Guaranteed 300-135 Exam Questions 2021

NEW QUESTION 1
Which of the following pieces of information will the command show interface provide? (Choose all that apply.)

• A. Layer 1 status
• B. Output queue drops
• C. Interface CPU utilization
• D. Cable type connected to interface
• E. Layer 2 status
• F. Input queue drops

Answer: ABEF

NEW QUESTION 2
The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolate the cause of this fault and answer the following question. The fault condition is related to which technology?

• A. NTP
• B. IP DHCP Server
• C. Ipv4 OSPF Routing
• D. Ipv4 EIGRP Routing.
• E. Ipv4 Route Redistribution.
• F. Ipv6 RIP Routing
• G. Ipv6 OSPF Routing
• H. Ipv4 and Ipv6 Interoperability
• I. Ipv4 layer 3 security.

Answer: B

Explanation: On R4 the DHCP IP address is not allowed for network 10.2.1.0/24 which clearly shows the problem lies on R4 & the problem is with DHCP

NEW QUESTION 3
Drag and drop the valid tunnel modes from the left into the Valid Column on the right. Order does not matter and not all options are used.

Answer:

Explanation: 6to4 GRE IP IPV6 IP ISATAP

NEW QUESTION 4
The implementation group has been using the test bed to do an IPv6 'proof-of-concept1. After several changes to the network addressing and routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1).
Use the supported commands to isolate the cause of this fault and answer the following question. The fault condition is related to which technology?

• A. NTP
• B. IPv4 OSPF Routing
• C. IPv6 OSPF Routing
• D. IPv4 layer 3 security

Answer: C

Explanation: Since we are unable to ping the IPv6 address, the problem is with IPv6 OSPF Routing.

NEW QUESTION 5
Which statement is true about an IPsec/GRE tunnel?

• A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
• B. An IPsec/GRE tunnel must use IPsec tunnel mode.
• C. GRE encapsulation occurs before the IPsec encryption process.
• D. Crypto map ACL is not needed to match which traffic will be protected.

Answer: C

NEW QUESTION 6
The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, and FHRP services, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions. The fault condition is related to which technology?

• A. NTP
• B. Switch-to-Switch Connectivity
• C. Access Vlans
• D. Port Security
• E. VLAN ACL / Port ACL
• F. Switch Virtual Interface

Answer: B

Explanation: Since the Clients are getting an APIPA we know that DHCP is not working. However, upon closer examination of the ASW1 configuration we can see that the problem is not with DHCP, but the fact that the trunks on the port channels are only allowing VLANs 1-9, when the clients belong to VLAN 10. VLAN 10 is not traversing the trunk on ASW1, so the problem is with switch to switch connectivity, specifically the trunk configuration on ASW1.

NEW QUESTION 7
The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened DSW1 will not become the active router for HSRP group 10.
Use the supported commands to isolated the cause of this fault and answer the following questions. On which device is the fault condition located?

• A. R1
• B. R2
• C. R3
• D. R4
• E. DSW1
• F. DSW2
• G. ASW1
• H. ASW2

Answer: E

Explanation: DSW references the wrong track ID number.

NEW QUESTION 8
Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs? (Choose three.)

• A. allows dynamic routing over the tunnel
• B. supports multi-protocol (non-IP) traffic over the tunnel
• C. reduces IPsec headers overhead since tunnel mode is used
• D. simplifies the ACL used in the crypto map
• E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Answer: ABD

NEW QUESTION 9
The implementations group has been using the test bed to do a ‘proof-of-concept’. After several changes to the network addressing, routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2(2026::102:1).
Use the supported commands to isolated the cause of this fault and answer the following questions. What is the solution to fault condition?

• A. Under the interface Serial 0/0/0.23 configuration enter the ipv6 ospf 6 area 0 command.
• B. Under the interface Serial0/0/0.12 configuration enter the ipv6 ospf 6 area 12 command.
• C. Under ipv6 router ospf 6 configuration enter the network 2026::1:/122 area 0 command.
• D. Under ipv6 router ospf 6 configuration enter no passive-interface default command.

