CCNPv8 ENCOR (Version 8.0) – Chapters 22 – 24: Network Design and Monitoring Exam Answers Full 100% 2024

  1. A network designer must provide a rationale to a customer for a design which will move an enterprise from a flat network topology to a hierarchical network topology. Which two features of the hierarchical design make it the better choice? (Choose two.)

    • lower bandwidth requirements
    • reduced cost for equipment and user training
    • easier to provide redundant links to ensure higher availability
    • less required equipment to provide the same performance levels
    • simpler deployment for additional switch equipment
      Explanation & Hint:

      A hierarchical design for switches helps network administrators when planning and deploying a network expansion, performing fault isolation when a problem occurs, and providing resiliency when traffic levels are high. A good hierarchical design has redundancy when it can be afforded so that one switch does not cause all networks to be down.

  2. Which network design solution will best extend access layer connectivity to host devices?

    • implementing EtherChannel
    • implementing wireless connectivity
    • implementing redundancy
    • implementing routing protocols
      Explanation & Hint:

      EtherChannel allows more data to be moved at the access layer, but does not provide network expansion. Redundancy is used to provide failover solutions but does not focus on network expansion. Routing protocols are not used to provide network expansion at the access layer. Wireless connectivity provides network access to a large number of users at the access layer.

  3. What are three benefits of employing a hierarchical network design? (Choose three.)

    • Hierarchically designed networks can more easily be expanded to suit future needs.
    • Hierarchical design models enhance existing bandwidth through the use of link aggregation.
    • The hierarchical model allows for specialized functionality at each layer, simplifying device management.
    • Use of a hierarchical design allows replacement of redundant devices with high-capacity network equipment.
    • A hierarchical design uses firewalls instead of complicated port-based and distribution layer security policies.
    • The hierarchical model allows the use of high-performance switches at all design layers, thus allowing for a fully-meshed topology.
      Explanation & Hint:

      Hierarchical design provides fault containment by constraining the network changes to a subset of the network, which affects fewer systems and makes it easy to manage as well as improve resiliency. In a modular layer design, network components can be placed or taken out of service with little or no impact to the rest of the network and this facilitates troubleshooting, problem isolation, and network management.

  4. At the distribution layer of a hierarchical network, what are two advantages of using Layer 3 devices instead of Layer 2 switches? (Choose two.)

    • provides reliable connectivity to end users
    • creates fewer IP subnets to configure and manage
    • reduces the number of redundant links required
    • provides connectivity between different VLANs
    • enables traffic filtering based on subnet addresses
      Explanation & Hint:

      Communication between endpoints on different access layer switches occurs through the distribution layer. The distribution layer provides a boundary between the Layer 2 domain of the access layer and the Layer 3 domain of the core. This boundary provides two key functions for the LAN. On the Layer 2 side, the distribution layer creates a boundary for Spanning Tree Protocol (STP), limiting propagation of Layer 2 faults. On the Layer 3 side, the distribution layer provides a logical point to summarize IP routing information when it enters the core layer. The summarization reduces IP route tables for easier troubleshooting and reduces protocol overhead for faster recovery from failures.

  5. Which three characteristics are typically associated with the core layer in the Cisco hierarchical network design model? (Choose three.)

    • redundant paths
    • monitoring of DMZ traffic
    • connectivity to the data center
    • packet manipulation
    • rapid forwarding of traffic
      Explanation & Hint:

      The core layer is the backbone and aggregation point for multiple networks and provides scalability, high availability, and fast convergence to the network. It can provide high-speed connectivity for large enterprises with multiple campus networks distributed worldwide and it can also provide interconnectivity between the end-user/endpoint campus access layer and other network blocks such as the data center, the private cloud, the public cloud, the WAN, Internet edge, and network services. Packet filtering is a function of the distribution layer.

  6. Refer to the exhibit. Which switching technology would allow each access layer switch link to be aggregated to provide more bandwidth between each Layer 2 switch and the Layer 3 switch?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 01
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 01
    • HSRP
    • PortFast
    • trunking
    • EtherChannel
      Explanation & Hint:

      PortFast is used to reduce the amount of time that a port spends going through the spanning-tree algorithm, so that devices can start sending data sooner. Trunking can be implemented in conjunction with EtherChannel, but trunking alone does not aggregate switch links. HSRP is used to load-balance traffic across two different connections to Layer 3 devices for default gateway redundancy. HSRP does not aggregate links at either Layer 2 or Layer 3 as EtherChannel does.

