Categories
Fortinet Exam Dumps
fortinet nse4_fgt-6.4 dumps (pdf + vce)
fortinet nse4_fgt-6.2 dumps (pdf + vce)
fortinet nse5_faz-6.4 dumps (pdf + vce)
fortinet nse5_faz-6.2 dumps (pdf + vce)
fortinet nse5_fct-6.2 dumps (pdf + vce)
fortinet nse5_fmg-6.4 dumps (pdf + vce)
fortinet nse5_fmg-6.2 dumps (pdf + vce)
fortinet nse6_fml-6.2 dumps (pdf + vce)
fortinet nse6_fnc-8.5 dumps (pdf + vce)
fortinet nse7_efw-6.4 dumps (pdf + vce)
fortinet nse7_efw-6.2 dumps (pdf + vce)
fortinet nse7_sac-6.2 dumps (pdf + vce)
fortinet nse7_sdw-6.4 dumps (pdf + vce)
fortinet nse8_811 dumps (pdf + vce)
Tags
[New Updated Questions ] Where to find the newest Cisco 642-611 exam dumps? if you want to pass exam Cisco 642-611 without the second try, you should download the latest updated Cisco 642-611 braindump for preparing. Now visit Flydumps.com to get free pdf study guide with valid Cisco 642-611 exam dumps and free vce dumps, which will help you passing quickly!
QUESTION 75
What is the VPN type where sites of two different companies are connected together via Frame Relay virtual circuits?
A. Overlay intranet VPN
B. Overlay extranet VPN
C. Peer-to-peer access VPN
D. Peer-to-peer Internet VPN
E. MPLS simple VPN
F. MPLS overlapping VPN
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 76
Which VPN implementation is achieved with technology such as Frame Relay and ATM?
A. Layer 1 overlay VPN
B. Layer 2 overlay VPN
C. Layer 3 overlay VPN
D. Peer-to-peer VPN
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 77
Which term is used to describe a VPN in which the service provider does not participate in the customer routing?
A. MPLS simple VPN
B. overlay VPN
C. shared PE peer-to-peer VPN
D. dedicated PE peer-to-peer VPN
E. MPLS complex VPN
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: From the Layer 3 perspective, the P-network is invisible to the customer routers, which are linked with emulated point-to-point links. The routing protocols runs directly between customer routers that establish routing adjacencies and exchange routing information. The service provider is not aware of customer routing and has no information about customer routes. The responsibility of the service provider is purely the point-to-point data transport between customer sites. Reference: Cisco Press – Implementing Cisco MPLS Study guide p.4-21
QUESTION 78
Which three statements are correct regarding Layer 2 overlay VPNs and peer-to-peer VPNs? (Choose three.)
A. Peer-to-peer VPNs require the establishment of virtual circuits to connect the different customer sites together.
B. Peer-to-peer VPNs require the service provider to participate in the customer routing, accepting customer routes, transporting them across the service provider backbone, and finally propagating them to other customer sites.
C. With peer-to-peer VPNs, the service provider is responsible for transport of Layer 2 frames between customer sites, and the customer takes responsibility for all higher layers.
D. The implementation of Layer 2 overlay VPNs is the traditional switch-WAN model, implemented with technologies like X.25, Frame Relay or ATM.
E. With Layer 2 overlay VPNs, the service provider is not aware of customer routing has no information about customer routers.
F. It is simple to implement Layer 2 overlay VPNs because the Customer Edge (CE) router just needs a connection to the Service Provider’s Edge (PE) router.
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 79
What is the VPN type where sites of two different companies are connected together via Frame Relay virtual circuits
A. overlay intranet VPN
B. overlay extranet VPN
C. peer-to-peer access VPN
D. peer-to-peer Internet VPN
E. MPLS simple VPN
F. MPLS overlapping VPN
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Which type of VPN implementation is simple and cost effective because all sites connect only to the PE router and as a result optimum routing between sites is enabled by default?
