Categories
Fortinet Exam Dumps
fortinet nse4_fgt-6.4 dumps (pdf + vce)
fortinet nse4_fgt-6.2 dumps (pdf + vce)
fortinet nse5_faz-6.4 dumps (pdf + vce)
fortinet nse5_faz-6.2 dumps (pdf + vce)
fortinet nse5_fct-6.2 dumps (pdf + vce)
fortinet nse5_fmg-6.4 dumps (pdf + vce)
fortinet nse5_fmg-6.2 dumps (pdf + vce)
fortinet nse6_fml-6.2 dumps (pdf + vce)
fortinet nse6_fnc-8.5 dumps (pdf + vce)
fortinet nse7_efw-6.4 dumps (pdf + vce)
fortinet nse7_efw-6.2 dumps (pdf + vce)
fortinet nse7_sac-6.2 dumps (pdf + vce)
fortinet nse7_sdw-6.4 dumps (pdf + vce)
fortinet nse8_811 dumps (pdf + vce)
Tags
Whether you decide to use our Cisco 642-611 sample questions, you can rest assured that you have the ultimate in online and offline training. We value the quality of Cisco 642-611 sample questions you receive through our Cisco 642-611 exam and will never support Cisco 642-611, or any Cisco 642-611 dump site. These are compiled by industry experts.They also are constantly keeping up with the latest developments at FLYDUMPS so that the Cisco 642-611 sample questions can be aptly revised. When embarked upon this adventure meant to achieve a standard of academic excellence in information technology, we had a vision but no expectations. Cisco 642-611 dumps sites cannot compare to the understanding, learning and comprehension you will gain from Cisco 642-611 site, based on facts and case studies, like FLYDUMPS.
QUESTION 157
How are routing protocol context implemented in OSPF?
A. Each routing context is implemented by redistributing into MBGP.
B. Each routing context is implemented by assigning it to an interface.
C. Each routing context is implemented as a separate routing process.
D. Each routing context is implemented as a separate isolated instance of the same routing protocol.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
According to the “Implementing Cisco MPLS” Student Guide (Text Part Number:
97-1154-01) Volume 2, version 1.0, page 8-6.
-Routing context=routing protocol run in one vrf
-Routing contexts were introduced in Cisco IOS software to support the need for separate isolated copies
of VPN routing protocols. They can be implemented as separate routing processes (OSPF), similar to
traditional Cisco IOS software implementation, or as separate isolated instances of the same routing
protocol (EBGP, RIPv2).
This is the same issue as the question 201.
QUESTION 158
The VPN named my_vpn is operating on interface s0/0 of a PE-router. The CE-PE routing protocol is
OSPF.
The MPLS backbone IPG is OSPF.
Which statement is true about the interaction between the customer’s OSPF routes and the backbone’s
OSPF routes?
A. On the PE-router, two instances of OSPF are run: one for the VPN and one for the backbone IGP.
B. On the PE-router, three instances if OSPF are run: one for the VPN, one for the backbone IGP, and one to carry the PE-PRE routes.
C. This configuration is acceptable for MPLS implementations. However, when MPLS VPNs are implemented, OSPF cannot be used as the CE-PE routing protocol and the backbone IGP.
D. On the PE-router, a single instance of OSPF is run. However, the customer’s routes are kept separate for the backbone route because the RD is prepares to the customer’s routes.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: It is important to note that the MPLS/VPN backbone is not a real OSPF area 0 backbone. No adjacencies are formed between PE routers – only between PE and CE routers. MP-iBGP is used between PE routers, and all OSPF routes are translated into VPN-IPv4 routes. This means that the redistribution of routes into BGP does not cause these routes to become external OSPF routes when advertised to other member sites of the same VPN. Reference: MPLS and VPN Architectures (Ciscopress) page 235
QUESTION 159
Exhibit:
Which statement is true about route summarization for routes announced to the backbone by Area 1?
