Testking CCIE 350-001
CCIE-ROUTING AND SWITCHING QUALIFICATION (Written exam) : 350-001 Exam
Question: 1
You have a Catalyst 6500 with a Supervisor IA with a MSFC. After a power outage, the MSFC has lost its boot image and now will only boot into ROMMON mode. You want to load a new image onto the Catalyst MSFC boot flash. What method can you use?
A. Console connection using Xmodem
B. FTP C. TFTP
D. SNMP E. SSH
Answer: A Explanation:
The Catalyst 6000 Supervisor I and II modules have an onboard Flash file system that can handle
several image files. In addition to this Flash, they also have a PCMCIA Flash slot. These Supervisors run their software from RAM and do not need their Flash system once correctly booted up. If an image is then corrupted or deleted, the standard upgrade procedure is always
possible as long as the Supervisor is running a valid image. If the Supervisor is not booting up
because there is no valid image to boot from the ROMMON, you will have to use the recovery procedure.
1. Booting from a PCMCIA Flash Card
2. Console Download using Xmodem
In this situation option 2 is the only choice, since the MSFC has lost its boot image. Refer to the link below for a detailed discussion of recovery procedures for Catalyst Switches.
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a00800949c3
.shtml#cat6k
Question: 2
Which of the following statements regarding the use of SPAN on a Catalyst 6500 are true?
A. With SPAN an entire VLAN can be configured to be the source.
B. If the source port is configured as a trunk port, the traffic on the destination port will also be tagged, irrespective of the configuration on the destination port.
C. In any active SPAN session, the destination port will not participate in Spanning Tree. D. It is possible to configure SPAN to have a Gigabit port as the destination port.
E. In one SPAN session it is possible to monitor multiple ports that do not belong to the same
VLAN.
Answer: A, C, D, E Explanation:
A destination port (also called a monitor port) is a switch port where SPAN sends packets for analysis. If the trunking mode of a SPAN destination port is “on” or “nonegotiate” during SPAN
session configuration, the SPAN packets forwarded by the destination port have the ncapsulation
as specified by the trunk type; however, the destination port stops trunking, and the show trunk command reflects the trunking status for the port prior to SPAN session configuration.
For a detailed discussion on SPAN and RSPAN refer the link below.
Reference:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/span.htm
TK
Exam Name: CCIE-Certified Internetwork Expert
Exam Type: Cisco Exam Code: 350- 001
Doc. Type: Q & A with Explanations Total Questions: 499
Question: 3
From the “show version” command you see that that the system file image is c2500- js-l_121-
7.bin. What IOS feature set is loaded on this router?
A. Enterprise
B. IP
C. IP/IPX/AT/DEC D. Enterprise Plus
E. IP Plus IPSec 3DES
Answer: D Explanation:
The system image file name in the exhibit is c2500-js-l_121-12.bin
The table below shows the possible options
IOS feature file name
IP Plus c2500-is-l.121-7.bin
IP c2500-i-l.121-7.bin
Enterprise Plus IPSEC 56 c2500- jk8s -l.121-7.bin
Enterprise Plus c2500-js-l.121-7.bin
Enterprise c2500-j-l.121-7.bin
Question: 4
A new TACACS+ server is configured to provide authentication to a NAS for remote access users. A user tries to connect to the network and fails. The NAS reports a FAIL message. What
could be the problem? (Choose all that apply).
A. The TACACS+ service is not running on the server. B. The password for this user is incorrect.
C. The username does not exist in the TACACS+ user database. D. The NAS server lost its route to the TACACS+ server.
E. The TACACS+ server is down.
Answer: B, C Explanation:
A FAIL condition is a result of incorrect username/password information. It means that an authentication request was successfully received, but that it had failed. A FAIL response is
significantly different from an ERROR. A FAIL means that the user has not met the criteria contained in the applicable authentication database to be successfully authenticated.
Authentication ends with a FAIL response. An ERROR means that the security server has not
responded to an authentication query. Because of this, no authentication has been attempted. Only when an ERROR is detected will AAA select the next authentication method defined in the authentication method list.
Reference:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt1/scdaaa.
htm
Incorrect Answers:
A, D, E. These would have resulted in an ERROR condition instead of a FAIL condition.
TK
Exam Name: CCIE-Certified Internetwork Expert
Exam Type: Cisco Exam Code: 350- 001
Doc. Type: Q & A with Explanations Total Questions: 499
With an error, the NAS would query the next authentication method.
