1.What kind of packet is being decoded, using the captured debug mpls l2transport packet data
command, below?
A.HDLC
B.PPP
C.Ethernet
D.RFC 2427/RFC1490
Correct:D
2.What Q.931 message cannot be received in response to sending a Q.931 SETUP message?
A.Alerting
B.Call Proceeding
C.Connect
D.USER Information
E.Progress
Correct:D
3.The HoldDown
Timer used in Distance Vector protocols:
A.Sets the time limit of how long a router may keep a packet in its buffer, if the routing protocol is in the
process of converging
B.Determines the number of seconds a router will wait before sending another update to neighbor routers
C.Sets a specific period for routers to neither accept nor advertise a route from a destination where an
original route was recently lost
D.Sets a duration where routes are not accepted from the neighbor router that caused a routing loop
Correct:C
4.Click the Exhibit button. PE1 and PE2 are connected to the MPLS cloud. All MPLS labels from
PE1 and PE2 are working. Observing the shown topology, will this scenario work?
A.This scenario will not work because Gigabit Ethernet can’t be connected to FastEthernet over MPLS.
B.This scenario will work because the issues concerning Gigabit and FastEthernet over MPLS with
default behavior should not make any difference.
C.This scenario will not work because Gigabit usually has MTU over 9000 and FastEthernet 1500.
D.This scenario will not work because one side has dot1q header and another side is in port mode.
E.This scenario will work by configuring PWE Class using the Interworking feature. By default, the MTU
on each side is 1500, so this is an acceptable solution.
Correct:E
5.Which do NOT exist?
A.Per VLAN Spanning Tree (PVST).
B.Per VLAN Spanning Tree Plus (PVST+).
C.Per VLAN Spanning Tree Plus Plus (PVST++).
D.Rapid STP (RSTP).
E.Resilient STP (RSTP).
Correct:C E
6.Which commands are valid in ethernet or ethernet VLAN attachment circuits?
A.match cos
B.match ethernet cos
C.match sourcemac
D.match vlan
E.match ethernet multicast
Correct:A D
7.OSPF is defined on a Frame Relay interface providing pointtomultipoint
connections. The
remote neighbors can reach this central site, but are complaining of routing failures between each
of the remote sites. The central router has all the routes for each remote site. Based on this
information, what can be diagnosed as the biggest potential problem?
A.An oversubscribed
Frame Relay switch will cause some packet loss.
B.There are problems in the use of OSPF Authentication.
C.There is an incorrect selection of the Designated Router.
D.There is an incorrect DLCI assigned on a pointtopoint
subinterface.
Correct:C
8.EIGRP applies the principle of Feasible Successor (FS) in resolving a new path to a lost route.
What statement regarding the FS is correct?
A.Information is stored for the FS as part of the LinkState
Routing updates forwarded for EIGRP.
B.EIGRP estimates the FS from each neighbor for each network after an exchange of database
information during the normal update process. It uses this information for path selection when a route is
lost.
C.When EIGRP is notified that a route is lost, it will always send requests to each neighbor for ways to
reach the lost route. The neighbor that returns the best path will qualify as the FS.
D.EIGRP nominates a central router as the FS for all lost routes during configuration.
Correct:B
9.What technology allows transporting Layer2 attachment circuits over IPonly
backbones?
A.GRE
B.AToM
C.L2TPv3
D.DLSW+
Correct:C
10.Which are supported ways of transporting ATM over MPLS?
A.AAL5 SDU VC Mode
B.AAL5 SDU VP Mode
C.Packet Cell Relay AAL5 Trunk Mode
D.Packed Cell Relay Trunk mode
E.AAL2oMPLS
Correct:A C
11.What IE is not mandatory in a Q.931 Service msg?
A.Bearer capability
B.Channel ID
C.Message Type
D.Change Status
E.Call Reference
Correct:A
12.Which statements are true regarding VPLS?
A.There is a full mesh of pseudowires.
B.There is a partial mesh of pseudowires.
C.Only L2TPv3 can be used for pseudowire establishment.
D.STP runs in the core.
E.There is splithorizon
to avoid loops.
Correct:A E
13.How many bits does TCI contain?
A.1
B.3
C.6
D.12
E.16
F.20
Correct:E
14.What command is used for Interworking configuration?
A.`interworking {etherner | ip} in interface config mode.
B.`interworking {etherner | ip} in pseudowireclass
config mode.
C.`Interworking {bridged | routed} in l2tpclass
mode.
D.`{ip | ethernet}Interworking in pseudowireclass
config mode.
Correct:B
15.A router is set to boot from flash, but cannot find boot commands in the configuration. Also,
valid files do not exist in the default flash device. The router will:
A.Boot from ROM, since there are no valid sources
B.Try to boot from the network, using a default filename
C.Terminate the boot process with an error message
D.Try to boot from the network, then boot from ROM as a backup
Correct:D
16.What specification defines LACP?
A.IEEE 802.11
B.IEEE 802.1q and IEEE 802.1p
C.IEEE 802.3ad
D.ITU Q.922
E.RFC2547
Correct:C
17.Estimating the MTU for EoMPLS Packets Edge MTU of 1500, Transport header, AToM header
present, MPLS label, and stack MPLS Label, calculate the core MTU requirements to handle
EoMPLS port mode packets.
A.1518
B.1520
C.1524
D.1526
Correct:D
18.What protocol is not disabled by the ‘no service tcpsmallservers’
command?
A.Echo
B.Finger
C.Chargen
D.Discard
E.Daytime
Correct:B
19.Click the Exhibit button to view the topology. According to the diagram, what attribute is
initiated by AS200 (IBGP) to give preference to the path A or D traffic will take when going from
AS200 to AS100? What attribute is initiated by AS200 (EBGP) to give preference to the path B or C
traffic will take when going from AS100 to AS200?
A.MED; Origin
B.MED; Local Preference
C.Community; Origin
D.Local Preference; MED
E.Origin; Community
Correct:D
20.Which are components of VPLS?
A.BGP extensions
B.Pseudowire technology
C.LDP extensions
D.Etherchannel technology
E.MAC Address learning and forwarding on a virtual port
Correct:A B E
Link :http://www.killtest.co.kr/CCIE/350-027.asp
Archive for April, 2009
350-027(CCIE Written: Metro Ethernet )
Wednesday, April 29th, 2009350-030
Tuesday, April 28th, 20091.Which of the following statements outline the correct way to implement a nonstandard
softkey
template?
A.Select a softkey template; copy the template and rename it; insert it; modify the template and update
the changes.
B.Select a softkey template; rename it; modify it and update the changes.
C.Select the default softkey template, rename it; insert it; modify it and update the changes.
D.Select add softkey template, name it; update it; modify the template and update the changes.
Correct:A
2.Which port(s) must be opened on an IOS firewall to allow successful MGCP (Media Gateway
Control Protocol) message exchanges between a CallManager and an IOS MGCP PRI gateway?
A.TCP 2000 and TCP 2002
B.TCP 2427 and UDP 2428
C.UDP 2427
D.UDP 2427 and UDP 2428
E.UDP 2427 and TCP 2428
Correct:E
3.There are 2 remote sites and one main site. Each site has a CME router with many IP phones in
an IPT deployment. The Network Administrator wants to provide all of the phones voicemail
access using CUE. Which way can CUE be deployed?
A.Cisco Unity Express and the CME gateway at each site must be collocated in the same router chassis
providing voicemail access to local IP phones registered to local CME.
B.One Cisco Unity Express can be used at the main site with CME router providing voicemail access to all
the 3 sites.
C.One Cisco Unity Express with CME can be used at the main site to provide voicemail access to the IP
phones at the main site. Another Cisco Unity Express with CME can be used at one of the remote sites to
provide voicemail access for all of the IP phones at the two remote sites.
D.Cisco Unity Express and the CME gateway at each site may NOT be collocated in the same router
chassis providing a voicemail access to local IP phones registered to local CME.
Correct:A
4.Which of the following are NOT true statements about Certificate Trust List (CTL) File? (Choose
2)
A.It is a list of devices and credentials that a phone should trust on the network.
B.The CTL file is signed by administrator workstation password.
C.It contains identity, public key and role information.
D.Phones need to trust all entries in the CTL file which could be CCM, TFTP, CAPF, etc.
E.The CTL file is loaded to the phone each time when authentication is required.
F.The CTL is created by CTL Client on administrator workstation.
Correct:B E
5.A CallManager Group can provide which two features to your call processing system? (Choose
2)
A.Support for SRST in remote offices
B.Enables you to distribute the control of devices across multiple Cisco CallManagers
C.Enables you to distribute voice mail support across multiple Unity servers
D.Support for redundancy by enabling you to designate a primary and backup Cisco CallManagers for
each group
E.Support for control of IPMA across primary and backup Cisco CallManagers for each group
Correct:B D
6.When comparing SIP, H.323, and MGCP, and SCCP in a VoIP deployment, which Protocol will
satisfy the following requirements: Requirement 1: It has a mechanism for a centralized dialplan
Requirement 2: The endpoints are considered to be unintelligent Requirement 3: The protocol
must be textbased
A.SIP
B.H.323
C.MGCP
D.SCCP
Correct:C
7.Which 2 are NOT functions performed by Cisco Media Streaming App Service?
A.Provides SCCP stack for 4 software devices: ANN, CFB, MOH, and MTP
B.Supports DB change notification processing
C.Converts new MOH source files to separate WAV files for MOH codecs
D.Provides SDI trace, event logs, and Perfmon counters
E.Adjusts volume levels of MOH source files
F.Provides audio data from WAV files: ANN, MOH
Correct:C E
8.An IP phone is connected to a Cisco inline power switch Port. Switch is running IOS image on it.
The switch port is acting as a trunk and is running both Voice and Data VLAN configuration on it.
We would like the IP Phone connected to switch port in voice VLAN to set layer 2 priority of all the
packets coming from PC to default 0. Which IOS CLI in Interface Port configuration on Inline
power switch can help us achieve our objective?
A.switchport access priority extend cos 0
B.switchport priority extend cos 0
C.switchport trunk priority cos 0
D.switchport mode access priority extend cos 0
E.mls qos priority extend cos 0
F.switchport access extend cos 0
Correct:B
9.A company has a headquarters with a centralized CallManager and 5 remote offices. All the
remote offices have extensions in the range of 10001150.
To allow interoffice
calls each office
has been assigned a 3 digit site code. To call between sites, users will dial an access code
followed by the 3 digit site code and the extension. Which of the following describes how these
interoffice
access codes should be configured?
A.A translation pattern is created for each office and placed in a partition available to all phones. The
translation pattern strips the access code and site code and is assigned a Calling Search Space that
includes only the phones located in the office.
B.A translation pattern is created for each office and is placed in a partition available to the phones at that
office. The translation pattern strips the access code and site code and is assigned to Calling Search
Space that includes all local phones.
C.A route pattern is created for each office and placed in a partition available to all phones. The route
pattern strips the access code and the site code and routes the call to the remote office’s gateway.
D.A route pattern is created for each office and placed in a partition available to phones at that office. The
route pattern strips the access code and site code and routes the call to the remote office’s gateway.
Correct:B
10.Which type of media resources would be required for a single site call processing model?
A.MTP
B.Locations
C.Regions
D.Transcoders
Correct:A
11.Which method could be used to determine if there is a JTAPI memory leak in a CallManager
server?
A.Look at the physical memory available of the server.
B.Review all CCM User logs
C.Check for changes to IP phone settings, like ring settings reverting to default values
D.Determine if dialing the voice mail pilot number fails to connect to voice mail
E.Check for an increasing number of fast busys when dialing to the PSTN
Correct:A
12.Which statement does NOT describe dialing domain functionality in Cisco Unity?
A.Dialing domains are multiple Unity servers that are handling subscribers that are on a single switch or
networked switch
B.All users in the dialing domain should be able to pick up their phones and dial each other directly
without having to dial trunk access codes or use outside lines.
C.Dialing domains are also necessary if the Unity servers involved don’t have overlapping dial plans.
D.Dialing domain IDs are stored on the primary location object. Multiple primary location objects with the
same value for this ID make up a dialing domain.
E.All delivery locations get the same dialing domain ID as the primary location of the box they are created
on.
Correct:C
13.Two divisions in your company need to exchange Unity voice messages using VPIM. Calls from
Division A to Division B are made using a site code of “919″ followed by the recipient’s 4 digit
extension. The primary extension in Unity is the user’s four digit extension. Which of the following
configurations on Division A’s Unity server will allow messages to be forwarded between Unity
systems using the same seven digit dialing that is used to place direct calls? (Choose 3)
A.Add the seven digit number as an alternate extension to each VPIM subscriber
B.Configure the Extension on the VPIM subscriber to “919″ plus the recipient’s four digit extension
C.Configure the Remote Mailbox Number on the VPIM subscriber to the recipient’s four digit extension
D.Configure the Remote Phone Prefix to “919″
E.Configure the Dial ID to “919″
Correct:B C E
14.When configuring IP Manager Assistant (IPMA) in a shared line mode, how are the manager and
assistant Directory Numbers (DN) configured?
A.The manager and assistant both share the same directory number (DN).
B.The manager and assistant have separate directory numbers (DN), but share an IPMA directory number.
C.The manager and assistant each have separate directory numbers (DN).
D.The manager and assistant share a directory number (DN) and an IP Manager Assistant (IPMA)
directory number.
Correct:A
15.What occurs if the system clocks are not synchronized between the sender and receiver of an
RTP stream?
A.Packets can be placed in sequence but jitter cannot be compensated for.
B.Packets cannot be reordered for sequence and jitter cannot be compensated for.
C.Jitter can be compensated for, but packets cannot be reordered if they arrive out of sequence.
D.Packets may be reordered and jitter may be compensated for as the timestamp is not related to the
system time.
E.When the RTP stream is opened, the sender and receiver synchronize their clocks before the stream
commences so that packet sequencing and dejitter will function correctly.
Correct:D
16.Which 3 functions are NOT performed by a Route Pattern? (Choose 3)
A.Points to the actual IP phone
B.Matches dialed number for external calls
C.Performs digit manipulation
D.Points to a route list for routing
E.Chooses path for call routing
F.Points to prioritized route groups
Correct:A E F
17.Which one of the following does NOT state Multicast Technologies Advantages?
A.Enhanced Efficiency: controls network traffic and reduces server and CPU loads
B.Optimized Performance: eliminates traffic redundancy
C.Distributed Applications: makes multipoint applications possible
D.Bandwidthconserving
technology that reduces traffic by simultaneously delivering a single stream of
information to thousands of corporate recipients and homes
E.Prevent Denial of service (DoS) attacks in the networks
Correct:E
18.Why can’t TCP be used for transferring audio and video over UDP? (Choose 5)
A.TCP does not have a mechanism for sufficiently long buffering and adequate average throughput.
B.Reliable transmission is inappropriate for delaysensitive
data such as realtime
audio and video.
C.TCP cannot support multicast.
D.The TCP congestion control mechanisms decreases the congestion window when packet losses are
detected (”slow start”).
E.TCP headers are larger than a UDP header.
F.TCP does not contain the necessary timestamp and encoding information needed by the receiving
application.
Correct:B C D E F
Link :http://www.killtest.co.kr/CCIE/350-030.asp
350-040(CCIE Storage Networking)
Monday, April 27th, 20091.A customer has an existing production fabric with Brocade and McData FC switches intermixed.
When adding an MDS 9000 switch, what MDS interop mode would be required? (Topology: McData
6400 (
ISL) Brocade12000
(
ISL) MDS)
A.Open Fabric Mode
B.Native
C.Interop 1
D.Interop 2
E.Interop 3
Correct:C
2.MDS3_9509# MDS3_9509# dir bootflash: 1106 Dec 08 15:36:14 2003 MDS20031208072937365.lic
1106 Dec 08 15:44:47 2003 MDS20031208074023541.lic 2562 Jun 13 17:25:32 2004
special_config.txt 558 Jun 08 20:25:17 2004 create_mds3_fcalias.script 12288 Dec 04 18:04:10
2003 lost+found/ 12317696 Apr 09 15:41:02 2004 m9500sf1ek9kickstartmz.
1.3.4.bin 12334592
May 05 19:13:47 2004 m9500sf1ek9kickstartmz.
1.3.4b.bin 43659162 Apr 09 15:42:12 2004
m9500sf1ek9mz.
1.3.4.bin 43687917 May 05 19:13:30 2004 m9500sf1ek9mz.
1.3.4b.bin 3222 Mar
26 18:40:02 2004 script_b_fcip Usage for bootflash://suplocal
126206976 bytes used 58352640
bytes free 184559616 bytes total MDS3_95 What command would successfully transfer the
“special_config.txt” file to a workstation, PC, or File Server?
A.copy special_config.txt ftp://<ipaddress>/<path>/special_config.txt
B.copy bootflash:special_config.txt ftp://<ipaddress>/<path>/special_config.txt
C.copy <ftp://bootflash:special_config.txt> <ip address>/<path>/special_config.txt
D.copy <ftp://<ip> address>/<path>/<filename> special_config.txt
E.copy special*.txt ftp://<ipaddress>/<path>/special_config.txt
Correct:B
3.In a long distance link of 100KM, which is true of the desired number of BB credits?
A.More BB credits would cause excessive delay in handling the larger number of packets.
B.The fewer the BB credits there are, the less likely we are to have a packet lost in the network.
C.With fewer BB credits, the transmission pipe will not be full and this will lead to other applications
getting bandwidth should they need it.
D.The FC standard defines the number of credits on a long distance link.
E.None of the above answers are correct.
Correct:E
4.During principal switch selection and the domain ID assignment, all frames are flooded to a
destination ID of this well known fibre channel address:
A.FF.FF.FA
B.FF.FF.FB
C.FF.FF.FC
D.FF.FF.FD
E.FF.FF.FE
Correct:D
5.A Brocade 12000 in its native corePID mode (1) is connected to VSAN 1009 on an MDS. What is
the correct output of the “show vsan 1009″ command?
A.vsan 1009 information name:VSAN1009 state:active interoperability mode:default
loadbalancing:srcid/
dstid/
oxid operational state:up
B.vsan 1009 information name:VSAN1009 state:active interoperability mode:1
loadbalancing:srcid/
dstid/
oxid operational state:up
C.vsan 1009 information name:VSAN1009 state:active interoperability mode:2
loadbalancing:srcid/
dstid/
oxid operational state:up
D.vsan 1009 information name:VSAN1009 state:active interoperability mode:3
loadbalancing:srcid/
dstid/
oxid operational state:up
E.vsan 1009 information name:VSAN1009 state:active interoperability mode:Brocade Native
loadbalancing:srcid/
dstid/
oxid operational state:up
Correct:D
6.You have a legacy JBOD that uses copper DB9
connecters. You want to connect your JBOD to a
Fiber only Fibre Channel switch. You want to convert the DB9
connection to multi mode Fiber
Optics. What device would you use?
A.HSSC
B.MIA
C.GBIC
D.SFP
E.DUAL SC
Correct:B
7.To capture all of the RSCN traffic originating from a standalone switch with no free ports, what
should be utilized?
A.SPAN
B.REMOTE SPAN
C.Ethereal with PAA
D.debug rscn events initiators vsan 1000
E.MDS fcanalyzer
Correct:E
8.You have a host that you connect to a switch port on a MDS switch. The switch port does not
come up and a “show interface” indicates that the port is initializing and eventually goes offline.
You configure the port as a TL port and the port comes up. What type of device is the host?
A.Public loop device
B.Private loop device
C.Non Fibre Channel device
D.The host has a DB9
copper connector
E.The port should not come up after being configured as TL port because TL ports are used to connect to
other switches.
Correct:B
9.MDS Interop mode 2 will interoperate with what legacy Fibre Channel switch below?
A.Brocade 12000 core PID mode 1
B.Brocade 3800 core PID mode 0
C.Inrange FC/9000
D.McData 3900
E.Qlogic Sanbox
Correct:B
10.What is TCP fast recovery?
A.It is an algorithm that uses fast retransmit when a missing segment is detected.
B.It is an algorithm that initiates slow start instead of congestion avoidance after fast retransmit sends
what appears to be the missing segment.
C.It is an algorithm that starts congestion avoidance instead of slow start after fast retransmit sends what
appears to be the missing segment.
D.It is an algorithm that after a new connection is established with a host on another network, initializes
the congestion window to one segment and each time an ACK is received, increases the congestion
window by one segment
Correct:C
11.Before you can successfully enable the Call Home feature, which of the following must be true?
A.snmpserver
contact name defined
B.callhome siteid
defined
C.Enterprise license installed
D.callhome transport email smtpserver
defined
E.snmpserver
location defined
Correct:A
12.What control traffic is NOT prohibited from crossing InterVSAN
boundaries?
A.Fabric Configuration Service (FCS) traffic
B.RSCN and SWRSCN
for devices within the affected IVR zone(s)/active zoneset
C.Build Fabric (BF) and Reconfigure Fabric (RCF) frames
D.Full zoneset distribution traffic
E.ELS frames involved in Principal Switch Selection
Correct:B
13.What settings would be required on a MDS9000 switch for proper use of a PAA?
A.PAA requires a TE port to connect and must be in its own VSAN.
B.PAA requires an SD port and must be it its own VSAN.
C.PAA requires an ethernet connection to the MDS supervisor.
D.PAA requires an SD port connection.
E.PAA requires ST and SD ports.
Correct:D
14.Click the Exhibit button. Assume that FCIP write accelerator has been enabled between MDS1
and MDS2. What will the values of X, Y and Z be in the exhibit?
A.X=50, Y=10, Z=10
B.X=50, Y=ff, Z=10
C.X=10, Y=ff, Z=10
D.X= ff, Y=ff, Z=1
E.X=10, Y=50, Z=10
Correct:C
15.Click the Exhibit button. What module combination per site will fulfill the requirements for this
solution? (Note: Nondisruptive
upgrades must be fully supported at each site.)
A.3 x 16 port module 2 x IPS8
module
B.1 x 16 port module 1 x 32 port module 1 x IPS8
module
C.1 x 16 port module 1 x 32 port module 2 x IPS8
module
D.3 x 16 port module 1 x IPS8
module
E.2 x 32 port module 2 x IPS8
module
Correct:C
16.In Raid 0+1 the loss of a single drive:
A.Does not affect the redundancy of the array
B.Reduces the array redundancy to that of a Raid level 0
C.Same level of redundancy as that of a Raid 1+0
D.Reduces the performance of the array
E.Has no affect what so ever on the array
Correct:B
17.What zoning option is valid in interop mode 2 and 3 with a mixed vendor fabric?
A.domain / port
B.nWWN
C.fcid
D.lun zoning
E.sWWN
Correct:A
18.When transporting full 2148byte
Fibre Channel frames over long distances, which are true?
A.One buffertobuffer
credit is required for every 2 km of distance to support 1 Gbps.
B.Two buffertobuffer
credits are required for every 2 km of distance to support 1 Gbps.
C.One buffertobuffer
credit is required for every 1 km of distance to support 2 Gbps.
D.Two buffertobuffer
credits are required for every 1 km of distance to support 2 Gbps.
E.Three buffertobuffer
credits are required for every 1 km of distance to support 2 Gbps.
Correct:A C
19.Using Device Manager, how can zoning be enabled between Fibre Channel members in the
same VSAN?
A.RightClick
on any live ports and click on “devices” it will list all enabled devices. Select any devices and
click on “Zones”.
B.Click on the menu toolbar “FC” >
“VSAN” >
“Zones” to create zones.
C.Click on the menu toolbar “Interface” >
“FC F/FL/TL” >
“Zones”.
D.Click on the menu toolbar “Admin” >
“Zones”
E.Device Manager does not do Fibre Channel Zoning.
Correct:E
20.The IPS iSCSI gateway has two forwarding modes. An advantage of using “passthru”
mode is?
A.IPS converts and forwards full iSCSI PDU to the Target.
B.IPS creates only one initiator to reduce configuration.
C.IPS converts and forwards one frame at a time which keeps latency low.
D.IPS uses fixed MSS for constant payload to reduce latency.
Correct:C
Link : http://www.killtest.co.kr/CCIE/350-040.asp
Cisco CCVP 642-432
Sunday, April 26th, 20091.You are working with a potential customer that would like to integrate its existing PBX telephone
system into its IP network. The accompanying figure shows that the customer has two offices that
need to be connected to the IP network so that the customer can exchange telephone calls
without using the PSTN. Both PBXs are currently connected to T1 ISDN circuits. Which signaling
type will allow you to support your customer?
A.QSIG
B.CCS
C.CAS
D.TCCS
E.E&M
F.FXO
Correct:C
2.You are meeting with a customer that has deployed IP telephony at their headquarters location.
They would like to roll out IP telephony to their regional office as well. They are now using the
G.711 codec at headquarters. They want to be able to maximize the number of calls carried without
impacting voice quality or forcing a WAN upgrade. Which codec would be appropriate for their
WAN?
A.G.726
B.G.723.1
C.G.711
D.G.729B
Correct:D
3.Refer to the exhibit. Users are not able to complete a call from 6785551212
to 7705551111.
What is the correct diagnosis for the problem?
A.incorrect dialpeer
statement in Router 1
B.incorrect port statement in Router 1 pots dial peer
C.incorrect sessiontarget
statement in Router 2
D.incorrect destinationpattern
in Router 1
Correct:D
4.You have been forwarded some questions by a prospective VoIP customer who would like to
know the Cisco default sample size for the G.729 codec. What is it?
A.40 ms
B.30 ms
C.20 ms
D.10 ms
Correct:C
5.Examine the example output. hostname GW1 ! interface Ethernet 0/0 ip address 172.16.2.1
255.255.255.0 h323gateway
voip interface h323gateway
voip id GK1zone1.
abc.com abc.com
ipaddr 172.16.2.2 h323gateway
voip h323id
GW1 h323gateway
voip bind srcaddr 172.16.2.1 !
dialpeer
voice 1 voip destinationpattern
1212. sessiontarget
ras ! dialpeer
voice 2 pots
destinationpattern
2125551212 no register e164 ! end Choose the command that will restore
communication with gatekeeper functionality to this device.
A.h323gateway
voip h323id
GK1
B.gateway
C.h323gateway
voip bind srcaddr 172.16.2.2
D.h323gateway
voip GW1zone2.
abc.com abc.com ipaddr 172.16.2.1
Correct:B
6.Which preference key word assigns top precedence to a dial peer in a huntgroup?
A.0
B.priority
C.1
D.high
Correct:A
7.You are working with a potential customer that would like to integrate its existing PBX telephone
system into its IP network. The accompanying figure shows that the customer has two offices that
need to be connected to the IP network so that the customer can exchange telephone calls
without using the PSTN. Both PBXs use WinkStart
signaling. Which signaling type will allow you
to support the customer?