A. By default, routes will not be summarized.
B. By default, routes will be summarized on the network boundaries.
C. By default, routes will be summarized to Area 3 (NSSA) but not to Area 2.
D. By default, routes will be summarized based upon the summarization schedule configured in the CE-router.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Summarizing is the consolidation of multiple routes into one single advertisement. This is normally done at the boundaries of Area Border Routers (ABRs). Although summarization could be configured between any two areas, it is better to summarize in the direction of the backbone. This way the backbone receives all the aggregate addresses and in turn will injects them, already summarized, into other areas. There are two types of summarization:
1. Inter-area route summarization
1. External route summarization Reference: http://www.cisco.com/warp/public/104/3.html#12.0
QUESTION 160
What is the influence of the Down bit on the OSPF route section process?
A. OSPF routes with the Down bit set are never entered in the M-BGP routing table.
B. OSPF routes with the Down but set are never entered in the backbone’s IGP routing table.
C. OSPF routes with the Down bit set are passed up the hierarchical model. They are blocked from being passed down the hierarchical model.
D. OSPF routes with the Down bit set are marked as unavailable. After the third consecutive update with the Down bit set, they are removed from the routing table.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: Customer routes are NEVER entered into the core IGP in an MPLS environment. The down bit does not change this fact. What is does do instead is that it prevent routes redistributes from m-bgp to OSPF from being redistributed back into M-bgp. This makes A the correct answer
QUESTION 161
Exhibit:
What is the interaction between a super-backbone and Area 3?
A. The super-backbone appears as a NSSA to the non-backbone OSPF routers of Area 3.
B. The super-backbone appears as BGP domain to the non-backbone OSPF routers of Area 3.
C. The super-backbone appears as another OSPF area to the non-backbone OSPF routers of Area 3.
D. The super-backbone appears as Area 0 (backbone area) to the non-backbone OSPF routers of Area 3.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Traditionally, an elaborate OSPF network consists of a backbone area (area 0) and a number of areas connected to this backbone via an area border router (ABR). By using an MPLS backbone for VPN with OSPF on the customer’s site, you can introduce a third level in the hierarchy of the OSPF model. This third level is called the MPLS VPN super backbone. In simple cases, the MPLS VPN super backbone is combined with the traditional area 0 backbone. This means that there is no area 0 backbone on the customer network, since the MPLS VPN super backbone plays the same role as the area 0 backbone. This is shown in the diagram below: Reference: http://www.cisco.com/warp/public/121/mpls_ospf2.html
QUESTION 162
How are OSPF route attributes propagates across the MPLS VPN backbone? (Choose two)
A. OSPF priority is propagated in the Experimental Bits.
B. OSPF cost or external metric is propagated in the BGP MED attribute.
C. Metrics for external OSPF router is propagated in the Hop Count field.
D. OSPF area, route type, and metric type are propagated in an extended BGP community.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
MP-BGP attaches two new extended community attributes to the routes redistributed from OSPF:
*
OSPF domain identifier extended community attribute
*
OSPF route type extended community attribute MP-BGP uses these attributes and the MED to preserve OSPF routing information across the BGP/MPLS VPN backbone. Reference: MPLS and VPN Architectures (Ciscopress) page 235
QUESTION 163
Which of the following best describes the function of the OSPF tag field?
A. prevents cross-domain routing loops for external LSAs.
B. prevents cross-domain routing loops for internal LSAs.
C. prevents intra-domain routing loops for external LSAs.
D. prevents intra-domain routing loops for internal LSAs.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 164
Using OSPF as the CE-PE routing protocol, when and which router will set the down bit?
A. The PE router will set the down bit when redistributing routes from MP-BGP into OSPF.
B. The PE router will set the down bit when redistributing routes from OSPF into MP-BGP.
C. The CE router will set the down bit when propagating the OSPF route to the PE router.
D. The PE router will set the down bit when propagating the OSPF route to the CE router.
E. The P router will set the down bit when propagating the route to another P router.
F. The PE router will set the down bit when propagating the route to another PE router over MP-BGP.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 165
An OSPF LSA type 5 route is redistributed into MP-BGP. That same route is then redistributed back from MP-BGP into OSPF on another PE router. In this case, that OSPF route will appear as what LSA type on the destination CE router?
A. LSA type 1
B. LSA type 2
C. LSA type 3
D. LSA type 4
E. LSA type 5
F. LSA type 7
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 166
The VPN named my_vpn is operating on interface s0/0 of a PE-router. The CE-PE routing protocol is
OSPF.
Why is the OSPF super-backbone needed in MPLS VPN environments?