  7. Refer to the exhibit. Which type of Cisco hierarchical LAN design model is used at school site 1?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 02
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 02
    • 3 layer
    • 7 layer
    • two-tier collapsed core
    • three-tier
      Explanation & Hint:

      In the two-tier collapsed core model, the distribution layer and the core layer are combined into one. The switch that connects the site to the NOC is serving as both a distribution layer switch and a core layer switch. The NOC is designed with other network devices that are not shown, such as the firewall, as part of an Internet edge design.

  8. A network engineer is attempting to explain StackWise technology to a client who wants to deploy a simplified campus design. Which explanation accurately describes this technology?

    • It allows up to eight ports to be bound together to increase available bandwidth.
    • It allows the switch to deliver power to end devices by using existing Ethernet cabling.
    • It allows the switch capabilities and ports to be expanded by the addition of line cards.
    • It allows multiple switches to function as a single logical switch.
      Explanation & Hint:

      The simplified campus design relies on switch clustering such as the Virtual Switching System (VSS) and stacking technologies such as Stackwise in which multiple physical switches act as a single logical switch.

  9. On a campus network, personnel who are located in a five site college have access to servers found in one location. In which network block of the campus network architecture would these servers be found?

    • WAN edge
    • data center
    • Internet edge
    • network services
      Explanation & Hint:

      In this hierarchical model, the distribution/core layer provides connectivity to the WAN edge block, the Internet edge block, the network services block, and data center. The WAN edge block is used to connect to remote data centers, remote branches or other campus networks. The Internet edge block is used for regular Internet access, ecommerce, to connect to remote branches, and remote VPN access. The data center/server room block is where business critical servers are placed to serve up websites, corporate e-mail, business applications, storage, big data processing, and backup services. The network services edge is where devices providing network services reside such as the Wireless LAN Controllers (WLCs), Identity Services Engine (ISE), Telepresence Manager, and Cisco Unified Communications Manager (CUCM).

  10. In a new network design, an organization has decided to manage all of its wireless access points using a wireless network controller. In which network design block of the campus network architecture would the centralized wireless network controllers be found?

    • WAN edge
    • data center
    • internet edge
    • network services
      Explanation & Hint:

      In this hierarchical model, the distribution/core layer provides connectivity to the WAN edge block, the Internet edge block, the network services block, and data center. The WAN edge block is used to connect to remote data centers, remote branches or other campus networks. The internet edge block is used for regular Internet access, ecommerce, to connect to remote branches, and remote VPN access. The data center/server room block is where business critical servers are placed to serve up websites, corporate e-mail, business applications, storage, big data processing, and backup services. The network services edge is where devices providing network services reside such as the Wireless LAN Controllers (WLCs), Identity Services Engine (ISE), Telepresence Manager, and Cisco Unified Communications Manager (CUCM).

  11. A network engineer has to decide between a Layer 2 Access Layer (STP-based) and a Layer 3 Access Layer (Routed access) campus design option. Which statement must be considered for a decision to be made?

    • The STP based access option supports spanning VLANs across multiple access switches, whereas the Routed access option does not.
    • The Routed access option is the best cost-effective solution.
    • The STP based option does not require FHRP, whereas the Routed access option does.
    • The Routed access option offers easier troubleshooting than the STP-based option.
      Explanation & Hint:

      The Routed access design has a number of advantages over the STP-based design:

      No FHRP required – no need for FHRP protocols such as HSRP and VRRP.
      No STP required – since there are no L2 links to block, this design removes the need for STP.
      Easier troubleshooting – It offers common end-to-end troubleshooting tools (such as ping and traceroute).
      The Routed access is an excellent design for many environments, but it has the same limitation as the STP-based design, in which it does not support spanning VLANs across multiple access switches. Additionally, it might not be the most cost-effective solution because access layer switches with Layer 3 routing capability might cost more than Layer 2 switches do.

  12. What is the description for a Syslog Level 5 event?

    • normal, but significant condition
    • warning condition
    • error condition
    • informational message
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  13. What is the description for a Syslog Level 5 event?

    • normal, but significant condition
    • warning condition
    • debugging message
    • informational message
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  14. What is the description for a Syslog Level 7 event?

    • debugging message
    • informational message
    • normal, but significant condition
    • warning condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  15. What is the description for a Syslog Level 6 event?

    • informational message
    • normal, but significant condition
    • debugging message
    • warning condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  16. What is the description for a Syslog Level 1 event?

