Cisco 300-410 ENARSI Exam Questions

Cisco 300-410 Exam ENARSI Questions

The questions provided below are part of our premium content and are very useful for both practicing for the Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) 300-410 Real Exam and getting an idea on how the premium content looks like.

We do our best to provide our users with as much content as possible and appreciate your support by using our products.

Please use the comment section to leave your thoughts and suggestions.

ENARSI 300-410 PREMIUM QUESTIONS

50.00

PDF&VCE with 97 Questions and Answers
VCE Simulator Included
30 Days Free Updates | 24×7 Support | Verified by Experts

QUESTION 1
Refer to the exhibit.

Users in the branch network of 2001:db8:0:4::/64 report that they cannot access the Internet. Which command is issued in IPv6 router EIGRP 100 configuration mode to solve this issue?

A. Issue the eigrp stub command on R1.
B. Issue the no eigrp stub command on R1.
C. Issue the eigrp stub command on R2.
D. Issue the no eigrp stub command on R2.
Answer: B

QUESTION 2
Refer to the exhibit.

Which configuration configures a policy on R1 to forward any traffic that is sourced from the 192.168.130.0/24 network to R2?

A.
B.
C.
D.

Answer: D

The traffic reaches Gi0/1 interface so we must apply policy (ip policy route-map test) on this interface. The question requires to reach the destination of 172.20.20.0/30 so the next -hop IP address should be 172.20.20.1.

QUESTION 3
R2 has a locally originated prefix 192.168.130.0/24 and has these configurations:

What is the result when the route-map OUT command is applied toward an eBGP neighbor R1 (1.1.1.1) by using the neighbor 1.1.1.1 route-map OUT out command?
A. R1 sees 192.168.130.0/24 as two AS hops away instead of one AS hop away.
B. R1 does not accept any routes other than 192.168.130.0/24
C. R1 does not forward traffic that is destined for 192.168.30.0/24
D. Network 192.168.130.0/24 is not allowed in the R1 table
Answer: A

QUESTION 4
Which method changes the forwarding decision that a router makes without first changing the routing table or influencing the IP data plane?
A. nonbroadcast multiaccess
B. packet switching
C. policy-based routing
D. forwarding information base
Answer: C

QUESTION 5
Refer to the exhibit.

The output of the trace route from R5 shows a loop in the network. Which configuration prevents this loop?

A.
B.
C.
D.

Answer: B

In this topology, we are doing mutual redistribution at multiple points (between OSPF and EIGRP on R3 & R4), which is a very common cause of network problems, especially routing loops so you should use route-map to prevent redistributed routes from redistributing again into the original domain.
In this question, route-map is also used for this purpose. In particular, the route-map SET- TAG is used to prevent any routes that have been redistributed into EIGRP from redistributed again into OSPF domain by tagging these routes with tag 1:
R3 route-map SET-TAG permit 10 set tag 1
These routes are prevented from redistributed again by route-map FILTER_TAG by denying any routes with tag 1 set:
R4 route-map FILTER-TAG deny 10 match tag 1

QUESTION 6
Refer to the exhibit.

An engineer configures a static route on a router, but when the engineer checks the route to the destination, a different next hop is chosen. What is the reason for this?

A. Dynamic routing protocols always have priority over static routes.
B. The metric of the OSPF route is lower than the metric of the static route.
C. The configured AD for the static route is higher than the AD of OSPF.
D. The syntax of the static route is not valid, so the route is not considered.
Answer: C

The AD of static route is manually configured to 130 which is higher than the AD of OSPF router which is 110.

QUESTION 7
Refer to the exhibit.

An engineer is trying to generate a summary route in OSPF for network 10.0.0.0/8, but the summary route does not show up in the routing table. Why is the summary route missing?

A. The summary-address command is used only for summarizing prefixes between areas.
B. The summary route is visible only in the OSPF database, not in the routing table.
C. There is no route for a subnet inside 10.0.0.0/8, so the summary route is not generated.
D. The summary route is not visible on this router, but it is visible on other OSPF routers in the same area.
Answer: C

QUESTION 8
Refer to the exhibit.

An engineer is trying to block the route to 192.168.2.2 from the routing table by using the configuration that is shown. The route is still present in the routing table as an OSPF route. Which action blocks the route?