A. peer-to-peer VPN
B. overlapping VPN
C. hub-and-spoke overlay VPN
D. fully-meshed overlap VPN
E. client-server VPN
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The first peer-to-peer VPN solution appeared with the widespread deployment of IP in service provider networks. Architectures similar to that of the Internet were used to build them. Special provisions were taken into account to transform the architecture, which was targeted toward public backbones (Internet), into a solution in which customers would be totally isolated and able to exchange corporate data securely. The more common peer-to-peer VPN implementation allowed a PE router to be shared between two or more customers. Pachet filters were used on the shared PE routers to isolate the customers. In this implementation, it was common for the service provider to allocate a portion of its address space to each customer and manage the packet filters on the PE routers to ensure full reachability between sites of a single customer and isolation between separate customers. Reference: Cisco Press – Implementing Cisco MPLS study guide p.4-23
QUESTION 81
Which kind of link does a Layer 3 overlay VPN use?
A. emulated point-to-point
B. dedicated point-to-point
C. point-to-multipoint
D. permanent virtual circuits
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 82
Which statement about MPLS VPN implementations and traditional peer-to-peer VPN implementations is true?
A. MPLS and traditional peer-to-peer VPNs require the service provider to participate in the customer routing.
B. MPLS and traditional peer-to-peer VPNs require that the customer routing is transparent to the service provider.
C. MPLS VPNs require the use of link-state routing protocols, traditional peer-to-peer VPN implementations require distance vector protocols.
D. MPLS VPNs are constructed using dynamic routing protocols; traditional peer-to-peer VPN implementations are constructed using static routes.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
The provider IS participating in the customer routing. Peer-to-Peer VPN’s require the SP to participate in
customer routing, accepting customer routes, transporting them across the SP backbone and propagating
to customer sites. The Provider routers carry all the customers routes, they are easy to implement,
optimum routing is enabled between sites by default as a result.
QUESTION 83
Which statement is true about implementing a hub-and-spoke overlay VPN?
A. A hub-and-spoke overlay VPN has no single point of failure.
B. A spoke site has direct connectivity to the other spoke sites.
C. If a dynamic routing protocol like RIP is used, split horizon mist be disabled at the hub router, or point-to-point sub-interfaces must be used.
D. The total number of virtual circuits required to implement a hub-and-spoke overlay VPN is N(N-1)/2 where N = number of sites.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
If a dynamic routing protocol such as RIP is used, split-horizon updates must be disabled at the hub router
or point-to-point subinterfaces must be used at the hub router to overcome the split-horizon problem.
Reference: Cisco Press – Implementing Cisco MPLS study guide p.4-36
QUESTION 84
DRAG DROP
Match the following VPN type to its description.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation: Intranet VPN-Connects sites within an organization Managed network-A dedicated VPN is established by the service provider to manage customer edge routers Simple VPN-Every site can communicate with every other site Extranet VPN-Connects different Organization in a secure way Overlapping VPN-Some sites participate in more than one simple VPN Central services VPN-All sites can communicate with central servers but not with each other Access VPN-VPDialN provides dialup access into the customer network
QUESTION 85
Exhibit:
Refer to the exhibit.
In which type of MPLS VPN are customers A and B participating?
A. Overlapping MPLS VPN.
B. Simple MPLS VPN.
C. Central services MPLS VPN.
D. Overlay MPLS VPN.
E. Managed CE service MPLS VPN.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 86
Which MPLS VPN implementation allows selected sites in one simple VPN to communicate with selected sites of a second VPN?
A. Central services VPN
B. Managed CE router services VPN
C. Overlapping VPN
D. Managed PE router services VPN
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
The “selected sites” are usually the central sites of two customers which create a vpn between them for
exchanging data.
The description of overlapping vpn: “Overlapping VPNs are used to provide connectivity between
segments of two vpns”
QUESTION 87
Which type of overlay VPN is simplest to implement?
A. Fully-meshed
B. Hub-and-spoke
C. Partial-mesh
D. Redundant hub-and-spoke
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: This type requires the least number of vpn connections and the routing is so simple that you don’t even need to run a routing protocol (though it would simplify your daily administration..) The hub-and spoke topology is the simplest overlay VPN topology – all sites are linked with a single virtual circuit to a central CE router. The routing is also extremely simple-static routing or a distance vector protocol such as Routing Information Protocol (RIP) is more than adequate. If a dynamic routing protocol such as RIP is used, split-horizon updates must be disabled at the hub router or point-to-point subinterfaces must be used at the hub router to overcome the split-horizon problem. Reference: Cisco Press – Implementing Cisco MPLS study guide p.4-36
QUESTION 88
Which statement is true about implementing a hub-and-spoke overlay VPN?
