest Path First (MOSPF)

D. Protocol Independent Multicast Sparse Mode (PIM-SM)

E. Core-Based Trees (CBT)

Answer: D

QUESTION NO: 449

When building an IP multicast domain using PIM which mode assumes that other routers do not

want to forward multicast packets for the group?

A. PIM-DM

B. PIM-SM

C. PIM-RP

D. CGMP

E. IGMP snooping

Answer: B

QUESTION NO: 450

Which statement describes Dynamic Trunking Protocol (DTP) mode 'desirable'?

A. The interface is put into permanent trunking mode and negotiates to convert the link into a trunk

link.

B. The interface actively attempts to convert the link to a trunk link.

C. The interface is put into permanent trunking mode but prevented from generating DTP frames.

D. The interface is put into a passive mode, waiting to convert the link to a trunk link.

Answer: B

QUESTION NO: 451

Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP

negotiation frames?

A. access

B. trunk

C. no negotiate

D. dynamic desirable

E. dynamic auto

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 287

Page 288: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

QUESTION NO: 452

Which of the following NSAP addresses is a private, locally administered address?

A. 39.0f01.0002.0000.0c00.1111.00

B. 48.0f01.0002.0000.0c00.1111.00

C. 49.0004.30ac.0000.3090.c7df.00

D. 52.0f01.0002.0000.0c00.1111.00

Answer: C

QUESTION NO: 453

Which two table types are CEF components? (Choose two.)

A. forwarding information base

B. adjacency tables

C. neighbor tables

D. caching tables

E. route tables

Answer: A,B

QUESTION NO: 454

IS-IS is often considered an alternative to OSPF in the IP world. Which two statements identify

similarities between IS-IS and OSPF? (Choose two.)

A. support for designated intermediate systems and backup designated intermediate systems

B. support for multiple areas per router

C. support for classless routing

D. support for address summarization between areas

E. support for both DIS adjacencies and neighbor adjacencies

Answer: C,D

QUESTION NO: 455

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 288

Page 289: Actule Test 642-892

Actu

alTe

sts.

com

In an IS-IS environment, what happens when the designated IS router crashes?

A. The elected backup designated router takes the place of the DIS indefinitely without the

necessity of a new election.

B. The elected backup designated router takes the place of the DIS temporarily without the

necessity of a new election, until the original DIS comes back online.

C. A new election process occurs immediately, establishing a new DIS that will remain in place

indefinitely.

D. A new election process occurs immediately, establishing a new DIS until a router with a higher

priority or MAC address establishes an adjacency.

Answer: D

QUESTION NO: 456

Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?

A. VTP

B. 802.1Q

C. DTP

D. ISL

Answer: B

QUESTION NO: 457

In reference to the P1R3 show isis route output, which statement is true?

A. P1R1 is the exit point out of the area for P1R3.

B. P1R1 is a level-1 only IS-IS router.

C. P1R1 has been configured with a nondefault IS-IS metric.

D. P1R3 is a level-2 only IS-IS router.

E. P1R3 has been configured with a nondefault IS-IS metric.

F. P1R3 routing table should contain i L2 entries.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 289

Page 290: Actule Test 642-892

Actu

alTe

sts.

com

Answer: A

QUESTION NO: 458

Why should iBGP sessions be fully meshed within a Transit AS?

A. BGP requires redundant TCP sessions between iBGP peers.

B. A full mesh allows for optimal routing within the Transit AS.

C. Routes learned via iBGP are never propagated to other eBGP peers.

D. Routes learned via iBGP are never propagated to other iBGP peers.

E. Routes learned via eBGP are never propagated to other iBGP peers.

Answer: D

QUESTION NO: 459

What is periodically sent by a DIS on a LAN to ensure that all adjacent neighbors' IS-IS link-state

databases are synchronized?

A. complete SNP (CSNP)

B. partial SNP (PSNP)

C. database query

D. database description packet (DDP)

E. link-state summary

F. hello

Answer: A

QUESTION NO: 460

What does IS-IS use to establish and maintain neighbor relationships between IS's?

A. IIH

B. LSP

C. CLNS

D. CLNP

E. ISH

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 290

Page 291: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 461

What is the default metric used on IS-IS routers for each interface?

A. The cost is set to 10 for all interfaces.

B. The cost is set to 10 for LAN interfaces and 20 for WAN interfaces.

C. The cost is based on the speed of the interface.

D. The cost is based on a composite of bandwidth and delay of the interface.

Answer: A

QUESTION NO: 462

Which two tasks are required to configure PIM for IP multicast routing? (Choose two.)

A. Join a multicast group.

B. Enable CGMP.

C. Enable IP multicast routing.

D. Configure the TTL threshold.

E. Enable PIM on an interface.

Answer: C,E

QUESTION NO: 463

Which enhancement was added to IGMP version 3?