A. Use an extended access list instead of a standard access list.
B. Change sequence 10 in the route-map command from permit to deny.
C. Use a prefix list instead of an access list in the route map.
D. Add this statement to the route map: route-map RM-OSPF-DL deny 20.
Answer: C

QUESTION 9
What is a prerequisite for configuring BFD?
A. Jumbo frame support must be configured on the router that is using BFD.
B. All routers in the path between two BFD endpoints must have BFD enabled.
C. Cisco Express Forwarding must be enabled on all participating BFD endpoints.
D. To use BFD with BGP, the timers 3 9 command must first be configured in the BGP routing process.
Answer: C
https://www.cisco.com/c/en/us/td/docs/ios/120s/feature/guide/fsbfd.html#wp1043332

QUESTION 10
Refer to the exhibit.

R2 is a route reflector, and R1 and R3 are route reflector clients. The route reflector learns the route to 172.16.25.0/24 from R1, but it does not advertise to R3. What is the reason the route is not advertised?

A. R2 does not have a route to the next hop, so R2 does not advertise the prefix to other clients.
B. Route reflector setup requires full IBGP mesh between the routers.
C. In route reflector setup, only classful prefixes are advertised to other clients.
D. In route reflector setups, prefixes are not advertised from one client to another.
Answer: A

QUESTION 11

Refer to the exhibit.

An engineer is trying to redistribute OSPF to BGP, but not all of the routes are redistributed. What is the reason for this issue?
A. By default, only internal routes and external type 1 routes are redistributed into BGP
B. Only classful networks are redistributed from OSPF to BGP
C. BGP convergence is slow, so the route will eventually be present in the BGP table
D. By default, only internal OSPF routes are redistributed into BGP Answer: D

If you configure the redistribution of OSPF into BGP without keywords, only OSPF intra -area and inter-area routes are redistributed into BGP, by default.
You can redistribute both internal and external (type-1 & type-2) OSPF routes via this command: Router(config-router)#redistribute ospf 1 match internal external 1 external 2 https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5242-bgp-ospf-redis.html

QUESTION 12

Refer to the exhibit.

In which circumstance does the BGP neighbor remain in the idle condition?
A. if prefixes are not received from the BGP peer
B. if prefixes reach the maximum limit
C. if a prefix list is applied on the inbound direction
D. if prefixes exceed the maximum limit

Answer: D
Idle (PfxCt) means the session is in the Idle state because the neighbor has sent more prefixes than the configured maximum-prefixes limit.
router bgp 100 neighbor 10.0.0.1 remote-as 200 neighbor 10.0.0.1 maximum-prefix 10 80
In the last command, 10 is the maximum number of prefixes allowed from the neighbor and the router starts to generate a warning message at 80%.
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/25160-bgp-maximum-prefix.html Therefore if the BGP neighbor sent 11 prefixes, the local router will be in Idle (PfxCt) state.

QUESTION 13
Which attribute eliminates LFAs that belong to protected paths in situations where links in a network are connected through a common fiber?
A. shared risk link group-disjoint
B. linecard-disjoint
C. lowest-repair-path-metric
D. interface-disjoint

Answer: B

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/asr1000/ire-xe-3s-asr1000/ire-ipfrr.html

QUESTION 14
Refer to the exhibit.

An engineer is troubleshooting BGP on a device but discovers that the clock on the device does not correspond to the time stamp of the log entries. Which action ensures consistency between the two times?
A. Configure the service timestamps log uptime command in global configuration mode.
B. Configure the logging clock synchronize command in global configuration mode.
C. Configure the service timestamps log datetime localtime command in global configuration mode.
D. Make sure that the clock on the device is synchronized with an NTP server.
Answer: D

Even we had a synchronized clock but it may show different timezone so we should set the localtime keyword (which uses local time zone for timestamps) so that the time of logging messages is matched with our clock.

QUESTION 15
Refer to the exhibit.

What is the result of applying this configuration?

A. The router can form BGP neighborships with any other device.
B. The router cannot form BGP neighborships with any other device.
C. The router cannot form BGP neighborships with any device that is matched by the access list named “BGP”.
D. The router can form BGP neighborships with any device that is matched by the access list named “BGP”.
Answer: A

QUESTION 16
Which command displays the IP routing table information that is associated with VRF-Lite?
A. show ip vrf
B. show ip route vrf
C. show run vrf
D. show ip protocols vrf

Answer: B

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/50sg/configuration/guide/Wrapper-46SG/vrf.html#wp1045708

QUESTION 17

Refer to the exhibit.