A. A hub-and-spoke overlay VPN has no single point of failure
B. A spoke site has direct connectivity to other spoke sites.
C. If a dynamic routing protocol like RIP is used, split horizon must be disabled at the hub router, or point-to-point sub-interfaces must be used.
D. The total number of virtual circuits required to implement a hub-and-spoke overlay VPN is (N(N-1)/2 where N = number of sites.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
If a dynamic routing protocol such as RIP is used, split-horizon updates must be disabled at the hub router
or point-to-point subinterfaces must be used at the hub router to overcome the split-horizon problem.
Reference: Cisco Press – Implementing Cisco MPLS study guide p.4-36
QUESTION 89
DRAG DROP A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Which routers in an MPLS VPN service provider’s network are used to connect to the customer’s routers?
A. P routers
B. CE routers
C. PE routers
D. P and PE routers
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 91
Which component of MPLS architecture exchanges Layer 3 routing information and labels?
A. control plane
B. data plane
C. forwarding plane
D. routing plane
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 92
Which component of MPLS architecture is a simple label-based forwarding engine that is independent of the type of routing protocol or label exchange protocol?
A. control plane
B. data plane
C. routing plane
D. forwarding plane
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 93
How many routing table PE have
A. A PE has one routing table for each VRF
B. A PE has one global routing table for all VRFs
C. A PE has a global routing table and additional routing table for each VRF
D. A PE has a CEF global routing table and additional routing table for each VRF
Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 94
Which two planes make up the MPLS architecture? (Choose two)
A. Packet plane
B. Control plane
C. Routing plane
D. Forwarding plane
E. Data plane
Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
Explanation:
Architecture comprises of data & control plane
QUESTION 95
Which component of MPLS architecture uses protocols such as the label distribution protocol (LDP) and tag distribution protocol (TDP) to exchange labels?
A. Control plane
B. Data plane
C. Routing plane
D. Forwarding plane
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Which well-known tunnel technology is fast, simple to implement, supports multiple routed protocols, but it provides no security?
A. GRE
B. IPSec
C. Peer-to-peer
D. Layer 2 forwarding
E. Layer 2 tunneling
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 97
Which well-known tunneling technology provides network layer authentication and optional encryption to make data transfer over the Internet secure?
A. Layer 2 tunneling
B. GRE
C. IPSec
D. Peer-to-peer E. Layer 2 forwarding
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 98
DRAG DROP
Match each item to its correct description.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation: Route targets (RT) are use to tag a vpnv4 route to indicate vpn membership. The SSO (site of origin) that is used to prevent routing loops (when multiple customer sites are using the same AS number and therefore has to use “AS-override” or “allowAS-in”) which will disable the normal routing loop prevention in BGP.
QUESTION 99
Which component of MPLS architecture uses protocols such as the label distribution (LDP) and tag distribution protocol (TDP) to exchange labels?
A. Control pane
B. Data plane
C. Routing plane
D. Forwarding plane
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Since route distinguishers (RD) can not identify participation in more than one VPN, what is required to support complex MPLS VPNs?
A. Route target (RT)
B. Route tags
C. Route maps
D. Dedicated PE routers
E. Site of origin (SOO)
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 101
Network Topology Exhibit
What problem can be caused by the second P router summarizing the loop address of the egree PE router?
A. The first P router will be faced with a VPN label which it does not understand.
B. The second P router will be faced with a VPN label which it does not understand.
C. The egress PE router will not be able to establish a label switch path (LSP) to the ingress PE router.
D. A label switch path (LSP) will be established from the ingress PE router to the egress PE router, an event that is not desirable.
E. The ingress PE router will not be able to receive the VPN label the egress PE router via MP-IBGP.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 102
Which prefix-list statement can be used to deny all Class C Private IP addresses?
A. ip prefix-list blkc seq 5 deny 192.168.0.0
B. ip prefix-list blkc seq 5 deny 192.168.0.0/24
C. ip prefix-list blkc seq 5 deny 192.168.0.0/32 le 32
D. ip prefix-list blkc seq 5 deny 192.168.0.0/16 le 32
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Which prefix will be permitted by the following prefix-list? ip prefix-list test permit 10.1.0.0/16 le 22
A. 10.2.2.0 255.255.255.0
B. 10.1.32.0 255.255.240.0
C. 10.1.1.64 255.255.255.240
D. 10.0.0.0 255.255.0.0
E. 10.1.3.0 255.255.255.0
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 104
What can happen if a P router (LSR) within an LSP performs route summarization and suppresses the more specific networks?