A. To ensure that the customer’s OSPF traffic has priority over the backbone OSPF routing updates.
B. To ensure that the backbone internal OSPF routes are not inserted as external OSPF routes into the customer’s VPN.
C. To ensure that the customer’s internal OSPF routes on one site are not inserted as external OSPF routes into other sites on the same VPN.
D. To ensure that the customer’s internal OSPF routes are not inserted as external OSPF routes into the provider backbone as internal OSPF routes.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 167
In Cisco IOS release 12.1, how many VPN OSPF process can run simultaneously in an MPLS VPN PE-router?
A. 1.
B. 28
C. 255
D. The number of active processes is controlled by the memory available.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 168
Which three statements about the traditional OSPF routing model are true? (Choose three)
A. Networks running OSPF can be divided into areas.
B. OSPF was designed to support hierarchical networks.
C. A single area is a physical site or logical division of that site.
D. All areas must be physically connected to the backbone area (Area 0)
E. OSPF implementations consisting of multiple areas must be interconnected by a backbone area.
Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
Explanation:
Not C: The area in traditional OSPF is a logical union of routers Not D: It is highly recommended that all
areas are connected to the backbone are, but it is not obligatory. Using virtual link the area can be just
logically be connected to the area 0.
QUESTION 169
BGP address families are used to configure which three route exchange mechanisms? (Choose three)
A. Propagating Internet routes.
B. VPNv4 routes that are propagated across an MPLS/VPN backbone.
C. P-router to P-router routes that are propagated across an MPLS/VPN backbone.
D. PE-CE routing protocol to exchange VPN routes between provider edge routers and customer edge routers.
Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
Explanation:
According to the “Implementing Cisco MPLS” Student Guide (Text Part Number:
97-1154-01) Volume 2, version 1.0, page 8-31.
BGP address families: The BGP process in a MPLS VPN-enabled router performs 3 separate tasks:
-Global BGP routes(internet routing) are exchanged as in traditional BGP setup.
-VPNv4 prefixes are exchanged through MP-BGP.
-VPN routes are exchanged with CE routers through per-VRF EBGP sessions. Address families (routing contexts) are used to configure these three tasks in the same BGP process(because only one BGP process can be configured per router), and the routing contexts (called address families from the router configuration perspective) are used to configure all three independent route exchange mechanisms.
QUESTION 170
The VPN named my_vpn is operating on interface s0/0 of a PE-router. The CE-PE routing protocol is RIP.
The MPLS backbone IGP is OSPF. However, when you review the configuration for the PE-router, you find
that BGP has been configured.
What explains this configuration?
A. VPN routes are always imported and exported using MP-BGP.
B. This router is configured improperly. BGP is not needed in this configuration.
C. This router is configured improperly. E-BGP is the required routing protocol between PE and CE-routers.
D. BGP should be configured on all routers supporting MPLS to ensure backward-compatibility reasons for earlier version of IOS.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: BGP distributes reachability information for VPN-IPv4 prefixes for each VPN. BGP communication takes place at two levels: within IP domains, known as an autonomous systems (interior BGP or IBGP) and between autonomous systems (external BGP or EBGP). PE-PE or PE-RR (route reflector) sessions are IBGP sessions, and PE-CE sessions are EBGP sessions Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/ products_feature_guide09186a00800e977b.html#11
QUESTION 171
Which two attributes in BGP are used to help with implementation of the OSPF super-backbone? (Choose two)
A. MED
B. weight
C. AS path
D. site of origin
E. extended community
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Explanation:
A: According to the MPLS Student guide Version 2.1 Page 5-94, the OSPF cost is carried in the MED
attribute.
Not D: Although Site of Origin is used to prevent loop in BGP, in this question, it is asked which two BGP
attributes help the OSPF Super Backbone implementation.
QUESTION 172
Which statement is true about the use of EBGP as the CE-PE routing protocol in MPLS VPN implementations?
A. The CE router must be the BGP next hop.
B. The egress P router must be the BGP next hop.
C. ebgp-multihop must be configured on the MP-BGP sessions between the PE routers.
D. next-hop-self must be configured on the MP-IGBP sessions between the PE routers.
E. The BGP next hops announced using the core IGP can be summarized to reduce the size of the core routing table.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 173
In the diagram, Internet access is through a dedicated subinterface implementation. What indicates that all of the routes to PE-2 must establish a global BGP neighbor relationship?
