Download Cisco.Certkiller.200-310.2017-09-26.1e.84q.vcex

Download Dump

File Info

Exam CCDA - Designing for Cisco Internetwork Solutions
Number 200-310
File Name Cisco.Certkiller.200-310.2017-09-26.1e.84q.vcex
Size 3.07 Mb
Posted September 26, 2017
Downloaded 12



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%

 
 



Demo Questions

Question 1

View the Exhibit. 
  

  
You are designing an IP addressing scheme for the network in the exhibit above.  
Each switch represents hosts that reside in separate VLANs. The subnets should be allocated to match the following host capacities:
Router subnet: two hosts 
SwitchA subnet: four hosts 
SwitchB subnet: 10 hosts 
SwitchC subnet: 20 hosts  
SwitchD subnet: 50 hosts
You have chosen to subnet the 192.168.51.0/24 network. 
Which of the following are you least likely to allocate? 

  • A: a /25 subnet
  • B: a /26 subnet
  • C: a /27 subnet
  • D: a /28 subnet
  • E: a /29 subnet
  • F: a /30 subnet

Correct Answer: A

Of the available choices, you are least likely to allocate a /25 subnet. The largest broadcast domain in this scenario contains 50 hosts. A /25 subnet can contain up to 126 assignable hosts. In this scenario, allocating a /25 subnet would reserve half the 192.168.51.0/24 network for a single virtual LAN (VLAN). The total number of hosts for which you need addresses in this scenario is 86. Therefore, you would only need to use half the /24 subnet if all 86 hosts were residing in the same VLAN. 
You should begin allocating address ranges starting with the largest group of hosts to ensure that the entire group has a large, contiguous address range available. 
Subnetting a contiguous address range in structured, hierarchical fashion enables routers to maintain smaller routing tables and eases administrative burden when troubleshooting. 
You are likely to use a /26 subnet. In this scenario, the largest VLAN contains 50 hosts. If you were to divide the 192.168.51.0/25 subnet into two /26 subnets, the result would be two new subnets capable of supporting up to 62 assignable hosts: the 192.168.51.0/26 subnet and the 192.168.51.64/26 subnet. Therefore, you should start subnetting with a /26 network. To maintain a logical, hierarchical IP structure, you could then allocate the 192.168.51.64/26 subnet to SwitchD's VLAN. 
You are likely to use a /27 subnet. The nextlargest broadcast domain in this scenario is the SwitchC subnet, which contains 20 hosts. If you were to divide the 192.168.51.0/26 subnet into two /27 subnets, the result would be two new subnets capable of supporting up to 30 assignable hosts: the 192.168.51.0/27 subnet and the 192.168.51.32/27 subnet. To maintain a logical, hierarchical IP structure, you could then allocate the 192.168.51.32/27 subnet to SwitchC's VLAN. 
You are likely to use a /28 subnet. The nextlargest broadcast domain in this scenario is the SwitchB subnet, which contains 10 hosts. If you were to divide the 192.168.51.0/27 subnet into two /28 subnets, the result would be two new subnets capable of supporting up to 14 assignable hosts: the 192.168.51.0/28 subnet and the 192.168.51.16/28 subnet. To maintain a logical, hierarchical IP structure, you could then allocate the 192.168.51.16/28 subnet to SwitchB's VLAN. 
You are likely to use a /29 subnet. The nextlargest broadcast domain in this scenario is the SwitchA subnet, which contains four hosts. If you were to divide the 192.168.51.0/28 subnet into two /29 subnets, the result would be two new subnets capable of supporting up to six assignable hosts: the 192.168.51.0/29 subnet and the 192.168.51.8 subnet. To maintain a logical, hierarchical IP structure, you could then allocate the 192.168.51.8/29 subnet to SwitchA's VLAN. 
You are likely to use a /30 subnet. The final subnet in this scenario is the link between RouterA and RouterB, which contains two hosts. If you were to divide the 192.168.51.0/29 subnet into two /30 subnets, the result would be two new subnets capable of supporting two assignable hosts each: the 192.168.51.0/30 subnet and the 192.168.51.4/30 subnet. To maintain a logical, hierarchical IP structure, you could then allocate the 192.168.51.4/30 subnet to the link between RouterA and RouterB. This would leave the 192.168.51.0/30 subnet unallocated. However, you could further divide the 192.168.51.0/30 subnet into single /32 host addresses that could then be used for loopback IP addressing on the routers. 
Reference:
CCDA 200-310 Official Cert Guide, Chapter 8, IPv4 Address Subnets, pp. 302-310 
CCDA 200-310 Official Cert Guide, Chapter 8, Plan for a Hierarchical IP Address Network, pp. 311-312 
Cisco: IP Addressing and Subnetting for New Users




Question 2

Which of the following is a type of attack that can be mitigated by enabling DAI on campus access layer switches? 

