New ICND2v3 Questions – Part 2
=========================New Questions added on 24th-Feb-2018============================
Premium Members: You can practice these questions with our quizzes first here.
Question 1
What two options are causes of network slowness that can result from inter-VLAN routing problem? (Choose two)
A. Root guard disabled on an etherchannel
B. Packet Loss
C. DTP disabled on a switchport
D. BPDU guard enabled on a switchport
E. Hardware forwarding issues
Answer: B E
Explanation
Causes for Network Slowness
Packet Loss
In most cases, a network is considered slow when higher-layer protocols (applications) require extended time to complete an operation that typically runs faster. That slowness is caused by the loss of some packets on the network, which causes higher-level protocols like TCP or applications to time out and initiate retransmission.
Hardware Forwarding Issues
With another type of slowness, caused by network equipment, forwarding (whether Layer 2 [L2] or L3) is performed slowly. This is due to a deviation from normal (designed) operation and switching to slow path forwarding. An example of this is when Multilayer Switching (MLS) on the switch forwards L3 packets between VLANs in the hardware, but due to misconfiguration, MLS is not functioning properly and forwarding is done by the router in the software (which drops the interVLAN forwarding rate significantly).
Question 2
Which two commands debug a PPPoE connection that has failed to establish? (Choose two)
A. debug ppp compression
B. debug ppp negotiation
C. debug dialer events
D. debug ppp cbcp
E. debug dialer packet
Answer: B E
Explanation
According to this link https://supportforums.cisco.com/t5/network-infrastructure-documents/troubleshooting-for-pppoe-connection-failure-part-1/ta-p/3147204
The following debug commands can be used to troubleshoot PPPoE connection that failed:
+ debug ppp authentication
+ debug ppp negotiation
+ debug pppoe event
The debug ppp negotiation command enables you to view the PPP negotiation transactions, identify the problem or stage when the error occurs, and develop a resolution.
We are not sure about the “debug dialer packet” command but it seems to be the most reasonable answer left.
Question 3
Which command do you enter to determine whether LACP is in use on a device?
A. Show port-channel summary
B. Show etherchannel summary
Answer: B
Explanation
In fact both of the answers are correct so maybe there is something wrong with this question. But we choose “show etherchannel summary” as it is the more popular command
Question 4
Which three commands do you use to verify that IPsec over a GRE tunnel is working properly? (Choose three)
A. clear crpto iskamp
B. ppp encrypt mppe auto
C. show crypto engine connections active
D. show crypto ipsec sa
E. show crypto isakmp sa
F. debug crypto isakmp
Answer: D E F
Question 5 (posted at Q.48 of https://www.9tut.net/new-updated-questions/new-icnd2v3-questions)
Which two types of cloud services may require you to alter the design of your network infrastructure? (Choose two)
A. Sudo as a Service
B. Platform as a Service
C. Infrastructure as a Service
D. Software as a Service
E. Business as a Service
Answer: B C
Explanation
+ SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients’ side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. In other words, SaaS are applications designed for end-users, delivered over web.
+ PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. In other words, PaaS is a set of tools and services designed to make coding and deploying those applications quick and efficient.
+ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In other words, IaaS is the hardware and software (servers, storage, networks, operating systems) that powers PaaS & SaaS.
Only the two lower layers services (IaaS, PaaS) may require us to alter the design of the network infrastructure.
Question 6
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process on the router
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
D. It indicates whether a neighbor supports route refresh
Answer: C
Question 7
Through with three states does a BGP routing process pass when it establishes a peering session?
A. open receive
B. inactive
C. active
D. connected
E. open sent
F. idle
Answer: C E F
Explanation
BGP forms a TCP session with neighbor routers called peers. The BGP session may report in the following states:
+ Idle
+ Connect
+ Active
+ OpenSent
+ OpenConfirm
+ Established
Reference: http://www.ciscopress.com/articles/article.asp?p=2756480&seqNum=4
Question 8
Which encryption method does CHAP authentication use for the peer response?
A. EAP
B. MD5
C. DES
D. DSS
E. AES
F. 3DES
Answer: B
Question 9
Which two characteristics of stacked switches are true? (Choose two)
A. They reduce management complexity
B. They are less scalable than modular switches
C. They can manage multiple ip addresses across multiple switches
D. They have a single management interface
E. Each unit in the stack can be assigned its own IP address
Answer: A D
Question 10
Which option describes a drawback of proxy ARP?
A. It overwrites MAC addresses
B. It can make it more difficult for the administrator to locale device misconfigurations
C. It dynamically establishes layer 2 tunneling protocol which increase network overhead
D. If proxy ARP is configured on multiple devices, the internal L2 network may become vulnerable to DDOS
Answer: D
Question 11
Which layer 2 attack is specifically mitigated by changing the native VLAN to an unused VLAN?