A. CE-1
B. PE-1
C. PE-IG
D. CE-2 and PE-IG
E. CE-1 and PE-2
F. PE-1 and PE-2
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: The question isn’t regarding internet traffic but instead traffic inside the Vrf A.
QUESTION 174
Between which types of routers are VPNv4 BGP routes propagated?
A. CE and PE
B. PE and P
C. CE and P
D. P and P
E. PE and PE
F. CE and CE
Correct Answer: E Section: (none) Explanation
Explanation/Reference: QUESTION 175
How is route target (RT) information attached to a VPNv4 route?
A. Using the MPLS Label field.
B. Using the MPLS EXP bits.
C. Using route tags.
D. Using Extended BGP communities.
E. Using the Route Distinguisher (RD) field.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 176
How can you configure a router that carries both Internet and VPNv4 routes so that it will only propagate the VPNv4 routes and not the Internet routes to the 10.1.1.1 BGP neighbor?
A. router bgp 65010 nobgp default ipv4-unicast neighbor10.1.1.1 remote-as 65010 address-familyvpnv4 neighbor10.1.1.1 activate ! output omitted
B. router bgp 65010 nobgp default ipv4-unicast neighbor10.1.1.1 remote-as 65010 neighbor10.1.1.1 activate address-familyvpnv4 neighbor10.1.1.1 activate ! output omitted
C. router bgp 65010 neighbor10.1.1.1 remote-as 65010 address-familyvpnv4 neighbor10.1.1.1 activate ! output omitted
D. router bgp 65010 address-familyvpnv4 neighbor10.1.1.1 activate ! output omitted
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 177
In the diagram, the Internet is accessed through a dedicated Internet VPN. With which router or routers must PE-2 establish an address-family IPv4 BGP neighbor relationship?
A. CE-2
B. PE-1
C. PE-IG
D. PE-1 and PE-IG
E. CE-1, PE-1 and PE-IG
F. CE-1, CE-2, PE-1 and PE-IG
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 178
Which three statements are true about route reflectors? (Choose three.)
A. If the route is learned from an EBGP peer by the route reflector, it is reflected to all IBGP and EBGP peers.
B. If the route is learned from a non-client IBGP peer by the route reflector, it is reflected to all EBGP peers only.
C. If the route is learned from a non-client IBGP peer by the route reflector, it is reflected to EBGP peers and clients only.
D. If the route is learned from a client IBGP peer by the route reflector, it is reflected to all clients only, except the originating client.
E. If the route is learned from a client IBGP peer by the route reflector, it is reflected to all EBGP peers, non-clients, and clients (except the originating client).
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 179
Network Topology Exhibit
AS-Path prepending is used AS1 in order to influence the return traffic path from AS 5 to AS 1 through the higher speed via AS 2. ____________ needs to be configured for AS-Path prepending and a minimum of _____________ of the AS number should be prepended.
A. Certkiller1; one copy
B. Certkiller2; one copy
C. Certkiller1; two copies
D. Certkiller2; two copies
E. Certkiller2; three copies
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 180
In a multihomed environment with two ISP connections, which two statements are true? (Choose two.)
A. The customer should not be configured to act as a transit AS between the two ISPs.
B. It is recommend that the multi-homed customer use a registered (public) AS number.
C. AS-Path prepending can be configured on the customer’s edge router to influence the BGP path selection process for the outbound traffic (traffic from the customer to the ISPs).
D. The customer can use Local Proference on the customer’s edge routers to influence the BGP path selection process for the inbound traffic (traffic from the ISPs to the customer).
E. The advertisement of the customer’s IP address space be condiditoned by the customer’s edge routers by using a static route to the null0 interface and by using the proper network statement under router bgp.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference: QUESTION 181
What is the range of values from which an ISP can assign a private AS number?
A. 32768 to 65535
B. 64512 to 65535
C. 65101 to 65535
D. 65001 to 65535
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 182
In a Transit AS, how do the internal routers within the Transit AS forward packets destined for the external networks using a scalable solution?