Answer: A

Explanation: On R2, IPV6 OSPF routing, configuration is required to add ipv6 ospf 6 area 0 under interface serial 0/0/0.23
===============================================================================

NEW QUESTION 10
The implementation group has been using the test bed to do an IPv6 'proof-of-concept1. After several changes to the network addressing and routing schemes, a trouble ticket has been opened indicating that the loopback address on R1 (2026::111:1) is not able to ping the loopback address on DSW2 (2026::102:1).
Use the supported commands to isolate the cause of this fault and answer the following question. What is the solution to the fault condition?

• A. Under the interface Tunnel34 configuration enter the ipv6 ospf 6 area 34 command.
• B. Under the interface Loopback6 configuration enter the ipv6 ospf 6 area 34 command.
• C. Under the interface Serial0/0/0.34 configuration enter the ipv6 ospf 6 area 34 command.
• D. Under ipv6 router ospf 6 configuration enter the redistribute rip RIP_ZONE include-connected command.

Answer: D

Explanation: As explained earlier, the problem is with route redistribution on R4 of not redistributing RIP routes into OSPF for IPV6.

NEW QUESTION 11
Which IPsec mode will encrypt a GRE tunnel to provide multiprotocol support and reduced overhead?

• A. 3DES
• B. multipoint GRE
• C. tunnel
• D. transport

Answer: D

NEW QUESTION 12
The implementations group has been using the test bed to do a ‘proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
Use the supported commands to isolated the cause of this fault and answer the following questions. What is the solution to the fault condition?

• A. Under the interface Serial0/0/0 configuration enter the ip nat inside command.
• B. Under the interface Serial0/0/0 configuration enter the ip nat outside command.
• C. Under the ip access-list standard nat_trafic configuration enter the permit 10.2.0.0 0.0.255.255 command.
• D. Under the ip access-list standard nat_trafic configuration enter the permit 209.65.200.0 0.0.0.255 command.

Answer: C

Explanation: On R1 we need to add the client IP address for reachability to server to the access list that is used to specify which hosts get NATed.

Topic 11, Ticket 6 : R1 ACL
Topology Overview (Actual Troubleshooting lab design is for below network design)
Client Should have IP 10.2.1.3
EIGRP 100 is running between switch DSW1 & DSW2
OSPF (Process ID 1) is running between R1, R2, R3, R4
Network of OSPF is redistributed in EIGRP
BGP 65001 is configured on R1 with Webserver cloud AS 65002
HSRP is running between DSW1 & DSW2 Switches
The company has created the test bed shown in the layer 2 and layer 3 topology exhibits. This network consists of four routers, two layer 3 switches and two layer 2 switches.
In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1. DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.
R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range.
R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.
ASW1 and ASW2 are layer 2 switches.
NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.
The client workstations receive their IP address and default gateway via R4’s DHCP server.
The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.
In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6. DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.
The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistribution is enabled where necessary.
Recently the implementation group has been using the test bed to do a ‘proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be
presented with a series of trouble tickets related to issues introduced during these configurations.
Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.
Each ticket has 3 sub questions that need to be answered & topology remains same. Question-1 Fault is found on which device,
Question-2 Fault condition is related to,
Question-3 What exact problem is seen & what needs to be done for solution


Client is unable to ping IP 209.65.200.241…
Solution
Steps need to follow as below:-
When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4
Ipconfig ----- Client will be receiving IP address 10.2.1.3
IP 10.2.1.3 will be able to ping from R4 , R3, R2, R1
Look for BGP Neighbourship
Sh ip bgp summary ----- State of BGP will be in active state. This means connectivity issue between serial
Check for running config. i.e sh run --- over here check for access-list configured on interface as BGP is down (No need to check for NAT configuration as its configuration should be right as first need to bring BGP up)


In above snapshot we can see that access-list of edge_security on R1 is not allowing wan IP network
Change required: On R1, we need to permit IP 209.65.200.222/30 under the access list.

NEW QUESTION 13
You are configuring Management Plane Protection on R1, which connects to the 10.100.100.0/24 network using SSH. Drag and drop the required commands or command sequences from the left into the correct sequence on the right.