A. Double tagging
B. DHCP spoofing
C. VLAN spoofing
D. switch hopping
Answer: A
Explanation
Let us learn about double-tagging attack.
In double-tagging attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.
According to this link http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=10
“The best approach to mitigating double-tagging attacks is to ensure that the native VLAN of the trunk ports is different from the VLAN of any user ports. In fact, it is considered a security best practice to use a fixed VLAN that is distinct from all user VLANs in the switched network as the native VLAN for all 802.1Q trunks.” -> Answer A is correct.
Question 12
Which feature or value must be configured to enable EIGRPv6?
A. Network statement
B. Shutdown feature
C. Router ID
D. Remote AS
Answer: C
Question 13
Which command do you enter to enable local authentication for MPPP on an interface?
A. l2tp authentication
B. username router password x1
C. ppp chap password password1
D. aaa authentication ppp default local
Answer: C
Explanation
Multilink PPP (also referred to as MP, MPPP, MLP, or Multilink) provides a method for spreading traffic across multiple physical WAN links while providing packet fragmentation and reassembly, proper sequencing, multivendor interoperability, and load balancing on inbound and outbound traffic.
Reference: https://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10239-mppp-ddr.html
The command “aaa authentication ppp default local” is used to specify the local username database as the default method for user authentication but this command is configured under global configuration mode only, not on an interface.
Reference: https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfathen.html
The command “username router password x1” is used under global configuration mode too.
So maybe the “ppp chap password…” command is the best choice here.
Question 14
Which options are the two differences between HSRP V1 and V2? (Choose two)
A. Only HSRPv2 can be configured to use authentication
B. Only HSRPv2 send hello packet to 224.0.0.2
C. Only HSRPv1 send hello packet to FF02:66
D. Only HSRPv1 can be configured with a group number of 4095
E. Only HSRPv2 can be configured with a group number of 4095
F. Only HSRPv2 send hello to 224.0.0.102
Answer: E F
Explanation
In HSRP version 1, group numbers are restricted to the range from 0 to 255. HSRP version 2 expands the group number range from 0 to 4095 -> E is correct.
HSRP version 2 uses the new IP multicast address 224.0.0.102 to send hello packets instead of the multicast address of 224.0.0.2, which is used by version 1 -> F is correct.
Question 15
For which reason can a GRE tunnel have an up/down status?
A. the tunnel source interface is up
B. a tunnel destination is undefined
C. the tunnel destination is routable via a route that is separate from the tunnel
D. tunnel has been shut down
Answer: B
Explanation
Normally, a P2P GRE Tunnel interface comes up as soon as it is configured with a valid tunnel source address or interface which is up and a tunnel destination IP address which is routable -> B is correct.
Question 16
Which utility do you use to view IP traffic that is switched through the router to locate erros in a TCP stream?
A. wireshark
B. packet debugging
C. ethereal
D. ping
E. traceroute
Answer: B
Explanation
Cisco routers provide a basic method of viewing IP traffic switched through the router called packet debugging. Packet debugging enables a user to determine whether traffic is travelling along an expected path in the network or whether there are errors in a particular TCP stream. Although in some cases packet debugging can eliminate the need for a packet analyzer, it should not be considered a replacement for this important tool.
Reference: https://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1907.html
Question 17
Which command do you enter so that a port enters the forwarding state immediately when a PC is connected to it ?
A. spanning-tree portfast bpduguard default
B. spanning-tree portfast default
C. spanning-tree portfast trunk
D. no spanning tree portfas
Answer: B
Explanation
If there is a “spanning-tree portfast” answer then it will surely be a correct answer. If not then answer B is the most suitable one even though the “spanning-tree portfast default” command enables PortFast globally on all non-trunking ports, not a single port.
Question 18
Which term represents the minimum bandwidth provided in a metro Ethernet connection?
A. UNI
B. CIR
C. EVC
D. PIR
Answer: B
Explanation
Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the routing device.
Question 19
Which three effects of using local span are true? (Choose three)
A. It doubles the load on the forwarding engine
B. It prevents span destination from using port security
C. It double internal switch traffic
D. It reduces the supervisor engine
E. It reduces the load on the switch fabric
Answer: A B C
Question 20
Which tree fields can be marked with QoS? (Choose three)
A. Header checksum
B. IP precedence
C. DSCP
D. total length
E. discard class
F. TTL
Answer: B C E
Explanation
For a single class, you can set operations on any two out of the following five fields: CoS, IP Precedence, DSCP, QoS Group, and Discard Class.
Question 21
Which two values are needed to run the APIC-EM ACL analysis tool?
A. Destination port
B. Source address
C. Protocol
D. Source port
E. Periodic refresh interval
F. Destination address
Answer: B F
Explanation
We must type the source and destination addresses. Other parameters are just optional.