A. membership query message

B. membership report message

C. leave group message

D. source filtering

E. destination filtering

Answer: D

QUESTION NO: 464

Which BGP attribute will not be advertised in routing updates to its neighboring routers?

A. weight

B. local preference

C. origin

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 291

Page 292: Actule Test 642-892

Actu

alTe

sts.

com

D. AS_path

E. next hop

Answer: A

QUESTION NO: 465

What are two Cisco IOS commands that can be used to view neighbor adjacencies? (Choose

two.)

A. show ip ospf database

B. show ip ospf neighbors

C. show ip ospf protocols

D. show ip ospf interfaces

Answer: B,D

QUESTION NO: 466

Which statement is true about IBGP routers?

A. They must be fully meshed.

B. They can be in a different AS.

C. They must be directly connected.

D. They do not need to be directly connected.

Answer: D

QUESTION NO: 467

Given the NSAP, 39.0100.0102.0001.0c00.1211.00, which portion is interpreted by IS-IS as the

area?

A. 39

B. 39.0100

C. 39.0100.0102

D. 0001

E. 0001.0c00

F. 0001.0c00.1211

Answer: C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 292

Page 293: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 468

Refer to the exhibit. Which statement is true?

A. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will translate the type 7

LSAs into type 5 LSAs and flood them throughout the OSPF backbone.

B. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will flood the type 7

LSAs throughout the backbone.

C. RTA will redistribute the RIP routes into the NSSA as type 5 LSAs. RTB will flood the type 5

LSAs throughout the backbone.

D. RTA will redistribute the RIP routes into the NSSA as type 5 LSAs. RTB will translate the type 5

LSAs into type 7 LSAs and flood them throughout the OSPF backbone.

E. RTA will not redistribute the RIP routes into the NSSA.

Answer: A

QUESTION NO: 469

Which option correctly identifies the Cisco IOS switching methods in descending order from the

fastest method to the slowest method?

A. CEF, distributed CEF (dCEF), fast switching, process switching

B. distributed CEF (dCEF), CEF, fast switching, process switching

C. fast switching, process switching, distributed CEF (dCEF), CEF

D. process switching, fast switching, distributed CEF (dCEF), CEF

E. process switching, distributed CEF (dCEF), CEF, fast switching

F. process switching, CEF, distributed CEF (dCEF), fast switching

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 293

Page 294: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

QUESTION NO: 470

Refer to the exhibit. An administrator is verifying that a CEF FIB entry exists to destination network

192.168.150.0. Given the output generated by the show ip cef and show adjacency detail

commands, which three statements are true? (Choose three.)

A. There is a valid CEF entry for the destination network 192.168.150.0.

B. The "valid cached adjacency" entry indicates that CEF will put all packets going to such an

adjacency to the next best switching mode.

C. The counters (0 packets, 0 bytes) indicate a problem with the 192.168.199.3 next hop IP

address.

D. There is an adjacency for the 192.168.199.3 next hop IP address.

E. The number 003071506800 is the MAC address of the 192.168.199.3 next hop IP address.

F. The number 003071506800 is the MAC address of the source IP address.

Answer: A,D,E

QUESTION NO: 471

Which two statements are true about a switched virtual interface (SVI)? (Choose two.)

A. An SVI is created by entering the no switchport command in interface configuration mode.

B. An SVI is created for the default VLAN (VLAN1) to permit remote switch administration by

default.

C. An SVI provides a default gateway for a VLAN.

D. Multiple SVIs can be associated with a VLAN. E. SVI is another name for a routed port.

Answer: B,C

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 294

Page 295: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 472

An administrator types in the command router ospf 1 and receives the error message: "OSPF

process 1 cannot start." (Output is omitted.) What should be done to correctly set up OSPF?

A. Ensure that an interface has been configured with an IP address.

B. Ensure that an interface has been configured with an IP address and is up.

C. Ensure that IP classless is enabled.

D. Ensure that the interfaces can ping their directly connected neighbors.

Answer: B

QUESTION NO: 473

Refer to the exhibit. The switchport output in Figure 1 displays the default settings of interface

FastEthernet 0/13 on switch SW1. Figure 2 displays the desired interface settings. Which

command sequence would configure interface FastEthernet 0/13 as displayed in Figure 2?

