|
Question 1.
Which statement is true in regards to proxy IP addresses configured on a switch?
A. Source IP any packet aggressing the Alteon switch will be changed.
B. Destination IP any packet regressing the Alteon switch will be changed.
C. Destination IP any packet engrossing the Alteon switch will be changed.
D. All packets will be sent to a proxy server that is external to the Alteon Switch.
Answer: A
Question 2.
In a Global Server Load Balancing configuration, when would you use HTTP-Redirect to redirect client to the remote Virtual Server?
A. based on which site has the lower request-response metric
B. when the local sites real servers reach 90% of their capacity
C. when HTTP resources that were requested from the local site are not available
D. when client request is closer to the remote site then to the currently request site
Answer: C
Question 3.
Company.com is using Alteon 180E switches for Server Load balancing. The network contains
the following information:
* over 24 web servers
* use of all 9 ports with L2 fan out switches
* two switches with an VRRP Active/Stanby configuration
* Alteon switch statistic shows port utilization of 75-80%
The customer wants to add more Layer 7 server load balancing to the server form in the near future, but 180E switches are maxed out on performance.
Which hardware upgrade option should be recommended?
A. Buy 2 Alteon Application switches 2424.
B. Buy 2 184 switches to replace the 180E switches
C. Install 2 Alteon Link Lode balancers in fount of the 180E's.
D. Buy 2 more 180E switches and divide the load of web servers.
Answer: A
Question 4.
A support engineer wants to limit the bandwidth to protect against congestion on an Alteon network.
What classification criteria will be used to meet this objective? (choose two.)
A. VLAN
B. NNTP
C. Virtual Server
D. Size of Frames
Answer: B, C
Question 5.
Company.com's network is connected to an Alteon Switch in turn is connected to an ISP router. The following information exists in the network
* 10.1.0.0/16 subnet for all internal networks
* internet accessible web servers on this internal network with 10.1.1.25 & 10.1.1.26
* static NAT for these two servers to NAT to 164.143.243.25 & 164.143.243.26
The rest of the workstation are client workstation that are not accessed from the internet, but need to initiate connections to the internet and back.
Which steps are required to achieve this configuration? (Choose four.)
A. Create a proxy IP on port facing the internal network.
B. Create a static filter on the internet facing port for web servers.
C. Create a static filter on the internal network facing port for web servers.
D. Create one filter for all the workstations that need to initiate connections to the internet and
add it to the internet facing port.
E. Create one filter for all the workstations that need to initiate connections to the internet and add
it to the internal network facing port.
Answer: A, B, C, E
Question 6.
An Alteon customer has the following network scenario:
* 20 virtual Servers in a server farm providing RTSP & HTTP services via 2 ISP links
* Each of the ISP's routers are setup to pass traffic to both the Alteon switches at the same time
* Each virtual server is taking an equal share of the bandwidth
* Alteon switches to provide redundancy.
Which configuration provides optimal performance?
A. RTSP and HTTP will not work through the same switch since RTSP user \s UDP.
B. Use VRRP Active-Active with sharing enable, all the switches providing services to all the
virtual servers.
C. Setup one Altone switch to provide RTSP services and other Altone switch to provide HTTP
services, since mixing RTSP and HTTP traffic is not advisable.
D. Setup VRRP Active-Standby with each service switch acting as VRRP master for 10 virtual
servers and acting as VRRP backup for the other 10 serves. Same with other Altone switch.
Answer: D
Question 7.
On creation occasions it may be required to upgrade Alteon Application Switches (e.g.: AAS 2424) via console connection and binary image. to upgrade the switch, connect via console using 9600 8-N-1, power cycle.
Which two key stroke sequences would successful connect the console? (Choose two.)
A. Shift-f to set switch for subsequent console connection, image transfer @ 57600 baud
B. Shift-d to set switch for subsequent console connection, image transfer @ 38400 baud
C. Shift-x to set switch for subsequent console connection, image transfer @ 115200 baud
D. Shift-d to set switch for subsequent console connection, image transfer @ 115200 baud
Answer: A, C
Question 8.
Company.com has an ASF network running 2.0 software. The network is experiencing intermittent user connectivity problems.
What is the most likely cause of the problem?
A. Vlan's are misconfigured.
B. EMC has lost contact with the ASF.
C. ARP Cache has reached max high water
D. The host that are not able to connect were not defined within the access list
Answer: C
Question 9.
Company.com has multiple networks behind a firewall and wants to combine them into one port.
Which command best describes how to accomplish this objective?
A. /cfg/net/port 3/vtag yes
B. /cfg/net/port 3/trunk enable
C. /cfg/net/port 3/vtag enable
D. /cfg/net/trunk 1/add 3/add 4
Answer: A
Question 10.
A support engineer upgraded an ASF network from 2.0 to 3.0 using the .pkg file and noticed problems within the existing OSPF net work.
What is the most likely cause of the problem?
A. The ARP Cache has filled up
B. The routing table has maxed out inadvertently.
C. Upgrading from 2.0 to 3.0 does not support an OSPF upgrade.
D. OSPF neighbors have lost communication with the ASF running OSPF
Answer: C
Question 11.
An ASF cluster has the following configuration:
* Multiple firewall directors
* Accelerator components to be updated and configured as a whole
This is know as what type of configuration?
A. NAAP
B. Clustering
C. Management IP Address
D. Single System Image (SSI)
Answer: D
Question 12.
A support engineer is unable to establish a SIC trust between the EMC and ASF director.