    • immediate action needed
    • critical condition
    • error condition
    • system unusable
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  17. What is the description for a Syslog Level 1 event?

    • immediate action needed
    • critical condition
    • error condition
    • normal, but significant condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  18. What is the description for a Syslog Level 4 event?

    • warning condition
    • error condition
    • normal, but significant condition
    • critical condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  19. What is the description for a Syslog Level 3 event?

    • error condition
    • critical condition
    • warning condition
    • immediate action needed
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  20. What is the description for a Syslog Level 3 event?

    • error condition
    • informational message
    • normal, but significant condition
    • warning condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  21. What is the description for a Syslog Level 0 event?

    • system unusable
    • immediate action needed
    • critical condition
    • error condition
      Explanation & Hint:

      Syslog messages include a severity level with a value between 0 and 7, with a lower number being more severe. Each level also has an associated keyword and description.

  22. Which layer of the Cisco SD-Access Architecture contains the underlay and the overlay networks?

    • network
    • physical
    • controller
    • management
      Explanation & Hint:

      The network layer of the Cisco SD-Access Architecture contains the underlay and the overlay network which together deliver data packets to and from the network devices participating in SD-Access.

  23. Which two statements describe the SD-Access overlay network? (Choose two.)

    • It has three planes of operation: control, data, and policy.
    • It is a virtualized network interconnecting all network devices.
    • It is the underlying physical layer transporting data between network devices.
    • It provides underlay and fabric automation and orchestration.
    • It includes all devices that actively participate in the SD-Access fabric.
      Explanation & Hint:

      The SD-Access overlay network, also known as the SD-Access fabric, is a virtual network that interconnects all of the network devices to form a fabric of interconnected nodes. The overlay network includes three planes of operation: the control plane, the data plane, and the policy plane.

  24. What is the role of the fabric edge node in the SD-Access fabric overlay?

    • connecting wired endpoints to the SDA fabric
    • connecting external Layer 3 networks to the SDA fabric
    • providing endpoint-to-location (EID-to-RLOC) mapping to the SDA fabric
    • connecting APs and wireless endpoints
      Explanation & Hint:

      There are five basic device roles in the SDA fabric overlay. The role of the fabric edge node is to connect wired endpoints to the SDA fabric.

  25. Match the SD-Access fabric device role to the description. (Not all options are used.)

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 001
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 001
    • fabric border node ==> connects external Layer 3 networks to the SDA fabric
    • fabric edge node ==> connects wired endpoints to the SDA fabric
    • fabric control plane node ==> provides endpoint-to-location (EID-to-RLOC) mapping
    • connects APs and wireless endpoints to the SDA fabric ==> No Answer
      Explanation & Hint:

      • Fabric Border Node: Connects external Layer 3 networks to the SDA fabric. This would be the node that allows connectivity to networks outside of the SDA domain, such as the internet or other corporate sites.
      • Fabric Edge Node: Connects wired endpoints to the SDA fabric. This is the access layer in an SDA fabric and connects end-user devices to the network.
      • Fabric Control Plane Node: Provides endpoint-to-location (EID-to-RLOC) mapping. In Cisco’s SDA architecture, the control plane node holds the mapping database for all the endpoints connected to the fabric.
      • The description “Connects APs and wireless endpoints to the SDA fabric” would typically be a function of the Fabric Edge Node as well, as it connects all types of endpoints to the fabric, whether they’re wired or wireless.
  26. Match the layer of the Cisco SD-Access Architecture with the description.

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 002
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 002
    • physical ==> includes all devices that actively participate in the SD-Access fabric
    • network ==> consists of the SD-Access fabric and underlay network
    • controller ==> contains the NCP, NDP and ISE subsystems
    • management ==> abstracts all the complexities and dependencies of the other layers
      Explanation & Hint:

      • Physical Layer: This typically refers to the actual hardware that makes up the network, such as switches, routers, and wireless access points. It could be associated with the description that includes all devices that actively participate in the SD-Access fabric.
      • Network Layer: This is where the SD-Access fabric and underlay network reside. It’s the foundational level that facilitates connectivity and network services.
      • Controller Layer: The controller in Cisco SD-Access would be the Cisco DNA Center, which contains the Network Control Plane (NCP), the Network Data Platform (NDP), and the Identity Services Engine (ISE) subsystems.
      • Management Layer: This is typically the layer that abstracts all the complexities and dependencies of the other layers, providing a user interface for managing the network.
  27. Which IGP is used in the automated underlay model of the Cisco SD-Access architecture?