A. SW1(config-if)# switchport trunk encapsulation dot1q

SW1(config-if)# switchport mode trunk SW1(config-if)# switchport trunk native DATA

SW1(config-if)# switchport trunk allowed vlan 1,10,20

B. SW1(config-if)# switchport trunk encapsulation dot1q

SW1(config-if)# switchport mode dynamic auto SW1(config-if)# switchport trunk native DATA

SW1(config-if)# switchport trunk allowed vlan add 1,10,20

C. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode

dynamic desirable SW1(config-if)# switchport trunk native vlan DATA SW1(config-if)#

switchport trunk allowed vlan 1,10,20

D. SW1(config-if)# switchport trunk encapsulation dot1q

SW1(config-if)# switchport mode dynamic desirable

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 295

Page 296: Actule Test 642-892

Actu

alTe

sts.

com

SW1(config-if)# switchport trunk native vlan 10

SW1(config-if)# switchport trunk allowed vlan 1,10,20

E. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode

dynamic desirable SW1(config-if)# switchport trunk native vlan 10

Answer: B

QUESTION NO: 474

Refer to the exhibit. For what purpose is the command show ip cef used?

A. to display rewritten IP unicast packets

B. to display ARP resolution packets

C. to display ARP throttling

D. to display TCAM matches

E. to display CEF-based MLS lookups

F. to display entries in the Forwarding Information Base (FIB)

Answer: F

QUESTION NO: 475

Refer to the exhibit. Host A and Host B are connected to the Catalyst 3550 switch and have been

assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration.

Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the

output displayed in the exhibit, which statement is true?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 296

Page 297: Actule Test 642-892

Actu

alTe

sts.

com

A. HSRP must be configured on SW1.

B. A separate router is required to support interVLAN routing.

C. Interface VLAN 10 must be configured on the SW1 switch.

D. The global config command ip routing must be configured on the SW1 switch.

E. VLANs 10 and 15 must be created in the VLAN database mode.

F. VTP must be configured to support interVLAN routing.

Answer: D

QUESTION NO: 476

Refer to the exhibit. On the basis of the output generated by the show commands, which two

statements are true? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 297

Page 298: Actule Test 642-892

Actu

alTe

sts.

com

A. All interfaces on the switch have been configured as access ports.

B. Because it has not been assigned to any VLAN, interface gigabitethernet 0/1 does not appear

in the show vlan output.

C. Because it is configured as a trunk interface, interface gigabitethernet 0/1 does not appear in

the show vlan output.

D. There are no native VLANs configured on the trunk.

E. VLAN 1 will not be encapsulated with an 802.1q header.

F. VLAN 2 will not be encapsulated with an 802.1q header.

Answer: C,E

QUESTION NO: 477

What does the Catalyst switch interface configuration command switchport trunk native vlan 7

accomplish?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 298

Page 299: Actule Test 642-892

Actu

alTe

sts.

com

A. configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged

B. causes the interface to apply ISL framing for traffic on VLAN 7

C. configures the trunking interface to send traffic from VLAN 7 untagged

D. configures the trunking interface to forward traffic from VLAN 7

Answer: C

QUESTION NO: 478

Refer to the exhibit. Based upon the output of show vlan on switch CAT2, what can we conclude

about interfaces Fa0/13 and Fa0/14?

A. that interfaces Fa0/13 and Fa0/14 are in VLAN 1

B. that interfaces Fa0/13 and Fa0/14 are down

C. that interfaces Fa0/13 and Fa0/14 are trunk interfaces

D. that interfaces Fa0/13 and Fa0/14have a domain mismatch with another switch

E. that interfaces Fa0/13 and Fa0/14have a duplex mismatch with another switch

Answer: C

QUESTION NO: 479

Refer to the exhibit. VLAN2, VLAN3, and VLAN10 are configured on the switch D-SW1.

Host computers are on VLAN 2 (10.1.2.0), servers are on VLAN 3 (10.1.3.0), and the

management VLAN is on VLAN10 (10.1.10.0). Hosts are able to ping each other but are unable to

reach the servers. On the basis of the exhibited output, which configuration solution could rectify

the problem?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 299

Page 300: Actule Test 642-892

Actu

alTe

sts.

com

A. Enable IP routing on the switch D-SW1.

B. Configure a default route that points toward network 200.1.1.0/24.

C. Assign an IP address of 10.1.3.1/24 to VLAN3.

D. Configure default gateways to IP address 10.1.2.1 on each host.

E. Configure default gateways to IP address 10.1.10.1 on each host.

F. Configure default gateways to IP address 200.1.1.2 on each host.

Answer: C

QUESTION NO: 480

Refer to the exhibit. Which interface or interfaces on switch SW_A can have the port security

feature enabled?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 300

Page 301: Actule Test 642-892

Actu

alTe

sts.

comA. Port 0/1

B. Ports 0/1 and 0/2

C. Ports 0/1, 0/2 and 0/3

D. Ports 0/1, 0/2, 0/3 and the trunk port 0/22

E. The trunk port 0/22 and the EtherChannel ports

F. Ports 0/1, 0/2, 0/3, the trunk port 0/22 and the EtherChannel ports

Answer: C

QUESTION NO: 481

Refer to the exhibit. Which statement is true when voice traffic is forwarded on the same

VLAN used by the data traffic?