A.QSIG
B.CCS
C.CAS
D.TCCS
E.E&M
F.FXO
Correct:E
8.A 9 digit number must be dialed to reach numbers on the PSTN. What process makes sure that
the first digit 9 is not transmitted as part of the called number?
A.digit alternating
B.digit masking
C.digit manipulation
D.digit seizing
Correct:C
9.What is the E.164 numbering plan?
A.a proprietary PBX number plan
B.the IETF North American number plan
C.the European PBX standard telephony number plan
D.the ITU worldwide number plan
Correct:D
10.Refer to the exhibit. What is the minimum WAN bandwidth required to support three
simultaneous VoIP calls in this network?
A.19,200 bps
B.51,600 bps
C.79,200 bps
D.247,200 bps
Correct:B
11.In the connection between a Cisco router and an E&M port on a PBX, which side is generally
the Cisco side?
A.loop start
B.trunk circuit
C.switch port
D.signaling unit
Correct:D
12.Which dial plan characteristic shows the most obvious improvement by dropping a number
translation step?
A.availability
B.postdial
delay
C.scalability
D.hierarchical design
Correct:B
13.What are two basic parameters needed to setup a dial peer connected to the PSTN? (Choose
two.)
A.voice port
B.signaling type
C.interface bandwidth
D.destination pattern
Correct:A D
14.Which device is used to allow an H.323 stream to transit a firewall?
A.gatekeeper
B.gateway
C.proxy
D.MCU
Correct:C
15.You are working with your customer in their lab to test the effect of jitter on voice quality. You
have set the maximum playout delay to 40 ms on the voice enabled routers. What will be the
impact on voice quality if after severe congestion the playout buffer empties and the source sends
packets to the buffer faster than they are leaving?
A.There will be no noticeable drop in quality.
B.The jitter buffer will adapt to the fasterarriving
packets by expanding the buffer size.
C.The jitter buffer will speed up delivery of packets to the DSP so that packets are not dropped.
D.After the jitter buffer fills up, subsequent packets are discarded.
Correct:D
16.Refer to the exhibit. Your customer wants to converge voice and data on the existing T1 Frame
Relay WAN link between New York and Atlanta. The customer has allocated 25 percent of the WAN
link for routing updates and other overhead. You are using 6 bytes of overhead for Frame Relay,
no cRTP, and the G.729 codec. How many calls could be placed on this link?
A.two
B.three
C.four
D.five
E.six
F.seven
Correct:C
17.In a VoIP environment when speech samples are framed every 20 ms, a payload of 20 bytes is
generated. Assuming a total packet length of 60 bytes, what is the length of the packet header if
cRTP is deployed without redundancy checks?
A.1 byte
B.2 bytes
C.3 bytes
D.4 bytes
E.20 bytes
F.40 bytes
Correct:B
18.You have a customer that is interested in determining the number of VoIP calls their Frame
Relay WAN links can support. Each of their Frame Relay WAN links has 84 kbps of bandwidth
available outside all other applications and overhead. How many G.729 calls using the 8 kbps
codec and 20 byte sample size can be supported?
A.1
B.2
C.3
D.4
Correct:C
19.You are working with a potential customer that would like to integrate its existing PBX
telephone system into its IP network. The accompanying figure shows that the customer has two
offices that need to be connected to the IP network so that the customer can exchange telephone
calls without using the PSTN. Both PBXs use an inband
signaling type. Which signaling type will
allow you to support your customer?
A.QSIG
B.CCS
C.CAS
D.TCCS
E.E&M
F.FXO
Correct:C
20.A network has the following characteristics: ?the use of the G.711 codec with a codec speed of
64 kbps ?a 160byte
sample size ?the use of Frame Relay without compressed RealTime
Transport Protocol (CRTP) ?FRF.12 with 6 bytes of overhead What minimum WAN bandwidth
would be required to support three simultaneous VoIP calls?
A.247200 bps
B.19200 bps
C.79200 bps
D.51600 bps
Correct:A
Link: http://www.killtest.co.kr/CCVP/642-432.asp
642-445(Cisco IP Telephony for Release 5.x)
Friday, April 24th, 20091.Drag Drop
Correct:
Green choice1>
Yellow Choice4
Green choice4>
Yellow Choice2
Green choice5>
Yellow Choice1
Green choice6>
Yellow Choice3
2.Which two gateway configuration statements are required, at a minimum, in order to enable
Cisco Unified CallManager to control a T1 PRI in an MGCP gateway? (Choose two.)
A.mgcp
B.ccmmanager
config
C.prigroup
configuration on the controller
D.mgcp callagent
pointing to tftp server
E.isdn l3backhaul
ccmmanager
on the serial interface
F.configserver
address pointing to tftp server
Correct:B F
3.Which of these is the best practice to employ when using certificates between a browser and the
Cisco Unified CallManager 5.0 server?
A.Accept the certificate when the security alert popup
window appears.
B.Use SSH exclusively to verify the thumbprint of the certificate and then send the certificate to all web
browser users that require access to the server.
C.Use either SSH or CLI to view the thumbprint of the certificate and then communicate the information to
all web browser users so they already have it available when they receive the security alert.
D.Note the thumbprint of the Cisco Unified CallManager certificates after installation and then
communicate the information to all web browser users so they have it available when they receive the
security alert.
E.Install thumbprint readers on the devices that need to connect to the Cisco Unified CallManager servers
via HTTPS.
Correct:D
4.Which two Cisco Unified CallManager tasks are required to route calls from Cisco Unified
CallManager to the PSTN via an H.323 gateway? (Choose two.)
A.add a gatekeeper from the Device menu
B.add an H.323 gateway from the Device menu
C.configure the voice endpoints in Cisco Unified CallManager
D.configure the signaling protocol used on the voice circuit
E.add PSTN route patterns pointing to the gateway
F.configure the IP phones with an external phone number mask
Correct:B E
5.Which of the following actions will prevent devices from being able to initiate conferences?
A.Exclude the conference media resource partitions from the CSS.
B.Exclude the conference media resources from all MRGs.
C.Place all conference media resources in MRGs and exclude these MRGs from the MRGL.
D.Remove the default MRGL from the device pool.
Correct:C
6.You have configured SRST at a remote site on an MGCP gateway. During testing, you find that IP
phones are not registering with the SRST router when the IP WAN fails. Which three potential
problems need to be investigated? (Choose three.)
A.No dialpeers
have been added to the SRST router.
B.No SRST reference address is included in the device pool.
C.The proper service command has not been added to the SRST router.
D.The maxephones
command is missing in the SRST router.
E.The maxdn
command is missing in the SRST router.
F.The ccmmanager
fallbackmgcp
command is missing in the SRST router.
Correct:B D E
7.Which three can be assigned a partition? (Choose three.)
A.directory number
B.IP phone
C.gateway
D.route pattern
E.translation pattern
F.gatekeeper
Correct:A D E
8.Which three steps must be completed in order to assign a service URL to an IP Phone button?
(Choose three.)
A.Add an IP phone service.
B.Assign the IP phone service partition to the CSS of the phone.
C.Create a phone button template that includes a service URL and assign it to the phone.
D.Create a softkey template that includes a service URL and assign it to the phone.
E.Subscribe the phone to the service.
F.Associate a valid user profile with the phone.
Correct:A C E
9.Which of these best describes the function of transformations?
A.allow the callrouting
component to modify the calling or called number
B.identify and define the tags and operatives used in route filters
C.configure and revise discard digits
D.redirect calls
Correct:A
10.Which two qualities of PKI key exchange overcome asymmetric cryptography scalability
issues? (Choose two.)
A.the trusted introducer uses the signed certificates of the endpoints that need to communicate
B.PKI uses only a single trusted introducer
C.the trusted introducer uses the private key of each enrolling user and the public key of the introducer as
the signed certificate
D.only the public key of the introducer has to be initially known and verified by all other entities
E.the introducer digitally signs the public key of the user with the public key of the introducer to generate a
signed certificate
Correct:B D
11.The Acme Lumber Company would like to use AAR to reroute calls made from HQ to remote
locations when those calls are rejected by the IP WAN because of insufficient bandwidth. The
Acme Lumber Company uses 5digit
dialing to all locations. Acme Headquarters has a DID range
from 7705550001
to 7705570500
and the Macon facility has a DID range from 9125560500
to
9125560550.
How should the external phone masks be configured?
A.770555XXXX
B.770557XXXX
C.77055XXXXX
D.9125560XXX
E.912556XXXX
Correct:C
12.Which two are requirements for configuring a gatekeepercontrolled
intercluster trunk?
(Choose two.)
A.The assigned name must be unique within the cluster.
B.The ICT must have the same name in both clusters.
C.The Cisco Unified CallManager group in the assigned device pool will determine which Cisco Unified
CallManager systems register with the gatekeeper.
D.The IP addresses of the Cisco Unified CallManager systems in the remote cluster must be specified.
E.The gatekeeper must be defined in Cisco Unified CallManager before the intercluster trunk is added.
F.RSVP must be enabled to provide CAC between clusters.
Correct:A E
13.What happens when you try to configure the fourth member of a Cisco Unified CallManager
group?
A.The fourth member will be added to the sequential list.
B.The new member will replace the first member on the list.
C.Cisco Unified CallManager Administration will display an error message when you attempt to add the
fourth member.
D.Cisco Unified CallManager Administration will display an error and replace the last entered member of
the Cisco Unified CallManager group with the new entry.
Correct:C
14.Which two steps must a user take to use a prepared stock quote XML application on an IP
phone? (Choose two.)
A.Initiate an application TFTP request.
B.Dial the directory number for the service.
C.Use the Settings button to activate the application on the phone.
D.Select the Services button and choose the stock option application.
E.Request that the administrator add their directory number to the application list.
F.Subscribe, or have the Cisco Unified CallManager administrator subscribe, the phone to the service
using the User Options web page.
Correct:D F
15.The Acme Corporation is experiencing poor, choppy audio quality on voice calls placed across
their WAN link to and from Madison. What can be done to the Location parameter for Madison to
help alleviate this problem?
A.Increase the audio bandwidth setting in the Location configuration window for Madison.
B.Nothing, the audio bandwidth Location parameter for Madison is not related to the problem.
C.Remove the audio bandwidth parameter in the Location configuration window for Madison.
D.Decrease the audio bandwidth setting in the Location configuration window for Madison.
Correct:D
16.Refer to the exhibit. When Bob dials extension 5000, which phone will ring?
A.Phone A
B.Phone B
C.Phone C
D.Phone D
Correct:C
17.Which portion of the master Administrator account can be changed after installing using the
CLI?
A.username
B.password
C.username and password
D.privilege level
Correct:B
18.You have two clusters with six Cisco Unified CallManager systems in each. How many ICTs
must be configured to provide full server redundancy if a gatekeeper is present in the network?
A.1
B.2
C.3
D.4
E.5
F.6
Correct:A
19.Which Cisco Unified CallManager RTMT component can be used to customize an alert property?
A.RTMT Java Application
B.Alert Central
C.Log Monitor
D.Serviceability Reporter
Correct:B
20.Drag Drop
Correct:
Green choice1>
Yellow Choice3
Green choice2>
Yellow Choice1
Green choice3>
Yellow Choice2
Link : http://www.killtest.co.kr/CCVP/642-445.asp
642-456(Implementing Cisco Unified Communications Manager Part 2 (CIPT2 v6.0) )
Thursday, April 23rd, 20091.You are the Cisco Unified Communications Manager in pass4sure.com..You should ensure
inbound PSTN calls to work in an H.323 gateway configured with Cisco Unified Communications
Manager How should you do? (Choose three.)
A.Register he H.323 gateway with Cisco Unified Communications Manager.
B.Configure a pots dial peer with directinwarddial
and incomingcalled
number
C.Execute command h323gateway
voip bind srcaddr on the H.323 interface.
D.Configure a VoIP dial peer pointing to Cisco Unified Communications Manager
Correct:B C D
2.Which two of the following are often sources of toll fraud? (Choose two.) (Source:Preventing
Toll Fraud)
A.voice mailtovoice
mail transfer
B.CFA
C.transfer from voice mail
D.transfer to an internal destination
Correct:B C
3.You are the Cisco Unified Communications Manager in pass4sure.com. Please describe
RSVPenabled
locationsbased
CAC. (Choose two.)
A.RSVP can be enabled selectively between pairs of locations.
B.Using RSVP for CAC simply allows admitting
C.RSVP is topology aware, but only works with full mesh networks.
D.An RSVP agent is a Media Termination Point that the call has to flow through.
Correct:A D
4.Which two have to be defined in the Forward All field? (Choose two.) (Source:Preventing Toll
Fraud)
A.destination
B.partition
C.calling search space
D.hunt list
Correct:A C
5.You are the Cisco Unified Communications Manager in pass4sure.com. You are testing new
implementation of Cisco Unified Communications Manager Extension Mobility. When you log out
of Cisco Unified Communications Manager Extension Mobility, users get error messages: “To set
up speed dials and other services for your phone, please go to
https://ccm_ip@/ccmuser/showHome.do” What is most likely reason?
A.You did not subscribe the IP phone to Cisco Unified Communications Manager Extension Mobility
Service.
B.You did not associate the User Device Profile with Cisco Unified Communications Manager Extension
Mobility Service.
C.You did not select the Cisco Unified Communications Manager Extension Mobility checkbox for that
particular phone.
D.User needs to go into ccmuser and set up speed dials
Correct:B
6.Which is not defined when configuring time periods? (Source: Preventing Toll Fraud)
A.start time
B.end time
C.duration
D.period name
Correct:C
7.A branch site has a group of salespeople that take orders from customers. The site needs to be
able to distribute calls evenly to the salespeople when connectivity to the main site is lost. Which
two configurations are correct? (Choose two.)
A.Configure hunt groups on the Cisco Unified CME, which is operating in SRST mode.
B.All branch site IP phones will need to be preconfigured in the gateway.
C.Only the salespeople’s phones will need to be preconfigured in the gateway.
D.The branch site will need a dedicated UCCX server to queue the customer calls.
Correct:A C
8.When you are restricting external call transfers, which statement is correct? (Source:Preventing
Toll Fraud)
A.Route patterns can be classified as onnet
or offnet.
B.Partitions must be classified in order to use calltransfer
restrictions.
C.Transfer restrictions, restricted onnettooffnet
transfer, and restricted offnettooffnet
transfer can be
used.
D.Only internal devices must be classified.
Correct:A
9.You are the Cisco Unified Communications Manager in pass4sure.com. and you have
configured SRST at a remote site on an MGCP gateway. You find that IP phones are not registering
with the SRST router when the IP WAN fails. Which three potential problems need to be resolved?
A.The maxdn
command is missing in the SRST router.
B.No SRST reference address is included in the device pool.
C.The proper service command has not been added to the SRST router.
D.The maxephones
command is missing in the SRST router.
Correct:A B D
10.Which two service parameters can be configured when using ad hoc conference restrictions?
(Choose two.) (Source: Preventing Toll Fraud)
A.Never
B.When First OnNet
Party Leaves the Conference
C.When No OffNet
Parties Remain in the Conference
D.When Conference Creator Drops Out
Correct:A D
11.You are the Cisco Unified Communications Manager in pass4sure.com. Which feature
addresses the issues with AAR for mobile users in Cisco Unified Communications Manager?
A.Extension Mobility
B.Device Mobility
C.Mobile Connect
D.Mobile Voice for Access
Correct:B
12.What is the default value for the Drop Ad Hoc Conference service parameter?
(Source:Preventing Toll Fraud)
A.Never
B.Drop Ad Hoc Conference When Creator Leaves
C.When No OnNet
Parties Remain in the Conference
D.When No OffNet
Parties Remain in the Conference
Correct:A
13.The list of the Arabia numbers includes pairs of gateway signaling protocols and PSTN trunk
types. All gateways are SRST gateways. Please match each item from the list of the Arabia
numbers to the correct category of the Rome numbers based on whether active calls to or from
the PSTN can be preserved or will be matching when the gateway fails over to SRST mode.
(1)MGCP with PRI (2)MGCP with CAS (3)H.323 with PRI (4)H.323 with CAS (I)Calls can be
preserved. (II)Calls will be dropped.
A.(I)(
2 3 4);(II)(
1)
B.(I)(
2 4 3);(II)(
1)
C.(I)(
4 3 2);(II)(
1)
D.(I)(
4 2 3);(II)(
1)
Correct:A
14.What is the purpose of FAC? (Source: Preventing Toll Fraud)
A.timebased
call routing
B.restricting call routing to destinations based on the time of day
C.restricting call routing to destinations based on user codes
D.restricting call routing to destinations based on onnet
or offnet
classification
Correct:C
15.You are the Cisco Unified Communications Manager in pass4sure.com. After you add the Tcl
paramspace command, the application can____.
A.access the data on an external server
B.access the data on an internal server
C.set aside memory for application variables
D.share parameters between different call applications
Correct:D
16.Why is it important to block commonly exploited area codes when you want to restrict
international calls? (Source: Preventing Toll Fraud)
A.Some countries have special premium numbers as country codes.
B.Some countries have special country codes that look like area codes of the United States.
C.Countries such as the Bahamas can be reached either over the country code or over an area code.
D.When these numbers are not blocked, they are treated like normal local telephone calls.
Correct:B
17.You are the Cisco Unified Communications Manager in pass4sure.com. When a Cisco IP
Communicator Phone roams from SJ to RTP, the physical location for the Cisco IP Communicator
Phone changes and the Device Mobility Group changes from SJ to RTP. All route patterns are
assigned to partitions and configured to utilize the local gateway. After roaming to RTP, if the user
dials 911, which statement about the call routing is true?
A.The call will use the RTP gateway.
B.The call will use the SJ gateway because the device’s origin is SJ.
C.Emergency calls will go through the RTP gateway as first priority. The SJ gateway will be used as
backup.
D.The call will use the SJ gateway because we keep the Device/Line CSS after roaming.
Correct:D
18.Why might a hacker target an IP phone for attack? (Source: Hardening the IP Phone)
A.The attacker can learn about the IP telephony environment.
B.The attacker can start attacks from the IP phone, because it is a trusted device.
C.With a modified image and configuration file, the attacker can bring down the Cisco Unified
CallManager.
D.The attacker can sabotage a special user.
Correct:A
Lihk : http://www.killtest.co.kr/CCVP/642-456.asp
Cisco CCSP 642-522(Securing Networks with PIX and ASA Exam(SNPA) )
Wednesday, April 22nd, 20091.Refer to the show run output in the exhibit. Which accesslist
configuration using the
objectgroups
shown will only permit HTTP and HTTPS traffic from any host on 10.1.1.0/24 to any
host on 192.168.1.0/24?
A.accesslist
aclin extended permit tcp objectgroup
test2 objectgroup
test1 objectgroup
test3
B.accesslist
aclin extended permit tcp objectgroup
test1 objectgroup
test2 objectgroup
test3
C.accesslist
aclin extended permit tcp objectgroup
test1 objectgroup
test3 objectgroup
test2
D.accesslist
aclin extended permit ip objectgroup
test1 objectgroup
test2
Correct:B
2.What is the effect of the peruseroverride
option when applied to the accessgroup
command
syntax?
A.It increases security by building upon the existing access list applied to the interface. All subsequent
users are also subject to the additional access list entries.
B.The log option in the peruser
access list overrides existing interface log options.
C.It allows downloadable user access lists to override the access list applied to the interface.
D.It allows for extended authentication on a peruser
basis.
Correct:C
3.Drag Drop question
4.Which command enables IKE on the outside interface?
A.ike enable outside
B.ipsec enable outside
C.isakmp enable outside
D.ike enable (outbound)
Correct:C
5.Refer to the exhibit. An administrator is configuring the failover link on the secondary unit, pix2
and needs to configure the IP addresses of the failover link. At pix2, which of these additional
commands should be entered?
A.pix2(config)# failover lan ip 172.17.2.1 255.255.255.0 standby 172.17.2.7
B.pix2(config)# failover link 172.17.2.7 255.255.255.0 standby 172.17.2.1
C.pix2(config)# failover interface ip LANFAIL 172.17.2.1 255.255.255.0 standby 172.17.2.7
D.pix2(config)# interface ethernet3 pix2(configif)#
failover ip address 172.17.2.7 255.255.255.0 standby
172.17.2.1
Correct:C
6.What type of tunneling should be used on the VPN Client to allow IPSec traffic through a stateful
firewall that may be performing NAT or PAT?
A.GRE/IPSec
B.IPSec over TCP
C.IPSec over UDP
D.split tunneling
E.L2TP
Correct:B
7.What is the result if the WebVPN urlentry
parameter is disabled?
A.The end user is unable to access any CIFS shares or URLs.
B.The end user is able to access CIFS shares but not URLs.
C.The end user is unable to access predefined
URLs.
D.The end user is able to access predefined
URLs.
Correct:D
8.What are the two purposes of the samesecuritytraffic
permit intrainterface
command?
(Choose two.)
A.It allows all of the VPN spokes in a hubandspoke
configuration to be terminated on a single interface.
B.It allows communication between different interfaces that have the same security level
C.It permits communication in and out of the same interface when the traffic is IPSec protected.
D.It enables Dynamic Multipoint VPN.
Correct:A C
9.When configuring a crypto map, which command correctly specifies the peer to which
IPSecprotected
traffic can be forwarded?
A.crypto map set peer 192.168.7.2
B.crypto map 20 setpeer
insidehost
C.cryptomap
policy 10 set 192.168.7.2
D.crypto map peer7 10 set peer 192.168.7.2
Correct:D
10.By default, the AIPSSM
IPS software is accessible from the management port at IP address
10.1.9.201/24. Which CLI command should an administrator use to change the default AIPSSM
management port IP address?
A.hw module 1 setup
B.interface
C.setup
D.hw module 1 recover
Correct:C
11.The inline IPS software feature set is available in which security appliances?
A.any Cisco PIX and ASA Security Appliance running v.7 software and an AIPSSM
module
B.only Cisco PIX 515, 525, and 535 Security Appliances with an AIPSSM
module
C.only Cisco ASA 5520 and 5540 Security Appliances with an AIPSSM
module
D.any Cisco ASA 5510, 5520, or 5540 Security Appliance with an AIPSSM
module
Correct:D
12.Which is a hybrid protocol that provides utility services for IPSec, including authentication of
the IPSec peers, negotiation of IKE and IPSec SAs, and establishment of keys for encryption
algorithms?
A.3DES
B.ESP
C.IKE
D.MD5
Correct:C
13.How do you ensure that the main interface does not pass untagged traffic when using
subinterfaces?
A.Use the shutdown command on the main interface
B.Omit the nameif command on the subinterface
C.Use the vlan command on the main interface.
D.Omit the nameif command on the main interface.
E.Use the shutdown and then use the nameif command on the main interface.
Correct:D
14.Which statement about Telnet and the security appliance is true?
A.You can enable Telnet on all interfaces except the outside interface.
B.You can enable Telnet on all interfaces, but the PIX security appliance requires that all Telnet traffic to
all interfaces be IPSec protected.
C.You can enable Telnet on all interfaces, but the PIX security appliance requires that all Telnet traffic to
the outside interface be IPSec protected.
D.You can enable Telnet on all interfaces, but it must be protected with SSH.
Correct:C
15.Why does the PIX security appliance record information about a packet in its stateful session
flow table?
A.to build the reverse path forwarding (RFP) table to prevent spoofed source IP address
B.to establish a proxy session by relaying the application layer requests and responses between two
endpoints
C.to compare against return packets for determining whether the packet should be allowed through the
firewall
D.to track outbound UDP connections
Correct:C
16.In the Cisco ASA 5500 series, what is the flash keyword aliased to?
A.Disk0
B.Disk1
C.both Disk0 and Disk1
D.Flash0
E.Flash1
Correct:A
Link: http://www.killtest.co.kr/CCSP/642-522.asp
642-532(Securing Networks Using Intrusion Prevention Systems Exam (IPS) )
Tuesday, April 21st, 20091.Which three steps must you perform to prepare sensor interfaces for inline operations? (Choose
three.)
A.Disable all interfaces except the inline pair.
B.Add the inline pair to the default virtual sensor.
C.Enable two interfaces for the pair.
D.Disable any interfaces that are operating in promiscuous mode.
E.Create the interface pair.
F.Configure an alternate TCPreset
interface
Correct:B C E
2.Your Cisco router is hosting an NMCIDS.
The router configuration contains an inbound ACL.
Which action does the router take when it receives a packet that should be dropped, according to
the inbound ACL?
A.The router forwards the packet to the NMCIDS
for inspection, then drops the packet.
B.The router drops the packet and does not forward it to the NMCIDS
for inspection.
C.The router filters the packet through the inbound ACL, tags it for drop action, and forwards the packet to
the NMCIDS.
Then the router drops it if it triggers any signature, even a signature with no action
configured.
D.The router filters the packet through the inbound ACL, forwards the packet to the NMCIDS
for
inspection only if it is an ICMP packet, and then drops the packet.
Correct:B
3.Which action is available only to signatures supported by the Normalizer engine
A.Produce Verbose Alert
B.Modify Packet Inline
C.Deny Packet Inline
D.Log Pair Packets
E.Request SNMP Trap
F.Reset TCP Connection
Correct:B
4.You would like to have your inline sensor deny attackers inline when events occur that have
Risk Ratings over 85. Which two actions will accomplish this? (Choose two.)
A.Create Target Value Ratings of 85 to 100.
B.Create an Event Variable for the protected network.
C.Enable Event Action Overrides.
D.Create an Event Action Filter, and assign the Risk Rating range of 85 to 100 to the filter.
E.Enable Event Action Filters.
F.Assign the Risk Rating range of 85 to 100 to the Deny Attacker Inline event action.
Correct:C F
5.Which two are appropriate installation points for a Cisco IPS sensor? (Choose two.)
A.on publicly accessible servers
B.on critical network servers
C.at network entry points
D.on user desktops
E.on corporate mail servers
F.on critical network segments
Correct:C F
6.In which three ways does a Cisco network sensor protect network devices from attacks?
(Choose three.)
A.It uses a blend of intrusion detection technologies to detect malicious network activity.
B.It can generate an alert when it detects traffic that matches a set of rules that pertain to typical intrusion
activity.
C.It permits or denies traffic into the protected network that is based on access lists that you create on the
sensor.
D.It can take a variety of actions when it detects traffic that matches a set of rules that pertain to typical
intrusion activity.
E.It uses behaviorbased
technology that focuses on the behavior of applications to protect network
devices from known attacks and from new attacks for which there is no known signature.
Correct:A B D
7.Which command displays the statistics for Fast Ethernet interface 0/1?
A.show interfaces FastEthernet0/1
B.show interface int1
C.show statistics FastEthernet0/1
D.show statistics virtualsensor
E.packet capture FastEthernet0/1
F.show statistics eventstore
Correct:A
8.Drag Drop question
Correct:
9.What is a configurable weight that is associated with the perceived importance of a network
asset?
A.Risk Rating
B.parameter value
C.Target Value Rating
D.severity level
E.storage key
F.rate parameter
Correct:C
10.You are using multiple monitoring interfaces on a sensor appliance running software version
5.0. Which statement is true?
A.You can have the simultaneous protection of multiple network subnets, which is like having multiple
sensors in a single appliance.
B.You can use different sensing configurations for each monitoring interface.
C.You can enable an interface only if the interface belongs to an interface group.
D.Multiple monitoring interfaces can be assigned to Group 0 at any given time.
E.All interfaces must operate in a single mode; you cannot mix inlineand
promiscuousmode
operations.
Correct:A
Link: http://www.killtest.co.kr/CCSP/642-532.asp
Cisco CCSP 642-552(Securing Cisco Network Devices Exam)
Monday, April 20th, 20091. Referring to the Cisco SDM Security Audit Wizard screen shown, what will happen if you check the Fix
it box for Firewall is not enabled in all the outside interfaces then click the Next button?
A. All outside access through the outside interfaces will immediately be blocked by an ACL.
B. SDM will prompt you to configure an ACL to block access through the outside interfaces.
C. SDM will take you to the Advanced Firewall Wizard.
D. SDM will perform a onestep
lockdown to lock down the outside interfaces.
E. SDM will take you to the Edit Firewall Policy/ACL screen where you can configure an ACL to block
access through the outside interfaces.
Answer: C
2. Which of these two ways does Cisco recommend that you use to mitigate maintenancerelated
threats?
(Choose two.)
A. Maintain a stock of critical spares for emergency use.
B. Ensure that all cabling is Category 6.
C. Always follow electrostatic discharge procedures when replacing or working with internal router and
switch device components.
D. Always wear an electrostatic wrist band when handling cabling, including fiberoptic
cabling.
E. Always employ certified maintenance technicians to maintain missioncritical
equipment and cabling.
Answer: AC
3. Which method of mitigating packetsniffer
attacks is the most effective?
A. implement twofactor
authentication
B. deploy a switched Ethernet network infrastructure
C. use software and hardware to detect the use of sniffers
D. deploy networklevel
cryptography using IPsec, secure services, and secure protocols
Answer: D
4. A malicious program is disguised as another useful program; consequently, when the user executes the
program,files get erased and then the malicious program spreads itself using emails as the delivery
mechanism. Which type of attack best describes how this scenario got started?
A. DoS
B. worm
C. virus
D. trojan horse
E. DDoS
Answer: D
5. What is the key function of a comprehensive security policy?
A. informing staff of their obligatory requirements for protecting technology and information assets
B. detailing the way security needs will be met at corporate and department levels
C. recommending that Cisco IPS sensors be implemented at the network edge
D. detailing how to block malicious network attacks
Answer: A
6. Which building blocks make up the Adaptive Threat Defense phase of Cisco SDN strategy?
A. VoIP services, NAC services, Cisco IBNS
B. network foundation protection, NIDS services, adaptive threat mitigation services
C. firewall services, intrusion prevention, secure connectivity
D. firewall services, IPS and network antivirus services, network intelligence
E. AntiX
defense, NAC services, network foundation protection
Answer: D
7. Why is TACACS+ the preferred AAA protocol to use with Cisco device authentication?
A. TACACS+ encryption algorithm is more recent than other AAA protocols
B. TACACS+ has a more robust programming interface than other AAA protocols
C. TACACS+ was initially developed as opensource
software
D. TACACS+ provides true AAA functional separation and encrypts the entire body of the packet
E. TACACS+ maintains authentication information in the local database of each Cisco IOS router
F. TACACS+ combines authentication and authorization to provide more robust functionalities
Answer: D
8. Which method does a Cisco router use for protocol type IP packet filtering?
A. inspection rules
B. standard ACLs
C. security policies
D. extended ACLs
Answer: D
9. Referring to the network diagram shown, which ACL entry will block any Telnet Client traffic from the
Corporate LAN to any Telnet Servers on the Remote Access LAN?
A. accesslist
190 deny tcp any eq 23 16.2.1.0 0.0.0.255
B. accesslist
190 deny tcp 16.1.1.0 0.0.0.255 eq 23 16.2.1.0 0.0.0.255 eq 23
C. accesslist
190 deny tcp any 16.1.1.0 0.0.0.255 eq 23
D. accesslist
190 deny tcp any 16.2.1.0 0.0.0.255 eq 23
E. accesslist
190 deny tcp 16.2.1.0 0.0.0.255 eq 23 16.1.1.0 0.0.0.255 eq 23
Answer: D
10. What two tasks should be done before configuring SSH server operations on Cisco routers? (Choose
two.)
A. Upgrade routers to run a Cisco IOS Release 12.1(1)P image.
B. Upgrade routers to run a Cisco IOS Release 12.1(3)T image or later with the IPsec feature set.
C. Ensure routers are configured for external ODBC authentication.
D. Ensure routers are configured for local authentication or AAA for username and password
authentication.
E. Upgrade routers to run a Cisco IOS Release 11.1(3)T image or later with the IPsec feature set.
Answer: BD
11. The figure contains a sample configuration using Cisco IOS commands. Which Cisco IOS command
or setting does the configuration need to get SSH to work?
A. add the transport input telnet ssh Cisco IOS command after the line vty 0 4 Cisco IOS command
B. add the transport output ssh Cisco IOS command after the line vty 0 4 Cisco IOS command
C. set the SSH timeout value using the ip ssh timeout 60 Cisco IOS command
D. add the crypto key generate rsa generalkeys
modulus 1024 Cisco IOS command
E. set the SSH retries value using the ip ssh authenticationretries
3 Cisco IOS command
Answer: D
12. Network administrators have just configured SSH on their target router and have now discovered that
an intruder has been using this router to perform a variety of malicious attacks. What have they most likely
forgotten to do and which Cisco IOS commands do they need to use to fix this problem on their target
router?
A. forgot to reset the encryption keys using the crypto key zeroize rsa Cisco IOS global configuration
command
B. forgot to close port 23 and they need to issue the no transport input telnet Cisco IOS global
configuration command
C. forgot to disable vty inbound Telnet sessions and they need to issue the line vty 0 4 and the no
transport input telnet Cisco IOS line configuration commands
D. forgot to restrict access to the Telnet service on port 23 using ACLs and they need to issue the
accesslist
90 deny any log Cisco IOS global configuration command, and the line vty 0 4 and
accessclass
90 in Cisco IOS line configuration commands
Answer: C
13. Which security log messaging method is the most common message logging facility and why?
A. SNMP traps, because the router can act as an SNMP agent and forward SNMP traps to an external
SNMP server
B. buffered logging, because log messages are stored in router memory and events are cleared whenever
the router is rebooted
C. console logging, because security messages are not stored and do not take up valuable storage space
on network servers
D. syslog, because this method is capable of providing longterm
log storage capabilities and supporting a
central location for all router messages
E. logging all events to the Cisco Incident Control System to correlate events and provide recommended
mitigation actions
Answer: D
14. What is a syslog configuration oversight that makes system event logs hard to interpret and what can
be done to fix this oversight?
A. The system time does not get set on the router, making it difficult to know when events occurred.
Recommend that an NTP facility be used to ensure that all the routers operate at the correct time.
B. Thirdparty
flash memory gets installed and doesn’t provide easily understandable error or failure
codes. Only Ciscoauthorized
memory modules should be installed in Cisco devices.
C. The syslog message stream does not get encrypted and invalid syslog messages get sent to the
syslog server. Encrypt the syslog messages.
D. The syslog messages filter rules did not get configured on the router, resulting in too many unimportant
messages. Configure syslog messages filter rules so that lowseverity
messages are blocked from being
sent to the syslog server and are logged locally on the router.
Answer: A
15. What are two security risks on 802.11 WLANs that implement WEP using a static 40bit
key with open
authentication? (Choose two.)
A. The IV is transmitted as plaintext, and an attacker can sniff the WLAN to see the IV.
B. The challenge packet sent by the wireless AP is sent unencrypted.
C. The response packet sent by the wireless client is sent unencrypted.
D. WEP uses a weakblock
cipher such as the Data Encryption Algorithm.
E. Oneway
authentication only where the wireless client does not authenticate the wirelessaccess
point.
Answer: AE
16. Using 802.1x authentication on a WLAN offers which advantage?
A. enforces a set of the policy statements that regulate which resource to protect and which activities are
forbidden
B. allows inbound and outbound packet filter rules to be established at the interface level of a device
C. limits access to network resources based on user login identity; especially suited for large mobile user
populations
D. enforces security policy compliance on all devices seeking to access network computing resources
Answer: C
17. How does an applicationlayer
firewall work?
A. examines the data in all network packets at the application layer and maintains complete connection
state and sequencing information
B. operates at Layers 3, 4 and 5, and keeps track of the actual application communication process by
using an application table
C. determines whether the connection between two applications is valid according to configurable rules
D. allows an application on your private network that does not have a valid registered IP address to
communicate with other applications through the Internet
Answer: A
18. Using a stateful firewall, which information is stored in the stateful session flow table?
A. the outbound and inbound access rules (ACL entries)
B. the source and destination IP addresses, port numbers, TCP sequencing information, and additional
flags for each TCP or UDP connection associated with a particular session
C. all TCP and UDP header information only
D. all TCP SYN packets and the associated return ACK packets only
E. the inside private IP address and the translated global IP address
Answer: B
19. What is a potential security weakness of traditional stateful firewall?
A. cannot support nonTCP
flows
B. retains the state of user data packet and dynamically assigned ports in the state table
C. cannot track the state of each connection setup to ensure that each connection follows a legitimate
TCP threeway
handshake
D. cannot detect applicationlayer
attacks
Answer: D
20. A client wants their web server on the DMZ to use a private IP address and to be reachable over the
Internet with a fixed outside public IP address. Which type of technology will be effective in this scenario?
A. PAT
B. Dynamic NAT
C. CutThrough
Proxy
D. Application inspection
E. Static NAT
Answer: E
Link : http://www.killtest.co.kr/CCSP/642-552.asp
Cisco CCSP 642-503(Securing Networks with Cisco Routers and Switches)
Sunday, April 19th, 2009
1. Which two statements are true regarding classic Cisco IOS Firewall configurations? (Choose two.)
A. You can apply the IP inspection rule in the inbound direction on the trusted interface.
B. You can apply the IP inspection rule in the outbound direction on the untrusted interface.
C. For temporary openings to be created dynamically by Cisco IOS Firewall, the access list for the
returning traffic must be a standard ACL.
D. For temporary openings to be created dynamically by Cisco IOS Firewall, you must apply the IP
inspectionrule to the trusted interface.
E. For temporary openings to be created dynamically by Cisco IOS Firewall, the inbound access list on
the trustedinterface must be an extended ACL.
Answer: AB
2. Refer to the exhibit. Why is the Cisco IOS Firewall authentication proxy not working?
A. The aaa authentication authproxy
default group tacacs+ command is missing in the configuration.
B. The router local username and password database is not configured.
C. Cisco IOS authentication proxy only supports RADIUS and not TACACS+.
D. HTTP server and AAA authentication for the HTTP server is not enabled.
E. The AAA method lists used for authentication proxy should be named “pxy” rather than “default” to
match the authentication proxy rule name.
Answer: D
3. Refer to the exhibit. What additional configuration is required for the Cisco IOS Firewall to reset the
TCPconnection if any peertopeer,
tunneling, or instant messaging traffic is detected over HTTP?
A. classmap
configuration for matching peertopeer,
tunneling, and instant messaging traffic over HTTP,
and a policy map specifying the reset action
B. the portmisuse
default action reset alarm command in the HTTP application firewall policy
configuration
C. the PAM configuration for mapping the peertopeer,
tunneling, and instant messaging TCP ports to the
HTTPapplication
D. the ip inspect name firewall im, ip inspect name firewall p2p, and ip inspect name firewall tunnel
commands
E. the service default action reset command in the HTTP application firewall policy configuration
Answer: B
4. Refer to the exhibit. Why is the Total Active Signatures count zero?
A. The 128MB.sdf file in flash is corrupted.
B. IPS is in failopen
mode.
C. IPS is in failclosed
mode.
D. IPS has not been enabled on an interface yet.
E. The flash:/128MB.sdf needs to be merged with the builtin
signatures first.
Answer: D
5. Which three configurations are required to enable the Cisco IOS Firewall to inspect a userdefined
application which uses TCP ports 8000 and 8001? (Choose three.)
A. accesslist
101 permit tcp any any eq 8000 accesslist
101 permit tcp any any eq 8001 classmap
user10
match accessgroup
101
B. policymap
user10
class user10
inspect
C. ip portmap
user10
port tcp 8000 8001 description “TEST PROTOCOL”
D. ip inspect name test appfw user10
E. ip inspect name test user10
F. int {type|number} ip inpsect name test in
Answer: CEF
6. What are two benefits of using an IPsec GRE tunnel? (Choose two.)
A. It allows dynamic routing protocol to run over the tunnel interface.
B. It has less overhead than running IPsec in tunnel mode.
C. It allows IP multicast traffic.
D. It requires a more restrictive crypto ACL to provide finer security control.
E. It supports the use of dynamic crypto maps to reduce configuration complexity.
Answer: AC
7. Refer to the DMVPN topology diagram in the exhibit. Which two statements are correct? (Choose two.)
A. The hub router needs to have EIGRP split horizon disabled.
B. At the Spoke A router, the next hop to reach the 192.168.2.0/24 network is 10.0.0.1.
C. Before a spoketospoke
tunnel can be built, the spoke router needs to send an NHRP query to the hub
toresolve the remote spoke router physical interface IP address.
D. At the Spoke B router, the next hop to reach the 192.168.1.0/24 network is 172.17.0.1.
E. The spoke routers act as the NHRP servers for resolving the remote spoke physical interface IP
address.
F. At the Spoke A router, the next hop to reach the 192.168.0.0/24 network is 172.17.0.1.
Answer: AC
8. Referring to a DMVPN hub router tunnel interface configuration, what can happen if the ip nhrp map
multicastdynamic command is missing on the tunnel interface?
A. The NHRP request and response between the spoke router and hub router will fail.
B. The GRE tunnel between the hub router and the spoke router will be down.
C. The IPsec peering between the hub router and the spoke router will fail.
D. The dynamic routing protocol between the hub router and the spoke router will fail.
E. The NHRP mappings at the spoke routers will be incorrect.
F. The NHRP mappings at the hub router will be incorrect.
Answer: D
9. Which three of these statements are correct regarding DMVPN configuration? (Choose three.)
A. If running EIGRP over DMVPN, the hub router tunnel interface must have “next hop self” enabled: ip
nexthopself
eigrp ASNumber
B. If running EIGRP over DMVPN, the hub router tunnel interface must have split horizon disabled: no ip
splithorizon
eigrp ASNumber
C. The spoke routers must be configured as the NHRP servers: ip nhrp nhs spoketunnelipaddress
D. At the spoke routers, static NHRP mapping to the hub router is required: ip nhrp map
hubtunnelipaddress
hubphysicalipaddress
E. The GRE tunnel mode must be set to pointtopoint
mode: tunnel mode gre pointtopoint
F. The GRE tunnel must be associated with an IPsec profile: tunnel protection ipsec profile profilename
Answer: BDF
10. When you configure Cisco IOS WebVPN, you can use the portforward
command to enable which
function?
A. webenabled
applications
B. Cisco Secure Desktop
C. fulltunnel
client
D. thin clientE. CIFS
F. OWA
Answer: D
11. Refer to the exhibit. What additional configuration is required to enable split tunneling?
A. the reverseroute
command under “crypto dynamicmap
mode 1″
B. the includelocallan
under “crypto dynamicmap
mode 1″
C. the match address 199 command under “crypto dynamicmap
mode 1″
D. the acl 199 command under “crypto isakmp client configuration group cisco”
E. the includelocallan
command under “crypto isakmp client configuration group cisco”
F. the reverseroute
command under “crypto isakmp client configuration group cisco”
Answer: D
12. Refer to the exhibit. Which two statements are true about the configurations shown? (Choose two.)
A. The clickable links will have a heading entitled “MYLINKS”.
B. The home page will have three clickable links on it.
C. ACS will be used for remoteuser
authentication by default.
D. This is an example of a clientless configuration.
E. Thin client (port forwarding) has been enabled using the urltext
command.
Answer: BD
13. Which two commands are used to only allow SSH traffic to the router Eth0 interface and deny
othermanagement traffic (BEEP, FTP, HTTP, HTTPS, SNMP, Telnet, TFTP) to the router interfaces?
(Choose two.)
A. interface eth0
B. controlplane
host
C. policymap
type portfilter
policyname
D. servicepolicy
type portfilter
input policyname
E. managementinterface
eth0 allow sshF. line vty 0 5transport input ssh
Answer: BE
14. Refer to the exhibit. Which optional AAA or RADIUS configuration command is used to support 802.1x
guestVLAN functionality?
A. aaa authentication dot1x default group radius
B. aaa authorization network default group radius
C. aaa accounting dot1x default startstop
group radius
D. aaa accounting system default startstop
group radius
E. radiusserver
host 10.1.1.1 authport
1812 acctport
1813
Answer: B
15. When configuring FPM, what should be the next step after the PHDFs have been loaded?
A. Define a stack of protocol headers.
B. Define a traffic policy.
C. Define a service policy.
D. Define a class map of type “accesscontrol”
for classifying packets.
E. Reload the router.
F. Save the PHDFs to startupconfig.
Answer: A
Link : http://www.killtest.co.kr/CCSP/642-503.asp