Scribd
Upload
29 views21 pages

Design Clarification

The document contains a series of design questions and answers related to network architecture, specifically focusing on load-balancing algorithms, DMVPN configurations, OSPF adjacencies, EIGRP settings, and SD-WAN policies. It outlines specific configurations and recommendations for various routers and network setups to ensure optimal performance and security. Key topics include routing path determinacy, spanning tree arrangements, and security measures for network management systems.

Uploaded by

Tanveer Akhtar
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views21 pages

Design Clarification

The document contains a series of design questions and answers related to network architecture, specifically focusing on load-balancing algorithms, DMVPN configurations, OSPF adjacencies, EIGRP settings, and SD-WAN policies. It outlines specific configurations and recommendations for various routers and network setups to ensure optimal performance and security. Key topics include routing path determinacy, spanning tree arrangements, and security measures for network management systems.

Uploaded by

Tanveer Akhtar
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Design v1/v1+/v2/v2+

Similar Questions with Proper Answers

Question 5 in Design v1 and v1+

Which load-balancing algorithms should the operations team use as a reusable standard?

A. src-dst-mac
B. vlan-src-ip
C. src-dst-ip
D. src-mixed-ip-port

Answer:
• src-mixed-ip-port

Note: Only one needs to be selected in the above question


Question 5 in Design v1 and v1+

Refer to the new resource(s) available.

To ensure traffic does not bypass the DMVPN, identify which design changes should be implemented
on which routers.

Design Changes R24 R70 R61 R62

Stop sending [Link]/16 routes into BGP

Stop sending [Link]/16 routes into BGP

Ensure default routes forwards into the DMVPN

Only advertise DMVPN NBMA address into BGP

Answer:

Design Changes R24 R70 R61 R62

Stop sending [Link]/16 routes into BGP

Stop sending [Link]/16 routes into BGP

Advertise default route toward DMVPN peer(s)

Ensure default routes forwards into the DMVPN

Only advertise DMVPN NBMA address into BGP


Question 9 in Design v1 and v1+

This item consists of multiple questions. You may need to scroll down to be able to see all questions.

During the establishment of OSPF adjacencies, a neighbor relationship passes through several stages
and stalls. Drag and drop the neighbor relationship stages from the left into center on the right. Not
all options are used.

Ordered the stages

Loading Stage 1

Active Stage 2

Exchange Stage 3

Exstart Stage 4

Stage 5
Syncing

Stage 6
Int

2-way

Down
Answer:

Ordered the stages

Down

Active Int

2-way

Exstart

Exchange

Loading
Syncing
Question 10 in Design v1 and v1+

Ordered Steps

On router R24, reduce the EIGRP administrative Step 1


distance.

On router R23, configure the existing NHRP network Step 2


ID.
Step 3
On router R24, configure NHRP as a client of router
R23.
Step 4
On router R23, configure a new NHRP network ID.

Step 5
On router R23, add NHRP as a next hop to the
spoke routers.

On router R23, configure NHRP as a client of router


R24.

On router R23, create a new tunnel interface.

On router R23, start the EIGRP process on the


tunnel interface.
Answer:

Ordered Steps

On router R24, reduce the EIGRP administrative On router R23, create a new tunnel interface.
distance.

On router R23, configure the existing NHRP network


ID.

On router R23, configure NHRP as a client of router


On router R24, configure NHRP as a client of router
R24.
R23.

On router R23, add NHRP as a next hop to the


spoke routers.

On router R23, start the EIGRP process on the


tunnel interface.

On router R23, configure a new NHRP network ID.


Question 11 in Design v1 and v1+

Which solution must Xander use to improve the determinacy of the chosen routing path from the
branch networks forward the data center?

A. On router R23, modify the administrative distance of the EIGRP process.


B. On router R23, use static routing toward the DMVPN spoke routers.
C. On router R23, update EIGRP to use an offset list to modify its route advertisements.
D. On the spoke routers, adjust the K values to tweak EIGRP metric calculations.

Answer:

• On router R23, update EIGRP to use an offset list to modify its route advertisements.
Question 13 in Design v1 and v1+

If options are only for Control plane and data plane, then use this answers

Control plane Data plane

Block ICMP Type 3 Code 4. Label 1 Label 1

Rate limit ICMP. Label 2 Label 2

Block all TCP 179 connections.

Block all multicast.

Block RFC1918 address on external


interfaces.

Restrict BGP connections.

Perform a Unicast Reverse Path Forwarding


check.

Disable Telnet.

Create a virtual Teletype access control list.


Answer:

Control plane Data plane

Disable Telnet. Rate limit ICMP.

Restrict BGP connections. Perform a Unicast Reverse Path Forwarding


check.

If options are only for Control plane data plane and management plane, then use this answers

Control plane Data plane Management Plane

Block ICMP Type 3 Code 4. Label 1 Label 1 Label 1

Rate limit ICMP. Label 2

Block all TCP 179 connections.

Block all multicast.

Block RFC1918 address on external


interfaces.

Restrict BGP connections.

Perform a Unicast Reverse Path


Forwarding check.

Disable Telnet.
Answer:

Control plane Data plane Management Plane

Restrict BGP Rate limit ICMP. Disable Telnet.


connections.

Perform a Unicast
Reverse Path
Forwarding check.
Question 21 in Design v1 and v1+

Which two solutions must be recommended for the trial? (Choose two.)

