2013 Latest Cisco Designing for Cisco Internetwork Solutions Exam DESGN

2013 Latest Cisco Designing for Cisco Internetwork Solutions Exam DESGN v2.1 640-864 EXAM download 81-85

A network design includes private addressing, but there is also a need for two or three network devices to each be assigned a unique public address so they can be accessed from the Internet. Which technique will satisfy this requirement?
A. Static NAT
B. VPN tunneling
C. Dynamic NAT
Correct Answer: A
Section: Security Explanation
NAT has several forms:
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 8

A Cisco security mechanism has the following attributes:
it is a sensor appliance
it searches for potential attacks by capturing and analyzing traffic it is a “purpose-built device”

it is installed passively
it introduces no delay or overhead

Which Cisco security mechanism is this?

Correct Answer: A
Section: Security Explanation
Inline IPS and anomaly detection: Cisco has innovated in the area of NIDS by being the first to incorporate NIDS into the IOS on routing and switching platforms. In addition, IPS solutions have inline filtering features that can remove unwanted traffic with programmable features that classify traffic patterns. The Cisco IPS 4200 sensor appliances, Cisco Catalyst 6500 IDSM-2, and the Cisco IOS IPS can identify, analyze, and stop unwanted traffic from flowing on the network. Another set of tools used to prevent distributed DoS (DDoS) attacks and ensure business continuity is the Cisco Traffic Anomaly Detector XT and Guard XT appliances, along with the Cisco Catalyst 6500 Traffic Anomaly Detector Module and Cisco Anomaly Guard Module.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 13

Which two routing protocols operate over NBMA point-to-multipoint networks without the use of point-to-point subinterfaces? (Choose two.)
C. RIPv2
D. RIPv1
Correct Answer: AB
Section: Voice Video Explanation
For OSPF to run over NBMA you are required to implement the neighbor IP Address but not subinterfaces
Configure an Interface as Point-to-Multipoint, Nonbroadcast (Non-Broadcast Multi-access NBMA) To treat the interface as point-to-multipoint when the media does not support broadcast, perform the following task in interface configuration mode.
NBMA Interfaces (Frame Relay, X.25, ATM)
It is particularly critical to configure nonbroadcast multi-access (NBMA) interfaces correctly, because otherwise many EIGRP packets may be lost in the switched network. There are three basic rules:
There are three different scenarios for NBMA interfaces.
Configuration Commands
no ip split-horizon eigrp no ip next-hop-self eigrp
Exchange of Routing Information
RIP is normally a broadcast protocol, and in order for RIP routing updates to reach nonbroadcast networks, you must configure the Cisco IOS software to permit this exchange of routing information. To control the set of interfaces with which you want to exchange routing updates, you can disable the sending of routing
updates on specified interfaces by configuring the passive-interface router configuration command. See the discussion on filtering in the “Filter Routing Information” section in the “Configuring IP Routing Protocol-Independent Features” module. An offset list is the mechanism for increasing incoming and outgoing metrics to routes learned via RIP. Optionally, you can limit the offset list with either an access list or an interface. To increase the value of routing metrics, use the following command in router configuration mode: Routing protocols use several timers that determine such variables as the frequency of routing updates, the length of time before a route becomes invalid, and other parameters. You can adjust these timers to tune routing protocol performance to better suit your internetwork needs.
You can make the following timer adjustments: http://www.cisco.com/en/US/docs/ios/iproute_rip/configuration/guide/ irr_cfg_rip_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1061185
IS-IS can work over an NBMA multipoint network only if the network is configured with a full mesh. Anything less than a full mesh could cause serious connectivity and routing issues. However, even if a full mesh is configured, this is no guarantee that a full mesh will exist at all times. A failure in the underlying switched WAN network or a misconfiguration on one or more routers could break the full mesh either temporarily or permanently. Therefore, you should avoid NBMA multipoint configurations for IS-IS networks. Use point-to-point subinterfaces instead.

Which three types of WAN topologies can be deployed in the Cisco Enterprise Architecture Enterprise Edge WAN module? (Choose three.)
A. ring
B. full mesh
C. partial mesh
D. collapsed core
E. star
F. core
G. edge
Correct Answer: BCE
Section: Architecture Explanation

Packet and cell switched. Connections that use virtual circuits (PVC/SVC) established by the SP.
Packet-switched technologies include Frame Relay and cell-switched technologies such as ATM. ATM
uses cells and provides support for multiple quality of service (QoS) classes. The virtual circuits are part of
the shared ATM/Frame Relay SP backbone network. This gives the SP greater flexibility with its service

When planning and designing a packet-switched WAN, you should become familiar with some basic WAN
topologies. These WAN topologies include hub-and-spoke, partial-mesh, and full-mesh topologies, as
shown in Figure 7-1.

Figure. WAN Topologies
Hub-and-Spoke Topology
A star or hub-and-spoke topology provides a hub router with connections to the spoke routers through the WAN cloud. Network communication between the sites flows through the hub router. Significant WAN cost savings, lower circuit counts, and simplified management are benefits of the hub-and-spoke topology. In addition, hub-and-spoke topologies provide WAN hierarchy and can provide high availability through the use of dual routers at the hub site. A major disadvantage of this approach is that if you use a single hub router, it can represent a single point of failure. The hub-and-spoke topology can also limit the overall performance when resources are accessed through the central hub router from the spoke routers, such as with spoke-to-spoke network traffic.
Full-Mesh Topology
With full-mesh topologies, each site has a connection to all other sites in the WAN cloud (any-to-any). As the numbers of sites grow, so does the number of spoke connections that are ultimately required. Consequently, the full-mesh topology is not viable in very large networks. However, a key advantage of this topology is that it has plenty of redundancy in the event of network failures. But redundancy implemented with this approach does have a high price associated with it. Here are some issues inherent with full-mesh topologies:
Here are some issues inherent with full-mesh topologies:
The number of VCs required for a full mesh can be calculated using the formula ((N C 1) x N / 2).
For example if you have 4 sites, ((4 C 1) x 4 / 2) = 6 VCs are required.
Partial-Mesh Topology A partial-mesh topology has fewer VC connections than a full-mesh topology. Therefore, not all sites in the cloud are required to be connected to each other. However, some sites on the WAN cloud have full-mesh characteristics. Partial-mesh topologies can give you more options and flexibly for where to place the high redundancy VCs based on your specific requirements.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 7

Which statement accurately describes one difference between a small office and medium office topology?
A. Medium offices commonly use integrated route and switching platforms.
B. Medium offices use integrated 10/100/1000 interfaces as Layer 2 trunks.
C. Medium offices use external access switches to support LAN connectivity.
D. Small offices commonly use Rapid PVST+ for Layer 3 deployments.
Correct Answer: C
Section: Design Explanation
Medium Branch Design
The medium branch design is recommended for branch offices of 50 to 100 users, which is similar to the small branch but with an additional access router in the WAN edge (slightly larger) allowing for redundancy services. Typically, two 2921 or 2951 routers are used to support the WAN, and separate access switches are used to provide LAN connectivity. The infrastructure components are dual-access routers, external Layer 2 / Layer 3 switches, laptops, desktops, printers, and IP phones. Dual Frame Relay links provide the private WAN services, which are used to connect back to the corporate offices via both of the access routers. Layer 3 protocols such as EIGRP are typically deployed. Because there are two routers, Hot Standby Router Protocol (HSRP) or Gateway Load Balancing Protocol (GLBP) can be used to provide redundancy gateway services. QoS can also be used to provide guaranteed bandwidth for VoIP, and policing can be used to restrict certain traffic classes from overwhelming the available bandwidth. Cisco IOS features such as QoS, access control lists (ACL), and RIP routing capabilities are available in the IP Base feature set, but IP unicast routing and multicast routing require the IP Services feature set.
The medium branch design supports using a higher-density external switch or using the EtherSwitch module with the ISR to create trunks to the external access switches. The Cisco Catalyst 3750 series switches have StackWise technology, allowing multiple switches to be connected and managed as one.
This also increases the port density available for end-user connections. With Cisco StackWise technology, customers can create a single, 32-Gbps switching unit that can connect up to nine 3750 series switches using a variety of fiber and copper ports, allowing greater flexibility with the connection options.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 7

Ensurepass offers Latest 2013 640-864 Real Exam Questions, help you to pass exam 100%.