A. Quality of service cannot be applied for the voice traffic.

B. The voice traffic cannot be forwarded to the distribution layer.

C. Port security cannot be enabled on the switch that is attached to the IP phone.

D. The voice traffic cannot use 802.1p priority tagging.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 301

Page 302: Actule Test 642-892

Actu

alTe

sts.

com

Answer: D

QUESTION NO: 482

Which statement is true about the Forward Information Base (FIB) table?

A. The FIB is derived from the IP routing table and is optimized for maximum lookup throughput.

B. The FIB table is derived from the Address Resolution Protocol table, and it contains Layer 2

rewrite (MAC) information for the next hop.

C. The FIB lookup is based on the Layer 2 destination MAC address.

D. When the FIB table is full, a wildcard entry redirects traffic to the Layer 3 engine.

Answer: A

QUESTION NO: 483

Which two statements are true about IS-IS routing? (Choose two.)

A. IS-IS is more efficient than OSPF in the use of CPU resources.

B. Based on the default timers, OSPF detects a failure faster than IS-IS does.

C. OSPF default timers permit more tuning than IS-IS does.

D. OSPF is more scalable than IS-IS because of its ability to identify normal, stub, and NSSA

areas.

E. IS-IS and OSPF are both Open Standard, link-state routing protocols which support VLSM.

Answer: A,E

QUESTION NO: 484

Refer to the exhibit. All routers have Protocol Independent Multicast (PIM) enabled interfaces. On

the basis of the configuration provided on routers R1 and R2, which router will take on the function

of rendezvous point (RP) for the multicast network?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 302

Page 303: Actule Test 642-892

Actu

alTe

sts.

com

A. router R1

B. router R2

C. both routers R1 and R2

D. none of the routers since they are not configured with static RP

Answer: B

QUESTION NO: 485

What does the command clear ipv6 ospf process accomplish?

A. The OSPF adjacencies are cleared and initiated again.

B. The route table is cleared. Then the OSPF neighbors are reformed.

C. The shortest path first (SPF) algorithm is performed on the LSA database.

D. The OSPF database is repopulated. Then the shortest path first (SPF) algorithm is performed.

Answer: D

QUESTION NO: 486

Many match statements could be used in a route map. How many match statements must be

matched for the set to be applied?

A. None of them

B. All the criteria

C. At least 50 percent of the criteria

D. At least one

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 303

Page 304: Actule Test 642-892

Actu

alTe

sts.

com

Answer: B

QUESTION NO: 487 DRAG DROP

Place the BGP attributes in the correct order used for determining a route

Answer:

Explanation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 304

Page 305: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 488

A NIC has a MAC address of 00-0F-66-81-19-A3 and discovers a routing prefix of 2001:0:1:5::/64.

Which IPv6 addresses are assigned to it? (choose four)

A. 2001::1:5:20F:66FF:FE81:19A3

B. FE80::20F:66FF:FE81:19A3

C. ::1

D. FF02::1

Answer: A,B,C,D

QUESTION NO: 489

Multicasting supports applications that communicate

A. Many-to-many

B. One-to-many

C. Many-to-one

D. One-to-one

Answer: B

QUESTION NO: 490

Which is a difference between broadcasts and multicasts?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 305

Page 306: Actule Test 642-892

Actu

alTe

sts.

com

A. Multicasts are unidirectional.

B. Multicasts are used by RIPv1.

C. Multicasts are routable.

D. Multicasts are one-to-many.

Answer: C

QUESTION NO: 491

What can the Network Analysis Module on the 6500 series switches be used to do? (Choose two.)

A. Remotely gather traffic statistics.

B. Remotely change passwords.

C. Remotely configure QoS options.

D. Remotely measure traffic parameters.

Answer: A,D

QUESTION NO: 492

What is the reason that system buffers are made in so many different sizes?

A. Because buffers have to be discarded once they are used

B. Because different interfaces support different MTUs

C. Because different systems allow different frames to be received

D. Because the buffers can be used as particles to create larger buffers

Answer: B

QUESTION NO: 493

Which one of the following techniques allows policies to be reapplied without destroying the

existing peering? (choose two)

A. clear ip bgp *

B. Rebooting the local router

C. clear ip bgp * soft in

D. clear ip bgp * soft out

Answer: C,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 306

Page 307: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 494

Ideally, what will be displayed by the output of the show ip bgp neighbors command?

A. Idle

B. Open

C. Established

D. Active

Answer: C

QUESTION NO: 495

Put the BGP connection strategies in order from lowest to highest based on likelihood to take the

best path.(choose three)

A. Accept only default routes from all providers

B. Accept some routes plus a default route from all providers

C. Accept full routing updates from all providers

Answer: A,B,C

QUESTION NO: 496

Which UDP broadcasts will an IOS DHCP relay automatically forward? (choose six)

A. NTP (port 37)

B. DNS (port 53)

C. TFTP (port 69)

D. TACACS (port 49)

E. NetBIOS name service (port 137)

F. NetBIOS datagram service (port 138)

Answer: A,B,C,D,E,F

QUESTION NO: 497

Which ports are forwarded by UDP by default?