A. Route summarization will cause every LSR along the LSP to perform a routing lookup.
B. Route summarization will help reduce the size of the LIB and LFIB and will not affect MPLS label switching operations.
C. Route summarization will cause the P router (LSR) that performs the route summarization to perform PHP (penultimate-hop popping).
D. Route summarization will break an LSP into two segments, and the P router (LSR) that performs the route summarization will need to perform a routing lookup.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 105
In reference to MPLS VPNs, what is a routing protocol context?
A. Routing protocol contexts are specified in the MPLS RFC as OSPF, BGP, and ISIS.
B. It is how separate isolated copies of VPN routing instances are created by the IOS.
C. It is the interface parameters and timers values used to determine which routes are exported.
D. It is the display keyword used with the show ip route vpnv4 command to display the routing protocol parameters for a particular VRF
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: 1) According to the “Implementing Cisco MPLS” Student Guide (Text Part Number: 97-1154-01) Volume 2, version 1.0, page 8-6. -Routing context=routing protocol run in one vrf -Routing contexts were introduced in Cisco IOS software to support the need for separate isolated copies of VPN routing protocols. They can be implemented as separate routing processes (OSPF), similar to traditional Cisco IOS software implementation, or as separate isolated instances of the same routing protocol (EBGP, RIPv2). 2) According to the book “MPLS and VPN Architectures, CCIP Edition “by Jim Guichard , Ivan Pepelnjak. In chapter 5: To support overlapping VPNs, the routing protocol must be limited to a single VPN routing and forwarding (VRF) table. Each PE router must be configured so that any routing information learned from an interface can be associated with a particular VRF. This is done through the standard routing protocol process and is known as the routing context. A separate routing context is used per VRF. Some routing protocols (for example, RIP) support several instances (or routing contexts) of the same protocol, with each instance running in a different VRF. Other protocols (for example, OSPF) require a separate copy of the routing protocol process for each VRF.
QUESTION 106
What is the P-router perception of end-to-end MPLS VPN routing?
A. The P-router is not MPLS VPN aware.
B. The P-router forwards packets based upon the RT contained in the label.
C. The P-router perceives the end-to-end MPLS VPN routing as an extension of its own IGP routing.
D. The P-router provides separate routing instances for its own IGP and the end-to-end MPLS VPN routing.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
P-routers are not MPLS-VPN aware.
QUESTION 107
How many routing tables reside on a P-router?
A. The P-router has a single global routing table.
B. A P-router has one routing table for each VRF.
C. A P-router has a global routing table for each VRF.
D. A P-router has a global routing table and one additional routing table for each VRF.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
A, obviously. since it is a P router but not a PE router. It isused to transfer the route to other PE routers as
part of the path.It does not”inject” the routes to any of their routing tables. Since it is just partof a path, it
needs ONLY a global routing table to inter-connect PE devices.
Not D: Option D is true for PE-router.
QUESTION 108
How are customer routes exchanged across the P-network?
A. LDP is used to exchange customer routes across the P-network-.
B. IBGP is used to exchange customer routes across the P-network.
C. OSPF is used to exchange customer routes across the P-network.
D. MP-BGP is used to exchange customer routes across the P-network.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
It must be D, OSPF can only be used as in IGP within P network and does not have the capabilities to
carry any customer route.
QUESTION 109
Which three statements about MPLS VPNs are true? (Choose three.)
A. PE routers do not participate in customer routing.
B. MPLS VPN is similar to using the peer-to-peer dedicated PE router approach.
C. Customer can use overlapping addresses.
D. Each customer is assigned an independent routing table (virtual routing and forwarding table – VRF).
E. The P Router’s routing table contains both the global IP routes and the customer routes.
F. CE routers connect directly to the service provider’s P routers.
Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Assuming TTL propagation is enabled, how does MPLS ensure the integrity of the TTL loop detection mechanism in IP?
A. The TTL field in the MPLS header is set to 255. This field is decremented at each hop in the MPLS cloud. If the TTL has not expired, its value is copied back into the IP header.