Question: 5
You have forgotten the password to your Catalyst 5000 switch. Immediately after power cycling the switch, you are faced with the password prompt. What default password should you type in?
A. cisco
B. abc123
C. sanfran
D. CTRL+ESC
E. No password, just hit the Enter key
Answer: E Explanation:
Password recovery in Cat 5000 switch is performed in the following way. Power cycle the switch. Hit the Enter key during the first 30 sec. The switch will allow you to get into the enable mode. You will have 60 seconds to change the password and save the configuration change made
during this period.
Question: 6
While setting up remote access for your network, you type in the “aaa new-model” configuration line in your Cisco router. Which authentication methods have you disabled as a result of this change? (Choose all that apply.)
A. RADIUS B. RADIUS+
C. Extended TACACS (XTACACS) D. TACACS
E. TACACS+
F. Kerberos
Answer: C, D Explanation:
When you enable AAA, you can no longer access the commands to configure the older deprecated protocols, TACACS or Extended TACACS. If you decided to use TACACS or Extended TACACS in your security solution, do not enable AAA.
Question: 7
You have forgotten the password to a Catalyst switch and need to perform a password recovery. What is the first step that should be taken to do this?
A. Reboot the switch using the reload command. B. Reboot the switch using the restart command.
C. Set the configuration register to ignore the startup configuration. D. Set the boot register to 0×42.
E. Power cycle the switch.
F. Type in “config-register”.
Answer: E Explanation:
The switch must be manually turned off (or unplugged), and then turned back on (plugged back in). Power cycling the switch is the only way to get into password recovery.
TK
Exam Name: CCIE-Certified Internetwork Expert
Exam Type: Cisco Exam Code: 350- 001
Doc. Type: Q & A with Explanations Total Questions: 499
Reference:
http://www.cisco.com/warp/public/474/pswdrec_6000.html
Question: 8
Which of the following statement is true regarding clocking for a Cisco T1 interface?
A. The clock source command selects a source for the interface to clock received data.
By default, it is clock source loop-timed (specifies that the T1/E1 interface takes the clock from the Tx (line) and uses it for Rx).
B. Routers are DTEs and NEVER supply clocking to T1/E1 line.
C. The clock source command specifies the location of the NTP server for timing. D. The clock source selects a source for the interface to clock outgoing data.
The default is clock source line –Specifies that the T1/E1 link uses the recovered clock from the line.
E. The clock source identifies the stratum level associated with the router T1/E1.
The default is Stratum 1.
Answer: D Explanation:
Clocking can either be internal, looped, or line. The default is line, meaning that the router is receiving clocking from the carrier network line.
Incorrect Answers:
C, E. These answers relate to NTP services, which are used for providing time stamping information to the router and does not relate to clocking. Stratum levels provide a hierarchy to the
NTP source, with the highest level as 1.
Question: 9
On your Terminal Server you are seeing spurious signals on line 6 of an asynchronous port due
to contention issues. What command will fix this issue?
A. flowcontrol hardware B. transport input none C. no exec
D. exec-timeout 0 0
Answer: C Explanation:
The “no exec” command is an optional command for reverse telnet configurations. Adding this line lessons the likelihood of contention over the asynchronous port. An executive process exists
on all lines and buffer data to each other. At times, it can make it difficult to use a reverse telnet session. The command “no exec” will fix this.
Incorrect Answers:
A. Console ports do not use flow control. If the terminal server is connecting to Cisco console ports then the “Flowcontrol hardware” would have no bearing.
B. This will fundamentally cut off all telnet and reverse telnet traffic from the line.
D. This will disable the timeout value, but will not fix problems relating to spurious signals and contention issues.
Question: 10
You want to prevent all telnet access to your Cisco router. In doing so, you type in the following:
Interactive Testing Engine Included!
467 Questions
Updated : 08/31/2008
Price : $208.99 $189.99
Free download:testking CCIE 350-001
Free download:pass4sure CCIE 350-001
TestKing - TestKing.com Help you pass Cisco exams
Pass4sure -Pass4sure.com The Worldwide Renowned Cisco Certification Material Provider .
Related Posts
[...] download: testking 350-001 Free download: pass4sure 350-001 Free download: actualtest 350-001 Free download: testinside [...]