A. Using the default route.
B. Using the IGP routes where the external networks are redistributed into the IGP by the edge routers.
C. Using the EBGP routes where the external networks are redistributed into the IBGP by the edge routers.
D. Using the IBGP routes, then using recursive lookup based on IGP information to resolve the BGP next-hop.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 183
What is the main reason for a multihomed customer to apply an outbound route filter to filter the BGP updates from the customer router to the service provider router?
A. To ensure that the return traffic into the customer network will be load balanced between the different service providers.
B. To ensure that the outbound traffic from the customer network will be load balanced between the different service providers.
C. To prevent the customer network from becoming a transit AS.
D. To allow the customer network to become a transit AS.
E. To reduce the size of the BGP table on the customer network internal (core) routers.
F. To reduce the size of the BGP table on the service provider internal (core) routers.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 184
Which two statements regarding route reflectors are true? (Choose two)
A. A non-route reflector capable router cannot be a client.
B. A hierarchical route reflector design is where a route reflector client is not directly connected to the route reflector.
C. If a client has IBGP sessions to other clients in the same cluster, those clients will receive unnecessary duplicated BGP updates.
D. If a client in one cluster has an IBGP session to a route reflector that belongs to different clusters, the clients in the other cluster will receive unnecessary duplicated BGP updates.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 185
Exhibit:
Given the information shown in the exhibit, which two statements are true? (Choose two)
A. BGP is used to propagate routes between sites.
B. OSPF is used to propagate routes between sites.
C. Isolated copies of the customer’s IGP run at every site.
D. Redistribution between customer IGP and the backbone OSPF is performed at every PE-router.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 186
Which command enables extended community propagation for VPNv4 MP-BGP sessions?
A. router (config-router) # ip vpnv4 send-commuinity both
B. router (config-router-af) # ip vpnv4 send-community both
C. router (config-router-af) # neighbor 172.16.1.2 send-community both
D. router (config-router) # vpnv4 neighbor 172.16.1.2 send-community both
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 187
Which command series can be used to troubleshoot TDP session establishment? A The debut tag-switching tdp session.
A. The debug tag-switching tcp session.
B. The debug tag-switching q931 session.
C. The debug tag-switching neighbor session.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 188
How do you test end-to-end data flow between PE-routers?
A. Use the ping vrf command from the local PE-router to ping the remote PE router’s loopback address.
B. Use the telnet command from the local PE-router to access the remoter PE-router’s loopback address.
C. Use the traceroute command from the local PE-router to the remoter PE-router’s loopback address.
D. Because PE-PE traffic is done via label switching over an LSP, end-to-end data flow cannot be tested. You must test from CE to CE-router.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
Not A: You cannot issue “ping vrf” to a loopback, when other end’s loopback is not part of VPN.
QUESTION 189
What is the difference between a managed CE router VPN and a central services VPN?
A. In a managed CE router VPN, only customer loopback addresses are marked to be imported into the network management VPN.
B. In a managed CE router VPN, only default customer routes are marked to be imported into the network management VPN.
C. In a managed CE router VPN, all customer routes are marked to be imported into the network management VPN.
D. In a managed CE router VPN, only customer loopback addresses and default customer routes are marked to be imported into the network management VPN.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 190
Which one of the following is used to prevent routing loops in MPLS VNP networks with multihomed sites?
A.RT
B. SOO
C. RD
D. AS-Path
E. MPLS Label
F. MED
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 191
Exhibit
Study the exhibit. Based on the show command output, which four statements are correct? Select four.
A. Certkiller 7 will announce a label of 20 to its LDP neighbors for prefix 150.1.0.0/16.
B. To reach prefix 150.1.11.32/28 via 192.168.1.17, Certkiller 7 will pop the label.
C. To reach prefix 192.168.1.17/32 via 192.168.1.97, Certkiller 7 will use a label of 19.
D. To reach prefix 150.1.0.0/16 via 192.168.1.97, Certkiller 7 will use a label of 20.
E. Certkiller 7 will announce an implicit null label to its LDP neighbors for prefix 192.168.1.17/32.
F. To reach prefix 192.168.1.17/32 via 192.168.1.17, Certkiller 7 will use a label of 19.
Correct Answer: ABCD Section: (none) Explanation
Explanation/Reference:
QUESTION 192
Exhibit Study the exhibit. Certkiller 1 is supposed to participate in a central service MPLS VPN. What import and export RTs are required in the Certkiller 1 VRF?
A. route-target both 123:101 route-target export 123:303 route-target import 123:203
B. route-target both 123:101 route-target export 123:203 route-target import 123:303
C. route-target both 123:101 route-target both 123:103
D. route-target both 123:203 route-target both 123:303
E. route-target both 123:103 route-target export 123:303 route-target import 123:203
F. route-target both 123:103 route-target export 123:203 route-target import 123:303
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 193
You need selective VRF export so only a subset of the routes ______.
A. From a neighbor PE-router is exported to the CE-router.
B. From a neighbor PE-router is exported to the VRF on the local PE.
C. Exported from a neighbor CE-router is entered into the VRF on the local PE.
D. Exported from a VRF is one PE-router is imported into a VRF in another PE-router.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 194
How does the export route map affect the VRF export process?
A. A route map can be specified for each VRF to filter routers exported from a CE-router to a PE-router.
B. A route map can be specified for each VRF to filter routes exported from one PE-router to another PE-router.
C. A route map can be specified for each VRF to attach additional route targets to routes exported from a PE-router to a CE-router.
D. A route map can be specified for each VRF to attach additional route targets to routes exported from one PE-router to another PE-router.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 195
How does the import route map affect the VRF import process?
A. The import route map overrides the route target import filter.
B. A route must pass either the route target import filter or the import route map to be imported.
C. The import route map overrides the route target import filter and controls the import of routes.
D. A route has to pass the route target import filter first and then the import route map to be imported.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
A route has to pass the route target import filter first and then….
Due to MPLS Student Guide Version 2.1 Page 6-5
QUESTION 196
What is the correct configuration to limit the route export to only the loopback address of 10.1.1.1?
A. ip vft VPN_A !output omitted export map NMS ! route-map NMS match ip address 1 set extcommunity rt 123:100 additive ! access-list 1 permit 10.1.1.1 0.0.0
B. ip vft VPN_A !output omitted export map NMS ! route-map NMS match ip address 1 set extcommunity rt 123:100 no-export ! access-list 1 permit 10.1.1.1 0.0.0 access-list 1 permit any
C. ip vft VPN_A !output omitted export map NMS !
route-map NMS
match ip address 1
set community rt 123:100 additive
!
access-list 1 permit 10.1.1.1 0.0.0
D. ip vft VPN_A !output omitted export map NMS ! route-map NMS match ip address 1 set community rt 123:100 no-export ! access-list 1 permit 10.1.1.1 0.0.0 access-list 1 permit any
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 197
Which statement about an overlapping VPN is true?
A. A site participates in more than one VPN.
B. A site has a link to both the intranet and the Internet.
C. The VPN contains both private and public address spaces.
D. The VPN contains two or more overlapping address spaces.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: To support connectivity requirements, the MPLS/VPN architecture supports the concepts of sites, where a VPN is made up of one or multiple sites. A VPN is essentially a collection of sites sharing common routing information, which means that a site may belong to more than one VPN if it holds routes from separate VPNs. Reference: MPLS and VPN Architectures (Ciscopress) page 169
QUESTION 198
How would you implement an overlapping VPN when the sites contained in the overlapping portion of the two simple VPNs contain an overlapping address space?
A. Combine the overlapping VPN with a central service VPN.
B. Implement a NAT service to provide unidirectional address translation.
C. Implement a dual NAT service with a registered address to be implemented and exported between the two central sites.
D. Disable routing updates between the overlapping spaces and use a DNS implementation.
E. Disable routing updates between the overlapping spaces and use static routing.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 199
What is the most typical use of an overlapping VPN?
A. Service providers supporting managed CE services.
B. Service providers supporting carrier-over-carrier MPLS implementations.
C. Simple intranet VPN implementations.
D. Companies that use MPLS VPNs to implement both intranet and extranet services.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: There are two typical uses for overlapping VPNs: 1) Companies that use MPLS VPNs to implement both intranet and extranet services might use overlapping VPNs. In this scenario, each company participating in the extranet VPN would probably deploy a security mechanism on its customer edge (CE) routers to prevent other companies participating in the VPN from gaining access to other sites in other customer VPN 2) A security-conscious company might decide to limit visibility between different departments in the organization. Overlapping VPNs might be used as a solution in this case Reference: Cisco Press – Implementing Cisco MPLS study guide p.6-20
QUESTION 200
Which statement is true about overlapping VPNs?