Which subnet is redistributed from EIGRP to OSPF routing protocols?
A. 10.2.2.0/24
B. 10.1.4.0/26
C. 10.1.2.0/24
D. 10.2.3.0/26
Answer: A

Only the subnet that matches prefix-list OSPF-TAG-PRF-1 will be redistributed into OSPF (as indicated by route-map OSPF-TAG-1 permit 10). This subnet must match the prefix-list OSPF-TAG-PRF-1 so it must be 10.2.0.0/18 to 10.2.0.0/24. Only the subnet 10.2.2.0/24 matches this requirement.

QUESTION 18
Which configuration adds an IPv4 interface to an OSPFv3 process in OSPFv3 address family configuration?
A. router ospfv3 1
address-family ipv4 B. Router(config-router)#ospfv3 1 ipv4 area 0 C. Router(config-if)#ospfv3 1 ipv4 area 0 D. router ospfv3 1
address-family ipv4 unicast

Answer: B

The newest OSPFv3 configuration approach utilizes a single OSPFv3 process. It is capable of supporting IPv4 and IPv6 within a single OSPFv3 process. OSPFv3 builds a single database with LSAs that carry IPv4 and IPv6 information. The OSPF adjacencies are established separately for each address family. Settings that are specific to an address family (IPv4/IPv6) are configured inside that address family router configuration mode.
Running single OSPFv3 for both IPv4 and IPv6 is supported since Cisco IOS Software Release 15.1(3)S.
The new-style OSPFv3 process is enabled using the router ospfv3 process-number command. Within the OSPF process configuration mode, the OSPF process ID is defined (using the router-id ospf-process-ID command).
OSPFv3 New-Style OSPF Configuration Commands:
R1(config)#ipv6 unicast-routing //although only OSPFv3 for IPv4 is configured but we have to enable IPv6 under global configuration mode R1(config)#router ospfv3 1 R1(config-router)# router-id 1.1.1.1 R1(config)#interface GigabitEthernet0/1 R1(config-if)#ipv6 enable //although only OSPFv3 for IPv4 is configured but we have to enable IPv6 under interface mode R1(config-if)#ospfv3 1 ipv4 area 0
Therefore answer B is the best answer here but in this answer, the configuration mode is not correct. It should be interface mode (config-if)#, not router mode
(config-router)#.
https://www.ciscopress.com/articles/article.asp?p=2294214&seqNum=4

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-xe-3s-book/ip6-route-ospfv3-add-fam-xe.html

QUESTION 19

Refer to the exhibit.

Which statement about R1 is true?
A. OSPF redistributes RIP routes only if they have a tag of one.
B. RIP learned routes are distributed to OSPF with a tag value of one.
C. R1 adds one to the metric for RIP learned routes before redistributing to OSPF.
D. RIP routes are redistributed to OSPF without any changes.

Answer: B

QUESTION 20
Refer to the exhibit.

An IP SLA was configured on router R1 that allows the default route to be modified in the event that Fa0/0 loses reachability with the router R3 Fa0/0 interface. The route has changed to flow through router R2. Which debug command is used to troubleshoot this issue?
A. debug ip flow
B. debug ip sla error
C. debug ip routing
D. debug ip packet
Answer: C

The debug ip routing command enables debugging messages related to the routing table. Since the routing table is normally stable, you will only see debug messages when there are any changes in the routing table.

QUESTION 21
Which configuration enabled the VRF that is labeled “Inet” on FastEthernet0/0?
A. R1(config)# ip vrf Inet
R1(config-vrf)#ip vrf FastEthernet0/0 B. R1(config)#ip vrf Inet FastEthernet0/0
C. R1(config)# ip vrf Inet R1(config-vrf)#interface FastEthernet0/0 R1(config-if)#ip vrf forwarding Inet
D. R1(config)#router ospf 1 vrf Inet R1(config-router)#ip vrf forwarding FastEthernet0/0

Answer: C

QUESTION 22

Refer to the exhibit.

After redistribution is enabled between the routing protocols; PC2, PC3, and PC4 cannot reach PC1. Which action can the engineer take to solve the issue so that all the PCs are reachable?
A. Set the administrative distance 100 under the RIP process on R2.
B. Filter the prefix 10.1.1.0/24 when redistributed from OSPF to EIGRP.
C. Filter the prefix 10.1.1.0/24 when redistributed from RIP to EIGRP.
D. Redistribute the directly connected interfaces on R2.

