Q141. Which statement about OTV is true? 

A. The overlay interface becomes active only when configuration is complete and it is manually enabled. 

B. OTV data groups can operate only in PIM sparse-mode. 

C. The overlay interface becomes active immediately when it is configured. 

D. The interface facing the OTV groups must be configured with the highest MTU possible. 



OTV has the following configuration guidelines and limitations: 

. If the same device serves as the default gateway in a VLAN interface and the OTV edge device for the VLANs being extended, configure OTV on a device (VDC or switch) that is separate from the VLAN interfaces (SVIs). 

. When possible, we recommend that you use a separate nondefault VDC for OTV to allow for better manageability and maintenance. 

. An overlay interface will only be in an up state if the overlay interface configuration is complete and enabled (no shutdown). The join interface has to be in an up state. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/OTV/config_guide/b_Cisco_Nexus_7000_Series_NX-OS_OTV_Configuration_Guide/basic-otv.html 


Drag and drop the StackWise stack master election rule on the left into the correct priority order on the right. 


Q143. Refer to the exhibit. 

Which two issues can cause the interface VLAN10 to be down/down? (Choose two.) 

A. The VLAN is inactive or has been removed from the VLAN database. 

B. STP is in a forwarding state on the port. 

C. A Layer 2 access port is configured with VLAN10, but is in a down/down state. 

D. The autostate exclude feature was used on interface VLAN10. 

Answer: A,C 

Q144. Which two options are the two main phases of PPPoE? (Choose two.) 

A. Active Discovery Phase 

B. IKE Phase 

C. Main Mode Phase 

D. PPP Session Phase 

E. Aggressive Mode Phase 

F. Negotiation Phase 

Answer: A,D 


PPPoE is composed of two main phases: 

Active Discovery Phase — In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established. 

PPP Session Phase — In this phase, PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers. 

Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/vpn/asa-vpn-cli/vpn-pppoe.html 

Q145. Which statement about the feasible distance in EIGRP is true? 

A. It is the maximum metric that should feasibly be considered for installation in the RIB. 

B. It is the minimum metric to reach the destination as stored in the topology table. 

C. It is the metric that is supplied by the best next hop toward the destination. 

D. It is the maximum metric possible based on the maximum hop count that is allowed. 



An EIGRP router advertises each destination it can reach as a route with an attached metric. This metric is called the route's reported distance (the term advertised distance has also been used in older documentation). A successor route for any given destination is chosen as having the lowest computed feasible distance; that is, the lowest sum of reported distance plus the cost to get to the advertising router. By default, an EIGRP router will store only the route with the best (lowest) feasible distance in the routing table (or, multiple routes with equivalent feasible distances). 

Reference: http://packetlife.net/blog/2010/aug/9/eigrp-feasible-successor-routes/ 

Q146. Refer to the exhibit. 

Which two statements are true? (Choose two.) 

A. This router is not 4-byte autonomous system aware. 

B. This router is 4-byte autonomous system aware. 

C. The prefix was learned through an autonomous system number with a length of 4 bytes, and this router is 4-byte autonomous system aware. 

D. The prefix was learned through an autonomous system number with a length of 4 bytes, and this router is not 4-byte autonomous system aware. 

E. The prefix was originated from a 4-byte autonomous system. 

Answer: A,D 


Prior to January 2009, BGP autonomous system (AS) numbers that were allocated to companies were 2-octet numbers in the range from 1 to 65535 as described in RFC 4271, A Border Gateway Protocol 4 (BGP-4). Due to increased demand for AS numbers, the Internet Assigned Number Authority (IANA) started to allocate four-octet AS numbers in the range from 65536 to 4294967295. RFC 5396, Textual Representation of Autonomous System (AS) Numbers, documents three methods of representing AS numbers. Cisco has implemented the following two methods: 

. Asplain — Decimal value notation where both 2-byte and 4-byte AS numbers are represented by their decimal value. For example, 65526 is a 2-byte AS number and 234567 is a 4-byte AS number. 

. Asdot — Autonomous system dot notation where 2-byte AS numbers are represented by their decimal value and 4-byte AS numbers are represented by a dot notation. For example, 65526 is a 2-byte AS number and 1.169031 is a 4-byte AS number (this is dot notation for the 234567 decimal number). 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-4byte-asn.html 

Q147. Which IPv6 tunneling type establishes a permanent link between IPv6 domains over IPv4? 

A. IPv4-compatible tunneling 

B. ISATAP tunneling 

C. 6to4 tunneling 

D. manual tunneling 



A manually configured tunnel is equivalent to a permanent link between two IPv6 domains over an IPv4 backbone. The primary use is for stable connections that require regular secure communication between two edge routers or between an end system and an edge router, or for connection to remote IPv6 networks. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/ipv6_12_4t_book/i p6-tunnel.html 

Q148. Which cache aggregation scheme is supported by NetFlow ToS-based router aggregation? 

A. prefix-port 

B. AS 

C. protocol port 

D. destination prefix 


Q149. The session status for an IPsec tunnel with IPv6-in-IPv4 is down with the error message IKE message from failed its sanity check or is malformed. 

Which statement describes a possible cause of this error? 

A. There is a verification failure on the IPsec packet. 

B. The SA has expired or has been cleared. 

C. The pre-shared keys on the peers are mismatched. 

D. There is a failure due to a transform set mismatch. 

E. An incorrect packet was sent by an IPsec peer. 



IKE Message from X.X.X.X Failed its Sanity Check or is Malformed This debug error appears if the pre-shared keys on the peers do not match. In order to fix this issue, check the pre-shared keys on both sides. 1d00H:%CRPTO-4-IKMP_BAD_MESSAGE. IKE message from failed its sanity check or is malformed. 

Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#ike 

Q150. Refer to the exhibit. 

You have configured two routing protocols across this point-to-point link. How many BFD sessions will be established across this link? 

A. three per interface 

B. one per multicast address 

C. one per routing protocol 

D. one per interface 



Cisco devices will use one Bidirectional Forwarding Detection (BFD) session for multiple client protocols in the Cisco implementation of BFD for Cisco IOS Releases 12.2(18)SXE, 12.0(31)S, and 12.4(4)T. For example, if a network is running OSPF and EIGRP across the same link to the same peer, only one BFD session will be established, and BFD will share session information with both routing protocols. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fs_bfd.html#wp1053749