Download Cisco.CertDumps.300-135.2017-09-28.21e.68q.vcex

Download Exam

File Info

Exam Troubleshooting and Maintaining Cisco IP Networks (TSHOOT v2.0)
Number 300-135
File Name Cisco.CertDumps.300-135.2017-09-28.21e.68q.vcex
Size 13.21 Mb
Posted September 28, 2017
Downloads 63
Download Cisco.CertDumps.300-135.2017-09-28.21e.68q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

 

  

  • A: RouterA received a hello packet with mismatched autonomous system numbers.
  • B: RouterA received a hello packet with mismatched hello timers.
  • C: RouterA received a hello packet with mismatched authentication parameters.
  • D: RouterA received a hello packet with mismatched metric-calculation mechanisms.
  • E: RouterA will form an adjacency with RouterB.
  • F: RouterA will not form an adjacency with RouterB.

Correct Answer: DF

From the last line “K-value mismatch” we learn that the K values of two EIGRP routers are mismatched and EIGRP neighborship between two routers will not be formed. 
Note: EIGRP K values are the metrics that EIGRP uses to calculate routes. Mismatched K values can prevent neighbor relationships from being established. By default K1 & K3 are set to 1 while K2, K4 and K5 are set to 0. We can change the EIGRP K values via the “metric weights tos k1 k2 k3 k4 k5” command under EIGRP router mode (tos: type of service must always be zero). For example:
Router(config-router)#metric weights 0 20 10 50 40 40




Question 2

When troubleshooting an EIGRP connectivity problem, you notice that two connected EIGRP routers are not becoming EIGRP neighbors. 
A ping between the two routers was successful. What is the next thing that should be checked?

  • A: Verify that the EIGRP hello and hold timers match exactly.
  • B: Verify that EIGRP broadcast packets are not being dropped between the two routers with the show ip EIGRP peer command.
  • C: Verify that EIGRP broadcast packets are not being dropped between the two routers with the show ip EIGRP traffic command.
  • D: Verify that EIGRP is enabled for the appropriate networks on the local and neighboring router.

Correct Answer: D

The following list of parameters must match between EIGRP neighbors in order to successfully establish neighbor relationships:
Autonomous System number. 
K-Values (look at the previous lesson). 
If authentication is used both: the key number, the password, and the date/time the password is valid must match.
The neighbors must be on common subnet (all IGPs follow this rule). 
Therefore we don’t need to check EIGRP hello and hold timers because they don’t have to match. We should check if appropriate networks are included in the “network …” command of EIGRP on both routers.




Question 3

 

  

  • A: Use ping and the show ip route command to confirm the timers for each default network resets to 0.
  • B: Load balancing does not occur over default networks; the second route will only be used for failover.
  • C: Use an extended ping along with repeated show ip route commands to confirm the gateway of last resort address toggles back and forth.
  • D: Use the traceroute command to an address that is not explicitly in the routing table.

Correct Answer: D

 
  




Question 4

Which IPsec mode will encrypt a GRE tunnel to provide multiprotocol support and reduced overhead?

  • A: 3DES
  • B: multipoint GRE
  • C: tunnel
  • D: transport

Correct Answer: D

IPSec transport mode (encrypting an IP GRE tunnel) is a commonly deployed option because it provides all the advantages of using IP GRE, such as IP Multicast protocol support (and, thus, also the support of routing protocols that utilize IP Multicast) and multiprotocol support. Furthermore, this option saves 20 bytes per packet over IPSec tunnel mode (encrypting an IP GRE tunnel) because an additional IP header is not required. 
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book/IPSecQoS.html#pgfId-56035




Question 5

Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs? (Choose three)

  • A: allows dynamic routing over the tunnel
  • B: supports multi-protocol (non-IP) traffic over the tunnel
  • C: reduces IPsec headers overhead since tunnel mode is used
  • D: simplifies the ACL used in the crypto map
  • E: uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Correct Answer: ABD

IPSec alone does not support multicast which many dynamic routing protocols use. GRE tunnels helps IPSec overcome this disadvantage by handling the transportation of multiprotocol and IP multicast traffic (from site-to-site VPNs, for example). 
With the p2p GRE over IPsec solution, all traffic between sites is encapsulated in a p2p GRE packet before the encryption process, simplifying the access control list used in the crypto map statements. The crypto map statements need only one line permitting GRE (IP Protocol 47). 
Reference:
http://www.cisco.com/c/en/us/td/docs/security/vpn_modules/6342/vpn_cg/6342site3.html
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/P2P_GRE_IPSec/2_p2pGRE_Phase2




Question 6

Which statement is true about an IPsec/GRE tunnel?

  • A: The GRE tunnel source and destination addresses are specified within the IPsec transform set.
  • B: An IPsec/GRE tunnel must use IPsec tunnel mode.
  • C: GRE encapsulation occurs before the IPsec encryption process.
  • D: Crypto map ACL is not needed to match which traffic will be protected.

Correct Answer: C

With the p2p GRE over IPsec solution, all traffic between sites is encapsulated in a p2p GRE packet before the encryption process, simplifying the access control list used in the crypto map statements. 
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/P2P_GRE_IPSec/2_p2pGRE_Phase2.html




Question 7

(Ticket 1: Switch Port Trunk)
Scenario: The implementation group has been using the test bed to do a 'proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, layer 2 connectivity, FHRP services, and, device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
 

  

Figure 1 
 
  

Figure 2 
Trouble Ticket Statement 
Client 1 and Client 2 are getting a 169.x.x.x IP address and are not able to ping DSW1 or the FTP Server. They are able to ping each other. 
Configuration on ASW1 
Interface PortChannel13 
switchport mode trunk 
switchport trunk allowed vlan 20,200 

Interface PortChannel23 
switchport mode trunk 
switchport trunk allowed vlan 20,200 

Interface FastEthernet1/0/1 
switchport mode access 
switchport access vlan 10 

Interface FastEthernet1/0/2 
switchport mode access 
switchport access vlan 10 

On Which device is the fault condition located?

  • A: ASW1
  • B: DSW1
  • C: Client 1
  • D: FTP Server
  • E: ASW2
  • F: DSW2

Correct Answer: A




Question 8

(Ticket 1: Switch Port Trunk)
Scenario: The implementation group has been using the test bed to do a 'proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, layer 2 connectivity, FHRP services, and, device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
 

  

Figure 1 
 
  

Figure 2 
Trouble Ticket Statement 
Configurationon ASW1 
(Click the Exhibits button)
   
  

The Fault Condition is related to which technology?

  • A: NTP
  • B: Switch to Switch Connectivity
  • C: Access Vlans
  • D: Port Security
  • E: VLAN ACL / Port ACL
  • F: Switch Virtual Interface

Correct Answer: B

Switch to Switch Connectivity




Question 9

(Ticket 1: Switch Port Trunk)
Scenario: The implementation group has been using the test bed to do a 'proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, layer 2 connectivity, FHRP services, and, device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
 

  

Figure 1 
 
  

Figure 2 
Trouble Ticket Statement 
Client 1 and Client 2 are getting a 169.x.x.x IP address and are not able to ping DSW1 or the FTP Server. They are able to ping each other. 
Configuration on ASW1 
Interface PortChannel13 
switchport mode trunk 
switchport trunk allowed vlan 20,200 

Interface PortChannel23 
switchport mode trunk 
switchport trunk allowed vlan 20,200 

Interface FastEthernet1/0/1 
switchport mode access 
switchport access vlan 10 

Interface FastEthernet1/0/2 
switchport mode access 
switchport access vlan 10 

What is the solution of the fault condition?

  • A: Change the VLAN assignment on fa1/0/1 and fa1/0/2 on ASW1 to VLAN 1
  • B: Change the IP Address of VLAN 10 on DSW1
  • C: In Configuration mode, on interface portchannel13 and portchanngel23 then switchport trunk allowed vlan none, switchport trunk allowed vlan 10,200 command on ASW1
  • D: In Configuration mode, on interface portchannel13 and portchanngel23 then switchport trunk allowed vlan none on ASW1

Correct Answer: C




Question 10

(Ticket 2: Access VLAN)
Scenario: The implementation group has been using the test bed to do a 'proof-of-concept' that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing schemes, DHCP services, layer 2 connectivity, FHRP services, and, device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address.
 

  

Figure 1 
 
  

Figure 2 
Trouble Ticket Statement 
Client 1 and Client 2 are getting a 169.x.x.x IP address and are not able to ping DSW1 or the FTP Server. They are able to ping each other. 
Configuration on ASW1 
Interface FastEthernet1/0/1 
switchport mode access 
switchport access vlan 1 

Interface FastEthernet1/0/2 
switchport mode access 
switchport access vlan 1 
On which device is the fault condition located?

  • A: DSW1
  • B: ASW1
  • C: Client 1
  • D: FTP Server
  • E: DSW2
  • F: ASW2

Correct Answer: B










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files