Answer: B

QUESTION 23
Which command allows traffic to load-balance in an MPLS Layer 3 VPN configuration?
A. multi-paths eibgp 2
B. maximum-paths 2
C. maximum-paths ibgp 2
D. multi-paths 2
Answer: C

The command maximum-paths [ ibgp ] number-of-paths configures the maximum number of multipaths allowed. Use the ibgp keyword to configure iBGP load balancing. This question does not tell which BGP load-balance it wants (iBGP or eBGP) so in fact answer B is also correct.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/mpls/configuration/guide/mpls_cg/mp_vpn_multipath.html

QUESTION 24
Refer to the exhibit.

After applying IPsec, the engineer observed that the DMVPN tunnel went down, and both spoke-to-spoke and hub were not establishing. Which two actions resolve the issue? (Choose two.)

A. Change the mode from mode tunnel to mode transport on R3.
B. Remove the crypto isakmp key cisco address 10.1.1.1 on R2 and R3.
C. Configure the crypto isakmp key cisco address 192.1.1.1 on R2 and R3.
D. Configure the crypto isakmp key cisco address 0.0.0.0 on R2 and R3.
E. Change the mode from mode transport to mode tunnel on R2.
Answer: AD

QUESTION 25
Which statement about route distinguishers in an MPLS network is true?
A. Route distinguishers allow multiple instances of a routing table to coexist within the edge router.
B. Route distinguishers are used for label bindings.
C. Route distinguishers make a unique VPNv4 address across the MPLS network.
D. Route distinguishers define which prefixes are imported and exported on the edge router.
Answer: C

QUESTION 26
Which statement about MPLS LDP router ID is true?
A. If not configured, the operational physical interface is chosen as the router ID even if a loopback is configured.
B. The loopback with the highest IP address is selected as the router ID.
C. The MPLS LDP router ID must match the IGP router ID.
D. The force keyword changes the router ID to the specified address without causing any impact.
Answer: B

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_ldp/configuration/12-4m/mp-ldp-12-4m-book.pdf

QUESTION 27
Refer to the exhibit.

Which interface configuration must be configured on the spoke A router to enable a dynamic DMVPN tunnel with the spoke B router?
A.
B.
C.
D.
Answer: B

QUESTION 28
Which list defines the contents of an MPLS label?
A. 20-bit label; 3-bit traffic class; 1-bit bottom stack; 8-bit TTL
B. 32-bit label; 3-bit traffic class; 1-bit bottom stack; 8-bit TTL
C. 20-bit label; 3-bit flow label; 1-bit bottom stack; 8-bit hop limit
D. 32-bit label; 3-bit flow label; 1-bit bottom stack; 8-bit hop limit
Answer: A

MPLS uses a 32-bit label field that contains the information that follows:
20-bit label (a number)
3-bit class of service (or experimental field, typically used to carry IP precedence value)
1-bit bottom-of-stack indicator (indicates whether this is the last label before the IP header)
8-bit TTL (equal to the TTL in the IP header)

https://tools.ietf.org/html/rfc5462

QUESTION 29
Refer to the exhibit.

What does the imp-null tag represent in the MPLS VPN cloud?

A. Pop the label
B. Impose the label
C. Include the EXP bit
D. Exclude the EXP bit

Answer: A
The imp-null (implicit null) tag instructs the upstream router to pop the tag entry off the tag stack before forwarding the packet. Note: pop means remove the top MPLS label

QUESTION 30
Which transport layer protocol is used to form LDP sessions?
A. UDP
B. SCTP
C. TCP
D. RDP

Answer: C
LDP uses TCP as a reliable transport for sessions. When multiple LDP sessions are required between two LSRs, there is one TCP session for each LDP session.
https://tools.ietf.org/html/rfc5036

QUESTION 31

Refer to the exhibits. Phase-3 tunnels cannot be established between spoke-to-spoke in DMVPN. Which two commands are missing? (Choose two.)
A. The ip nhrp redirect command is missing on the spoke routers.
B. The ip nhrp shortcut command is missing on the spoke routers.
C. The ip nhrp redirect command is missing on the hub router.
D. The ip nhrp shortcut command is missing on the hub router.
E. The ip nhrp map command is missing on the hub router.
Answer: BC

QUESTION 32
Which protocol is used to determine the NBMA address on the other end of a tunnel when mGRE is used?
A. NHRP
B. IPsec
C. MP-BGP
D. OSPF
Answer: A

QUESTION 33
Refer to the exhibit.