A. UDP 666

B. UDP 500

C. UDP 51

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 307

Page 308: Actule Test 642-892

Actu

alTe

sts.

com

D. UDP 67

Answer: D

QUESTION NO: 498

Which statement accurately describes SLB?

A. An alternative to switching

B. A protocol allowing server load sharing

C. An alternative to HSRP

D. A server redundancy protocol

Answer: B

QUESTION NO: 499

When would you configure the VTP domain on an interface of an external router?

A. When it doesn??t use ISL or 802.1Q encapsulation

B. Always

C. When it uses ISL encapsulation

D. When it is connected to a VTP server or client

Answer: D

QUESTION NO: 500

When using route maps for redistribution when a statement is configured to deny and there is a

match, which action will the route map take?

A. The packet is sent to the normal routing process.

B. The route is not redistributed.

C. The packet is dropped.

D. An ICMP packet is sent to the sender.

Answer: B

QUESTION NO: 501

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 308

Page 309: Actule Test 642-892

Actu

alTe

sts.

com

Refer to exhibit. BGP is configured on all routers, synchronization is turned off, and none of the

default attributes have been changed except the local preference attribute on R4. Which path will

be preferred by R2 to reach the network 100.100.100.0/24?

A. R2 R3 R4 R5 because it has a lower admin distance

B. R2 R3 R4 R5 because it has a higher local preference

C. R2 R1 because it has the shortest AS-path

D. R2 R1 because it has a lower local preference

Answer: B

QUESTION NO: 502

Refer to the exhibit. On the basis of the information that is presented, what condition exists?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 309

Page 310: Actule Test 642-892

Actu

alTe

sts.

com

A. authenticating with AP

B. poor link status with AP

C. no valid radio for ADU

D. no association to AP

Answer: C

QUESTION NO: 503

Refer to the exhibit. What information can be derived from the output?

A. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with

a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate

BPDUs have been stopped, the interfaces will need to be administratively shut down, and brought

back up, to resume normal operation.

B. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with

a superior root bridge parameter,but traffic is still forwarded across the ports.

C. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with

a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate

BPDUs have been stopped, the interfaces automatically recover and resume normal operation.

D. Interfaces FastEthernet3/1 and FastEthernet3/2 are candidates for becoming the STP root port,

but neither can realize that role until BPDUs with a superior root bridge parameter are no longer

received on at least one of the interfaces.

Answer: C

QUESTION NO: 504

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 310

Page 311: Actule Test 642-892

Actu

alTe

sts.

com

Refer to the exhibit. Static WEP keys have been configured on all devices in the wireless LAN.

What will happen if the access point receives packets sent by the wireless client adapter that are

not encrypted with the appropriate key?

A. The wireless client adapter will be authenticated by the authentication server and the access

point will deliver the packets to the intended receiver.

B. The wireless client adapter will not be authenticated by the authentication server, but the

access point will deliver the packets to the intended receiver.

C. The access point will discard the packets and never deliver them to the intended receiver.

D. The wireless client adapter will not be able to send any packets to the access point.

Answer: C

QUESTION NO: 505

Refer to the exhibit.

Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6

networks shown?

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 311

Page 312: Actule Test 642-892

Actu

alTe

sts.

com

A. The router will determine the IPv4 destination address.

B. The source IPv6 host can use DNS to determine the IPv6-to-IPv4 address mapping.

C. The host is statically configured with the IPv6-to-IPv4 address mapping.

D. ICMP can be used to determine the IPv6-to-IPv4 address mapping.

Answer: B

QUESTION NO: 506

Refer to the exhibit.

Which interoperability technique implemented on the router would allow Host-1 to communicate

with Host-2?

A. Dual Stack

B. NAT-PT

C. 6to4 tunnel

D. GRE tunnel

E. ISATAP tunnel

Answer: B

QUESTION NO: 507

Refer to the exhibit. Which two statements are correct regarding the routes to be redistributed into

OSPF? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 312

Page 313: Actule Test 642-892

Actu

alTe

sts.

com

A. The network 192.168.1.0 will be allowed and assigned a metric of 100.

B. The network 192.168.1.0 will be allowed and assigned a metric of 200.

C. All networks except 10.0.0.0/8 will be allowed and assigned a metric of 200.

D. The network 172.16.0.0/16 will be allowed and assigned a metric of 200.

E. The network 10.0.10.0/24 will be allowed and assigned a metric of 200.

Answer: A,D

QUESTION NO: 508

Refer to the exhibit. Which two statements are true? (Choose two.)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 313

Page 314: Actule Test 642-892

Actu

alTe

sts.

com

A. This switch is the STP root bridge.

B. This switch is not the STP root bridge.

C. A spanning-tree loop exists in this network.

D. The default STP timers have been changed.

E. Port Fa0/11 is facing the root bridge.

F. Port Fa0/11 is facing away from the root bridge.

Answer: B,E

QUESTION NO: 509

Refer to the exhibit.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 314

Page 315: Actule Test 642-892

Actu

alTe

sts.

com

What additional commands should be used to configure OSPF area 5 as a Totally Stubby area?

