Saturday, June 14, 2008

It's Saturday, June 14, and here are the answers to yesterday's Cisco certification exam training questions!


Your router has a Serial interface with an IP address of /24. You want to create a static route that sends packets out that interface if there is no other match for the destination in the routing table. What single command will accomplish this?

Answer: ip route serial1. You'll only use the IP address in the ip route command when you're referring to an address on the next-hop router. When you're specifying a local exit interface, that interface's IP address is not referred to in the command.


What is the destination address of an EIGRP hello packet?






F. EIGRP does not send Hello packets.

Answer: D.

CCNP Certification / BSCI Exam:

Identify the optional transitive BGP attributes.

A. origin

B. next-hop



E. aggregator

F. atomic aggregate

G. community


Answer: E, G. Community and aggregator are the two transitive optional BGP attributes, "transitive" meaning that their values will be carried from one AS to another. MED is the only optional non-transitive attribute.

CCNP Certification / BCMSN Exam:

Short answer: Briefly describe the purpose and operation of DHCP Snooping.

Answer: DHCP Snooping is a method of detecting rogue DHCP servers and minimizing or eliminating their impact on the network. DHCP Snooping determines whether a DHCP device is trusted or untrusted, and only DHCP messages from trusted devices are passed through the switch.


Name the two different methods of running TCP Intercept and briefly discuss the main difference between the two.

Answer: TCP Intercept can run in intercept or watch mode. In Intercept mode, the router will not forward incoming SYN packets directly to the intended destination; the router itself answers those incoming TCP SYN packets with a SYN-ACK.

If the SYN source turns out to be legitimate, the router will have a successful three-way handshake with that source. At the same time, the router will open a TCP connection to the original destination, and then merges the two TCP connections.

SYN packets from non-legitimate sources never reach the original destination.

In watch mode, the router takes a more passive role. The router will not intercept incoming SYN packets, but will allow them to reach the intended destination. The router watches that incomplete TCP connection, and if it's not completed in a certain period of time - by default, 30 seconds - the router will close the connection, preventing the connection from remaining in an incomplete state for an indefinite period of time.

CCNP / ONT exam:

Name the three packet drop modes used by Random Early Detection, and briefly discuss each.

No Drop: When the number of packets in the queue is between zero and the minimum, RED drops no packets. After all, if the queue size is below the minimum threshold, why drop packets?

Random Drop: Between the minimum and maximum thresholds, packets are randomly dropped ("early detection"). As the queue size gets closer to the maximum, RED increases the drop rate.

Full Drop: When the queue size exceeds the maximum, all newly-arrived packets are dropped until the queue size no longer exceeds that maximum. If that sounds like tail drop, that's because it is!

New questions posted later today, and I'll have at least one new set of CCNA and CCENT questions on the main website over the weekend - watch the blog for a link!

To your success,

Chris Bryant
CCIE #12933

No comments:

Blog Archive