  • A: ARP poisoning
  • B: VLAN hopping
  • C: DHCP spoofing
  • D: MAC flooding

Correct Answer: A

Dynamic ARP Inspection (DAI) can be enabled on campus access layer switches to mitigate Address Resolution Protocol (ARP) poisoning attacks. In an ARP poisoning attack, which is also known as an ARP spoofing attack, the attacker sends a gratuitous ARP (GARP) message to a host. The message associates the attacker's media access control (MAC) address with the IP address of a valid host on the network. Subsequently, traffic sent to the valid host address will go through the attacker's computer rather than directly to the intended recipient. DAI protects against ARP poisoning attacks by inspecting all ARP packets that are received on untrusted ports. 
Dynamic Host Configuration Protocol (DHCP) spoofing attacks can be mitigated by enabling DHCP snooping on campus access layer switches, not by enabling DAI. In a DHCP spoofing attack, an attacker installs a rogue DHCP server on the network in an attempt to intercept DHCP requests. The rogue DHCP server can then respond to the DHCP requests with its own IP address as the default gateway address? hence all traffic is routed through the rogue DHCP server. DHCP snooping is a feature of Cisco Catalyst switches that helps prevent rogue DHCP servers from providing incorrect IP address information to hosts on the network. 
When DHCP snooping is enabled, DHCP servers are placed onto trusted switch ports and other hosts are placed onto untrusted switch ports. If a DHCP reply originates from an untrusted port, the port is disabled and the reply is discarded. 
Virtual LAN (VLAN) hopping attacks can be mitigated by disabling Dynamic Trunking Protocol (DTP) on campus access layer switches, not by enabling DAI. A VLAN hopping attack occurs when a malicious user sends frames over a VLAN trunk link? the frames are tagged with two different 802.1Q tags, with the goal of sending the frame to a different VLAN. In a VLAN hopping attack, a malicious user connects to a switch by using an access VLAN that is the same as the native VLAN on the switch. If the native VLAN on a switch were VLAN 1, the attacker would connect to the switch by using VLAN 1 as the access VLAN. The attacker would transmit packets containing 802.1Q tags for the native VLAN and tags spoofing another VLAN. Each packet would be forwarded out the trunk link on the switch, and the native VLAN tag would be removed from the packet, leaving the spoofed tag in the packet. The switch on the other end of the trunk link would receive the packet, examine the 802.1Q tag information, and forward the packet to the destination VLAN, thus allowing the malicious user to inject packets into the destination VLAN even though the user is not connected to that VLAN.  
To mitigate VLAN hopping attacks, you should configure the native VLAN on a switch to an unused value, remove the native VLAN from each end of the trunk link, place any unused ports into a common unrouted VLAN, and disable DTP for unused and nontrunk ports. DTP is a Cisco-proprietary protocol that eases administration by automating the trunk configuration process. However, for nontrunk links and for unused ports, a malicious user who has gained access to the port could use DTP to gain access to the switch through the exchange of DTP messages. By disabling DTP, you can prevent a user from using DTP messages to gain access to the switch.  
MAC flooding attacks can be mitigated by enabling port security on campus access layer switches, not by enabling DAI. In a MAC flooding attack, an attacker generates thousands of forged frames every minute with the intention of overwhelming the switch's MAC address table. Once this table is flooded, the switch can no longer make intelligent forwarding decisions and all traffic is flooded. This allows the attacker to view all data sent through the switch because all traffic will be sent out each port. Implementing port security can help mitigate MAC flooding attacks by limiting the number of MAC addresses that can be learned on each interface to a maximum of 128. A MAC flooding attack is also known as a Content Addressable Memory (CAM) table overflow attack. 
Reference:
CCDA 200-310 Official Cert Guide, Chapter 12, Loss of Availability, pp. 495-496 
Cisco: Layer 2 Security Features on Cisco Catalyst Layer 3 Fixed Configuration Switches Configuration Example: Background Information
Cisco: Enterprise Data Center Topology: Preventing VLAN Hopping




Question 3

You issue the following commands on RouterA:
  

  
Packets sent to which of the following destination IP addresses will be forwarded to the 10.1.1.3 next-hop IP address? (Choose two.)