Which configuration denies Telnet traffic to router 2 from 198A:0:200C::1/64?

Answer: A

When assigning an IPv4 access list to an interface you used the ip access-list ACL_NAME in|out command in interface configuration mode. To assign an IPv6 ACL to an interface you’ll use the ipv6 traffic-filter ACL_NAME in|out command in interface configuration mode.
We should also specific which port (telnet in this case) we want to deny or we will drop all TCP traffic to the destination.
Note: In fact there is an error with all of the above commands as we cannot use subnet mask (/64) with keyword host. We must remove the subnet mask before applying the ACL statement.

QUESTION 34
Refer to the exhibit.

During troubleshooting it was discovered that the device is not reachable using a secure web browser. What is needed to fix the problem?
A. permit tcp port 443
B. permit udp port 465
C. permit tcp port 465
D. permit tcp port 22
Answer: A

QUESTION 35
Refer to the exhibit. An engineer is trying to configure local authentication on the console line, but the device is trying to authenticate using TACACS+. Which action produces the desired configuration?

A. Add the aaa authentication login default group tacacs+ local-case command to the global configuration.
B. Add the login authentication Console command to the line configuration
C. Replace the capital “C” with a lowercase “c” in the aaa authentication login Console local command.
D. Add the aaa authentication login default none command to the global configuration.
Answer: B

The keyword local-case will use case-sensitive local username for authentication so it will not solve this problem -> Answer A is not correct.
We test answer B on R1, answer C on R2 (also turned on debugging for AAA authentication via the debug aaa authentication command):
On R1: So after adding the login authentication Console line under line configuration, AAA will prefer the authentication method listed under specific line configuration, which is local in this case.
On R2: With two aaa authentication login commands, AAA prefers the default login method.
We also tried to put the aaa authentication login console local command in front of aaa authentication login default group tacacs+ local but the result is still the same.
About answer D, if we add aaa authentication login default none to the current configuration then the aaa authentication login default group tacacs+ local will be removed -> we can access this device without any authentication.

QUESTION 36
Refer to the exhibit.

An engineer is trying to connect to a device with SSH but cannot connect. The engineer connects by using the console and finds the displayed output when troubleshooting. Which command must be used in configuration mode to enable SSH on the device?
A. no ip ssh disable
B. ip ssh enable
C. ip ssh version 2
D. crypto key generate rsa Answer: D

We see the notification % Please create RSA keys to enable SSH so we have to create RSA keys with the command: R1(config)#crypto key generate rsa

QUESTION 37
Which statement about IPv6 ND inspection is true?
A. It learns and secures bindings for stateless autoconfiguration addresses in Layer 3 neighbor tables.
B. It learns and secures bindings for stateless autoconfiguration addresses in Layer 2 neighbor tables.
C. It learns and secures bindings for stateful autoconfiguration addresses in Layer 3 neighbor tables.
D. It learns and secures bindings for stateful autoconfiguration addresses in Layer 2 neighbor tables.
Answer: B

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_fhsec/configuration/15-s/ip6f-15-s-book/ip6-snooping.pdf

QUESTION 38
While troubleshooting connectivity issues to a router, these details are noticed: standard pings to all router interfaces, including loopbacks, are successful. Data traffic is unaffected. SNMP connectivity is intermittent. SSH is either or disconnects frequently.
Which command must be configured first to troubleshoot this issue?
A. show policy-map control-plane
B. show policy-map
C. show interface | inc drop
D. show ip route
Answer: A

The show policy-map control-plane is used to display the service-policy associated to the control-plane. It also shows the packets that matched the class-map. An example of the output of this command is shown below:

QUESTION 39

Refer to the exhibit. Why is user authentication being rejected?
A. The TACACS+ server expects “user”, but the NT client sends “domain/user”.
B. The TACACS+ server refuses the user because the user is set up for CHAP.
C. The TACACS+ server is down, and the user is in the local database.
D. The TACACS+ server is down, and the user is not in the local database.