A. area 0 stub on routers R4 and R5

B. area 5 stub on routers R4 and R5

C. area 5 stub no-summary on routers R4 and R5

D. area 0 stub no-summary on router R4 and area 5 stub no-summary on router R5

E. area 5 stub no-summary on router R4 and area 5 stub on router R5

Answer: E

QUESTION NO: 510

A hacker is interested in seeing traffic from all switch ports on the switch that he is connected to,

including the ports belonging to other VLANs. What type of attack is he likely to implement?

A. MAC address flooding

B. ARP attack

C. spoofing attack

D. DHCP attack

E. VLAN hopping

Answer: A

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 315

Page 316: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 511

Given the above diagram and assuming that STP is enabled on all switch devices, which two

statements are true? (Choose two.)

A. DSW11willbe elected the root bridge.

B. DSW12 will be elected the root bridge.

C. ASW13 will be elected the root bridge.

D. P3/1 will be elected the nondesignated port.

E. P2/2 will be elected the nondesignated port.

F. P3/2 will be elected the nondesignated port.

Answer: A,D

QUESTION NO: 512

Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured

on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes

will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be

forwarded from R5 to area 1.

A. R5(config-router)# area 1 stub

R6(config-router)# area 1 stub

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 316

Page 317: Actule Test 642-892

Actu

alTe

sts.

com

B. R5(config-router)# area 1 stub no-summary

R6(config-router)# area 1 stub

C. R5(config-router)# area 1 nssa

R6(config-router)# area 1 nssa

D. R5(config-router)# area 1 nssa no-summary

R6(config-router)# area 1 nssa

Answer: D

QUESTION NO: 513

Refer to the exhibit.

All network links are FastEthernet. Although there is complete connectivity throughout the network,

Front Line users have been complaining that they experience slower network performance when

accessing the server farm than the Reception office experiences. Based on the exhibit, which two

statements are true? (Choose two.)

A. Changing the bridge priority of S1 to 4096 would improve network performance.

B. Changing the bridge priority of S1 to 36864 would improve network performance.

C. Changing the bridge priority of S2 to 36864 would improve network performance.

D. Changing the bridge priority of S3 to 4096 would improve network performance.

E. Disabling the Spanning Tree Protocol would improve network performance.

F. Upgrading the link between S2 and S3 to Gigabit Ethernet would improve performance.

Answer: B,D

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 317

Page 318: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 514

Which two multicast IP addresses can be represented by the multicast MAC address

0100.5e0A.0A07? (Choose two.)

A. 228.10.10.7

B. 228.10.10.8

C. 228.10.138.7

D. 229.11.10.7

E. 229.138.10.7

F. 229.138.10.8

Answer: A,E

QUESTION NO: 515

When authentication is required, where must 802.1x be configured in order to connect a PC to a

switch?

A. client PC only

B. switch port only

C. switch port and client PC

D. switch port and local router port

Answer: C

QUESTION NO: 516

Lab 1.&#65288;VTP?InterVLAN Routing&#65289;

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 318

Page 319: Actule Test 642-892

Actu

alTe

sts.

comThe information of the question

VTP Domain name: CISCO (Please use the value that given in exam.)

VLAN IDs 20 21 IP Addresses 172.64.200.1/24 192.162.39.1/24

These are your specific tasks:

1. Configure the VTP information with the distribution layer switch as the VTP server

2. Configure the VTP information with the access layer switch as a VTP client

3. Configure VLANs on the distribution layer switch

4. Configure inter-VLAN routing on the distribution layer switch

5. Specific VLAN port assignments will be made as users are added to the access layer switches

in the future.

6. All VLANs and VTP configurations are to completed in the global configuration To configure the

switch click on the host icon that is connected to the switch be way of a serial console cable.

Explanation:

Using show run for current configuration info

ALswitch#conf t

ALswitch( config)#vtp mode client

ALswitch( config)#vtp domain CISCO

ALswitch( config)#end

ALswitch#copy run start

DLswitch#conf t

DLswitch( config)#vtp mode server

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 319

Page 320: Actule Test 642-892

Actu

alTe

sts.

com

DLswitch( config)#vtp domain CISCO

DLswitch( config)#vlan 20

DLswitch( config-vlan)#vlan 21

DLswitch( config-vlan)#exit

DLswitch( config)#int vlan 20

DLswitch( config-if)#ip add 172.64.200.1 255.255.255.0

DLswitch( config-if)#int vlan 21

DLswitch( config-if)#ip add 192.162.39.1 255.255.255.0

DLswitch( config-if)#exit

DLswitch( config)#ip routing

DLswitch( config)#end

DLswitch#copy run start

Validation &#65306;

show run, show vlan, show vtp status on DLswitch and ALswitch

QUESTION NO: 517

Lab 2 (802.1X?VACL)

Acme is a small shipping company that has an existing enterprise network comprised of 2

switches; DSWl and ASW2.

The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to

provide the shipping personnel access to the server.

For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:

Users connecting to ASWi's port must be authenticate before they are given access to the

network. Authentication is to be done via a Radius server:Radius server host:

172.120.39.46Radius key: radl23Authentication should be implemented as close to the host

device possible.Devices on VLAN 20 are restricted to in the address range of

172.120.40.0/24.Packets from devices in the address range of 172.120.40.0/24 should be passed

on VLAN 20.Packets from devices in any other address range should be dropped on VLAN

20.Filtering should be implemented as close to the server farm as possible.

The Radius server and application servers will be installed at a future date. You have been tasked

with implementing the above access control as a pre-condition to installing the servers. You must

use the available IOS switch features.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 320

Page 321: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 321

Page 322: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 322

Page 323: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

ASWl#conft

ASWl( config)#aaa new-model

ASWl( config)#radius-server host 172.120.39.46 key rad123

ASWl( config)#aaa authentication dotlx default group radius

ASWl( config)#dotlx system-auth-control

ASWl( config)#int fastEthernet 0/1

ASWl( config-if)#switchport mode access

ASWl( config-if)#switchport access vlan 20

ASWl( config-if)#dotlx port-control auto

ASWl( config-if)#end ASWl#copyrun start

DSWl#conft

DSVVl( config)#ip access-list standard 10

DSWl( config-std-nacl)#permit 172.120.40.0 0.0.0.255

DSWl( config-std-nacl)#exit

DSWl( config)#vlan access-map PASS 10

DSWl( config-access-map)#match ip address 10

DSWl( config-access-map)#action forward

DSWl( config-access-map)#exit

DSW1( config)#vlan filter PASS vlan-list 20

DSW1( config)#end

DSWl#copyrun start

QUESTION NO: 518

Lab 3. (OSPFV3 Virtual-Link)

Acme is a small export company that has an existing enterprise network that is running IPv6

OSPFv3. Currently OSPF is configured on all routers .However, R4's loopback address

(FEC0:4:4) cannot be seen in Rl's IPv6 routine table. You are tasked with identifying the cause of

this fault and implementing the needed corrective actions that uses OSPF features and does no

change the current area assignments. You will know that you have corrected the fault when R4's

loopback address (FEC0:4:4) can ping from R1 to R4 loopback address-

Special Note: To gain the maximum number of points you must remove all incorrect or unneeded

configuration statements related to this issue.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 323

Page 324: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 324

Page 325: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 325

Page 326: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 326

Page 327: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 327

Page 328: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 328

Page 329: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 329

Page 330: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 330

Page 331: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

Get current config by issuing show run

R2( config)#ipv6 router ospf 1

R2( config-router)#area 11 virtual-link 3.3.3.3

R2( config-router)#end

R2#copy run start

R3( config)#ipv6 router ospf 1

R3( config-router)#area 11 virtual-link 2.2.2.2

R3( config-router)#no area 54 virtual-link 4.4.4.4

R3( config-router)#end

R3#copy run start

R4( config)#ipv6 router ospf 1

R4( config-router)#no area 54 virtual-link 3.3.3.3

R4( config-router)#end

R4#copy run start

Validation:

Show run show ipv6 route on R1 and R4 ping ipv6 FECO :1 ::X(X is 4 or 1)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 331

Page 332: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 519

Lab. (STP)

Acme is a small export company that has an existing enterprise network comprised of 5 switches;

C0RE.DSW1, DSW2, ASW1 and ASW2 the topology diagram indicates their desired per-VLAN

spanning tree mapping.

Previous configuration attempts have resulted in the following issues:

CORE should be the root bridge for VLAN 20 ; however ,DSW1 is currently the root bridge for

VLAN 20 .Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1

and DSW2. However VLAN 30 is currently using gig 1/0/5Traffic for VLAN 40 should be forwarding

over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig

1/0/6

You have been tasked with isolating the cause of these issuer and implementing the appropriate

solutions.

Your task is complicated by the fact that you only have full access to DSW1 With isolating the

cause of these issues and implementing the appropriate solutions.

Your task is complicated by the fact that you only have full access to DSW1 .with the enable

secret password Cisco.

Only limited show command access is provided on CORE, and DSW2 using the enable 2 level

with a password of acme. No configuration changes will be possible on these routers. No access

is provided to ASW1 or ASW2.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 332

Page 333: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 333

Page 334: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 334

Page 335: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

DSWl#conf t

DSWl( config)#spanning-tree vlan 20 priority 61440

DSWl( config)#int g1/0/5

DSWl( config-if)#spanning-tree vlan 40 cost 1

DSWl( config-if)#no shut

DSWl( config-if)#exit

DSWl( config)#int g1/0/6

DSWl( config-if)#spanning-tree vlan 30 port-priority 64

DSWl( config-if)#no shut

DSWl( config-if)#end

DSWl#copy run start

Verification D

DSW1# show spanning-tree vlan 20 DSW1# show spanning-tree vlan 40 DSW2# show spanning-

tree vlan 30

QUESTION NO: 520

(EIGRP Stub?Manual Summary)

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 335

Page 336: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 336

Page 337: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 337

Page 338: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 338

Page 339: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 339

Page 340: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 340

Page 341: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 341

Page 342: Actule Test 642-892

Actu

alTe

sts.

com

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 342

Page 343: Actule Test 642-892

Actu

alTe

sts.

com

Explanation:

show run for current config info

R3#conf t

R3( config)#router eigrp 123

R3( config-router)#no eigrp stub receive-only

R3( config-router)#eigrp stub

R3( config-router)#end

R3#copy run start

R4#conf t

R4( config)#int s0/0

R4( config-if)#ip summary-address eigrp 123 10.0.0.0 255.0.0.0

R4( config-if)#no shut

R4( config-if)#end

R4#copy run start

Validation:

1. Show ip route on R2, should exist R3 route (172.16.1.0 ), ping 172.16.1.1 should success

2. Show ip route on R4, show a summary route (NULL 10.0.0.0/8 in route)

3. Show ip route on R3, whether receiver the summary route from R4, should only exist 2 10.0.0.0

subnet route.

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 343

Page 344: Actule Test 642-892

Actu

alTe

sts.

com

QUESTION NO: 521

Lab 6.&#65288;EIGRP & ISIS Redistribution &#65289;

Explanation:

show run for current config info

Blockade#conf t

Blockade( config)#router isis

Blockade( config-router)#redistribut eigrp 100 level-1 metric 50

Blockade( config-router)#router eigrp 100

Blockade( config-router)#redistribut isis level-1 metric 512 10 255 1 1500

Blockade( config-router)#redistribut connected

Blockade( config-router)#end

Blockade#copy run start

Validation:

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 344

Page 345: Actule Test 642-892

Actu

alTe

sts.

com

1. show ip route on Ballista and Oxybeles to make sure

the redistribute route are received.

2. successfuly ping looback0 on each route

QUESTION NO: 522

LAB

Explanation:

Portland # conf t

Portland ( config)# router ospf 1

Portland ( config-router)# network 192.168.3.5 0.0.0.3 area 1

Portland ( config-router)# area 1 stub

Portland ( config-router)# end

Portland # copy run start

Indianapolis # conf t

Indianapolis ( config)# router ospf 1

Indianapolis ( config-router)# network 192.168.3.6 0.0.0.3 area 1

Indianapolis ( config-router)# area 1 stub no-summary

Indianapolis ( config-router)# end

Indianapolis # copy run start

QUESTION NO: 523

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 345

Page 346: Actule Test 642-892

Actu

alTe

sts.

com

The CertKiller headquarter office for a book retailer is installing a temporary Catalyst 3550 in an

IDF to connect 24 additional users. To prevent network corruption, it is important to have the

correct configuration prior to connecting to the production network. It will be necessary to ensure

that the switch does not participate in VTP but forwards VTP advertisements that are received on

trunk ports. Because of errors that have been experienced on office computers, all nontrunking

interfaces should transition immediately to the forwarding state of Spanningree. Also, configure the

user ports(all FastEthernet ports) so that the ports are permanently nontrunking. You will have to

scroll this window and the problem statement window to view the entire problem. To configure the

switch click on a host icon that is connected to a switch by a serial console cable(shown in the

diagram as a curved solid black line).The [Tab] key.

Explanation:

CertKiller-S#conf t

CertKiller- S( config)#vtp mode transparent

CertKiller- S( config)#interface range fa0/1 - 24

CertKiller- S( config-if-range)#switchport mode access

CertKiller- S( config-if-range)#spanning-tree portfast

CertKiller- S( config-if-range)#exit

CertKiller- S( config)#interface range fa0/12 - 24

CertKiller- S( config-if-range)#switchport access vlan 10

CertKiller- S( config-if-range)#end

CertKiller-S# copy run start

Cisco 642-892: Practice Exam

"Pass Any Exam. Any Time." - www.actualtests.com 346