Академический Документы
Профессиональный Документы
Культура Документы
Vendor: Cisco
Exam Code: 352-001
Exam Name: CCDE Design Written Exam, v2.1
Question 201 -- Question 250
Visit PassLeader and Download Full Version 352-001 Exam Dumps
QUESTION 201
Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses
the Internet?
A.
B.
C.
D.
Answer: C
QUESTION 202
Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into Area 1. Which LSA
containing 10.1.5.0/24 will R6 have in its database?
A.
B.
C.
D.
R6 will have an NSSA external (type 7) LSA in its local database for 10.1.5.0/24.
R6 will have an external (type 5) LSA for 10.1.5.0/24 in its local database.
R6 will have a border router (type 4) LSA in its local database for 10.1.5.0/24.
R6 will not have any LSAs containing 10.1.5.0/24.
Answer: B
QUESTION 204
Which statement is true about the RSVP protocol?
A.
B.
C.
D.
Answer: C
QUESTION 205
What is required in order to perform attack detection using anomaly detection technologies?
A.
B.
C.
D.
packet captures
exploit signatures
baseline data
syslog data
Answer: C
QUESTION 206
Your company's external routers BGP peer with multiple service providers and external
organizations. In all cases, the external routers are peered with their BGP neighbors via directlyconnected interfaces.
How does GTSM provide additional security for your BGP speakers?
A. GTSM prevents the processing of BGP packets from devices that are not on the directly-connected
interfaces.
B. GTSM prevents the formation of BGP adjacencies from unauthorized devices.
C. GTSM ensures that all BGP routing updates have been verified for secure origination.
D. GTSM replaces the TCP 3-way handshake between BGP speakers on directly connected interfaces.
E. GTSM prevents random TCP resets from being injected into the BGP data stream.
Answer: A
QUESTION 207
What are two potential effects of increasing the percentage of priority traffic? (Choose two.)
A. can increase latency and jitter for priority traffic
352-001 Exam Dumps
Answer: AB
QUESTION 208
Your customer asks you to assist with their traffic policy design. They want to guarantee a minimum
amount of bandwidth to certain traffic classes. Which technique would you advise them to
implement?
A.
B.
C.
D.
Answer: A
QUESTION 209
You are designing a network that includes IP QoS. Which two architectures could be used to ensure
that IP QoS is implemented properly? (Choose two.)
A. Differentiated Services, where the user, with the assistance of the RSVP signaling protocol, reserves
the resources end to end before sending the data
B. Integrated Services, where the user, with the assistance of the RSVP signaling protocol, reserves the
resources end to end before sending the data
C. Integrated Services, which relies on the information carried within each packet to make resource-allocation
decisions at each network node
D. Differentiated Services, which relies on the information carried within each packet to make
resource-allocation decisions at each network node
E. Integrated Services, where the user, with the assistance of the DSCP signaling protocol, reserves
the resources end to end before sending the data
Answer: BD
QUESTION 210
How should multiple OSPF areas be designed when deployed on a classic three-layer
(core/distribution/access) network hierarchy?
A. The OSPF flooding domain boundary should be at the edge of the core layer.
B. The OSPF flooding domain boundary should be within the distribution layer.
C. OSPF should generally be deployed in a three-layer domain hierarchy to align with the physical
three-layer hierarchy.
D. OSPF flooding domain boundaries should be placed with route aggregation in mind.
Answer: D
QUESTION 211
You are tasked to design a QoS policy for a service provider so they can include it in the design of
their MPLS core network. If the design must support an MPLS network with six classes, and CEs
will be managed by the service provider, which QoS policy should be recommended?
352-001 Exam Dumps
Answer: A
QUESTION 212
When network summaries are created for access networks in a network design, how does it change
the behavior of the Shortest Path First (SPF) running in a backbone area?
A.
B.
C.
D.
Answer: B
QUESTION 213
Refer to the exhibit. When designing an MPLS-based LAN extension between DC-1 and DC-2,
what are three advantages of deploying VSS? (Choose three.)
A.
B.
C.
D.
E.
F.
Answer: ABC
5
6
7
8
9
Answer: E
QUESTION 216
Which of these can you use to effectively and dynamically reduce IP address spoofing?
A.
B.
C.
D.
E.
Answer: E
QUESTION 217
A certain service provider network includes IPsec tunnels between PE router loopbacks and dualhomed PE routers. The service provider is using OSPF to carry infrastructure routes and using
BGP to carry tunnel endpoints.
What could the service provider do to provide fast convergence in case of a link failure in its network?