Question 22
In which two models can control plane functionality be implemented? (Choose two)
A. Dispersed
B. Distributed
C. Fragmented
D. Centralized
E. Allocated
Answer: B D
Explanation
Control Plane Function
In its simplest form, the control plane provides layer-2 MAC reachability and layer-3 routing information to network devices that require this information to make packet forwarding decisions. In the case of firewalls, the control plane would include stateful flow information for inspection. Control plane functionality can implemented as follows:
+ Distributed – Conventional routers and switches operate using distributed protocols for control, i.e. where each device makes its own decisions about what to do, and communicate relevant information to other devices for input into their decision making process. For example, the Spanning Tree Protocol (STP), Fabric Path, and routing protocols such as IS-IS and BGP provide distributed control of packet forwarding functionality to networking devices.
+ Centralized – In this case, a centralized controller provides the necessary information for a network element to make a decision. For example, these controller(s) instruct networking devices on where to forward packets by explicitly programming their MAC and FIBs.
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/SDN/SDN.html#wp1440878
Question 23
Which PPPoE authentication method is the least secure?
A. CHAP
B. PAP
Answer: B
Question 24
What do you need to reduce with GRE tunnel? (Choose two)
A. PMTUD
B. MSS
C. MTU
Answer: B C
Question 25
Which choice permit congestion management on QOS? (Choose three)
Answer: FIFO CBWFQ PQ
Or
Which two QoS tools can provide congestion management? (Choose two)
A. CBWFQ
B. FRTS
C. CAR
D. PQ
E. PBR
Answer: A D
Explanation
This module discusses the types of queueing and queueing-related features (such as bandwidth management) which constitute the congestion management QoS features:
Class-based WFQ (CBWFQ): extends the standard WFQ functionality to provide support for user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, access control lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class.
Priority queueing (PQ): With PQ, packets belonging to one priority class of traffic are sent before all lower priority traffic to ensure timely delivery of those packets.
Note: Committed Access Rate (CAR) is only used for bandwidth limitation by dropping excessive traffic.
Question 26
Which three protocols can you use with APIC-EM path trace? (Choose three)
Answer: ECMP SNMP SMTP
Question 27
Drag the term on the left to its definition on the right (not all options are used)
Answer:
+ poison reverse: A router learns from its neighbor that a route is down and the router sends an update back to the neighbor with an infinite metric to that route
+ LSA: The packets flooded when a topology change occurs, causing network routers to update their topological databases and recalculate routes
+ split horizon: This prevents sending information about a route back out the same interface that originally learned about the route
+ holddown timer: For a given period, this causes the router to ignore any updates with poorer metrics to a lost network
Question 28
Which three effects of using local span are true? (Choose three)
A. It doubles the load on the forwarding engine
B. It prevents span destination from using port security
C. It double internal switch traffic
D. It reduces the supervisor engine
E. It reduces the load on the switch fabric
Answer: A B C
=========================New Questions added on 29th-Mar-2018============================
Question 29
Which component of the Cisco SDN solution serves as the centralized management system?
A. Cisco OpenDaylight
B. Cisco ACI
C. Cisco APIC
D. Cisco IWAN
Answer: C
Explanation
Cisco Application Policy Infrastructure Controller (APIC)
The infrastructure controller is the main architectural component of the Cisco ACI solution. It is the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring. The APIC appliance is a centralized, clustered controller that optimizes performance and unifies operation of physical and virtual environments. The controller manages and operates a scalable multitenant Cisco ACI fabric.
Question 30
Which mode are in PAgP? (Choose two)
A. Auto
B. Desirable
C. Active
D. Passive
E. On
Answer: A B
Explanation
There are two PAgP modes:
| Auto | Responds to PAgP messages but does not aggressively negotiate a PAgP EtherChannel. A channel is formed only if the port on the other end is set to Desirable. This is the default mode. |
| Desirable | Port actively negotiates channeling status with the interface on the other end of the link. A channel is formed if the other side is Auto or Desirable. |
The table below lists if an EtherChannel will be formed or not for PAgP:
| PAgP | Desirable | Auto |
| Desirable | Yes | Yes |
| Auto | Yes | No |
Question 31
Which LACP mode sends offer to connect device?
A. active
B. passive
C. desirable
D. auto
Answer: A
Question 32
Which feature can prevent switch to become Root Bridge?
A. VTP
B. DTP
C. Root Guard
C. BPDU Guard filter
Answer: C
Question 33
what does this monitor session command mean?
monitor session 16 source interface Gi0/11
A. source monitoring session – unidirection
B. destination monitoring session – bi-direction
C. source monitoring session – bi-direction
Answer: C
Question 34
Which IPv6 ACL rules are applied as first?
