101. A request arrived on your MPLS-vpn-bgp group. Due to a security breach, your customer is experiencing DoS attacks coming from specific subnets (200.0.10.0/24, 200.0.12.0/24). You have checked all MPLS-EBGP routes being advertised to BHK from other VPN sites and found four subnets listed: 200.0.10.0/24, 200.0.11.0/24, 200.0.12.0/24, 200.0.13.0/24. You immediately apply an outbound ACL filter using the appropriate MPLS-EBGP tool: access-list 1 deny 0.0.0.0 255.255.254.255 access-list 1 permit any What happens when you apply this ACL on the MPLS-EBGP connection to BHK?
在进口和出口都使用标记路由
一个请求到达你的MPLS-VPN-BGP组, 由于安全漏洞, 你的客户经历了DoS工具从特殊的子 网(200.0.10.0/24, 200.0.12.0/24),你要检查所有的MPLS-EBGP routes存在被通告给BHK从其
他VPN站点和找到你的子网列表200.0.10.0/24, 200.0.11.0/24, 200.0.12.0/24, 200.0.13.0/24.你 立即应用了一个出站的ACL过滤在MPLS-EBGP 工具:access-list 1 deny 0.0.0.0 255.255.254.255 access-list 1 permit any
A. It blocks all routes.
B. It blocks the routes 200.0.12.0/24, 200.0.10.0/24 only. 当你应用了你的这个ACL在 MPLS-EBGP连接到BHK后会发生什么?(没翻译好,各位自己理解)
这个组只有200.0.12.0/24和200.0.10.0/24的路由
C. It blocks the routes 200.0.12.0/24, 200.0.13.0/24 only.
D. It blocks the routes 200.0.10.0/24, 200.0.13.0/24 only.
E. Nothing happens, no routes are blocked.
Answer: B
102. Refer to the exhibit. According to the output of the command show tag-switching forwarding-table, which four of these statements are true? (Choose four.)
如图所示,根据show tag-switching命令的输出的结果,以下那四句话是对的
A. Packets to the IP address 10.10.10.5/32 will be tagged with "17" toward the next hop.
B. Label "19" will be advertised to MPLS neighbors so that they can use this label to reach the IP address 10.10.10.6/32.
C. IP address 10.10.10.4/32 is directly connected to the neighbor router on serial 3/0.
D. Packets arriving with label "17" will be forwarded without any label toward serial 4/0. E. Packets arriving with label "20" will be forwarded with label "21" after label-swapping. F. Label "20" is advertised to MPLS neighbors so that they can use this information to reach the prefix 10.10.10.8/32.
Answer: CDEF
103. In PIM-SM what control plane signaling must a multicast source perform before it begins to send multicast traffic to a group?