B. The TTL field in the IP header is copied to the TTL field in the MPLS header. This field is passed transparently through the MPLS cloud. The TTL value is copied back into the IP header.
C. The TTL field in the IP header is copied to the TTL field in the MPLS header. This field is decremented by one in the MPLS cloud. If the TTL has not expired its value is copies back into the IP header.
D. The TTL field in the IP header is copied to the TTL field in the MPLS header. This field is decremented at each hop in the MPLS cloud. If the TTL has not expired, its value is copied back into the IP header.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 111
Which MPLS plane is responsible for packet forwarding?
A. packet plane
B. control plane
C. routing plane
D. forwarding plane
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
MPLS compliments IP technology. It is designed to leverage the intelligence associated with IP Routing,
and the Switching paradigm associated with Asynchronous Transfer Mode (ATM). MPLS consists of a
Control Plane and a Forwarding Plane. The Control Plane builds what is called a “Forwarding Table,” while
the Forwarding Plane forwards packets to the appropriate interface (based on the Forwarding Table).
Reference:
http://www.cisco.com/en/US/tech/ CK4 36/ CK4 28/technologies_white_paper09186a00800b010f.shtml
QUESTION 112
What is penultimate hop popping?
A. A process run on the ingress router that assigns the label to the packet.
B. A process run on the P-router that removes a label before forwarding the packet to the egress router.
C. A process run the ingress router that sets the TTL value to 255 to hide the core routers from a traceroute.
D. A process run on the egress router that pops (sets) the TTL value in the Layer 3 header to the value that is contained in the top label TTL value.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Traffic Engineering Components A router capable of supporting MPLS is known as Label Switching Router (LSR). The LSR, found just before the last LSR in the MPLS clouds, is known as the penultimate hop. The end-to-end MPLS path is known as Label Switched Path (LSP). LSP is originated at the head-end router and terminates at the tail-end router. Reference: http://www.cisco.com/en/US/tech/ CK4 36/ CK4 28/technologies_white_paper09186a00800a4472.shtml
QUESTION 113
The relevant entries in the FIB, LIB, and LFIB tables for a frame-mode MPLS network is shown. If the link between Routers B and C was lost, what would be the relevant entries in the LFIB table for label, action, and next hop?
A. 89, 71, Certkiller 5
B. 71, 89, Certkiller 5
C. 89,23, Certkiller 4
D. 71,23, Certkiller 4
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Refer to the diagram.
Which statement is true about packet forwarding across an MPLS VPN backbone?
A. Penultimate hop popping (PHP) on the LDP label is performed by the egress PE router.
B. Penultimate hop popping (PHP) on the VPN label is performed by the second P router.
C. Penultimate hop popping (PHP) on the VPN label is performed to egress PE router.
D. Penultimate hop popping (PHP) on the LDP label is performed by the second P router.
Correct Answer: D Section: (none) Explanation Explanation/Reference:
Explanation: Penultimate hop popping, or PHP (the removal of the top label in the stack on the hop prior to the egress router), can be performed in frame-based MPLS networks. In these networks, the last P router in the label switched path (LSP) tunnel pops the LDKP label (as previously requested by the egress PE router through LDP), and the PE router receives a labeled packet that contains only the VPN label. In most cases, a single label lookup performed on that packet in the egress PE router is enough to forward the packet toward the CE router. The full IP lookup through the Forwarding information Base (FIB) is performed only once, in the ingress PE router, even without PHP. Reference: Cisco Press – “Implementing Cisco MPLS study guide” p.4-99
QUESTION 115
In MPLS VPN implementations, how are the second (VPN) labels in the label stack propagated from the egress PE router to the ingress PE router?
A. The core IGP.
B. MP-IBGP VPNv4 routing updates.
C. MP-IBGP IPv4 routing updates.
D. EBGP IPv4 routing ipdates
E. LDP
F. TDP
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 116
Exhibit:
Which statement is true about packet forwarding across an MPLS VPN backbone?
A. Penultimate hop popping (PHP) on the LDP label is performed by the egress PE router.
B. Penultimate hop popping (PHP) on the VPN label is performed by the second P router.
C. Penultimate hop popping (PHP) on the VPN label is performed by the egress PE router.
D. Penultimate hop popping (PHP) on the LDP label is performed by the second P router.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 117
Which two are VRF route-limiting options supported by IOS? (Choose two.)