A. ACL port filter
B. ACL router filter
C. ?
D. ?
Answer: A
=========================New Questions added on 8th-May-2018============================
Question 35
Drag drop about southbound and northbound APIs.
Answer:
Northbound interface:
+ RESTful
+ Ad hoc
+ File Systems
Southbound interface:
+ OpFlex
+ OpenFlow
Explanation
Cisco OpFlex is a southbound protocol in a software-defined network (SDN) designed to facilitate the communications between the SDN Controller and the infrastructure (switches and routers). The goal is to create a standard that enables policies to be applied across physical and virtual switches/routers in a multi-vendor environment.
Question 36
Which command will you use to show the snmp version and collection of users?
Answer: show snmp group
Explanation
To display the names of configured SNMP groups, the security model being used, the status of the different views, and the storage type of each group, use the show snmp group command in privileged EXEC mode.
=========================New Questions added on 15th-May-2018============================
Question 37
Drag and drop the BGP states from the left to the matching definitions on the right.
Answer:
+ OpenSent: wait for an OPEN message
+ OpenConfirm: wait for a KEEPALIVE or NOTIFICATION message
+ Established: UPDATE, NOTIFICATION and KEEPALIVE messages are exchanged with peers
+ Idle: refuse connections
+ Active: listen for and accept connection
+ Connect: wait for the connection to be completed
Explanation
The order of the BGP states is: Idle -> Connect -> (Active) -> OpenSent -> OpenConfirm -> Established
+ Idle: No peering; router is looking for neighbor. Idle (admin) means that the neighbor relationship has been administratively shut down.
+ Connect: TCP handshake completed.
+ Active: BGP tries another TCP handshake to establish a connection with the remote BGP neighbor. If it is successful, it will move to the OpenSent state. If the ConnectRetry timer expires then it will move back to the Connect state. Note: Active is not a good state.
+ OpenSent: An open message was sent to try to establish the peering.
+ OpenConfirm: Router has received a reply to the open message.
+ Established: Routers have a BGP peering session. This is the desired state.
Reference: http://www.ciscopress.com/articles/article.asp?p=1565538&seqNum=3
Question 38
Which three HSRP multicast messages are sent between the devices? (Choose three)
A. Ping
B. Hello
C. Coup
D. Resign
Answer: B C D
Explanation
With HSRP, three types of multicast messages are sent between the devices:
+ Hello – The hello message is sent between the active and standby devices (by default, every 3 seconds). If the standby device does not hear from the active device (via a hello message) in about 10 seconds, it will take over the active role.
+ Resign – The resign message is sent by the active HSRP device when it is getting ready to go offline or relinquish the active role for some other reason. This message tells the standby router to be ready and take over the active role.
+ Coup – The coup message is used when a standby router wants to assume the active role (preemption).
Reference: http://www.pearsonitcertification.com/articles/article.aspx?p=2141271
Question 39
How will HSRP choose the active router? (Choose two)
A. Highest ip add
B. Highest MAC address
C. Configured priority
D. Lowest bridge ID
Answer: A C
Question 40 (similar like this about preempt delay)
You administer a network that uses two routers, R1 and R2, configured as an HSRP group to provide redundancy for the gateway. Router R1 is the active router and has been configured as follows:
| R1#configure terminal R1(config)#interface fa0/0 R1(config-if)#ip address 10.10.0.5 255.255.255.0 R1(config-if)#standby 1 priority 150 R1(config-if)#standby preempt delay minimum 50 R1(config-if)#standby 1 track interface fa0/2 15 R1(config-if)#standby 1 ip 10.10.0.20 |
Which of the following describes the effect the “standby preempt delay minimum 50” command will have on router R1?
A. The HSRP priority for router R1 will increase to 200.
B. Router R1 will become the standby router if the priority drops below 50.
C. The HSRP priority for router R1 will decrease to 50 points when Fa0/2 goes down.
D. Router R1 will wait 50 seconds before attempting to preempt the active router.
Answer: D
Explanation
If R1, for some reason, loses its active state, the “standby preempt delay minimum 50” command will cause R1 to wait 50 seconds before it tries to get the active state again -> D is correct.