A. Arrange copper cabling back to the wiring cabinet for all the sensors, and add additional PoE
switches to the wiring cabinet to accommodate the port density requirements.
B. Arrange fiber uplink cabling back to the wiring cabinet from the sensor locations, and add
additional PoE switches to the wiring cabinet to accommodate the port density
requirements.
C. Arrange fiber uplink cabling back to the wiring cabinet from the sensor locations, and do not
add additional PoE switches to the wiring cabinet to accommodate the port density
requirements.
D. Install a Cisco Catalyst Extended node switch close to each sensor location.
E. Install an industrial Ethernet switch as extended node close to each sensor location.

Answer:
• Arrange fiber uplink cabling back to the wiring cabinet from the sensor locations, and do not
add additional PoE switches to the wiring cabinet to accommodate the port density
requirements
• Install an industrial Ethernet switch as extended node close to each sensor location
Question 22 in Design v1 and v1+

Refer to the new resource(s) available.

Select the SD-WAN policy types that meet the routing path requirements.

SD-WAN Policy Type

Routing path requirements Localized Centralized Centralized Localized


data policy data policy control policy control policy

Topology changes

Direct internet access with next-


hop rewrite

OSPF routing policy

Application-based routing

Answer:

SD-WAN Policy Type

Routing path requirements Localized Centralized Centralized Localized


data policy data policy control policy control policy

Topology changes

Direct internet access with next-


hop rewrite

OSPF routing policy

Application-based routing
Question 23 in Design v1 and v1+

Drag and drop the solutions from the left into order on the right to build a plan for deploying SD-
WAN connectivity to on AWS VPC. Not all options are used.

Ordered Plan

Ensure that Cisco vBond is reachable over AWS Solution 1


DirectConnect.

Deploy a Cisco Catalyst 8000V from the AWS Solution 2


marketplace

Use Cisco SD-WAN Cloud OnRamp for Multicloud Solution 3


workflow to deploy AWS cloud gateway in the
automated way.

Utilize Cloud OnRamp for Multicloud.

Deploy a Cisco Catalyst 9000V from the AWS


marketplace.

Create a transit gateway that terminates an


internet-facing VPN and provides reachability
between the cloud and on-premises.

Create a NAT each controller

Ensure that Cisco vBond is reachable over the


internet.

Answer:

Create a transit gateway that terminates an


internet-facing VPN and provides reachability
between the cloud and on-premises.

Deploy a Cisco Catalyst 8000V from the AWS


marketplace

Ensure that Cisco vBond is reachable over the


internet.
Question 3 in Design v2 and v2+

Which two arrangements of spanning trees satisfy Charlie Brown's specifications? Select two.

• Reduce the forward time of the spanning tree.


• Reduce the max age of the spanning tree.
• Reduce the hello timer of the spanning tree.
• Make SW201 the root for all the VLANs and make SW202 the secondary.
• Make SW201 the root for the even VLANs and make SW202 the root for the odd VLANs.
• Implement MSTP.

Answer

• Reduce the max age of the spanning tree.


• Make SW201 the root for the even VLANs and make SW202 the root for the odd VLANs.
Question 7 in Design v2 and v2+

Which of the following two suggestions will result in Branch #3 being moved to OSPF? Select two.

• Redistribute BGP into OSPF with a metric of Type 1 and subnets features enabled on R61 and
R62.
• Redistribute BGP into OSPF with a metric of Type 2 on R61 and R62.
• Redistribute BGP into OSPF with the subnets feature enabled and without a metric type
specified on R61 and R62.
• Use the default metric as the metric value.
• Use the metric feature to specify a metric value.

Answer

• Redistribute BGP into OSPF with a metric of Type 1 and subnets features enabled on R61 and
R62.
• Use the metric feature to specify a metric value.
Question 8 in v2+

Answer:

4
7

Note: You may see any values/names with the numbers, focus on the numbers which needs to be
drop in the grey boxes. The name with the numbers in exam will not shuffle, so focus on the
numbers

Example:

Options Label
1 A
2 B
3 C
4 D
5 E
6 F
7 G
So the answer based on the above example are:-

D
G
Question 11 in v2+

Options Label
1 VRF-Lite
2 Route distribution
3 MP-BGP
4 OSPF
5 LDP
6 Loopback address
7 Route-target Export
8 Route-target Import
9 IS-IS
10 L3VPN

Answer:

VRF-Lite LDP

Route distribution Loopback address

MP-BGP Route-target Export


OSPF Route-target Import
Question 14 in Design v2 and v2+

To satisfy the DMVPN's resiliency criteria, make sure every router has all the functionalities that
are necessary. Choose every option that pertains.

Features Required R61 R23 R24 R70

NHRP authentication

NHRP Next Hop Server

NHRP redirect

NHRP shortcut

Disabled split horizon and next-hop self

Stub

Summary rfc1918 address on tunnel

Answer

Features Required R61 R23 R24 R70

NHRP authentication

NHRP Next Hop Server

NHRP redirect

NHRP shortcut

Disabled split horizon and next-hop self

Stub

Summary rfc1918 address on tunnel


Question 15 in Design v2 and v2+

Which routers will be used by the operations teams to diagnose DMVPN problems? Choose every
option that pertains.

Related Issues R23 R24 R21 R6

Encryption method

Link down

IPSec Keys

NHRP

Routing adjacency

Physical interface MTU

Tunnel interface MTU

Answer

Related Issues R23 R24 R21 R6

Encryption method

Link down

IPSec Keys

NHRP

Routing adjacency

Physical interface MTU

Tunnel interface MTU


Question 20 in Design v2 and v2+

Which two suggestions give the data submitted to the NMS security? Select two.

• a unique community string


• ACLs associated to a community string
• an SNMP user group associated to a security level
• complex community strings of 16-plus characters
• read and write privileges
• read-only privileges

Answer

• an SNMP user group associated to a security level


• read and write privileges

You might also like