A. The maximum hop command limits the total number of hops that can be contained in a VRF.
B. The maximum AS-in command limits the total number of Ass that can be contained in a VRF.
C. The neighbor maximum-prefix command limits the number of routes that an individual BGP peer can send.
D. The maximum routes command limits the total number of routes in a VRF, regardless of whether they are received from CE-routers or from other PE-router via MP-IBGP.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 118
Which three statements about MPLS VRFs are true? (Choose three)
A. Only on interface can be assigned to a single VRF.
B. Only one VRF can be assigned to a single interface.
C. A VRF is a routing and forwarding instance for a VPN.
D. VPN sites share a VRF if they are in an overlapping VPN.
E. A single VPN site or many VPN sites can share the same VRF as long as these sites share exactly the same connectivity requirements.
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
Explanation:
B: You can have multiple interfaces associated with a VRF. But only one VRF associated with a particular
interface (meaning an interface cannot be associated with multiple VRFs).
E (not D): According to the “Implementing Cisco MPLS” Student Guide (Text Part Number: 97-1154-01)
Volume 2, version 1.0, page 7-64 Impact of complex VPN topologies on Virtual Routing Tables:
-A virtual routing table in a PE router can be used only for sites with identical connectivity requirements.
QUESTION 119
Which two commands specify an Rd for VRF my_vpn? (Choose two.)
A. router (config-vrf) # rd 65000:010
B. router (config-vrf) # rd 192.168.2.1:010
C. router (config-int) # rd 192.168.2.1:010
D. router (config) # ip vrf my_vpn rd 65000:010
E. router (config) # ip vrf my_vpn rd 192.168.2.1:010
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 120
How many route targets can you configure on a single VRF?
A. Two (one import and on export).
B. The maximum is only limited by the router’s memory.
C. One export and as many imports as the router’s memory allows.
D. One import and as many exports as the router’s memory allows.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 121
What is the proper command to associate interface s0/0 with a VRF named my_vpn?
A. Router (config-vrf)# int s0/0
B. Router (config-if)# vrf my_vpn
C. Router (config)# if vrf my_vpn int s0/0
D. Router (config-if)# ip vrf forwarding my_vpn
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: After you define all relevant VRFs on the PE router, you must tell the PE router which interfaces belong to which VRF and, therefore, should populate the VRF with routes from connected sites. More than on interface can belong to the same VRF. You can do this by using the ip vrf forwarding interface-mode command, which associates the interface with the name VRF. Both main and sub-interfaces can be defined within a VRF. Reference: MPLS and VPN Architectures (Ciscopress) page 204
QUESTION 122
You need VRF route to limit the effect of ______. (Choose two)
A. Route loops on the MPLS VPN backbone.
B. Malicious behavior on the MPLS VPN backbone.
C. Excessive hop count on the customer’s network.
D. Configuration errors on the MPLS VPN backbone.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 123
Which command configures the redistribution of static VRF routes between PE-routers?
A. router (config)# redistribute static
B. router (config-if)# redistribute static
C. router (config-router)# redistribute static
D. router (config-router-af)# redistribute static
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
-The answer depends on what you want to achieve. If the static route should be redistributed into a VRF you need to specify the vrf by typing the correct address-family which makes D the right answer. The question states “redistribution of static VRF routes” which leads us to believe that D it the correct answer
-If however your not running MPLS and only have normal BGP routing, then C would be correct.
QUESTION 124
Which command specifies an RT for VRF my_vpn?
A. Router (config-vrf)# route-target both 12703:15
B. Router (config-router-af)# route-target import 12703:15
C. Router (config)# ip vrf my_vpn route-target import 12703:15
D. Router (config-if)# ip vrf my_vpn route-target import 12703:15
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
route-target
To create a route-target extended community for a VRF, use the route-target VRF submode command. To
disable the configuration of a route-target community option, use the noform of this command.
route-target{import | export | both}route-target-ext-community noroute-target {import | export | both}route-target-ext-community Syntax Description
import Imports routing information from the target VPN extended community. export Exports routing
information to the target VPN extended community. both Imports both import and export routing
information to the target VPN extended community.
route-target-ext-community Adds the route-target extended community attributes to the VRF’s list of import,
export, or both (import and export) route-target extended communities.