  • A: 172.16.0.1
  • B: 192.168.0.1 
  • C: 192.168.0.14
  • D: 192.168.0.17
  • E: 192.168.0.26
  • F: 192.168.1.1

Correct Answer: DE

Of the choices available, packets sent to 192.168.0.17 and 192.168.0.26 will be forwarded to the 10.1.1.3 next-hop IP address. When a packet is sent to a router, the router checks the routing table to see if the next-hop address for the destination network is known. The routing table can be filled dynamically by a routing protocol, or you can configure the routing table manually by issuing the ip route command to add static routes. The ip route command consists of the syntax ip route net-address mask next-hop, where net-address is the network address of the destination network, mask is the subnet mask of the destination network, and next-hop is the IP address of a neighboring router that can reach the destination network. 
A default route is used to send packets that are destined for a location that is not listed elsewhere in the routing table. For example, the ip route 0.0.0.0 0.0.0.0 10.1.1.1command specifies that packets destined for addresses not otherwise specified in the routing table are sent to the default next-hop address of 10.1.1.1. A net-address and mask combination of 0.0.0.0 0.0.0.0 specifies any packet destined for any network. 
If multiple static routes to a destination are known, the most specific route is used? the most specific route is the route with the longest network mask. For example, a route to 192.168.0.0/28 would be used before a route to 192.168.0.0/24. Therefore, the following rules apply on RouterA:
Packets sent to the 192.168.0.0 255.255.255.240 network are forwarded to the next-hop address of 10.1.1.4. This includes destination addresses from 192.168.0.0 through 192.168.0.15.  
Packets sent to the 192.168.0.0 255.255.255.0 network, except those sent to the 192.168.0.0255.255.255.240 network, are forwarded to the next-hop address of 10.1.1.3. This includes destination addresses from 192.168.0.16 to 192.168.0.255. 
Packets sent to the 192.168.0.0 255.255.0.0 network, except those sent to the 192.168.0.0255.255.255.0 network, are forwarded to the next-hop address of 10.1.1.2. This includes destination addresses from 192.168.1.0 through 192.168.255.255.  
Packets sent to any destination not listed in the routing table are forwarded to the default static route next-hop address of 10.1.1.1. 
The 192.168.0.17 and 192.168.0.26 addresses are within the range of addresses from 192.168.0.16 to 192.168.0.255. Therefore, packets sent to these addresses are forwarded to the next-hop address of 10.1.1.3. 
The 192.168.0.1 and 192.168.0.14 addresses are within the range of addresses from 192.168.0.0 through 192.168.0.15. Therefore, packets sent to these addresses are forwarded to the next-hop address of 10.1.1.4. 
The 192.168.1.1 IP address is within the range of addresses from 192.168.1.0 through 192.168.255.255. Therefore, packets sent to 192.168.1.1 are forwarded to the next-hop address of 10.1.1.2. 
RouterA does not have a specific static route to the 172.16.0.1 network. Therefore, packets sent to 172.16.0.1 are forwarded to the default static route v address of 10.1.1.1.  
Reference:
Boson ICND2 Curriculum, Module 2: Implementing VLSMs and Summarization, Choosing a Route
Cisco: IP Routing Protocol-Independent Commands: ip route
Cisco: Specifying a Next Hop IP Address for Static Routes




Question 4

Select the protocols and port numbers from the left, and drag them to the corresponding traffic types on the right. Not all protocols and port numbers will be used. 

Correct Answer: Exam simulator is required

Lightweight Access Point Protocol (LWAPP) uses User Datagram Protocol (UDP) port 12222 for data traffic and UDP port 12223 for control traffic. LWAPP is a protocol developed by Cisco and is used as part of the Cisco Unified Wireless Network architecture. LWAPP creates a tunnel between a lightweight access point (LAP) and a wireless LAN controller (WLC)? in LWAPP operations, both a LAP and a WLC are required. The WLC handles many of the management functions for the link, such as user authentication and security policy management, whereas the LAP handles real-time operations, such as sending and receiving 802.11 frames, wireless encryption, access point (AP) beacons, and probe messages. Cisco WLC devices prior to software version 5.2 use LWAPP. 
Control and Provisioning of Wireless Access Points (CAPWAP) uses UDP port 5246 for control traffic and UDP port 5247 for data traffic. CAPWAP is a standards-based version of LWAPP. Cisco WLC devices that run software version 5.2 and later use CAPWAP instead of LWAPP. 
Neither LWAPP nor CAPWAP use Transmission Control Protocol (TCP) for communication. TCP is a connection-oriented protocol. Because UDP is a connectionless protocol, it does not have the additional connection overhead that TCP has? therefore, UDP is faster but less reliable. 
Reference:
Cisco: LWAPP Traffic Study
IETF: RFC 5415: Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification




Question 5

Which of the following should not be implemented in the core layer? (Choose two.)