Answer: A
QUESTION 218
Which statement about OSPF incremental SPF is true?
A.
B.
C.
D.
E.
Answer: D
QUESTION 219
What are two components of effective change management planning? (Choose two.)
A.
B.
C.
D.
Answer: AB
QUESTION 220
Cyclic congestion spikes are causing your Telnet users to experience delays. Traffic analysis
shows minimal use of UDP. Which technology can you deploy to mitigate the problem?
A.
B.
C.
D.
Answer: B
QUESTION 221
Why should IGP advertisements be disabled on an access link where a host is attached?
A.
B.
C.
D.
Answer: B
policing
shaping
WRED
CB-WFQ
Answer: A
QUESTION 224
What is downstream suppression?
A. the ability of a fault management tool to generate alerts for only an upstream device failure and to
suppress the alarms related to all unreachable downstream sites
B. the ability of devices to exclusively send summary routes and suppress the sending of complete
routing updates
C. the ability of a router to suppress downstream route fluctuations to avoid introducing instability into
the network core
D. the ability of a network management station to perform root cause analysis on a network fault and
remove duplicates of all other alarms resulting from fault symptoms
E. the ability of an element manager to restrict forwarding to critical performance alarms northbound to
the Manager of Managers and suppress other alarms
Answer: A
QUESTION 225
Which of these statements accurately describes MPLS-based L3VPN service?
A.
B.
C.
D.
Answer: B
352-001 Exam Dumps
A.
B.
C.
D.
configure Router B to advertise the more specific prefixes instead of the aggregate
configure Router B to advertise the more specific prefixes in addition to the aggregate
configure Router B with a static route for the aggregate to Null0
configure Router A to advertise 10.0.0.0/8 instead of the default route to Router B
Answer: C
QUESTION 227
An enterprise has a large number of retail locations that are currently serviced by a hub-and-spoke
Frame Relay network using OSPF as the routing protocol. The enterprise is planning to deploy a
high-bandwidth application that requires any-to-any connectivity. Which technology would provide
this enterprise with the best bandwidth utilization and greatest scalability?
A.
B.
C.
D.
Answer: D
QUESTION 228
A service provider has an MPLS VPN network in the United States. It recently bought another
provider in India and wants to quickly integrate the newly acquired provider's network into the
existing MPLS VPN infrastructure via the Internet.
Which two technologies can the service provider use to integrate its new network? (Choose two.)
Answer: AB
QUESTION 229
A certain service provider offers RFC 2547-based L3VPN service. The service provider is using
OSPF to carry infrastructure routes and MP-BGP to carry customer routes. It has also deployed a
full mesh of Cisco MPLS TE tunnels with FRR for link and node protection. OSPF and BGP have
not been tuned for faster convergence.
Which three types of failure does Cisco MPLS TE FRR address in this service provider's network?
(Choose three.)
A.
B.
C.
D.
E.
Answer: ACD
QUESTION 230
Four routers running IS-IS are connected to a single Ethernet link. Then, a fifth router is connected,
which has a priority higher than any of the other routers connected to the network.
What will happen?
A.
B.
C.
D.
The new router will become the DIS and cause a temporary disruption in traffic through the link.
The new router will become the DIS without causing a temporary disruption in traffic through the link.
The new router will not be elected DIS unless the current DIS fails.
The new router will not be elected DIS unless it has the lowest NET ID.
Answer: B
QUESTION 231
Which tool enables a network designer to route traffic based on the source IP address?
A.
B.
C.
D.
source routing
MPLS Layer 3 VPNs
policy-based routing
unicast Reverse Path Forwarding
Answer: C
QUESTION 232
A network administrator is having problems with redistribution routing loops between two EIGRP
processes. You've looked at the configurations and determined there is no filtering configured on
the routes being redistributed. To avoid having a single point of failure, there are three routers
configured to redistribute between the two routing protocols. Which solution would you recommend
to minimize management complexity?
352-001 Exam Dumps
reduce the number of routers redistributing between the two routing processes
build and apply a route filter based on the networks being redistributed between the two processes
replace one of the EIGRP processes with an alternate IGP
use tags to control redistribution between the two processes
Answer: D
QUESTION 233
Enterprises A and B agree to merge, but keep IGP and BGP independent of each other. They are
served by a common ISP for their Internet connectivity. During the merge, A and B will provision a
point-to-point link between the two networks. What is the simplest design option that will allow data
to travel between A and B without passing through the ISP?