    • IS-IS
    • OSPF
    • EIGRP
    • BGP
      Explanation & Hint:

      In an automated underlay model, the Cisco DNA Center LAN automation feature creates a Layer 3 routed access campus design through the use of IS-IS.
  28. Which tunneling technology is used by the SD-Access fabric data plane to create the overlay network for the SD-Access fabric?

    • VXLAN
    • LISP
    • MPLS
    • GRE
      Explanation & Hint:

      The overlay network is built by the SD-Access fabric data plane over an underlay network by using VXLAN tunneling technology. Using VXLAN allows the SD-Access fabric to support Layer 2 and Layer 3 virtual topologies (overlays) and the ability to operate over any IP-based network.

  29. What is the responsibility of the ISE subsystem within the Cisco SD-Access Architecture controller layer?

    • It provides all the underlay and fabric automation and orchestration services for the physical and network layers.
    • It analyzes and correlates network events and identifies historical trends.
    • It provides network operational status and other information to the management layer.
    • It provides all the identity and policy services for the physical layer and network layer.
      Explanation & Hint:

      There are three control layer subsystems in the Cisco SD-Access Architecture.
      Cisco Network Control Platform (NCP) – provides underlay and fabric automation and orchestration
      Cisco Network Data Platform (NDP) – analyzes and correlates network events
      Cisco Identity Services Engine (ISE) – provides identity and policy services

  30. What function is provided by the vManage Network Management System in the Cisco SD-WAN solution?

    • Providing the single pane of glass (GUI) for the SD-WAN solution.
    • Providing the best application quality of experience (QoE) for SaaS applications.
    • Authenticating the vSmart controllers and the SD-WAN routers and orchestrates connectivity between them.
    • Managing software images, maintenance updates, version compliance, and the deployment of device images.
      Explanation & Hint:

      The vManage NMS enables centralized provisioning and simplifies network changes.

  31. What are three functions of the Cisco SD-WAN vBond orchestrator? (Choose three.)

    • providing a control plane connection over DTLS tunnels to communicate with SD-WAN routers
    • providing NAT traversal between SD-WAN routers
    • providing load balancing of SD-WAN routers
    • delivering quality of experience (QoE) for SaaS applications
    • forecasting and what-if analysis
    • providing a single pane of glass network management system
      Explanation & Hint:

      There are three components of the vBond orchestrator:
      The control plane connection over DTLS tunnels for communication with SD-WAN routers
      NAT traversal to connect SD-WAN routers and vSmart controllers
      Load balancing of SD-WAN routers across the vSmart controllers

  32. In a domain with multiple vSmart controllers, which Cisco SD-WAN solution performs automatic load balancing of SD-WAN routers across multiple controllers?

    • vBond orchestrator
    • Cloud OnRamp
    • vManage Network Management System
    • vSmart controller
      Explanation & Hint:

      The three major components of the vBond orchestrator are as follows:
      The control plane connection over DTLS tunnels for communication with SD-WAN routers
      NAT traversal to connect SD-WAN routers and vSmart controllers
      Load balancing of SD-WAN routers across the vSmart controllers

  33. Which protocol or service can be configured to send unsolicited messages to alert the network administrator about a network event such as an extremely high CPU utilization on a router?

    • SNMP
    • syslog
    • NTP
    • NetFlow
      Explanation & Hint:

      SNMP can be used to collect and store information such as device CPU utilization. Syslog is used to access and store system messages. Cisco developed NetFlow for the purpose of gathering statistics on packets that are flowing through Cisco routers and multilayer switches. NTP is used to allow network devices to synchronize time settings.

  34. An administrator issued the following commands on router R1:

    R1(config)# logging 192.168.10.2
    R1(config)# logging trap 5

    What conclusion can be drawn from this configuration?