Answer: D

https://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-tacacs-/13864-tacacs-pppdebug.html

QUESTION 40

Refer to the exhibit. Which control plane policy limits BGP traffic that is destined to the CPU to 1 Mbps and ignores BGP traffic that is sent at higher rate?
A. policy-map SHAPE_BGP
B. policy-map LIMIT_BGP
C. policy-map POLICE_BGP
D. policy-map COPP
Answer: D

The conform-action specifies the action to take on packets that conform to the rate limit and the exceed-action specifies the action to be taken on packets when the packet rate is greater than the rate specified in the maximum-burst-bytes argument.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-16/ip6f-xe-16-book/ip6-ra-guard.pdf

QUESTION 41
Which statement about IPv6 RA Guard is true?
A. It does not offer protection in environments where IPv6 traffic is tunneled.
B. It cannot be configured on a switch port interface in the ingress direction.
C. Packets that are dropped by IPv6 RA Guard cannot be spanned.
D. It is not supported in hardware when TCAM is programmed.
Answer: A

Restrictions for IPv6 RA Guard
The IPv6 RA Guard feature does not offer protection in environments where IPv6 traffic is tunneled.

This feature is supported only in hardware when the ternary content addressable memory (TCAM) is programmed.

This feature can be configured on a switch port interface in the ingress direction. + This feature supports host mode and router mode. + This feature is supported only in the ingress direction; it is not supported in the egress direction.
This feature is not supported on EtherChannel and EtherChannel port members. + This feature is not supported on trunk ports with merge mode. This feature is supported on auxiliary VLANs and private VLANs (PVLANs). In the case of PVLANs, primary VLAN features are inherited and merged with port features. + Packets dropped by the IPv6 RA Guard feature can be spanned. + If the platform ipv6 acl icmp optimize neighbor-discovery command is configured, the IPv6 RA Guard feature cannot be configured and an error message will be displayed. This command adds default global Internet Control Message Protocol (ICMP) entries that will override the RA guard ICMP entries. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_fhsec/configuration/xe- 3s/ip6f-xe-3s-book/ip6-ra-guard.htm

QUESTION 42
Refer to the exhibit. ISP 1 and ISP 2 directly connect to the Internet. A customer is tracking both ISP links to achieve redundancy and cannot see the Cisco IOS IP SLA tracking output on the router console. Which command is missing from the IP SLA configuration?

A. Start-time 00:00 B. Start-time 0
C. Start-time immediately
D. Start-time now

Answer: D

Although the IP SLA tracking has been configured but it needs to activate with the start-time now keyword. An example of configuring IP SLA for ICMP echo and start it immedicately is shown below:
ip sla 2 icmp-echo 10.10.10.10 ! ip sla schedule 2 start-time now

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt-book/sla_icmp_echo.html

QUESTION 43
Refer to the exhibit. An administrator noticed that after a change was made on R1, the timestamps on the system logs did not match the clock. What is the reason for this error?

A. An authentication error with the NTP server results in an incorrect timestamp.
B. The keyword localtime is not defined on the timestamp service command.
C. The NTP server is in a different time zone.
D. The system clock is set incorrectly to summer-time hours.
Answer: A

QUESTION 44
A network engineer is investigating a flapping (up/down) interface issue on a core switch that is synchronized to an NTP server. Log output currently does not show the time of the flap. Which command allows the logging on the switch to show the time of the flap according to the clock on the device?
A. clock calendar-valid
B. service timestamps log datetime localtime show-timezone
C. service timestamps log uptime
D. clock summer-time mst recurring 2 Sunday mar 2:00 1 Sunday nov 2:00 Answer: B

By default, Catalyst switches add a simple uptime timestamp to logging messages. This is a cumulative counter that shows the hours, minutes, and seconds since the switch has been booted up. For example: 20w2d: %LINK-3-UPDOWN: Interface FastEthernet1/0/27, changed state to down 21w3d: %SYS-5-CONFIG_I: Configured from console by vty0 (172.25.15.246)
At exactly what date and time did that occur? Who knows! Instead, you can configure the switch to add accurate clock -like timestamps that are easily interpreted. you can use the following command to begin using the switch clock as an accurate timestamp for syslog messages:
Switch(config)# service timestamps log datetime [localtime] [show-timezone] [msec] [year]
Below is the output if we entered the command service timestamps log datetime localtime show-timezone (withoutmsec keyword the output would not show time in milisecond) *Mar 1 00:02:24 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback4, changed state to up Note: The command “clock calendar-valid” enables the device to act as a valid time source to which network peers can synchronize. By default, the time
maintained on the software clock is not considered to be reliable and will not be synchronized with NTP or VINES time service. To set the hardware clock as a valid time source, use this command.

QUESTION 45
When provisioning a device in Cisco DNA Center, the engineer sees the error message “Cannot select the device. Not compatible with template”. What is the reason for the error?
A. The template has an incorrect configuration.
B. The software version of the template is different from the software version of the device.
C. The changes to the template were not committed.
D. The tag that was used to filter the templates does not match the device tag.
Answer: D

If you use tags to filter the templates, you must apply the same tags to the device to which you want to apply the templates. Otherwise, you get the following error during provisioning: Cannot select the device. Not compatible with template.

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-2-10/user_guide/b_cisco_dna_center_ug_1_2_10/b_dnac_ug_1_2_10_chapter_0111.html

QUESTION 46
An engineer configured the wrong default gateway for the Cisco DNA Center enterprise interface during the install. Which command must the engineer run to correct the configuration?
A. sudo maglev-config update
B. sudo maglev install config update
C. sudo maglev reinstall
D. sudo update config install

Answer: A

QUESTION 47

Refer to the exhibit. An administrator that is connected to the console does not see debug messages when remote users log in. Which action ensures that debug messages are displayed for remote logins?
A. Enter the transport input ssh configuration command.
B. Enter the terminal monitor exec command.
C. Enter the logging console debugging configuration command.
D. Enter the aaa new-model configuration command.
Answer: C

QUESTION 48
Refer to the exhibit. An engineer is trying to generate a summary route in OSPF for network 10.0.0.0/8, but the summary route does not show up in the routing table. Why is the summary route missing?

A. The summary-address command is used only for summarizing prefixes between areas.
B. The summary route is visible only in the OSPF database, not in the routing table.
C. There is no route for a subnet inside 10.0.0.0/8, so the summary route is not generated.
D. The summary route is not visible on this router, but it is visible on other OSPF routers in the same area. Answer: C

The summary-address is only used to create aggregate addresses for OSPF at an autonomous system boundary. It means this command should only be used on the ASBR when you are trying to summarize externally redistributed routes from another protocol domain or you have a NSSA area. But a requirement to create a summarized route is:
The ASBR compares the summary route’s range of addresses with all routes redistributed into OSPF on that ASBR to find any subordinate subnets (subnets that sit inside the summary route range). If at least one subordinate subnet exists, the ASBR advertises the summary route. CCNP Route 642-902 Official Certification Guide But in this case we found no prefix that belongs to 10.0.0.0/8. Therefore a summarized route for this subnet could not be created. Note:

If a prefix of this subnet exists in the routing table then after the summarization is performed, we will see such an entry:
Router# show ip route — output omitted -­0 10.0.0.0/8 is a summary via null0
Recently the RIPv2 domain has been redistributed into our OSPF domain but the administrator wants to configure a summarized route instead of 32 external type­5 LSAs (for 172.16.32.0/24 to 172.16.63.0/24) flooding into the OSPF network. In this case the administrator has to use the summary-address command as follows:
Router(config-router)#summary-address 172.16.32.0 255.255.224.0
Note: In this case R1 is the ASBR for OSPF domain.

QUESTION 49
Refer to the exhibit. An engineer is trying to block the route to 192.168.2.2 from the routing table by using the configuration that is shown. The route is still present
in the routing table as an OSPF route. Which action blocks the route?

A. Use an extended access list instead of a standard access list.
B. Change sequence 10 in the route-map command from permit to deny.
C. Use a prefix list instead of an access list in the route map.
D. Add this statement to the route map: route-map RM-OSPF-DL deny 20. Answer: C

QUESTION 50
What is a prerequisite for configuring BFD?
A. Jumbo frame support must be configured on the router that is using BFD.
B. All routers in the path between two BFD endpoints must have BFD enabled.
C. Cisco Express Forwarding must be enabled on all participating BFD endpoints.
D. To use BFD with BGP, the timers 3 9 command must first be configured in the BGP routing process.
Answer: C

https://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fs_bfd.html#wp1043332

Leave Comment

Your email address will not be published.