  • A: ACLs
  • B: QoS
  • C: load balancing
  • D: interVLAN routing
  • E: a partially meshed topology

Correct Answer: AD

Access control lists (ACLs) and inter-VLAN routing should not be implemented in the core layer. Because the core layer focuses on low latency and fast transport services, you should not implement mechanisms that can introduce unnecessary latency into the core layer. For example, mechanisms such as process-based switching, packet manipulation, and packet filtering introduce latency and should be avoided in the core. 
The hierarchical network model divides the operation of the network into three categories:
Core layer - provides fast backbone services to the distribution layer 
Distribution layer - provides policy-based access between the core and access layers 
Access layer - provides physical access to the network 
ACLs and inter-VLAN routing are typically implemented in the distribution layer. Because the distribution layer is focused on policy enforcement, the distribution layer provides the ideal location to implement mechanisms such as packet filtering and packet manipulation. In addition, because the distribution layer acts as an intermediary between the access layer devices and the core layer, the distribution layer is also the recommended location for route summarization and redistribution. 
Because a fully meshed topology can add unnecessary cost and complexity to the design and operation of the network, a partially meshed topology is often implemented in the core layer. A fully meshed topology is not required if multiple paths exist between core layer and distribution layer devices. The core layer is particularly suited to a mesh topology because it typically contains the least number of network devices. Fully meshed topologies restrict the scalability of a design. 
Hierarchical designs are intended to aid scalability, particularly in the access layer. 
Quality of Service (QoS) is often implemented in all three layers of the hierarchical model. However, because the access layer provides direct connectivity to network endpoints, QoS classification and marking are typically performed in the access layer. Cisco recommends classifying and marking packets as close to the source of traffic as possible. Although classification and marking can be performed in the access layer, QoS mechanisms must be implemented in each of the higher layers for QoS to be effective. 
Load balancing is often implemented in all three layers of the hierarchical model. Load balancing offers redundant paths for network traffic; the redundant paths can be used to provide bandwidth optimization and network resilience. Typically, the core and distribution layers offer a greater number of redundant paths than the access layer does. Because some devices, such as network hosts, often use only a single connection to the access layer, Cisco recommends redundant links for mission-critical endpoints, such as servers. 
Reference:
Cisco: Internetwork Design Guide Internetwork Design Basics




Question 6

You issue the show ip bgp neighbors command on RouterA and receive the following output:
  

  
Which of the following is most likely true?

  • A: RouterA is operating in AS 64496.
  • B: RouterA has been assigned a BGP RID of 1.1.1.2.
  • C: RouterA has been unable to establish a BGP session with the remote router.
  • D: RouterA is configured with the neighbor 203.0.113.1 remote-as 64496 command. 

Correct Answer: D

Most likely, RouterA is configured with the neighbor 203.0.113.1 remote-as 64496 command. In this scenario, the output of the show ip bgp neighbors command reports that RouterA's Border Gateway Protocol (BGP) neighbor has an IP address of 203.0.113.1 and is operating within the remote autonomous system number (ASN) of 64496. The syntax of the neighbor remote-as command is neighbor ip address remote-as as-number, where ip address and as-number are the IP address and ASN of the neighbor router. For example, the following command configures a peering relationship with a router that has an IP address of 203.0.113.1 in autonomous system (AS) 64496: 
router(config-router)#neighbor 203.0.113.1 remote-as 64496 
Because BGP does not use a neighbor discovery process like many other routing protocols, it is essential that every peer is manually configured and reachable through Transmission Control Protocol (TCP) port 179. Once a peer has been configured with the neighbor remote-as command, the local BGP speaker will attempt to transmit an OPEN message to the remote peer. If the OPEN message is not blocked by existing firewall rules or other security mechanisms, the remote peer will respond with a KEEPALIVE message and will continue to periodically exchange KEEPALIVE messages with the local peer. A BGP speaker will consider a peer dead if a KEEPALIVE message is not received within a period of time specified by a hold timer. Routing information is then exchanged between peers by using UPDATE messages. UPDATE messages can include advertised routes and withdrawn routes. Withdrawn routes are those that are no longer considered feasible. 
Statistics regarding the number of BGP messages, such as UPDATE messages, can be viewed in the output of the show ip bgp neighbors command. 
The output of the show ip bgp neighbors command in this scenario does not indicate that RouterA is operating in AS 64496. Nor does the output indicate that RouterA has been assigned a BGP router ID (RID) of 1.1.1.2. Among other things, the partial command output from the show ip bgp neighbors command indicates that the remote peer has an IP address of 203.0.113.1, an ASN of 64496, a RID of 1.1.1.2, an external BGP (eBGP) session that is an Established state, and a hold time of 180 seconds. 
Reference:
CCDA 200-310 Official Cert Guide, Chapter 11, BGP Neighbors, pp. 444-445 
Cisco: Cisco IOS IP Routing: BGP Command Reference: neighbor remote-as
Cisco: Cisco IOS IP Routing: BGP Command Reference: show ip bgp neighbors




Question 7

View the Exhibit. 
  

  
Refer to the exhibit above. PVST+ is enabled on all the switches. The Layer 3 switch on the right, DSW2, is the root bridge for VLAN 20. The Layer 3 switch on the left, DSW1, is the root bridge for VLAN 10. Devices on VLAN 10 use DSW1 as a default gateway. Devices on VLAN 20 use DSW2 as a default gateway. You want to ensure that the network provides high redundancy and fast convergence. 
Which of the following are you most likely to do?

  • A: physically connect ASW1 to ASW2
  • B: physically connect ASW2 to ASW3
  • C: physically connect ASW1 to both ASW2 and ASW3
  • D: replace PVST+ with RSTP
  • E: replace PVST+ with RPVST+

Correct Answer: E

Most likely, you would replace Per-VLAN Spanning Tree Plus (PVST+) with RapidPVST+ (RPVST+) in order to ensure that the network provides fast convergence. 
PVST+ is a revision of the Cisco-proprietary Per-VLAN Spanning Tree (PVST), which enables a separate spanning tree to be established for each virtual LAN (VLAN). Therefore, a per-VLAN implementation of STP, such as PVST+, enables the location of a root switch to be optimized on a per-VLAN basis. However, PVST + progresses through the same spanning tree states as the 802.1Dbased Spanning Tree Protocol (STP). Thus it can take up to 30 seconds for a PVST+ link to begin forwarding traffic. RapidPVST+ provides faster convergence because it passes through the same three states as the 802.1wbased Rapid STP (RSTP). 
Therefore, RPVST+ provides faster convergence than PVST+. 
The network in this scenario is already provisioned with high redundancy. Every access layer switch in this scenario is connected to every distribution layer switch. In addition, the two distribution layer switches are connected by using an EtherChannel bundle. This configuration creates multiple paths to the root bridge for each VLAN. Connecting any of the access layer switches to any of the other access layer switches might add another layer of redundancy, but this would not provide as much benefit as replacing PVST+ with RPVST+ in this scenario. 
Reference:
CCDA 200-310 Official Cert Guide, Chapter 3, STP Design Considerations, pp. 101-103 
Cisco: Spanning Tree from PVST+ to RapidPVST Migration Configuration Example: Background Information




Question 8

Which of the following VPN tunnels support encapsulation of dynamic routing protocol traffic? (Choose three.)

  • A: IPSec
  • B: IPSec VTI
  • C: GRE over IPSec
  • D: DMVPN hub-and-spoke
  • E: DMVPN spoke-to-spoke

Correct Answer: BCD




Question 9

HostA is a computer on your company's network. RouterA is a NAT router. HostA sends a packet to HostB, and HostB sends a packet back to HostA. 
  

  
Which of the following addresses is an outside local address? 

  • A: 15.16.17.18
  • B: 22.23.24.25
  • C: 192.168.1.22
  • D: 192.168.1.30

Correct Answer: D

The 192.168.1.30 address is an outside local address. An outside local address is an IP address that represents an outside host to the local network. Network Address Translation (NAT) translates between public and private IP addresses to enable hosts on a privately addressed network to access the Internet. Public addresses are routable on the Internet, and private addresses are routable only on internal networks. Several IP address ranges are reserved for private, internal use; these addresses, shown below, are defined in Request for Comments (RFC) 1918. 
10.0.0.0 through 10.255.255.255  
172.16.0.0 through 172.31.255.255  
192.168.0.0 through 192.168.255.255 
The outside local address is often the same as the outside global address, particularly when inside hosts attempt to access resources on the Internet. However, in some configurations, it is necessary to configure a NAT translation that allows a local address on the internal network to identify an outside host. When RouterA receives a packet destined for 192.168.1.30, RouterA translates the 192.168.1.30 outside local address to the 15.16.17.18 outside global address and forwards the packet to its destination. To configure a static outside local-to-outside global IP address translation, you should issue the ip nat outside source static outside-global outside-local command. 
In this scenario, 15.16.17.18 is an outside global address. An outside global address is an IP address that represents an outside host to the global network. Outside global addresses are public IP addresses assigned to an Internet host by the host's operator. The outside global address is usually the address registered with the Domain Name System (DNS) server to map a host's public IP address to a friendly name such as www.mycompany.com. 
In this scenario, 192.168.1.22 is an inside local address. An inside local address is an IP address that represents an inside host to the local network. Inside local addresses are typically private IP ddresses defined by RFC 1918. 
In this scenario, 22.23.24.25 is an inside global address. An inside global address is a publicly routable IP address that is used to represent an inside host to the global network. Inside global IP addresses are typically assigned from a NAT pool on the router. You can issue the ip nat pool command to define a NAT pool. For example, the ip nat pool natpool 22.23.24.11 22.23.24.30 netmask 255.255.255.224 command allocates the IP addresses 22.23.24.11 through 22.23.24.30 to be used as inside global IP addresses. When a NAT router receives a packet destined for the Internet from a local host, it changes the inside local address to an inside global address and forwards the packet to its destination. 
In addition to configuring a NAT pool to dynamically translate addresses, you can configure static inside local-to-inside global IP address translations by issuing the ip nat inside source static inside-local inside-global command. This command maps a single inside local address on the local network to a single inside global address on the outside network. 
It is important to specify the inside and outside interfaces when you configure a NAT router. To specify an inside interface, you should issue the ip nat inside command from interface configuration mode. To specify an outside interface, you should issue the ip nat outside command from interface configuration mode. 
The following graphic depicts the relationship between inside local, inside global, outside local, and outside global addresses:
  
  
Reference:
CCDA 200-310 Official Cert Guide, Chapter 8, IPv4 Private Addresses, pp. 299-300 
CCDA 200-310 Official Cert Guide, Chapter 8, NAT, pp. 300-302 
Cisco: NAT: Local and Global Definitions




Question 10

Which of the following OSPF areas accept all LSAs? (Choose two.)

  • A: stub
  • B: not-so-stubby
  • C: totally stubby
  • D: backbone
  • E: standard

Correct Answer: DE

Standard areas and backbone areas accept all link-state advertisements (LSAs). Every router in a standard area contains the same Open Shortest Path First (OSPF) database. If the standard area's ID number is 0, the area is a backbone area. The backbone area must be contiguous, and all OSPF areas must connect to the backbone area. If a direct connection to the backbone area is not possible, you must create a virtual link to connect to the backbone area through a nonbackbone area. 
Stub areas, totally stubby areas, and not-so-stubby areas (NSSAs) flood only certain types of LSAs. For example, none of these areas floods Type 5, which are LSAs that originate OSPF autonomous system boundary routers (ASBRs). Instead, stub areas and totally stubby areas are injected with a single default route from an ABR. Routers inside a stub area or a totally stubby area will send all packets destined for another area to the area border router (ABR). In addition, a totally stubby area does not accept Type 3, 4, or 5 summary LSAs, which advertise inter-area routes. These LSAs are replaced by a default route at the ABR. As a result, routing tables are kept small within the totally stubby area. 
An NSSA floods Type 7 LSAs within its own area, but does not accept or flood Type 5 LSAs. Therefore, an NSSA does not accept all LSAs. Similar to Type 5 LSAs, a Type 7 LSA is an external LSA that originates from an ASBR. However, Type 7 LSAs are only flooded to an NSSA. 
Reference:
CCDA 200-310 Official Cert Guide, Chapter 11, OSPF Stub Area Types, pp. 437-438 
Cisco: What Are OSPF Areas and Virtual Links?: Normal, Stub, Totally Stub and NSSA Area Differences










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files