A. Sites that participate in more than one VPN import routes with RTs from any VPN in which they participate and export routes with RTs for all VPNs in which they participate.
B. Sites that participate in more than one VPN import routes with RTs for all VPNs in which they participate and export routes with RTs for none of the VPNs in which they participate.
C. Sites that participate in more than one VPN only import routes with RTs for all VPNs in which they participate.
D. None of the above statements are correct regarding overlapping VPNs.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Sites that participate in more than one VPN import routes with RTs from any VPN in which they participate
in more than one VPN import routes with RTs from any VPN in which they participate and export routes
with RTs fro all VPNs in which they participate.
QUESTION 201
How would you implement an overlapping VPN when the sites contained in the overlapping portion of two simple VPNs contain an overlapping address space?
A. Combine the overlapping VPN with a central service VPN.
B. Implement a NAT service to provide unidirectional address translation.
C. Implement a dual NAT service with a registered address to be imported and exported between the two central sites.
D. Disable routing updates between the overlapping spaces and use a DNS implementation.
E. Disable routing updates between the overlapping spaces and use static routing
Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 202
What is the most typical use of an overlapping VPN?
A. Service providers supporting managed CE Services
B. Service providers supporting carrier-over-carrier MPLS implementions
C. Simple intranet VPN implementations
D. Companies that use MPLS VPNs to implement both intranet and extranet services
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: There are two typical uses for overlapping VPNs: 3) Companies that use MPLS VPNs to implement both intranet and extranet services might use overlapping VPNs. In this scenario, each company participating in the extranet VPN would probably deploy a security mechanism on its customer edge (CE) routers to prevent other companies participating in the VPN from gaining access to other sites in other customer VPN 4) A security-conscious company might decide to limit visibility between different departments in the organization. Overlapping VPNs might be used as a solution in this case Reference: Cisco Press – Implementing Cisco MPLS study guide p.6-20
QUESTION 203
Which MPLS VPN implementation allows selected sites in one simple VPN to communicate with selected sites of a second VPN?
A. central services VPN
B. managed CE router services VPN
C. overlapping VPN
D. managed PE router services VPN
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 204
In reference to the diagram depicting the flow of routing updates in an overlapping VPN, which statement is true?
A. Sites A1 and A2 will import all networks with RTs 123:750 and 123:1000.
B. Sites B1 and B2 will export all networks with RTs 123:760 and 123:1000.
C. Sites A1 and A2 communicate with Sites B1 and B2 via A-Central and B-Central.
D. Site A-Central exports RTs 123:750 and 123:1000.
E. Site B-Central is exporting and importing RT 123:1000 so it can communicate with sites A1 and A2.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 205
What is the impact of complex VPN topologies such as Central Services VPN on the VRF tables in the PE-routers?
A. Complex VPN topologies might require more than one VRF per VPN.
B. Complex VPN topologies might require more that one VRF per interface.
C. Complex VPN topologies might require the use of multiple routing protocols to separate VPN address spaces.
D. Complex VPN topologies might require the use of the public address space to ensure there is no overlap in the address spaces.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Not D: D is incorrect. In the same VPN, no matter complex or not, there should not be overlapping
address. Does public address solve this problem?Probably, but you need to plan in advance (buy these
addresses then use them), the same can be achieved with private addresses if you DO plan in advance.
QUESTION 206
What is the difference between a managed CE router VPN and a central services VPN?
A. In a managed CE router VPN, only customer loopback addresses are marked to be imported into the network management VPN.
B. In a managed CE router VPN, only default customer routes are marked to be imported into the network management VPN.
C. In a managed CE router, VPN, all customer routes are marked to be imported into the network management VPN.
D. In a managed CE router, only customer loopback address and default customer routes are marked to be imported into the network management VPN.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Our Cisco 642-611 with Explanations presents to you the most tried and tested methods of preparation for the actual exam. The Flydumps provides a very detailed preparation for your exam preparation, giving you answers to the entire exam question with the added explanation of which answer is right and why. These answers are prepared by professionals who have had years of experience and are fully competent to give you the best and the most excellent way to prepare for your actual exam.