Question 41
Drag drop about Southbound & Northbound
Answer:
Southbound
+ Hardwares
+ Switch interfaces
Northbound
+ Software manager
+ Controllers
@9tut Thank you for the questions! keep them coming
HI 9TUT ,
pl update new more questions
@9tut and everyone
Question 6 (from this page)
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
Answer: C
Question 33
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
Answer: A
So which one is the Correct answer????
anyone can explain why question 16 answer is wireshark not debugging ?
people please share the love thinking of taking exam on Friday. everyone has gone a bit quiet
passed today 961, A LOT questions were from the second updated questions here above, OSPF sim is the same, got an EIGRP sim with the same topology as here on 9tut but with different configuration, new questions about 15-20 q, I tried to copy down some of those but they wouldn’t let me take them out! so the ones the I remember was:
a question was asking about bgp:
A. standby- 4preemt
B. standby 145
C. standby 115
D. standby 300
D&D question
holdtime
LSA
split
poison
which protocol can be used for admin domain
A. EIGRP
B. IS-IS
C. OSPF
D. RIP
that’s all what I remember so far, I’d recommend to study the material because there is a punch of new question even the 2nd new questions part on 9tut still valid or just wait for their update if you not confidant
another question was asking about MTU and MSS (choose two)
A. reduce MTU to 1400
B. reduce MTU to 1360
C. reduce MSS to 1400
D. reduce MSS to 1500
E. reduce MSS to 1360
Which three effects of using local span are true? (Choose TWO)
A. It doubles the load on the forwarding engine
B. It prevents span destination from using port security
C. It double internal switch traffic
D. It reduces the supervisor engine
E. It reduces the load on the switch fabric
@ Sam Question 16,
Cisco routers provide a basic method of viewing IP traffic switched through the router called packet debugging. Packet debugging enables a user to determine whether traffic is travelling along an expected path in the network or whether there are errors in a particular TCP stream. Although in some cases packet debugging can eliminate the need for a packet analyzer, it should not be considered a replacement for this important tool.
@9tut you can update those as well!!
Which PPPOE authentication method is the least secure –> PAP
What do you need to reduce with GRE tunnel –> reduce MTU + MSS (same as what I posted above)
Which choice permit congestion mangement on QOS ? FIFO CBWFQ PQ
Which 3 three protocol can you use with apic-em path trace ? ECMP SNMP SMTP
@Anonymous, thanx for the explanation, I got this question on the exam by the way.
@ SAM, Anon was me
@Sam: Thanks for your information. We have just updated them!
Question #3 B and E seem to be correct options here is why
Clinet#debug dialer packet (shows Interface Virtual-Access2 status to up or down)*
Dial on demand packets debugging is on
Clinet# (Down*)
*Mar 1 00:03:34.299: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di0
Clinet#
*Mar 1 00:03:34.315: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down
Clinet#
*Mar 1 00:03:35.291: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down
Clinet# (Up**)
*Mar 1 00:07:38.439: %DIALER-6-BIND: Interface Vi2 bound to profile Di0
Clinet#
*Mar 1 00:07:38.443: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
Clinet#
*Mar 1 00:07:39.787: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up
Clinet#debug ppp negotiation (also shows Interface Virtual-Access2 status to up or down)
PPP protocol negotiation debugging is on
Down*
Clinet#
*Mar 1 00:04:05.495: Vi2 PPP: Missed 5 keepalives, taking LCP down
*Mar 1 00:04:05.495: Vi2 PPP: Sending Acct Event[Down] id[3]
*Mar 1 00:04:05.495: Vi2 LCP: State is Closed
*Mar 1 00:04:05.495: Vi2 PPP: Phase is DOWN
*Mar 1 00:04:05.495: Vi2 CDPCP: State is Closed
*Mar 1 00:04:05.495: Vi2 IPCP: State is Closed
*Mar 1 00:04:05.495: Vi2 IPCP: Remove link info for cef entry 192.168.1.1
*Mar 1 00:04:05.499: Vi2 PPP SSS: Send DISCONNECT to mgr_hdl[AC000001]
*Mar 1 00:04:05.503: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di0
*Mar 1 00:04:05.523: Di0 IPCP: Remove route to 192.168.1.1
Clinet#
*Mar 1 00:04:05.523: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down
Clinet#
*Mar 1 00:04:06.495: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down
Up*
*Mar 1 00:01:20.003: %DIALER-6-BIND: Interface Vi2 bound to profile Di0
*Mar 1 00:01:20.007: Vi2 PPP: Phase is DOWN, Setup
*Mar 1 00:01:20.007: Vi2 PPP: Using dialer call direction
*Mar 1 00:01:20.011: Vi2 PPP: Treating connection as a callout
*Mar 1 00:01:20.011: Vi2 PPP: Session handle[D8000004] Session id[0]
*Mar 1 00:01:20.011: Vi2 PPP: Phase is ESTABLISHING, Active Open
*Mar 1 00:01:20.015: Vi2 PPP: No remote authentication for call-out
*Mar 1 00:01:20.143: Vi2 LCP: O CONFREQ [Closed] id 1 len 14
*Mar 1 00:01:20.143: Vi2 LCP: MRU 1492 (0x010405D4)
*Mar 1 00:01:20.143: Vi2 LCP: MagicNumber 0x013614AE (0x0506013614AE)
*Mar 1 00:01:20.155: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
*Mar 1 00:05:28.671: Vi2 IPCP: Address 192.168.1.3 (0x0306C0A80103)
*Mar 1 00:05:28.671: Vi2 IPCP: State is Open
*Mar 1 00:05:28.671: Di0 IPCP: Install negotiated IP interface address 192.168.1.3
*Mar 1 00:05:28.675: Di0 IPCP: Install route to 192.168.1.1
*Mar 1 00:05:28.675: Vi2 IPCP: Add link info for cef entry 192.168.1.1
*Mar 1 00:05:29.639: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up
☝☝☝sorry I meant Q#2☝☝☝
@@9tut any update on new questions?