Answer:

Explanation:

NEW QUESTION 14
You examine the port statistics on a Cisco Catalyst switch and notice an excessive number of frames are being dropped. Which of the following are possible reasons for the drops?

• A. Unknown destination MAC address
• B. Bad cabling
• C. MAC forwarding table is full
• D. Port configured for half duplex
• E. Port configured for full duplex
• F. Network congestion

Answer: BF

NEW QUESTION 15
Refer to the exhibit.

A client reports that all the password information appears in plain text when the show archive log config all command has been issued Which command fixes the issue?

• A. MASS-RTR(config)#aaa authentication arap
• B. MASS-RTR(config-archive-log-cfg)#password encryption aes
• C. MASS-RTR(config)#service password-encryption
• D. MASS-RTR(config-archive-log-cfg)#hidekeys

Answer: D

NEW QUESTION 16
Refer to exhibit:

After a junior technician configures a new branch office GRE tunnel, which step is missing from the configuration to pass traffic through tunnel on Router 1?

• A. static route to 10.0.3.0/24 via 10.0.1.1
• B. static route to 10.0.3.0/24 via 10.0.2.1
• C. static route to 10.0.3.0/24 via 190.0.4.1
• D. static route to 10.0.3.0/24 via 190.0.4.2

Answer: D

NEW QUESTION 17
You have the followings commands on your Cisco Router: ip ftp username admin
ip ftp password backup
You have been asked to switch from FTP to HTTP. Which two commands will you use to replace the existing commands?

• A. ip http username admin
• B. ip http client username admin
• C. ip http password backup
• D. ip http client password backup
• E. ip http server username admin
• F. ip http server password backup

Answer: BD

Explanation: Configuring the HTTP Client
Perform this task to enable the HTTP client and configure optional client characteristics.
The standard HTTP 1.1 client and the secure HTTP client are always enabled. No commands exist to disable the HTTP client. For information about configuring optional characteristics for the HTTPS client, see the HTTPS-HTTP Server and Client with SSL 3.0, Release 12.2(15)T, feature module.
SUMMARY STEPS
1. http://www.cisco.com/en/US/i/templates/blank.gifenable
2. http://www.cisco.com/en/US/i/templates/blank.gifconfigure terminal
3. http://www.cisco.com/en/US/i/templates/blank.gifip http client cache {ager interval minutes | memory {file
file-size-limit | pool pool-size-limit}
4. http://www.cisco.com/en/US/i/templates/blank.gifip http client connection {forceclose | idle timeout
seconds | retry count | timeout seconds}
5. http://www.cisco.com/en/US/i/templates/blank.gifip http client password password
6. http://www.cisco.com/en/US/i/templates/blank.gifip http client proxy-server proxy-name proxy-port
port-number
7. http://www.cisco.com/en/US/i/templates/blank.gifip http client response timeout seconds
8. http://www.cisco.com/en/US/i/templates/blank.gifip http client source-interface type number
9. http://www.cisco.com/en/US/i/templates/blank.gifip http client username username
Reference: HTTP 1.1 Web Server and Client.
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_http_web.html

NEW QUESTION 18
Scenario:
A customer network engineer has edited their OSPF network configuration and now your customer is experiencing network issues. They have contacted you to resolve the issues and return the network to full functionality.







After resolving the issues between R3 and R4. Area 2 is still experiencing routing issues. Based on the current router configurations, what needs to be resolved for routes to the networks behind R5 to be seen in the company intranet?

• A. Configure R4 and R5 to use MD5 authentication on the Ethernet interfaces that connect to the common subnet.
• B. Configure Area 1 in both R4 and R5 to use MD5 authentication.
• C. Add ip ospf authentication-key 7 BEST to the R4 Ethernet interface that connects to R5 and ip ospf authentication-key 7 BEST to R5 Ethernet interface that connects to R4.
• D. Add ip ospf authentication-key CISCO to R4 Ethernet 0/1 and add area 2 authentication to the R4 OSPF routing process.

Answer: D

Explanation: Here, we see from the running configuration of R5 that OSPF authentication has been configured on the link to R4:

However, this has not been done on the link to R5 on R4: