2013 Latest Cisco DESGN (640-864) Exam 161-165

Ensurepass
 

QUESTION 161
What Cisco router configuration component does an implementer use to create a floating static route?
A. Primary interface
B. Administrative distance
C. Loopback
D. Description
Correct Answer: B
Section: Routing Explanation
Often, backup links use a different technology. For example, a leased line can be in parallel with a backup dialup line or ISDN circuit. However, it is more common to use DSL lines as backup in todays networks. By
using floating static routes, you can specify that the backup route have a higher administrative distance (used by Cisco routers to select routing information) so that it is not normally used unless the primary route goes down. This design is less available than the partial mesh presented previously. Typically, on-demand backup links reduce WAN charges.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 2

QUESTION 162
Which Cisco proprietary protocol will be used in LAN switches to control multicast traffic at the data link layer within a LAN switch?
A. MAC filters
B. Cisco Group Management Protocol (CGMP)
C. Cisco Discovery Protocol (CDP)
D. IGMP
Correct Answer: B
Section: Routing Explanation
CGMP
Cisco Group Management Protocol is a Cisco proprietary protocol implemented to control multicast traffic at Layer 2. Because a Layer 2 switch is unaware of Layer 3 IGMP messages, it cannot keep multicast packets from being sent to all ports. With CGMP, the LAN switch can speak with the IGMP router to find out the MAC addresses of the hosts that want to receive the multicast packets. You must also enable the router to speak CGMP with the LAN switches. With CGMP, switches distribute multicast sessions to the switch ports that have group members.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 3

QUESTION 163
A common response to an attack by this device can be either to send an alert or to take corrective action. What is this device?
A. Vulnerability assessment
B. Firewall
C. Intrusion-detection system (IDS)
D. Router
Correct Answer: C
Section: Security Explanation

Intrusion Detection System Overview Summary

Network-based IDS relies on the use of network sensors strategically placed throughout the network. These probes monitor and analyze all network traffic traversing the local network. Network traffic is compared to a signature database or a defined profile to detect intrusive activity. If the monitored traffic matches a profile or signature, an alarm is generated. Additionally, sensors can be configured to take corrective action to stop an attack once its been detected. The advantage to a network-based IDS is its macro view of the network. A network-based IDS has the advantage of viewing the entire network and, therefore, isnt limited to viewing only the traffic to a single host. The drawback to a network-based IDS is its cost. A network-based IDS relies on additional hardware in the form of network probes.
Additional drawbacks to network-based IDS are the following:
Although different types of IDS systems exist, each type must support at least one triggering mechanism. Triggering mechanisms are simply how an alarm is generated.
There are two types of triggering mechanisms:
Anomaly-based systems use profiles created by the IDS or the security administrator. These profiles are then used to detect an attack and generate an alarm. Traffic patterns or computer activity that doesnt match a defined profile generates an alert. The advantage of anomaly detection is it has the capability to detect previously unknown attacks or new types of attacks. The drawback to anomaly detection is an alarm is generated any time traffic or activity deviates from the defined normal traffic patterns or activity. This means its up to the security administrator to discover why an alarm was generated. Anomaly-based systems have a higher rate of false positives because alarms are generated any time a deviation from normal occurs. Defining normal traffic and activity can be a difficult and time-consuming task.
http://www.ciscoarticles.com/CCSP-Cisco-Certified-Security-Professional/Intrusion-Detection-System-Overview-Summary.html

QUESTION 164
How many more bits does IPv6 use for addresses than IPv4?
A. 32
B. 64
C. 96
D. 128
Correct Answer: C
Section: IP addressing Explanation
IPv6 uses 128-bit addresses rather than the 32-bit addresses in IPv4. This supports more address hierarchy levels and uses simpler address autoconfiguration.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 9

QUESTION 165
Which protocol will be used to exchange IP routes between autonomous systems?
A. eBGP
B. IGMP
C. IGRP
D. OSPF
Correct Answer: A
Section: Routing Explanation
BGP Neighbors
BGP is usually configured between two directly connected routers that belong to different autonomous systems. Each autonomous system is under different technical administration. BGP is frequently used to connect the enterprise to service providers and to interconnect service providers. The routing protocol within the enterprise could be any Interior Gateway Protocol (IGP). Common IGP choices include RIPv2, EIGRP, OSPF, IS-IS. BGPv4 is the only deployed Exterior Gateway Protocol (EGP). BGP is an interdomain routing protocol that allows BGP speakers residing in different autonomous systems to exchange routing (NLRI) information. An autonomous system is a collection of devices under common administration. BGP autonomous systems range from 1 through 65,535. Autonomous system numbers (ASN) 1 through 64, 511 are considered public ASNs. These are allocated by IANA to Regional Internet Registries (RIR). Entities wanting to receive an ASN must complete the application process of their local RIR and be approved before being assigned an ASN. ASNs 65,512 through 65,535 are considered private ASNs. These ASNs can be used by any organization, but, like RFC 1918 addresses, cannot be used on the Internet. Before two BGP routers can exchange routing updates, they must become established neighbors
After BGP routers establish a TCP connection, exchange information, and accept the information, they become established neighbors and start exchanging routing updates. If the neighbors do not reach an established state, they do not exchange BGP updates. The information exchanged before the neighbors are established includes the BGP version number, ASN, BGP router ID, and BGP capabilities.
eBGP
External Border Gateway Protocol is the term used to describe BGP peering between neighbors in different autonomous systems. As required by RFC 1771, the eBGP peers share a common subnet (although Cisco does allow some flexibility to avoid doing so). In Figure 11-9, all routers speak eBGP with
routers in other autonomous systems. Within autonomous system 500, the routers communicate using iBGP, which is covered next.
iBGP Internal Border Gateway Protocol is the term used to describe the peering between BGP neighbors in the same autonomous system. iBGP is used primarily in transit autonomous systems. Transit autonomous systems forward traffic from one external autonomous system to another external autonomous system. If transit autonomous systems did not use iBGP, the eBGP-learned routes would have to be redistributed into an IGP and then redistributed into the BGP process in another eBGP router. Normally, the number of eBGP routes is too large for an IGP to handle. iBGP provides a better way to control the routes within the transit autonomous system. With iBGP, the external route information (attributes) is forwarded. The various IGPs that might be used do not understand or forward BGP attributes, including autonomous system paths, between eBGP routers.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 11

Ensurepass offers Latest 2013 640-864 Real Exam Questions, help you to pass exam 100%.