Please answer for this questions
How can you disable DTP on a switch port?
A. Configure the switch port as a trunk.
B. Add an interface on the switch to a channel group.
C. Change the operational mode to static access.
D. Change the administrative mode to access.
A or D ??? which answer wiil want to cisco
I would go with “D” if I got this question. Two different sites say two different things, I would research the question and go from there.
@Timka The answer is A. Configure the switch port as a trunk. If you enable a switch port as trunk it Dtp will be disabled.
Is there anyway to practice these questions in a testing format. Would you be able to put them in a testing format please?
re: Question 26
Which three protocols can you use with APIC-EM path trace? (Choose three)
Answer: ECMP SNMP SMTP
—
I wish I could see the full question. What does Equal-cost multi-path routing (ECMP) and mail transport (SMTP) have to do with Path trace?
@Sam
March 5th, 2018
another question was asking about MTU and MSS (choose two)
A. reduce MTU to 1400
B. reduce MTU to 1360
C. reduce MSS to 1400
D. reduce MSS to 1500
E. reduce MSS to 1360
***
In the cases where IPsec is being used, it is customary to set the MTU size on the tunnel interfaces to 1400 bytes and to set the TCP-MSS-adjust to 1360 bytes
I see that path trace can identify load balancing as ECMP. Ok, makes some sense. Wish I knew the whole question and options.
I posted this under DTA Questions
Question 2 after putting some time and deep digging I will say A is the answer. here is why. there is no such command to change administrative mode. status will only change when switch between access or trunk. if we go by D then C is also correct. again there is no such command to change operational mode it only change when switch between access or trunk by entering command switchport mode assess or trunk. so D and C is out B is already out too~ have fun~
How can you disable DTP on a switch port?
A. Configure the switch port as a trunk.
B. Add an interface on the switch to a channel group.
C. Change the operational mode to static access.
D. Change the administrative mode to access.
Answer: A
Its the last questions ?for the month of March there are no new ones?
Question 6 (from this page)
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
Answer: C
Question 33
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
Answer: A
Tell me please which is true
while you tobleshoting a conect issue a ping from //////////
a)show ip statist
b)show ip nat statist
c) show ip int brief
d)show ip route //
C or D &&&???
Question 6 (from this page)
Which purpose of the network command in the BGP configuration of a router is true?
A. It enables route advertisement in the BGP routing process
B. It advertises any route in BGP with no additional configuration
C. It advertises a valid network as local to the autonomous system of a router
Answer: C is correct. BGP advertises a valid network as local to the autonomous system
@Yugi
while you tobleshoting a conect issue a ping from //////////
is this ICND-2 question? ans can be both but question is incomplete. C to check correct IP and D to check if there is a router to Pinging host.
@Mn tell me please which lab in ICND2 ??/ latest
@Yugi
ospf-hotspot for sure. I haven’t work on EIGRP yet
https://www.9tut.net/icnd2-200-105/ospf-hotspot
I mean that here are the latest questions?
@9tut
Question 17 answer is wrong. correct answer should be C or D with spanning tree portfast option . q says (a port) not all the ports. spanning-tree portfast default for all the ports not for single port. spanning tree portfast trunk is interface level commend which put only that port into forwarding state immediately.
Which command do you enter so that a port enters the forwarding state immediately when a PC is connected to it ?
A. spanning-tree portfast bpduguard default
B. spanning-tree portfast default
C. spanning tree portfast trunk
D. spanning tree portfast (maybe 4th option with will be correct)
real switch output.
Switch-3560(config)#spanning-tree portfast default
%Warning: this command enables portfast by default on all interfaces. You
should now disable portfast explicitly on switched ports leading to hubs,
switches and bridges as they may create temporary bridging loops.
Switch-3560(config-if)#spanning-tree portfast trunk
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc… to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
LAB_Switch-3560(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc… to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/3 but will only
have effect when the interface is in a non-trunking mode.
another question was asking about MTU and MSS (choose two)
A. reduce MTU to 1400
B. reduce MTU to 1360
C. reduce MSS to 1400
D. reduce MSS to 1500
E. reduce MSS to 1360
ANswer A / C The same
nother question was asking about MTU and MSS (choose two)
A. reduce MTU to 1400
B. reduce MTU to 1360
C. reduce MSS to 1400
D. reduce MSS to 1500
E. reduce MSS to 1360
which answer ??/
@9tut
Hi!