Written by Ralph K. Merritt
We are here to help you study for Cisco certification exams. We know that the Cisco series (CCNP, CCDE, CCIE, CCNA, DevNet, Special and other certification exams are becoming more and more popular, and many people need them. In this era full of challenges and opportunities, we are committed to providing candidates with the most comprehensive and comprehensive Accurate exam preparation resources help them successfully pass the exam and realize their career dreams. The Exampass blog we established is based on the Pass4itsure Cisco exam dump platform and is dedicated to collecting the latest exam resources and conducting detailed classification. We know that the most troublesome thing for candidates during the preparation process is often the massive amount of learning materials and information screening. Therefore, we have prepared the most valuable preparation materials for candidates to help them prepare more efficiently. With our rich experience and deep accumulation in Cisco certification, we provide you with the latest PDF information and the latest exam questions. These materials not only include the key points and difficulties of the exam, but are also equipped with detailed analysis and question-answering techniques, allowing candidates to deeply understand the exam content and master how to answer questions. Our ultimate goal is to help you study for various Cisco certification exams, so that you can avoid detours in the preparation process and get twice the result with half the effort. We believe that through our efforts and professional guidance, you will be able to easily cope with exam challenges, achieve excellent results, and achieve both personal and professional improvement. In your future career, you will be more competitive and have broader development space because of your Cisco certification.
Recent Posts
- Share the latest Cisco 300-440 ENCC dumps exam questions
- Cisco CCNA 200-301 Exam Latest Questions And Perspectives
- Most Accurate And Most Likely Cisco 400-007 Questions Sharing
- New CCNP ENCOR 350-401 Exam Questions And Experience Sharing
- Latest CCNP and CCIE Collaboration Certification 350-801 Exam Questions Online
2023 Pass4itsure Cisco dumps
Cisco CCDA Dumps
- 200-901 dumps (PDF+VCE)
Cisco CCDE Dumps
- 400-007 dumps (PDF+VCE)
Cisco CCDP Dumps
- 300-910 Dumps (PDF+VCE)
- 300-915 Dumps (PDF+VCE)
- 300-920 Dumps (PDF+VCE)
- 350-901 Dumps (PDF+VCE)
Cisco CCIT Dumps
- 100-490 Dumps (PDF+VCE)
Cisco CCNA Dumps
- 200-301 Dumps (PDF+VCE)
Cisco CCNP Dumps
- 350-401 Dumps (PDF+VCE)
- 300-410 Dumps (PDF+VCE)
- 300-415 Dumps (PDF+VCE)
- 300-420 Dumps (PDF+VCE)
- 300-425 Dumps (PDF+VCE)
- 300-430 Dumps (PDF+VCE)
- 300-435 Dumps (PDF+VCE)
- 350-501 Dumps (PDF+VCE)
- 300-510 Dumps (PDF+VCE)
- 300-515 Dumps (PDF+VCE)
- 300-535 Dumps (PDF+VCE)
- 350-601 Dumps (PDF+VCE)
- 300-610 Dumps (PDF+VCE)
- 300-615 Dumps (PDF+VCE)
- 300-620 Dumps (PDF+VCE)
- 300-625 Dumps (PDF+VCE)
- 300-630 Dumps (PDF+VCE)
- 300-635 Dumps (PDF+VCE)
- 350-701 Dumps (PDF+VCE)
- 300-710 Dumps (PDF+VCE)
- 300-715 Dumps (PDF+VCE)
- 300-720 Dumps (PDF+VCE)
- 300-725 Dumps (PDF+VCE)
- 300-730 Dumps (PDF+VCE)
- 300-735 Dumps (PDF+VCE)
- 350-801 Dumps (PDF+VCE)
- 300-810 Dumps (PDF+VCE)
- 300-815 Dumps (PDF+VCE)
- 300-820 Dumps (PDF+VCE)
- 300-825 Dumps (PDF+VCE)
- 300-835 Dumps (PDF+VCE)
Cisco CCT Dumps
- 010-151 Dumps (PDF+VCE)
Cisco CyberOps Associate dumps
- 200-201 Dumps (PDF+VCE)
Cisco CyberOps Professional dumps
- 300-215 Dumps (PDF+VCE)
- 350-201 Dumps (PDF+VCE)