Cisco 642-812

Building Converged Cisco Multilayer Switched Networks

http://rapidshare.de/files/48851518/PassGuide_ccnp_642-812.pdf.html

http://www.sendspace.com/file/8qm6wq

http://rapidshare.com/files/322130117/PassGuide_ccnp_642-812.pdf.html

http://uploading.com/files/99b26b7b/PassGuide%2Bccnp%2B642-812.pdf/

http://www.4shared.com/file/175172567/86e3a51d/PassGuide_ccnp_642-812.html

Q&A Demo

www.PassGuide.com

(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.

Important Note
Please Read Carefully

Study Tips

This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.

Go through the entire document at least twice so that you make sure that you are not missing anything.

Latest Version

We are constantly reviewing our products. New material is added and old material is revised. Free updates are available for 120 days after the purchase. You should check your member zone at PassGuide an update 3-4 days before the scheduled exam date.

Feedback

If you spot a possible improvement then please let us know. We always interested in improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.

Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————

Copyright

Each pdf file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular pdf file is being distributed by you, CertBible reserves the right to take legal action against you according to the International Copyright Laws.
1. Refer to the exhibit. What is the effect on the trust boundary of configuring the command mls qos trust cos on the switch port that is connected to the IP phone?
Select the best response.

A. Effectively the trust boundary has been moved to the IP phone.
B. The host is now establishing the CoS value and has effectively become the trust boundary.
C. The switch is rewriting packets it receives from the IP phone and determining the CoS value.
D. The switch will no longer tag incoming voice packets and will trust the distribution layer switch to set the CoS.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.

Answer: A

2. Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is configured on the switch port interface connected to the IP phone?

Select the best response.

A. Effectively, the trust boundary has been moved to the PC attached to the IP phone.
B. The computer is now establishing the CoS value and has effectively become the trust boundary.
C. The IP phone is enabled to override with a CoS value of 3 the existing CoS marking of the PC attached to the IP phone.
D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the distribution layer switch.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.

Answer: C

3. Which three WLAN statements are true? (Choose three.)
Select 3 response(s).

A. A lightweight AP receives control and configuration from a WLAN controller to which it is associated.
B. A WLAN client that is operating in half-duplex mode will delay all clients in that WLAN.
C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP.
D. Another term for infrastructure mode is independent service set (IBSS).
E. The Aironet 1230 access point is an example of an access point that operates solely as a lightweight access point.
F. WLANs are designed to share the medium and can easily handle an increased demand of channel contention.

Answer: ABC

4. Which statement is true about IP telephony calls?
Select the best response.

A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP header, and Layer 2 link header.
B. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints.
C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual voice samples.
D. The sum of bandwidth necessary for each major application, including voice, video, and data, should not exceed 75 percent of the total available bandwidth for each link.

Answer: D

5. Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch? (Choose three.)
Select 3 response(s).

A. The CoS value is trusted for 802.1p or 802.1q tagged traffic.
B. The voice VLAN feature is disabled by default.
C. The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to 4.
D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.
E. PortFast is automatically disabled when a voice VLAN is configured.
F. The default CoS value for incoming traffic is set to 0.

Answer: BDF

6. In what three ways is QoS applied in the campus network? (Choose three.)
Select 3 response(s).

A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution layer switches and used to prioritize and queue the traffic as it traverses the core.
B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics that are set by the access layer as it passes traffic to the distribution layer. The distribution layer, once it has made a switching decision to the core layer, strips these off.
C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice submodule (distribution layer) as traffic passes to the core layer.
D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic within a certain time frame, which is typically a fixed number internal to the switch. If a frame is determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way that results in the packet being dropped.
E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or remarked) at Layers 2 and 3 by the access switch as it enters the network, or is “trusted” that it is entering the network with the appropriate tag.
F. Traffic inbound from the access layer to the distribution layer can be trusted or reset depending upon the ability of the access layer switches. Priority access into the core is provided based on Layer 3 QoS tags.

Answer: AEF

7. Which two Aironet enterprise solution statements are true? (Choose two.)
Select 2 response(s).

A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to probe-request frames from clients.
B. A Cisco Aironet solution includes intelligent Cisco Aironet access points (APs) and Cisco Catalyst switches.
C. In the Cisco Aironet solution, each AP is locally configured by the use of either a web interface or the command line interface.
D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN controller handles those items which are not time sensitive.
E. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet AP and a LAN switch.

Answer: AD

8. Which statement about the Lightweight Access Point Protocol (LWAPP) is true?
Select the best response.

A. LWAPP encrypts control traffic between the AP and the controller.
B. LWAPP encrypts user traffic with a x.509 certificate using AES-CCMP.
C. LWAPP encrypts both control traffic and user data.
D. When set to Layer 3, LWAPP uses a proprietary protocol to communicate with the Cisco Aironet APs.

Answer: A

9. Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?
Select the best response.

A. reduction of processing in wireless controllers
B. distributed approach to authentication, encryption, and policy enforcement
C. provides security by blocking communication between access points and wireless clients
D. access point discovery, information exchange, and configuration

Answer: D

10. Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?
Select the best response.

A. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1.
B. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0.
C. No. Traffic will loop back and forth between switch S5 and S2.
D. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
E. No. Traffic will either pass from switch S6 to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end.

Answer: D

11. Refer to the exhibit. The service provider wants to ensure that switch S1 is the root switch for its own network. On which interfaces should root guard be configured to ensure that this happens?
Select the best response.

A. interfaces 1 and 2
B. interfaces 1, 2, 3, and 4
C. interfaces 1, 3, 5, and 6
D. interfaces 5 and 6
E. interfaces 5, 6, 7, and 8
F. interfaces 11 and 12

Answer: D

12. Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.)
Select 2 response(s).

A. The Aironet Desktop Utility (ADU) can be used to establish the association between the client adapter and the access point, manage authentication to the wireless network, and enable data encryption.
B. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be used at the same time to configure the wireless client adapter.
C. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and used at a time.
D. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one profile for the wireless client adapter.
E. When the user selects a different profile in the Aironet Desktop Utility (ADU), the settings for the wireless client adapter are changed only after a reboot.

Answer: AC

13. Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled during the installation and the icon appears in the system tray area in the lower right of the desktop. What is the significance of the icon?
Select the best response.

Using PassGuide online virtual CCNP practice engine, easy to know well CCNP Training knowledge and pass the Cisco CCNP certification exams.

A. It indicates that the radio of the client adapter is disabled.
B. It indicates that the client adapter is not associated to an access point or another client.
C. It indicates that the client adapter is associated to an access point or another client, but the user is not EAP authenticated.
D. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is excellent or good.
E. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is fair.
F. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is poor.

Answer: F

14. In each option, a Layer 2 security attack is specified. Which statement correctly matches the correct mitigation technique with the specified Layer 2 switch attack?
Select the best response.

A. Configure DHCP spoofing to mitigate ARP address spoofing attacks.
B. Configure DHCP spoofing to mitigate DHCP spoofing attacks.
C. Configure PVLANs to mitigate MAC address flooding attacks.
D. Configure port security to mitigate MAC address flooding attacks.
E. Enable root guard to mitigate ARP address spoofing attacks.
F. Configure dynamic ARP inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.

Answer: D

15. Which description correctly describes a MAC address flooding attack?
Select the best response.

A. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device.
B. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device.
C. The attacking device spoofs a destination MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
D. The attacking device spoofs a source MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
E. Frames with unique, invalid destination MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
F. Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.

Answer: F

16. Refer to the exhibit. An attacker is connected to interface Fa0/11 on switch A-SW2 and attempts to establish a DHCP server for a man-in-middle attack. Which recommendation, if followed, would mitigate this type of attack?
Select the best response.

A. All switch ports in the Building Access block should be configured as DHCP trusted ports.
B. All switch ports in the Building Access block should be configured as DHCP untrusted ports.
C. All switch ports connecting to hosts in the Building Access block should be configured as DHCP trusted ports.
D. All switch ports connecting to hosts in the Building Access block should be configured as DHCP untrusted ports.
E. All switch ports in the Server Farm block should be configured as DHCP untrusted ports.
F. All switch ports connecting to servers in the Server Farm block should be configured as DHCP untrusted ports.

Answer: D

17. Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and internal users. For security reasons, the servers should not communicate with each other, although they are located on the same subnet. The servers do need, however, to communicate with a database server located in the inside network. What configuration will isolate the servers from each other?
Select the best response.

A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
B. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
C. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
D. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN community ports.

Answer: A

18. What are three required steps to configure DHCP snooping on a switch? (Choose three.)
Select 3 response(s).

A. Configure DHCP snooping globally.
B. Configure DHCP snooping on an interface.
C. Configure DHCP snooping on a VLAN or range of VLANs.
D. Configure the switch as a DHCP server.
E. Configure all interfaces as DHCP snooping trusted interfaces.
F. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages.

Answer: ABC

19. A client is searching for an access point (AP). What is the correct process order that the client and access point go through to create a connection?
Select the best response.

A. probe request/response, authentication request/response, association request/response
B. association request/response, authentication request/response, probe request/response
C. probe request/response, association request/response, authentication request/response
D. association request/response, probe request/response, authentication request/response

Answer: A

20. Which statement about the Lightweight Access Point Protocol (LWAPP) protocol is true?
Select the best response.

A. The processing of 802.11 data and management protocols and access point capabilities is distributed between a lightweight access point and a centralized WLAN controller.
B. LWAPP aggregates radio management forward information and sends it to a wireless LAN solution engine.
C. LWAPP authenticates all access points in the subnet and establishes a secure communication channel with each of them.
D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the wireless LAN.

Answer: A

21. Which statement describes the function of a trust boundary?
Select the best response.

A. Trust boundaries determine whether certain types of traffic can pass.
B. Trust boundaries are a point in the network where decisions about CoS markings on incoming packets are made.
C. Trust boundaries are a point in the network where QoS functionality begins and ends.
D. Trust boundaries are points in the network where Layer 2 CoS markings are converted to Layer 3 DSCP or IP precedence markings.