Any estimate on when there is going to be an update?
When wil be a new update for March mounth
Hi 9tut…..when this was a free service I had no complaint over content…but now I am paying can you at least reply and put right mistakes in the questions or explain why there is not a mistake….I like this site but please give us some feed back especially with the changes implemented this year.
@MN: If answer D is “spanning-tree portfast” then it is surely the correct answer.
@disgruntled: If you have any unclear question please send an email to support@9tut.net so that we can help you. We tried to answer as many questions as we can but we cannot answer all of them. We hope for your understanding.
@9tut you can update and stay with you answer! time to refund me back!!
Which command do you enter so that a port enters the forwarding state immediately when a PC is connected to it ?
A. spanning-tree portfast bpduguard default
B. spanning-tree portfast default
C. spanning tree portfast trunk
D. no spanning tree portfast
@MN: We believe B is the best answer so we still keep it. If D is “no spanning-tree portfast” then it is surely not correct.
@9tut that is correct. B is a correct answer. I was just says you can update question with option D. no spanning tree portfast which is wrong.
@9tut . Dear 9tut Please update a new questions for March mounth.
My exam in the end of this Mounth
Hello, the exam has changed, there are many new questions, could you please update the questions
@ Carlos Really changed??/how many questiions changed
@Carlos What Changed? Did the 9tut simulators and Composite Quizzes help?
hello, does icnd2 require to configure something on this exam?
Question 20
Which tree fields can be marked with QoS? (Choose three)
A. Header checksum
B. IP precedence
C. DSCP
D. total length
E. discard class
F. TTL
CORRECT ANSWER: B C E
The pleople told us that many questions has been changed…. Is it true????
which new questions ???
is there any point in learning old dumps?
many pleople sayed that / New questions newq questions///
Where?????they say and keep silent…Write at least 1 new question and we will know the truth
can I get a lab from CCNA on the icnd2 exam? or its inposible?
Hello, More than 30 new questions. the laboratories are the same. Here some questions
What is the Cisco recommended DSCP value for voice traffic?
100110
101111
111110
101110
If you integrate your network with cloud services, which service model is most exposed to the cloud?
Infrastructure as a Service
Desktop as a Service
Platform as a Services
Software as a Service
Answer 101110
PAAS vs IAAS
@CArlos Can you remember more questions??/
Here are some questions I remember:
They ask about DMVPN, which is not similar to questions from 9tut.
How to set EtherChannel Static
Control Plane is layer 2,3,4 reachibility, process….
How to configure ipv6 ospf
The command: monitor session source
Compare default vlan vs native vlan
show default vlan, show interface brief,
Qos methods: there are 2 more methods than it is shown in 9tut.
Hope this helps.
Questions are changed, However, if you remember and *UNDERSTAND* 100% questions in 9tut, plus 70% knowledge in CCNA book, you will be able to pass like me, I got a marginal passing score.
@ quanghuy147 can you tell please drag and drop has been changed orr not?
Taking the test Thursday – I’ll let you all know what I can remember. I hope this stuff is good enough. I didn’t take the classes after they made the recent curriculum changes, so this could be bad. Haha
On one page of updated questions, it states the following:
Question 48
Which two types of cloud services may require you to alter the design of your network infrastructure? (Choose two)
A. Sudo as a service
B. Platform as a service
C. IaaS
D. SaaS
E. Business as a service
Answer: C D
===============================
On this page, it states the following:
Question 5
Which two types of cloud services may require you to alter the design of your network infrastructure? (Choose two)
A. Sudo as a Service
B. Platform as a Service
C. Infrastructure as a Service
D. Software as a Service
E. Business as a Service
Answer: B C
————————-
Which is correct? Thanks. BTW, good job on this site.
@Biggerstaff – The answer would be B and C. PaaS and IaaS – Those two are physical infrastructure based. Software as a service is cloud based, and wouldn’t force a company to change their network.
@Husbeard
Thanks!
Hi, need answers to the following questions, they were in my exam recently:
Q. Which command do you enter to enable local authentication for multilink PPP on an interface?
Q. Which feature can prevent a rogue device from assuming the role of root bridge in a switching domain ?
Q. Which combination of values is valid for router on a stick configuration ?
Ps: Sorry I do not have the options. Any help will be appreciated
@Sam
which protocol can be used for admin domain
A. EIGRP
B. IS-IS
C. OSPF
D. RIP
IS-IS is an interior gateway protocol, designed for use within an administrative domain or network.
@Sam
Got that definition from Wikipedia
@Sam
Got that question on an exam file. BGP was the answer
@9tut
I have a question. You have it on your site and it gives two different answers.
Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller
C. Cisco APIC-EM
D. Cisco IOS-EX
One answer says Cisco Wireless LAN Controller and the other answer is Cisco APIC-EM
What is the correct answer please
I got this question today at the exam
A. reduce MTU to 1400
B. reduce MTU to 1360
C. reduce MSS to 1400
D. reduce MSS to 1500
E. reduce MSS to 1360
MTU size on the tunnel interfaces to 1400 bytes and to set the TCP-MSS-adjust to 1360 bytes
Alex
The link is not accessible. Can you email the dumps to Siquito1 @ yahoo dot com
@Alex, I cant access the link..Can you kindly email to {email not allowed}
@Alex, Cant access the link please sent to DebbieDixDebbke @ Gmail
I passed de ICND2 today studying only 9tut. I am a disappointed with this web because only 60%-70% of questions are here.
I was a bit of “help” in the exam, if not I am sure I fail today.
On year 2021 I will look for an other place to study.
hey guys. I just studies all the question on 9tut for ICND1 exam . I am thinking to give exam this week . Is this much study will be enough to crack the exam. I am very tensed. Please give me suggestion who did exam recently in month of April.
Hi guys, did someone take the exam on May? And can I passed with the exam questions and lab on 9tut?
Litterally took the exam very recently, passed with a 9XX. I only used ccnav6, and ICND1 stuff on here. I did no labs whatsoever, only the sims and testlets on here.
Hi guys, who did the ICND 2 exam recently? Can you guys help?
I have soon exam and i hope i will pass. Who can guarantee that 9tut will help me pass?
Anyone who did the exam recently?
question 17.
Which command do you enter so that a port enters the forwarding state immediately when a PC is connected to it ?
A. spanning-tree portfast bpduguard default
B. spanning-tree portfast default
C. spanning tree portfast trunk
D. no spanning tree portfast
My understanding is that the spanning-tree portfast default command is applied in global config mode which will configure every interface or port as portfast.
This is what Cisco says about enabling portfast, “You can enable this feature by using the spanning-tree portfast interface configuration or the spanning-tree portfast default global configuration command.
This is what it says if the port is a trunk (connected to a workstation), “Enable Port Fast on an access port connected to a single workstation or server. By specifying the trunk keyword, you can enable Port Fast on a trunk port. [Example] spanning-tree portfast [ trunk ]…..Note To enable Port Fast on trunk ports, you must use the spanning-tree portfast trunk interface configuration command. The spanning-tree portfast command will not work on trunk ports [only access pports].”
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html
So i tried both the “spanning-tree portfast” and “spanning-tree portfast” commands at the interface level and both worked fine with. This is the message they returned, see output below.
I think the answer should be “spanning-tree portfast”, if thats not an option then it is “spanning-tree portfast trunk.”
What do you guys think?
—————————————————————-
Switch(config-if)#spanning-tree portfast ?
disable Disable portfast for this interface
trunk Enable portfast on the interface even in trunk mode
Switch(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc… to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/5 but will only
have effect when the interface is in a non-trunking mode.
Switch(config-if)#
————————————————————————-
Switch(config-if)#interface fastEthernet 0/2
Switch(config-if)#spanning-tree portfast tru
Switch(config-if)#spanning-tree portfast trunk ?
Switch(config-if)#spanning-tree portfast trunk
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc… to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
Is the Composite exam still accurate as to the questions on the ICND2v3 questions. Or do these no long appear on the exam?
Please advise
@9tut
Hello! I need help 🙂
From ISND2v3 – New Questions
Question 48
Which two types of cloud services may require you to alter the design of your network infrastructure? (Choose two)
A. Sudo as a service
B. Platform as a service
C. IaaS
D. SaaS
E. Business as a service
Answer: C D
Explanation
There are only three types of cloud services. These different types of cloud computing services delivery models are called
infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS).
and question from “New ICND2v3 Questions – Part 2”
Question 5
Which two types of cloud services may require you to alter the design of your network infrastructure? (Choose two)
A. Sudo as a Service
B. Platform as a Service
C. Infrastructure as a Service
D. Software as a Service
E. Business as a Service
Answer: B C
What is true????
@HitManExp: Thanks for your detection. The correct answers should be B C. We have just updated it.
I also had a question about
WHERE DOES EIGRP ROUTERS PERFORM SUMMARIZATION?
EDGE ROUTERS
BGP ROUTERS
ALL INSTANCES
EACH TIME IT CROSSES A BORDER BETWEEN TWO MAJOR ROUTERS
Hi 9tut I have the exam soon can you look @ question 3 part 2 BCS i think correct answer should be A, not B and you have been giving the correct answer in another part as A can you clarify plz
@Kamal: We checked this question and see both of the answers are correct! It is confused but the “show etherchannel summary” is used more frequently so we still choose it.