Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com
QUESTION 1
When should you enable Network Address Translation Transparency (NAT-T) on the Teleworker?
A. when a router between the Teleworker router and the head-end VPN router is doing NAT/pNAT
and does not support IPSec pass-through
B. when the Teleworker router itself is doing NAT/pNAT
C. never
D. always
Answer: A
QUESTION 2
What are the DSL-specific factors that require additional bandwidth when supporting Voice-over-IP
over an IPSec VPN? Choose three.
A. ADSL typically uses PPPoE encapsulation, which adds additional overhead to each voice packet.
B. A voice packet is sent via multiple fixed-length cells; each cell has about 10% Layer-2 header overhead.
C. A voice packet is sent via multiple fixed-length cells; a portion of the last cell is padding, requiring more bandwidth.
D. ADSL carrier band requires additional bits to be carried over the wire to the DSL Access Concentrator.
E. IPSec requires additional overhead for the header and hash.
Answer: A,B,C
QUESTION 3
What method in a Cisco IOS router can confirm that packets marked for a particular QoS marking
are being matched?
A. Issue a debug qos set command and a terminal monitor command.
B. Issue a show crypto ipsec session command.
C. Assuming Netflow is enabled, issue a show ip cache verbose flow command.
D. Issue a show policy-map interface command.
Answer: D
QUESTION 4
Choose the false statement concerning the use of CiscoWorks Internetwork Performance Monitor
(IPM) in a Teleworker deployment.
A. IPM should not be run on a production network.
B. The QoS service policy should contain an allocation of sufficient bandwidth in the priority queue
(LLQ) for both the SAA probe simulating a voice call and the voice call. If not, voice quality will suffer.
C. IPM contains a database that can store data on latency, jitter, and drops of voice packets over a period of weeks or months.
D. IPM helps verify if a Service Provider is meeting the Service Level Agreement.
Answer: A
QUESTION 5
It is considered a best practice to use the Dead Peer Detection (DPD) feature with which VPN
topologies?
A. all of the choices
B. EZVPN
C. IPSec with GRE
D. IPSec
E. DMVPN
Answer: A
Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com