What should the support engineer do to resolve this problem? (choose two)?
A. Ensure the license is installed.
B. Unload the local policy from the ASF Director.
C. Ensure that the firewall is enabled and running.
D. Ensure the EMC Manager is set within the access list.
E. Make sure your policy has an accept rule to allow communication.
Answer: B, C
Question 13.
In order to achieve stateful fail-over between an ASF cluster, where must synchronization be configured? (choose two.)
A. the Alton Accelerator
B. the Alton Switched Firewall
C. the Checkpoint SMART TRACKER
D. the Check point management server
Answer: B, D
Question 14.
Which command describes how to configure RIP Routing?
A. /cfg/route/rip
B. /cfg/route/rip
C. /cfg/route/rip 1 or rip 2
D. /cfg/net/route/rip 1 or rip 2
Answer: B
Question 15.
A support engineer is tasked to troubleshoot a network consisting of an ASF 5010 Cluster of two
SFD's and two SFA's with 2.0 software running sync on Ethernet 2 between the two SFD's. the support engineer types in the info/clu command and notices synch errors.
What can be concluded about the synch error messages? (choose two.)
A. SFD lost communication with SFA.
B. Policy has not been pushed to cluster.
C. The two SFD's lost communication with their GW.
D. One of the SFD's sync ports has been unplugged.
E. No valid checkpoint license has been installed onto the cluster.
Answer: B, D
|
Question 1.
DRAG DROP
You work as a network technician at ITCertKeys.com. Your boss, Mrs. ITCertKeys, in Cisco client security software applications. Match the applications with the descriptions.
Answer:
Question 2.
Which two statements about Layer 3 access designs are correct? (Choose two.)
A. Broadcast and fault domains are increased
B. Limits on clustering and NIC teaming are removed
C. Convergence time is fractionally slower than STP
D. IP Address space is difficult to manage
E. Fast uplink convergence is supported for failover and fallback
Answer: D, E
Question 3.
Which two of these key fields are used to identify a flow in a traditional NetFlow implementation? (Choose two.)
A. Destination IP Address
B. Output Interface
C. Source MAC address
D. Next-hop IP Address
E. Source Port
F. Next-hop MAC Address
Answer: A, E
Question 4.
Which of these is true of IP addressing with regard to VPN termination?
A. Termination devices need routable addresses inside the VPN
B. Designs should not include overlapping address spaces between sites, since NAT is not
supported
C. IGP routing protocols will update their routing tables over an IPSec VPN
D. Addressing designs need to allow for summarization
Answer: D
Question 5.
When is a first-hop redundancy protocol needed in the distribution layer?
A. When preempt tuning of the default gateway is needed
B. When the design implements Layer 2 between the access switch and the distribution switch
C. When HSRP is not supported by the design
D. When a robust method of backing up the default gateway is needed
E. When multiple vendor devices need to be supported
F. When the design implements Layer 3 between the access switch and the distribution switch
Answer: F
Question 6.
Which of these practices should you follow when designing a Layer 3 routing protocol?
A. Never peer on transit links
B. Build squares for deterministic convergence
C. Build inverted U designs for deterministic convergence
D. Summarize routes at the distribution to the core to limit EIGRP queries or OSPF LSA
propagation
Answer: D
Question 7.
Which two statements correctly identify considerations to take into account when deciding on Campus QoS Design elements? (Choose two.)
A. Call signaling must have guaranteed bandwidth service
B. Strict-priority queuing should be limited to 50% of the capacity of the link
C. At least 23 percent of the link bandwidth should be reserved for default best-effort class
D. Voice needs to be assigned to the hardware priority queue
E. Voice needs to be assigned to the software priority queue
Answer: A, D
Question 8.
Which statement about IDS/IPS design is correct?
A. An IPS should be deployed if the security policy does not support the denial of traffic
B. Bandwidth considerations must be taken into account since IDS is deployed inline to traffic
flow
C. An IDS analyze a copy of the monitored traffic and not the actual forwarded packet
D. Traffic impact considerations are increased when deploying an IDS over an IPS sensor
Answer: C
Question 9.
In which two locations in an enterprise network can an IPS sensor be placed? (Choose two.)
A. Between two layer devices without trunking
B. Between two Layer 2 devices with trunking
C. Between a Layer 2 device and a Layer 3 device with trunking
D. Bridging two VLANs on one switch
E. Bridging VLANs on two switches
Answer: A, B
Question 10.
DRAG DROP
You work as a network technician at ITCertKeys.com. Your boss, Mrs. ITCertKeys, in Cisco NAC appliance components. Match the applications with the appropriate descriptions.
Answer:
Explanation:
Network admission control (NAC) is a collection of technologies that can be used to enhance network security services. Specifically, NAC can perform posture validation, which ensures that only permitted devices can communicate on the network.
NAC appliance has Manager, servers and client like:
1. NAC Manager
2. NAC Server
3. NAC Profile Server
4. NAC Guest Server
5. NAC Client Agent
1. Cisco NAC Appliance Manager (Cisco NAM): Acts as a NAC Appliance administration server for defining policies
2. Cisco NAC Appliance Server (Cisco NAS): Acts as a policy enforcement server between the trusted and untrusted networks
3. Cisco NAC Appliance Agent (Cisco NAA): Acts as an optional agent for Windows-based clients
4. NAC Appliance Policy Updates: Checks the status of updates applied to operating systems, antivirus signatures, and other client software
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.