Reference:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/
products_feature_guide09186a00800e977b.html#11
QUESTION 125
Which three statements about MPLS VRFs are true? (Choose three)
A. Only one interface can be assigned to a single VRF.
B. Only one VRF can be assigned to a single interface.
C. A VRF is a routing and forwarding instance for a VPN.
D. VPN sites share a VRF if they are in an overlapping VPN.
E. A single VPN site or many VPN sites can share the same VRF as long as these sites share exactly the same connectivity requirements.
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
Explanation:
B: You can have multiple interfaces associated with a VRF. But only one VRF associated with a particular
interface (meaning an interface cannot be associated with multiple VRFs).
E (not D): According to the “Implementing Cisco MPLS” Student Guide (Text Part Number: 97-1154-01)
Volume 2, version 1.0, page 7-64 Impact of complex VPN topologies on Virtual Routing Tables:
-A virtual routing table in a PE router can be used only for sites with identical connectivity requirements.
QUESTION 126
Which three pieces of information are configured within the VRF configuration mode – Router(config-vrf#)? (Choose three)
A. RD
B. Import RT
C. Export RT
D. Routing protocol address-family
E. Multiprotocol BGP (MPBGP) neighbor
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 127
DRAG DROP Identify the routing protocols on the left that are VRF aware by dragging and dropping them into the proper VRF category on the right.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 128
Which condition must be met for the receiving PE router to install VPNv4 routes into a VRF?
A. If at least one RD attached to the VPNv4 route matches at least one important RD configured in the VRF.
B. If at least one RT attached to the VPNv4 route matches at least one important RT configured in the VRF.
C. If at least one RD attached to the VPNv4 route matches at least one export RD configured in the VRF.
D. If at least one RT attached to the VPNv4 route matches at least one export RT configured in the VRF.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 129
Exhibit
Study the configuration shown in the exhibit. Router Certkiller 1 is supposed to selectively attach an additional RT of 115:301 to all export routes matched by access-list 10. The configuration is currently not working as intended. Which two items are wrong in the configuration? Select two.
A. The route-map is missing the route-map Certkiller MAP permit 20 statement.
B. The vrf configuration is missing the export map RTMAP command.
C. The vrf configuration is missing the route-target export 115:301 command.
D. The rd 115:300 command is not correct.
E. The set extcommunity rt 115:301 command is not correct.
F. The route-target both 115:300 command is not correct.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation: If the rout map is supposed to only “selectively attach an additional rt” then it should allow all route not matched by access-list to be exported unchanged. In order for this to happen you would need a “route-map Certkiller MAP permit 20” to permit all the routes not matched by access-list 10. Therefore A is correct. E is not correct because “set extcommunity rt 115:301” is the correct syntax to do what has been specified in the question.
QUESTION 130
What condition must be met for the receiving PE router to install VPNv4 routes into a VRF?
A. If at least one RD attached to the VPNv4 route matches at least one import RD configured in the VRF
B. If at least one RT attached to the VPNv4 route matches at least one import RT configured in the VRF
C. If at least one RD attached to the VPNv4 route matches at least one export RD configured in the VRF
D. If at least one RT attached to the VPNv4 route matches at least one export RT configured in the VRF
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 131
Network topology Exhibit
Exhibit #2, Requirements
How many VRF tables are needed to support three VPNs (Customer A, Customer B, and a VoIP VPN) wit the requirements?
A. 1 VRF
B. 3 VRFs
C. 4 VRFs
D. 5 VRFs
E. 7 VRFs
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 132
DRAG DROP
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 133
DRAG DROP Identify the routing protocols on the left that are VRF aware by dragging and dropping them into the proper VRF category on the right.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 134
For what purpose can the ip vrf sitemap route-map-name command be used?
A. applies a route map for setting the SOO
B. applies a route map for setting the Down Bit
C. applies a route map for setting the Routing Bit
D. applies a route map for setting the RD
E. applies a route map for setting the RT
F. applies a route map for setting the VRF name
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
The Cisco 642-611 training is a vital way of becoming the best.This Cisco 642-611 certification has helped the candidates to enhance their capabilities by providing a great learning platform to them so that they can polish their skills.