Answer: B

22. Which statement is true about utilizing a data network for voice traffic?
Select the best response.

A. Adding bandwidth to the data network is the primary solution to provide for the needs of voice traffic.
B. Because voice traffic volume cannot be calculated, network bandwidth requirements must be determined from an existing installation.
C. Voice traffic will require some form of QoS mechanisms in most networks.
D. Voice traffic will require some form of QoS implementation only in congested networks.
E. Network congestion must be totally eliminated to provide proper voice traffic performance.

Answer: C

23. Refer to the exhibit. Which switch interface configuration command would automatically configure quality of service (QoS) for voice over IP (VoIP) within a QoS domain?
Select the best response.

A. auto qos voip cisco-phone
B. mls qos trust
C. switchport priority extend cos 7
D. switchport priority extend trust

Answer: A

24. Refer to the exhibit. Which Catalyst switch interface command would be used to cause the switch to instruct the phone to override the incoming CoS from the PC before forwarding the packet to the switch?
Select the best response.

A. switchport priority extend trust
B. switchport priority extend cos 2
C. switchport priority extend cos 11
D. mls qos cos 2
E. mls qos cos 2 override

Answer: B

25. Refer to the exhibit. Dynamic ARP inspection (DAI) is enabled on switch SW_A only. Both Host_A and Host_B acquire their IP addresses from the DHCP server connected to switch SW_A. What would the outcome be if Host_B initiated an ARP spoof attack toward Host_A ?
Select the best response.

A. The spoof packets will be inspected at the ingress port of switch SW_A and will be permitted.
B. The spoof packets will be inspected at the ingress port of switch SW_A and will be dropped.
C. The spoof packets will not be inspected at the ingress port of switch SW_A and will be permitted.
D. The spoof packets will not be inspected at the ingress port of switch SW_A and will be dropped.

Answer: C

26. A Cisco Aironet Wireless LAN Adapter CB21AG is inserted into a PC cardbus slot. Both the green status LED and the amber activity LED are blinking slowly. What is the condition of the adapter?
Select the best response.

A. The adapter is not receiving power.
B. The adapter is in power save mode.
C. The adapter is scanning for the wireless network for which it is configured.
D. The adapter is associated to an access point or another client.
E. The adapter is transmitting or receiving data while associated to an access point or another client.

Answer: D

27. Refer to the exhibit. The signal transmitted from the AP is reflected off a wall resulting in multipath interference at the client end. Which statement is true?
Select the best response.

A. If signal 1 is in phase with signal 2, the result is essentially zero signal or a dead spot in the WLAN.
B. If signal 2 is close to 360 degrees out of phase with signal 1, the result is essentially zero signal or a dead spot in the WLAN.
C. Multipath interference is solved by using dual antennas.
D. Multipath interference is less of an issue when using a DSSS technology because multipath is frequency selective.
E. The transmitted signal from the AP arrives at the client at slightly different times resulting in phase shifting.

Answer: E

28. Refer to the exhibit. Which two Lightweight Access Point statements are true? (Choose two.)

Select 2 response(s).

A. An AP that has been upgraded from an autonomous AP to lightweight AP will only function in conjunction with a Cisco Wireless LAN controller.
B. Autonomous APs receive control and configuration information from a WLAN controller.
C. LWAPP increases the amount of processing within the APs, enabling them to support filtering and policy enforcement features.
D. Real time events such as authentication, security management, and mobility are handled by the lightweight AP.
E. Lightweight APs require local configurations using local management.
F. WLAN controllers provide a single point of management.

Answer: AF

29. Which two WLAN client utility statements are true? (Choose two.)
Select 2 response(s).

A. In a Windows XP environment, a client adapter can only be configured and managed with the Microsoft Wireless Configuration Manager.
B. The Aironet Desktop Utility (ADU) can be used to enable or disable the adapter radio and to configure LEAP authentication with dynamic WEP.
C. The Cisco Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can both be enabled at the same time to setup WLAN client cards.
D. The Microsoft Wireless Configuration Manager can be configured to display the Aironet System Tray Utility (ASTU) icon in the Windows system tray.

Answer: BD

30. What does the global configuration command ip arp inspection vlan 10-12,15 accomplish?
Select the best response.

A. validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15
B. intercepts all ARP requests and responses on trusted ports
C. intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings
D. discards ARP packets with invalid IP-to-MAC address bindings on trusted ports

Answer: C

PassGuide CCNP Practice Test Questions

• passguide ccnp 642-812 v3.30
• passguide ccnp 642-812 pdf
• passguide cisco ccnp 642-892 december 20th
• passguide ccnp 642-825 v3.31
• latest passguide ccnp 642-901 bsci pdf december 15th
• laest passguide 642-845 v3.30 pdf
• Latest passguide cisco ccnp 642-825
• passguide cisco ccnp 642-813 training
• passguide cisco ccnp 642-832 software
• passguide cisco ccnp 642-902 software