在PIM - SM协议的控制平面信令是什么,必须执行一个组播源开始前,组播流量发送到一 个组
A. The source must send a PIM Register message to the rendezvous point (RP).
B. The source must first join the multicast group using IGMP before sending.
C. The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the PIM designated router (DR).
D. No control plane signaling needs to be performed; the source can simply begin sending on the local subnet.
没有控制平面信令需要执行;来源可以简单地开始在本地子网发送
Answer: D
104. Which of these statements about PIM join messages in classic PIM-SM is correct?
在典型的PIM-SM中,加入PIM信息以下正确的是
A. PIM join messages are sent every 60 seconds to refresh the upstream router's mroute state for the multicast tree.
PIM的连接被发送每隔60秒刷新了组播树的上游路由器的状态信息
B. Routers send a PIM join acknowledgement in response to each PIM join message received from a downstream router.
C. PIM join messages are only sent when the multicast distribution tree is first being established.
D. PIM join messages are sent every three minutes to refresh the upstream router's mroute state for the multicast tree.
Answer: A
105. The ip pim autorp listener command is used to do which of these?
哪一个是PIM auto-rp模式的监听命令
A. enable a Cisco router to "passively" listen to Auto-RP packets without the router actively sending or forwarding any of the packets
B. allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out interfaces configured with the ip pim sparse-mode command
允许 Auto-RP包在224.0.1.39和224.0.1.40这个组中涌向一个密集模式的出接口时,配置PIM 为稀少模式的命令
C. enable the use of Auto-RP on a router
D. configure the router as an Auto-RP mapping agent
Answer: B
106. In order to configure two routers as anycast RPs, which of these requirements, at a minimum, must be satisfied?
为了配置两台路由器用于任意播,调整哪个的度量值为最小是必须满足的
A. Multicast Source Discovery Protocol mesh-groups must be configured between the two anycast RPs.
B. The RPs must be within the same IGP domain.
C. Multicast Source Discovery Protocol must be configured between the two anycast RPs.
组播源发现协议是必须配置在两个任意播之间的
D. The two anycast RPs must be IBGP peers.
Answer: C
107. Which two of these statements correctly describe classic PIM-SM? (Choose two.)
哪两个正确的描述了典型的PIM-SM
A. The IOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree.
IOS默认的最后一跳的路由器去触动一个交换机来计算最短路径树,当一个新的源发现一个 共享的树
B. The IOS default is for every one of the routers on the shared tree to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree.
C. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pim spt-threshold command to "infinity."
默认的行为的切换到最短路径树当一个新源探测在共享的树也可以通过设置的值在ip pim spt-threshold命令"无限。
D. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pim spt-threshold command to "zero." Answer: AC
108. Refer to the exhibit. Two ISPs have decided to use MSDP and configured routers X and Y (both are PIM RPs) as MSDP peers. In the domain of ISP B, PC A has sent an IGMP membership report for the group 224.1.1.1 and PC B has sent an IGMP membership report
for the group 224.5.5.5. Assuming that the MSDP peering relationship between routers X and Y is functional, and given the partial configuration output shown from router X, which two of these statements are true? (Choose two.)
如图所示,两个ISP要使用MSDP(组播源发现协议)来配置路由器X和Y成为MSDP邻居, 在ISP 中PC a 发出了一个组播到224.1.1.1 PC b发送了一个组播到224.5.5.5。 如果MSDP已经 建立完成,考虑到部分配置已经从路由器X发出了。下面哪两个是正确的
A. Router X will contain an entry for 224.1.1.1 in its SA cache and will also have an installed (S,G) entry for this in its mroute table.
B. Router X will not contain an entry for 224.1.1.1 in its SA cache but will have an installed (*,G) entry for this in its mroute table.
C. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (S,G) entry for this in its mroute table.
D. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (*,G) entry for this in its mroute table. E. Router X will have no entries for 224.5.5.5 in neither its SA cache nor in its mroute table. F. Router X will have no entries for 224.1.1.1 in neither its SA cache nor in its mroute table.
Answer: AD
109.Which statement is true of a source that wants to transmit multicast traffic to group 239.1.1.1? 那个选项是正确描述一个源想要发送组播流量去239.1.1.1组地址
A. Before sending traffic, it must first join multicast group 239.1.1.1 by sending an IGMPv2 membership report to the default router on the local subnet.
B. It must send an IGMPv2 Request to Send packet and then wait for an IGMPv2 Clear toSend packet from the IGMPv2 querier router on the local subnet
C. It may begin transmitting multicast traffic to the group only when there is no other host transmitting to the group on the local subnet.
D. It may transmit multicast traffic to the group at any time. 可能是传送组播流量去那个组在任何时间
Answer: D
110. What is the purpose of an explicit "deny any" statement at the end of an ACL?
什么是明确表达在一个ACL最后有一个拒绝所有的条目
A. none, since it is implicit
B. to enable Cisco IOS IPS to work properly; however, it is the deny all traffic entry that is actually required
C. to enable Cisco IOS Firewall to work properly; however, it is the deny all traffic entry that is actually required
D. to allow the log option to be used to log any matches
用它来匹配剩下所有的项目
E. to prevent sync flood attacks F. to prevent half-opened TCP connections Answer: D