Written by Ralph K. Merritt
We are here to help you study for Cisco certification exams. We know that the Cisco series (CCNP, CCDE, CCIE, CCNA, DevNet, Special and other certification exams are becoming more and more popular, and many people need them. In this era full of challenges and opportunities, we are committed to providing candidates with the most comprehensive and comprehensive Accurate exam preparation resources help them successfully pass the exam and realize their career dreams. The Exampass blog we established is based on the Pass4itsure Cisco exam dump platform and is dedicated to collecting the latest exam resources and conducting detailed classification. We know that the most troublesome thing for candidates during the preparation process is often the massive amount of learning materials and information screening. Therefore, we have prepared the most valuable preparation materials for candidates to help them prepare more efficiently. With our rich experience and deep accumulation in Cisco certification, we provide you with the latest PDF information and the latest exam questions. These materials not only include the key points and difficulties of the exam, but are also equipped with detailed analysis and question-answering techniques, allowing candidates to deeply understand the exam content and master how to answer questions. Our ultimate goal is to help you study for various Cisco certification exams, so that you can avoid detours in the preparation process and get twice the result with half the effort. We believe that through our efforts and professional guidance, you will be able to easily cope with exam challenges, achieve excellent results, and achieve both personal and professional improvement. In your future career, you will be more competitive and have broader development space because of your Cisco certification.
Recent Posts
- Cisco CCNA 200-301 Exam Latest Questions And Perspectives
- Most Accurate And Most Likely Cisco 400-007 Questions Sharing
- New CCNP ENCOR 350-401 Exam Questions And Experience Sharing
- Latest CCNP and CCIE Collaboration Certification 350-801 Exam Questions Online
- Prepare For The 350-601 Exam New Insights And The Latest Exam Questions To Share
2023 Pass4itsure Cisco dumps
Cisco CCDA Dumps
- 200-901 dumps (PDF+VCE)
Cisco CCDE Dumps
- 400-007 dumps (PDF+VCE)
Cisco CCDP Dumps
- 300-910 Dumps (PDF+VCE)
- 300-915 Dumps (PDF+VCE)
- 300-920 Dumps (PDF+VCE)
- 350-901 Dumps (PDF+VCE)
Cisco CCIT Dumps
- 100-490 Dumps (PDF+VCE)
Cisco CCNA Dumps
- 200-301 Dumps (PDF+VCE)
Cisco CCNP Dumps
- 350-401 Dumps (PDF+VCE)
- 300-410 Dumps (PDF+VCE)
- 300-415 Dumps (PDF+VCE)
- 300-420 Dumps (PDF+VCE)
- 300-425 Dumps (PDF+VCE)
- 300-430 Dumps (PDF+VCE)
- 300-435 Dumps (PDF+VCE)
- 350-501 Dumps (PDF+VCE)
- 300-510 Dumps (PDF+VCE)
- 300-515 Dumps (PDF+VCE)
- 300-535 Dumps (PDF+VCE)
- 350-601 Dumps (PDF+VCE)
- 300-610 Dumps (PDF+VCE)
- 300-615 Dumps (PDF+VCE)
- 300-620 Dumps (PDF+VCE)
- 300-625 Dumps (PDF+VCE)
- 300-630 Dumps (PDF+VCE)
- 300-635 Dumps (PDF+VCE)
- 350-701 Dumps (PDF+VCE)
- 300-710 Dumps (PDF+VCE)
- 300-715 Dumps (PDF+VCE)
- 300-720 Dumps (PDF+VCE)
- 300-725 Dumps (PDF+VCE)
- 300-730 Dumps (PDF+VCE)
- 300-735 Dumps (PDF+VCE)
- 350-801 Dumps (PDF+VCE)
- 300-810 Dumps (PDF+VCE)
- 300-815 Dumps (PDF+VCE)
- 300-820 Dumps (PDF+VCE)
- 300-825 Dumps (PDF+VCE)
- 300-835 Dumps (PDF+VCE)
Cisco CCT Dumps
- 010-151 Dumps (PDF+VCE)
Cisco CyberOps Associate dumps
- 200-201 Dumps (PDF+VCE)
Cisco CyberOps Professional dumps
- 300-215 Dumps (PDF+VCE)
- 350-201 Dumps (PDF+VCE)