With GETVPN, if a key server is configured to use multicast as the rekey transport mechanism, then under which of these conditions will the key server retransmit the rekey messages?
A. It never retransmit the rekey messages
B. it only retransmit the rekey message when it does not receive the rekey acknowledgment from at least one group member
C. it only retransmit the rekey message when it does not receive the rekey acknowledgment from all group member
D. it only retransmit the rekey message when DPD to the group members fails
E. it always retransmit the rekey message
Correct Answer: E Section: QoS Explanation
Cisco Group Encrypted Transport VPN
Retransmitting a Rekey
Multicast rekeys are retransmitted by default. For unicast rekeys, if the key server does not receive the ACK, it retransmits the rekey. In either case, before retransmitting a rekey, the key server checks if there is a TEK or KEK rekey scheduled in the next 120 seconds. If so, it stops the current retransmission and waits for the scheduled rekey to happen.
Group Member Access Control List
For GET VPN, the traffic that has to be protected is defined statically on the key server using the ACL. The group member gets information about what has to be protected from the key server. This structure allows the key server to choose and change the policy dynamically as needed. In Secure Multicast, the key server ACL is defined inclusively. The ACL includes only the exact traffic that should be encrypted, with an implicit deny causing all other traffic to be allowed in the clear (that is, if there is no permit, all other traffic is allowed).
GET VPN employs a different philosophy: The definition of which packets should be encrypted is delivered independently. GET VPN supports only statically defined traffic selectors. Policy can be defined by using both deny and permit ACLs on the key server. Only the deny ACL is allowed to be manually configured on a group member. The policies that are downloaded from the key server and configured on the group member are merged. Any ACL that is configured on the group member has predominance over what is downloaded from the key server.
After the group member gets the ACL from the key server, the group member creates a temporary ACL and inserts it into the database. This ACL will be deleted if the group member is removed from the GDOI group for any reason. The packets that are going out of the interface are dropped by the group member if a packet matches the ACL but no IPsec SA exists for that packet.
The key server can send a set of traffic selectors, which may not exactly match the group member ACL on the group member. If such differences occur, the differences have to be merged and resolved. Because the group member is more aware of its topology than the key server, the downloaded ACLs are appended to the group member ACL. The group member ACL (except the implicit deny) is inserted into the database first, followed by the downloaded key server ACL. The database is prioritized, and the database search stops whenever a matched entry is found.
An administrator is attempting to add a new IP phone to the network. The phone does not register and continues to cycle through the registration process. The administration checks and notices that the IP address assigned to the phone is not correct network. What is the cause of this issue?
A. The TFTP server is reconfigured
B. The DHCP server is giving out false IP addresses
C. The Cisco Unified Communication Manager is down
D. The switch port that the phone is connected to is configured with the wrong voice LAN
E. The PSTN gateway is down
Correct Answer: D Section: IP Phone Explanation
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. The switch can
connect to a Cisco 7960 IP Phone and carry IP voice traffic.
Because the sound quality of an IP phone call can deteriorate if the data is unevenly sent, the switch
supports quality of service (QoS) based on IEEE 802.1P class of service (CoS).
QoS uses classification and scheduling to send network traffic from the switch in a predictable manner. For
more information on QoS, see “Configuring QoS.”
The Cisco 7960 IP Phone is a configurable device, and you can configure it to forward traffic with an 802.1P
priority. You can configure the switch to trust or override the traffic priority assigned by an IP Phone.
In which mode is CTI used with Cisco Unified Personal Communicator?
A. soft-phone mode
B. desk-phone mode
C. IP communicator mode
D. IP phone mode
E. CTI mode
Correct Answer: B Section: Unified Personal Communicator Explanation
Desk Phone Control and the CTI Connection Failures
The CTI gateway provides desk phone control (phone-association mode) to Cisco Unified Personal Communicator users. You must specify CTI gateway server names, addresses, ports, and protocol types on Cisco Unified Presence so that the information required to reach the CTI gateway server can be downloaded when the user logs in to Cisco Unified Personal Communicator.
If the CTI connection to Cisco Unified Communications Manager is lost while Cisco Unified Personal Communicator is operating in desk phone mode, the application tries to reestablish the connection to the primary and then to the backup servers. Connection attempts continue on a round-robin basis, beginning again with the primary server. Successive attempts to reconnect to a server occur at intervals of 4, 8, 16, 32, and 60 seconds (maximum) until a connection is re-established.
Link: http://www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/install_upgrade/deployment/guide/ dgclient.html#wp1100542
What happens when a user associated with a device is deleted?
A. The user is removed, but the DN and the Device remains in the system
B. The user is removed, and the DN and the Device also removed
C. The user is removed, and the DN and the Device become orphan in the system
D. The user is removed, and the DN and the Device are automatically assigned to other user
E. The user is removed, and the DN and the Device are assigned to the administrator
Correct Answer: A Section: CUCM Explanation
Deleting an End User
Tips About Deleting End Users
Before you delete an end user, determine whether the devices or profiles that are associated with the end
user need to be removed or deleted.
You can view the devices and profiles that are assigned to the end user from the Device Associations,
Extension Mobility, Directory Number Associations, CAPF Information, and Permissions Information areas
of the End User Configuration window.
You can also choose Dependency Records from the Related Links drop-down list box in the End User
Configuration window. If the dependency records are not enabled for the system, the dependency records
summary window displays a message.
For more information about dependency records, see the “Accessing Dependency Records” section.
In which two ways can an administrator reset an IP phone that is registered with Cisco Unified Communications Manager? (Choose two.)
A. Phone can be reset in Cisco Unified Communications Manager Administration.
B. Phone can be reset in the Cisco Unified Communications Manager Express CLI.
C. Press the * * #* * key combination on the IP phone keypad.
D. Enter the reset ephone command in the switch.
E. Press the * * #* key combination on the IP phone keypad.
F. Press the ##**# key combination on the IP phone keypad.
Correct Answer: AC Section: IP Phone Explanation
Comlete these steps in order to reset the Cisco 7970 IP Phone:
Press the Settings button on the Cisco 7970 IP Phone.
Enter the **#** key sequence on the phone keypad in order to reset the phone.
The correct time displays on the Cisco 7970 IP Phone after the reset.
Link: http://www.cisco.com/en/US/products/sw/voicesw/ps4625/ products_configuration_example09186a0080631683.shtml
Ensurepass offers Latest 2013 640-461 Real Exam Questions , help you to pass exam 100%.