    • The only messages that appear on the syslog server are those with severity level of 4 or lower​.
    • Messages with severity level of 6 or higher appear only on the router console output.
    • The only messages that appear on the syslog server are those with severity level of 5​.
    • Messages with severity level of 5 or higher appear on the router console output and are sent to the syslog server.
      Explanation & Hint:

      When these commands are issued, the only messages that appear on the syslog server are those with severity level of 5 or lower. The messages with severity level of 6 or higher appear on the router console output, but do not appear on the syslog server output because the logging trap command limits by severity level the syslog messages that are sent to the syslog server.
  35. Refer to the exhibit. A junior network engineer is handed a print-out of the network information shown. Which protocol or service originated the information shown in the graphic?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 07
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 07
    • TACACS+
    • NetFlow
    • RADIUS
    • Syslog
      Explanation & Hint:

      Syslog clients send log entries to a syslog server. The syslog server concentrates and stores log entries. Log entries are categorized by seven severity levels:
      emergencies (0), alerts (1), critical (2), errors (3), warnings (4), notifications (5), informational (6), and debugging (7).
  36. Refer to the exhibit. Host H3 is having trouble communicating with host H1. The network administrator suspects a problem exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator use on router R2 to prove that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote networks?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 08
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 08
    • traceroute
    • show cdp neighbors
    • Telnet
    • an extended ping
      Explanation & Hint:

      An extended ping allows an administrator to select specific ping features. For example in this situation, the network administrator could do an extended ping and specify a source address of the gigabit Ethernet port on the router. The destination address would be the IP address of host H1. If the ping succeeds connectivity exists from the Ethernet router interface on R2 to device H1.

  37. In the data gathering process, which type of device will listen for traffic, but only gather traffic statistics?

    • NMS
    • syslog server
    • NetFlow collector
    • SNMP agent
      Explanation & Hint:

      A NetFlow collector is the device that receives traffic statistics from networking devices. NetFlow only gathers traffic statistics, unlike syslog and SNMP which can collect various network events.

  38. Which type of information can an administrator obtain with the show ip cache flow command?

    • the NetFlow version that is enabled
    • whether NetFlow is configured on the correct interface and in the correct direction
    • the configuration of the export parameters
    • the protocol that uses the largest volume of traffic​
      Explanation & Hint:

      The show ip cache flow command provides information about the flow of data through the network, not specific information about configuration.
  39. Which network monitoring tool can provide a complete audit trail of basic information of all IP flows on a Cisco router and forward the data to a device?

    • SIEM
    • NetFlow
    • SPAN
    • Wireshark
      Explanation & Hint:

      NetFlow is a Cisco technology that provides statistics on packets flowing through a Cisco router or multilayer switch.

  40. Which monitoring technology mirrors traffic flowing through a switch to an analysis device connected to another switch port?

    • NetFlow
    • SNMP
    • SIEM
    • SPAN
      Explanation & Hint:

      When enabled on a switch, SPAN or port mirroring, copies frames sent and received by the switch and forwards them to another port, known as a Switch Port Analyzer port, which has a analysis device attached.

  41. What is the purpose of ERSPAN?

    • to mirror traffic from a remote location
    • to log information from monitored network devices
    • to provide standardization for traffic sent from network devices to a logging server
    • to analyze the type and frequency of specific data types for QoS purposes
      Explanation & Hint:

      Encapsulated Remote Switched Port Analyzer (ERSPAN) is used to route monitored traffic from one network to another through Layer 3 routing instead of Layer 2 port mirroring as other SPAN technologies do.

  42. Refer to the exhibit. Based on the output generated by the show monitor session 1 command, how will SPAN operate on the switch?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 03
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 03
    • All traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1.
    • All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1.
    • Native VLAN traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1.
    • Native VLAN traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1.
      Explanation & Hint:

      The show monitor session command is used to verify how SPAN is configured (what ports are involved in the traffic mirroring).
  43. Refer to the exhibit. Which command or set of commands will configure SW_A to copy all traffic for the server to the packet analyzer?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 06
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 06
    • Sw_A(config)# monitor session 5 source interface gi0/1
      Sw_A(config)# monitor session 6 destination interface fa0/7
    • Sw_A(config)# monitor session 5 source interface gi0/1
      Sw_A(config)# monitor session 5 destination interface fa0/7 
    • Sw_A(config)# monitor session 1 destination interface fa0/7
    • Sw_A(config)# monitor session 1 destination interface gi0/1
      Sw_A(config)# monitor session 1 source interface fa0/1
    • Sw_A(config)# monitor session 1 source interface fa0/7
      Explanation & Hint:

      The local SPAN configuration requires two statements to identify the source and destination ports for the mirrored traffic. The statements must use the same session number. In this example, the source port is the port connected to the server (Gi0/1) and the destination port is the port attached to the packet analyzer (Fa0/7).

  44. Refer to the exhibit. The RSPAN configuration for each switch is shown. The network administrator has configured RSPAN to allow the monitoring of traffic to a corporate server. Unfortunately, the administrator is unable to sniff any traffic from the link. Why is the administrator unable to sniff traffic?

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 04
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 04
    • Only VLAN 1 can be used as the RSPAN VLAN.
    • The session numbers on the two switches do not match.
    • The remote interface on SW1 should be identified as fa0/3.
    • The source and destination interfaces are reversed on SW2.
    • VLAN 100 has not been properly configured as an RSPAN VLAN.
      Explanation & Hint:

      Both switches need the VLAN configuration mode command of remote-span to be added.
  45. Refer to the exhibit. Host A is monitoring data and RSPAN is configured on Sw_A with the following commands:

    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 05
    CCNPv8 ENCOR (Version 8.0) – Chapters 17 – 19 Wireless Essentials Exam Answers 05
    Sw_A# show running-config
    
    <output omitted>
    
    monitor session 5 source interface gi0/1
    monitor session 5 destination remote vlan 75
    
    <output omitted>
    
    vlan 75
    name RSPAN
    remote span

    Which set of commands would complete the RSPAN configuration?

    • Sw_B(config)# monitor session 5 source interface Gi0/1
      Sw_B(config)# monitor session 5 destination remote vlan 75
      Sw_B(config)# vlan 75
      Sw_B(config-vlan)# name RSPAN
      Sw_B(config-vlan)# remote-span
    • Sw_B(config)# monitor session 5 source remote vlan 75
      Sw_B(config)# monitor session 5 destination interface gi0/7
      Sw_B(config)# vlan 75
      Sw_B(config-vlan)# name RSPAN
      Sw_B(config-vlan)# remote-span 
    • Sw_B(config)# monitor session 5 source interface gi0/12
      Sw_B(config)# monitor session 5 destination remote vlan 75
      Sw_B(config)# vlan 75
      Sw_B(config-vlan)# name RSPAN
      Sw_B(config-vlan)# remote-span
    • Sw_B(config)# monitor session 5 source remote vlan 75
      Sw_B(config)# monitor session 5 destination interface gi0/12
      Sw_B(config)# vlan 75
      Sw_B(config-vlan)# name RSPAN
      Sw_B(config-vlan)# remote-span

      Explanation & Hint:

      The Sw_B configuration is almost identical to the Sw_A configuration except the destination interface for the monitor session is Gi0/12 (the port to which host A connects).

  46. What is a primary function of the Cisco IOS IP Service Level Agreements feature?

    • to detect potential network attacks
    • to provide network connectivity for customers
    • to adjust network device configurations to avoid congestion
    • to measure network performance and discover a network failure as early as possible
      Explanation & Hint:

      The Cisco IOS IP Service Level Agreements (SLAs) feature is a useful tool to discover a network failure as early as possible. It uses generated traffic to measure network performance in real time. The results can help network administrators detect signs of network issues at an early stage.

  47. A network administrator is using the Cisco DNA Center to monitor network health and to troubleshoot network issues. Which area should the administrator use to perform these tasks?

    • POLICY
    • PROVISION
    • PLATFORM
    • ASSURANCE
      Explanation & Hint:

      The Cisco DNA Center has five main areas:

      • Design – Model the entire network, from sites and buildings to devices and links, both physical and virtual, across campus, branch, WAN and cloud.
      • Policy – Use policies to automate and simplify network management, reducing cost and risk while speeding rollout of new and enhanced services.
      • Provision – Provide new services to users with ease, speed, and security across your enterprise network, regardless of network size and complexity.
      • Assurance – Use proactive monitoring and insights from the network, devices, and applications to predict problems faster and ensure that policy and configuration changes achieve the business intent and the user experience you want.
      • Platform – Use APIs to integrate with the preferred IT systems to create end-to-end solutions and add support for multi-vendor devices.
  48. What is a tool in the Cisco DNA Center that can apply machine learning in order to diagnose network issues and offer guided remediation steps to fix issues?

    • DNA Assurance
    • ERSPAN
    • RSPAN
    • SNMP
    • syslog
      Explanation & Hint:

      DNA Assurance is part of the Cisco DNA Center. The Cisco DNA Center has the ability to apply machine learning to diagnose network issues and offer guided remediation steps used to fix an issue. The ASSURANCE page shows the overall health of the network including wired and wireless client data as well as access to dashboards, issues, and a way to drill down on single users and their problems.
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments