Interview Questions Answers.ORG
Interviewer And Interviewee Guide
CCIE CertificationCCSP CertificationAFMCSun CertificationGATE Exam Interviews Quizzes

Accounts

AccountingAccounts PayableAuditJunior AccountantSenior Accountant

Analysis

Data AnalystFinancial AnalystGISGIS AnalysisStatistics

Banking

ICICI Bank LtdLoan OfficerRecovery OfficerTreasuryUnderwriter

Basic Job

BehavioralBusiness intelligenceFreshers GraduatePuzzlesTargeted Selection

Best Engineering

Automobile EngineeringChemical EngineeringCivil EngineeringElectrical EngineeringMechanical Engineering

Best Multimedia

3D AnimationCoreldrawDesign EngineerGraphics DesignerInterior Design

Community

Cable OperatorFirefighter SpecialistFuneral DirectorSpeech PathologistTranslator

New Artist

Art DirectorAstrologistInternational RelationshipSociologyVisual Arts

9th Class

9th Class Biology9th Class Chemistry9th Class Computer Studies9th Class Pakistan StudiesEnglish Grammar Section 9th Class

Accounting

Accounting ManagementBank Probationary Officer (PO)Financial Accounting Exam MCQsManagerial Accounting Exam MCQs

Civil Engineering

Building ConstructionRailwaysRCC Structures DesignSoil Mechanics and Foundation EngineeringSurveying

Engineering

Electrical EngineeringElectronic DevicesElectronics EngineeringEngineering MechanicsSoftware Engineering

General Knowledge (GK)

General Knowledge (GK)IQ (Intelligence Quotient)Permutation And CombinationPhysical CommunicationVocabulary

Information Technology (IT)

Basics of ComputerComputer KnowledgeComputer OrganizationFundamentals Of ComputerWireless Communication

Networking

Advanced NetworkingBasic NetworkingComputer Networks TestNetwork SecurityNetworking

Soft Skills Quizzes MCQs

Communication Skills Exam MCQsCorporate Communication Exam MCQsLeadership Skills Exam MCQsNegotiation Skills Exam MCQsTime Management Exam MCQs

Certifications Interviews

AFMC IQAIIMS Exam IQCCDA Certification IQCCIE Certification IQCCIP Certification IQCCSP Certification IQCertifications IQCheck Point Certification IQCISCO Certification IQCIW Certification IQEngineering Entrance Exams IQEntrance Exams IQGATE Exam IQIBM Certification IQICET Exam IQIIT JEE IQISTQB Certification IQManagement Entrance Exams IQMAT IQMCDBA Certification IQMCSD.NET - 70-089 IQMCSD.NET - 70-300 IQMCSD.NET - 70-306 Exam IQMCSD.NET - 70-310 Exam IQMCSD.NET - 70-315 Exam IQMCSD.NET - 70-316 Exam IQMCSD.NET - 70-320 Exam IQMCSD.NET - 70-330 Exam IQMCSD.NET - 70-340 Exam IQMCTS .Net Certification IQMedical Science Entrance Exams IQMicrosoft Certification IQMSCE 2003 Certification IQNovell Certification IQNovell CLE 9 Certification IQNovell CLP Certification IQNovell CNA Certification IQNovell CNE Certification IQNovell MCNE Certification IQOCP 9i DBA Certification IQOPENMAT Exam IQOracle Application Developer IQOracle Certification IQPMI Certification IQPost Graduation Entrance Exams IQRed Hat Certification IQS/W Quality Assurance IQSun Certification IQSybase Certification IQTesting Certification IQ

Essential CCIP Certification Interview Questions & Answers:

1. Explain What best describes the following configuration example of allowas-in? router bgp 100
address-family ipv4 vrf CustomerAneighbor 195.12.4.5 remote-as 123 neighbor 195.12.4.5
activateneighbor 195.12.4.5 allowas-in 2
A.permits incoming BGP updates defined by access-list 2
B.permits incoming BGP updates defined by class-map 2
C.permit incoming BGP updates defined by route-map 2
D.permits incoming BGP updates with no more than two occurrences of AS 100 in the AS path
E.permits incoming BGP updates with no more than two occurrences of AS 123 in the AS path

D.permits incoming BGP updates with no more than two occurrences of AS 100 in the AS path

2. Which three components comprise a Cisco NAC Appliance solution? (Choose three.)
A. a NAC-enabled Cisco router
B. a Linux server for in-band or out-of-band network admission control
C. a Linux server for centralized management of network admission servers
D. a Cisco router to provide VPN services
E. a read-only client operating on an endpoint device
F. a NAC-enabled Cisco switch

B. a Linux server for in-band or out-of-band network admission control
C. a Linux server for centralized management of network admission servers
E. a read-only client operating on an endpoint device

3. When configuring the Cisco NAM to implement Cisco NAA requirement
checking on client machines, what is the next step after configuring checks and rules?
A. retrieve updates
B. require the use of the Cisco NAA
C. configure session timeout and traffic policies
D. map rules to requirement
E. configure requirements

E. configure requirements

4. Explain What is a benefit of CEF switching?
A.CEF supports IP source prefix-based switching using the FIB.
B.CEF uses less memory than fast switching uses.
C.CEF is less CPU intensive than fast switching is.
D.CEF provides Netflow statistics with minimum CPU overhead.
E.CEF allows multiple data planes to share a common control plane.

C. CEF is less CPU intensive than fast switching is.

5. Explain What is a major drawback of using traditional IP routing over an ATM network when connecting
multiple sites?
A.Each ATM switch in the path has to perform Layer 3 routing lookup.
B.ATM virtual circuits have to be established between the different sites.
C.There is high ATM management overhead between the ATM switch and the router at each site.
D.Each ATM switch has to be manually configured to participate in Layer 3 routing.
E.There is high PNNI overhead.

B.ATM virtual circuits have to be established between the different sites.

6. Explain Which description is NOT a topology where a central services VPN would be used?
A.
A service provider offers services to all customers by allowing them access to a common
VPN.
B. Two or more companies want to exchange information by sharing a common set of
servers.
C. A security-conscious company separates its departments and allows them to access
only to common servers.
D. Several interconnected subsidiaries of a company require optimal communication
between many sites.

D.Several interconnected subsidiaries of a company require optimal communication between many sites.

7. Suppose A client has a network with wireless and wired users. The wired users run
mission-critical bandwidth-sensitive applications. The wireless users access web-based support portals
within the central office.
Given only this information, which Cisco NAC Appliance solution would provide the most fault-tolerant
option for this client?
A. one Cisco NAM and one in-band highly available Cisco NAS cluster
B. one load-balanced highly available Cisco NAM cluster and one out-of-band highly available Cisco NAS
cluster
C. one highly available Cisco NAM cluster, one out-of-band highly available Cisco NAS cluster, and one
in-band Cisco NAS
D. one highly available Cisco NAM cluster and one in-band highly available Cisco NAS cluster

C.one highly available Cisco NAM cluster, one out-of-band highly available Cisco NAS cluster, and one in-band Cisco NAS

8. Explain What condition must be met for the receiving PE router to install VPNv4 routes into
a VRF?
A. If at least one RD attached to the VPNv4 route matches at least one import RD
configured in the VRF
B. If at least one RT attached to the VPNv4 route matches at least one import RT
configured in the VRF
C. If at least one RD attached to the VPNv4 route matches at least one export RD
configured in the VRF
D. If at least one RT attached to the VPNv4 route matches at least one export RT
configured in the VRF

B.If at least one RT attached to the VPNv4 route matches at least one import RT configured in the VRF

9. Suppose After you implement a network scan and view the report, you notice that a
plug-in did not access any of its dependent plug-ins. What did you forget to do?
A. enable the Dependent Plug-in check box on the General Tab form
B. configure dependent plug-in support when you mapped the Nessus scan check to the Nessus plug-in rule
C. install dependent plug-ins when you updated the Cisco NAC Appliance plug-in library
D. load the dependent plug-ins for that plug-in in the Plug-in Updates form

C:In the SMS Administrator console, start Remote Assistance.

10. Explain Which three statements about MPLS VPNs are true? (Choose three.)
A. PE routers do not participate in customer routing.
B. MPLS VPN is similar to using the peer-to-peer dedicated PE router approach.
C. Customer can use overlapping addresses.
D. Each customer is assigned an independent routing table (virtual routing and
forwarding table VRF).
E. The P Routers routing table contains both the global IP routes and the customer
routes.
F. CE routers connect directly to the service providers P routers.

B&C&D:MPLS VPN is similar to using the peer-to-peer dedicated PE router approach./Customer can use overlapping addresses./Each customer is assigned an independent routing table (virtual routing and forwarding table VRF).

11. Explain Which three statements are correct regarding Layer 2 overlay VPNs and peer-to-peer VPNs?
A.Peer-to-peer VPNs require the establishment of virtual circuits to connect the different customer sites
together.
B.Peer-to-peer VPNs require the service provider to participate in the customer routing, accepting
customer routes, transporting them across the service provider backbone, and finally propagating them to
other customer sites.
C.With peer-to-peer VPNs, the service provider is responsible for transport of Layer 2 frames between
customer sites, and the customer takes responsibility for all higher layers.
D.The implementation of Layer 2 overlay VPNs is the traditional switched-WAN model, implemented with
technologies like X.25, Frame Relay or ATM.
E.With Layer 2 overlay VPNs, the service provider is not aware of customer routing and has no
information about customer routes.
F.It is simple to implement Layer 2 overlay VPNs because the Customer Edge (CE) router just needs a
connection to the Service Providers Provider Edge (PE) router.

B: Peer-to-peer VPNs require the service provider to participate in the customer routing, accepting customer routes, transporting them across the service provider backbone, and finally propagating them to
other customer sites.

12. How to ensure that the Cisco NAS has the most recent version of the Cisco NAA to install on user devices?
A.
NAA to all Cisco Each time the Cisco NAA is upgraded, the Cisco NAM automatically downloads the new version of Cisco NAS servers.
B. From the Cisco NAS Web Admin Console, enable Cisco NAA autoupdate on the Administration >
Software Update form.
C. The Cisco NAA is upgraded directly to each Cisco NAS using the Upgrade Server form available on the
Cisco NAM web console GUI.
D. Configure the Cisco NAS by selecting which Cisco NAA to upgrade in the Cisco NAA Upgrade form.

A. NAA to all Cisco Each time the Cisco NAA is upgraded, the Cisco NAM automatically downloads the new version of Cisco NAS servers.

13. Suppose The NAS is configured to autogenerate an IP address pool of 30 subnets with a netmask of /30, beginning at address 192.168.10.0. Which IP address is leased to the end-user host on
the second subnet?
A. 192.168.10.4
B. 192.168.10.5
C. 192.168.10.6
D. 192.168.10.7

C. 192.168.10.6

14. Explain What is the result when the condition statement in a Cisco NAA check for
required software evaluates to false on a client machine?
A. The required software is automatically downloaded to the user device.
B. The required software is made available after the user is quarantined.
C. The user is put in the unauthenticated role and the software is considered missing.
D. The user is placed in the temporary role and the software is made available.

B.The required software is made available after the user is quarantined.

15. Suppose Based on the Boolean order of precedence, how would Cisco NAC Appliance evaluate the following rule?
AdAwareLogRecent&(NorAVProcessIsActiveymAVProcessIsActive)
A. (The Norton Antivirus is active and there is a recent Ad Aware log entry) or (the Symantec antivirus process is active).
B. There is a recent Ad Aware log entry, the Norton Antivirus is active, and the Symantec antivirus process is active.
C. (Either the Norton Antivirus or the Symantec antivirus process is active) and (there is a recent Ad Aware log entry).
D. There is a recent Ad Aware log entry or the Norton Antivirus is active, or the Symantec antivirus process is active.

C.(Either the Norton Antivirus or the Symantec antivirus process is active) and (there is a recent Ad Aware log entry).

16. Explain Which default administrator group has delete permissions?
A. admin
B. help-desk
C. add-edit
D. full-control

D. full-control

17. Explain What are the two types of traffic policies that apply to user roles? (Choose
two.)
A. IP-based
B. peer-based
C. host-based
D. manager-based
E. server-based
F. VLAN-based

A. IP-based
C. host-based

SHARE



FORUM
PRIVACY
TERMS & CONDITIONS
FEED BACK

Submit Your Feedback:


×

Thank You For Your Feedback!

Your message has been sent successfully.

Disclaimer
Interview Questions Answers .ORG is responsive and optimized web portal for individuals to get preparation for their job interviews, learning and training. Content at Interview Questions Answers .ORG might be simplified to improve our users experience. We constantly review our content to avoid errors and copyright violations, but we cannot warrant full correctness of all the content. While using this site, you agree to have read and accepted our terms of use, cookie and privacy policy. Copyright 2007-2025 by Interview Questions Answers .ORG All Rights Reserved.

Interview Questions Answers .ORG
Face Book Twitter Linkedin