A. configure OSPF and make OSPF routes more attractive than the same routes learned via EBGP
from the ISP
B. configure OSPF and make OSPF routes less attractive than the same routes learned via EBGP
from the ISP
C. configure EBGP between the two networks and block each other's routes from the ISP
D. configure iBGP between the two networks and block each others route's from the ISP
E. configure OSPF between the two networks and block each others route's from the ISP
Answer: C
QUESTION 234
When using LDAP servers, you should configure the password policy to prevent _____.
A.
B.
C.
D.
DoS attacks
dictionary attacks
flood attacks
man-in-the-middle attacks
Answer: B
QUESTION 235
A client has approached you about deploying very fast IS-IS hello timers across an intercontinental
high speed SONET link.
What should you recommend?
A. Fast hello timers are a good choice for this link because on long haul SONET links the reporting
of LINE and PATH errors can take a long time.
B. Fast hello timers are not a good choice for this link because the link is physically long and the
propagation delay may cause IS-IS to believe the link has failed when it has not.
C. Fast hello timers are a good choice for this link because the length of the link indicates there will
be at least one SONET amplifier that disables PATH alarms on the circuit.
D. Fast hello timers are not a good choice for this link because SONET links provide link-down
notification much faster than IS-IS could detect a circuit failure by means of hello processing.
Answer: D
QUESTION 236
How does an OSPF ABR prevent summary route information from being readvertised from an area
352-001 Exam Dumps
Answer: C
QUESTION 237
An IS-IS router is connected to four links and redistributing 75 routes from RIP.
How many LSPs will this router originate?
A. one LSP: containing the router information, internal routes, and external routes
B. two LSPs: one containing router information and internal routes and one containing external routes
C. three LSPs: one containing all links, one containing router information, and one containing external
routing information
D. six LSPs: one for each link, one containing router information, and one containing external routing
information
Answer: A
QUESTION 238
The IGP next-hop reachability for a BGP route is lost but a default route is available. Assuming that
BGP connectivity is maintained, what will happen to the BGP route?
A.
B.
C.
D.
Answer: C
QUESTION 239
Which two actions can the sinkhole technique be used to perform? (Choose two.)
A.
B.
C.
D.
Answer: BC
QUESTION 240
What are the two best reasons to build a flooding domain boundary in a link-state network? (Choose
two.)
A.
B.
C.
D.
Answer: D
QUESTION 242
Which three LSA types can each trigger a partial SPF? (Choose three.)
A.
B.
C.
D.
E.
Answer: CDE
QUESTION 243
What are two valid reasons for aggregating routing information within a network? (Choose two.)
A.
B.
C.
D.
E.
Answer: BC
QUESTION 244
What is the most effective way to improve BGP convergence in the event that a point-to-point link,
over which an EBGP session is running, fails?
A.
B.
C.
D.
Answer: B
352-001 Exam Dumps
Answer: B
QUESTION 246
Three routers in a single broadcast domain are connected by means of a standard Ethernet switch.
The only Layer 2 protocol running on this link is Spanning Tree Protocol. The only Layer 3 protocol
running on this link is EIGRP, which uses a standard configuration. Then, one of the three routers
is manually shut down. How will the other two routers discover the loss of this neighbor?
A. The line protocol on the remaining two routers will be brought down as soon as the carrier is lost
from the switch.
B. The switch will bring down the carrier on all ports momentarily to force all the routers connected
to the link to relearn their neighbors.
C. The EIGRP dead timers will expire due to the absence of EIGRP traffic.
D. The switch will send a reverse ARP when the router disconnects from the switch.
Answer: C
QUESTION 247
What is the best practice for tuning routing protocol hello and dead timers when deploying IGP nonstop forwarding (NSF)?
A. The hello and dead timers should be tuned to allow NSF to continue forwarding after an initial
failure detection.
B. NSF-independent timers should be used so that routing protocol timers have no effect.
C. The hello and dead timers should be tuned so the link failure is detected before NSF has the
chance to react to the failure.
D. The routing protocol hello and dead timers should be decreased to the minimum.
Answer: A
QUESTION 248
Why is H-VPLS considered more scalable than flat VPLS?
A.
B.
C.
D.
Answer: AB
QUESTION 249
You are designing a NAC OOB Layer 3 Real-IP Gateway deployment for a customer. Which VLAN
must be trunked back to the Clean Access Server from the access switch?
352-001 Exam Dumps
untrusted VLAN
user VLAN
management VLAN
authentication VLAN
Answer: A
QUESTION 250
When a multiprotocol environment is designed to have several routers redistribute among the
routing domains, how can routing loops be avoided?
A.
B.
C.
D.
Answer: B