Cisco Certified Network Professional Service Provider 642-885 exam Describe the Service Provider IPv6 Transition Implementations Describe the Scale Service Provider Network and Describe the Inter domain Multicast Routing. If you want to prepare 642-885 exam in short time then you can get latest Deploying Cisco Service Provider Advanced Routing 642-885 exam questions similar to actual 642-885 exam. Practicetestguru provide you 642-885 dumps in two formats. You can prepare well through PDF Q&A booklet and 642-885 exam practice test software with confidence to succeed by saving your time and money both.

♥♥ 2018 NEW RECOMMEND 642-885 Exam Questions ♥♥

642-885 exam questions, 642-885 PDF dumps; 642-885 exam dumps:: https://www.dumpsschool.com/642-885-exam-dumps.html (131 Q&A) (New Questions Are 100% Available! Also Free Practice Test Software!)

Latest and Most Accurate Cisco 642-885 Dumps Exam Questions and Answers:

Question: 21

Refer to the exhibit.

Which statement correctly explains the bgp graceful-restart command?

A. This command is used to enable NSR and is entered on the NSR-capable router, and also on any NSR-aware peer
B. This command is used to enable NSF and is entered on the NSF-capable router, and also on any NSF-aware peer
C. This command is only required on the NSF-capable routers to enable BGP graceful restart with the BGP peers
D. This command is only required on the NSF-aware routers to enable BGP graceful restart with the BGP peers
E. This command is only required on the NSR-capable routers to enable BGP graceful restart with the BGP peers

Answer: B

Explanation:
Graceful restart is supported in recent versions of Cisco IOS software (12.0S) and is supported in Cisco IOS
XR software. Graceful restart is the mechanism by which BGP routing peers avoid changes to their forwarding
paths following a switchover. If the BGP peer has received this capability, it is aware that the device sending
the message is nonstop forwarding (NSF)-capable. Both the NSF-capable router and its BGP peers (NSFaware
peers) need to exchange the graceful restart capability in their OPEN messages, at the time of session
establishment. If both peers do not exchange the graceful restart capability, the session will not be graceful
restart-capable.
If the BGP session is lost during a Route Processor (RP) switchover or BGP process restart, the NSF-aware
BGP peer marks all the routes associated with the NSF-capable router as stale; however, it continues to use these routes to make forwarding decisions for a set period of time. This functionality means that no packets are lost while the newly active RP is waiting for convergence of the routing information with its BGP peers.
After a failover event occurs, the NSF-capable router reestablishes the session with the BGP peer. In establishing the new session, it sends a new graceful restart message that identifies the NSF-capable router as having restarted. At this point, the routing information is exchanged between the two BGP peers. Once this exchange is complete, the NSF-capable device uses the newly received routing information to update the RIB and the Forwarding Information Base (FIB) with the new forwarding information. The NSF-aware device uses the network information to remove stale routes from its BGP table. The BGP protocol is then fully converged.
If a BGP peer does not support the graceful restart capability, it will ignore the graceful restart capability in an OPEN message but will establish a BGP session with the NSF-capable device. This functionality will allow interoperability with non-NSF-aware BGP peers (and without NSF functionality), but the BGP session with non- NSF-aware BGP peers will not be graceful restart-capable.

Question: 22

Refer to the exhibit.

Which configuration is missing to complete the configuration task of enabling BFD with the 192.168.1.1 EBGP peer?

A. bfd fast-detect also needs to be enabled globally under router bgp 64500
RP/0/RSP0/CPU0:P1(config-bgp)#bfd fast-detect
B. bfd fast-detect also needs to be enabled for the address-family under address-family ipv4 unicast
RP/0/RSP0/CPU0:P1(config-bgp-af)#bfd fast-detect
C. bfd fast-detect also needs to be enabled for the 192.168.1.1 neighbor under neighbor 192.168.1.1
RP/0/RSP0/CPU0:P1(config-bgp-nbr)#bfd fast-detect
D. bfd fast-detect also needs to be enabled for the 192.168.1.1 neighbor address-family under neighbor 192.168.1.1 address-family ipv4 unicast
RP/0/RSP0/CPU0:P1(config-bgp-nbr-af)#bfd fast-detect
E. bfd fast-detect also needs to be enabled globally on the router
RP/0/RSP0/CPU0:P1(config)#bfd fast-detect

Answer: C

Question: 23

Which two BGP mechanisms are used to prevent routing loops when using a design with redundant route reflectors? (Choose two.)

A. Cluster-list
B. AS-Path
C. Originator ID
D. Community
E. Origin

Answer: A, C

Explanation:
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.7/routing/configuration/guide/rc37bgp.html
As the iBGP learned routes are reflected, routing information may loop. The route reflector model has the following mechanisms to avoid routing loops:
•Originator ID is an optional, nontransitive BGP attribute. It is a 4-byte attributed created by a route reflector.
The attribute carries the router ID of the originator of the route in the local autonomous system. Therefore, if a misconfiguration causes routing information to come back to the originator, the information is ignored.
•Cluster-list is an optional, nontransitive BGP attribute. It is a sequence of cluster IDs that the route has passed. When a route reflector reflects a route from its clients to nonclient peers, and vice versa, it appends the local cluster ID to the cluster-list. If the cluster-list is empty, a new cluster-list is created. Using this attribute, a route reflector can identify if routing information is looped back to the same cluster due to misconfiguration. If the local cluster ID is found in the cluster-list, the advertisement is ignored.

Question: 24

Which two statements correctly describe the BGP ttl-security feature? (Choose two.)

A. This feature protects the BGP processes from CPU utilization-based attacks from EBGP neighbors which can be multiple hops away
B. This feature prevents IBGP sessions with non-directly connected IBGP neighbors
C. This feature will cause the EBGP updates from the router to be sent using a TTL of 1
D. This feature needs to be configured on each participating BGP router
E. This feature is used together with the ebgp-multihop command

Answer: A, D

Explanation:
http://packetlife.net/blog/2009/nov/23/understanding-bgp-ttl-security/

Question: 25

When implementing source-based remote-triggered black hole filtering, which two configurations are required on the edge routers that are not the signaling router? (Choose two.)

A. A static route to a prefix that is not used in the network with a next hop set to the Null0 interface
B. A static route pointing to the IP address of the attacker
C. uRPF on all external facing interfaces at the edge routers
D. Redistribution into BGP of the static route that points to the IP address of the attacker
E. A route policy to set the redistributed static routes with the no-export BGP community

Answer: A, C

Explanation:
Source-Based RTBH Filtering
With destination-based black holing, all traffic to a specific destination is dropped after the black hole has been activated, regardless of where it is coming from. Obviously, this could include legitimate traffic destined for the target. Source-based black holes provide the ability to drop traffic at the network edge based on a specific source address or range of source addresses.
If the source address (or range of addresses) of the attack can be identified (spoofed or not), it would be better to drop all traffic at the edge based on the source address, regardless of the destination address. This would permit legitimate traffic from other sources to reach the target. Implementation of source-based black hole filtering depends on Unicast Reverse Path Forwarding (uRPF), most often loose mode uRPF.
Loose mode uRPF checks the packet and forwards it if there is a route entry for the source IP of the incoming packet in the router forwarding information base (FIB). If the router does not have an FIB entry for the source IP address, or if the entry points to a null interface, the Reverse Path Forwarding (RPF) check fails and the packet is dropped, as shown in Figure 2. Because uRPF validates a source IP address against its FIB entry, dropping traffic from specific source addresses is accomplished by configuring loose mode uRPF on the external interface and ensuring the RPF check fails by inserting a route to the source with a next hop of Null0.
This can be done by using a trigger device to send IBGP updates. These updates set the next hop for the source IP to an unused IP address that has a static entry at the edge, setting it to null as shown in Figure 2.

Question: 26

Refer to the topology diagram shown in the exhibit and the partial configurations shown below.

Once the attack from 209.165.201.144/28 to 209.165.202.128/28 has been detected, which additional configurations are required on the P1 IOS-XR router to implement source-based remote-triggered black hole filtering?
!
router bgp 123
address-family ipv4 unicast
redistribute static route-policy test
!

A. router static
address-family ipv4 unicast
209.165.202.128/28 null0 tag 666
192.0.2.1/32 null0 tag 667
!
route-policy test
if tag is 666 then
set next-hop 192.0.2.1
endif
if tag is 667 then
set community (no-export)
endif
end-policy
!
B. router static
address-family ipv4 unicast
209.165.201.144/28 null0 tag 666
192.0.2.1/32 null0 tag 667
!
route-policy test
if tag is 666 then
set next-hop 192.0.2.1
endif
if tag is 667 then
set community (no-export)
endif
end-policy
!
C. router static
address-family ipv4 unicast
209.165.201.144/28 null0 tag 666
192.0.2.1/32 null0
!
route-policy test
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
endif
end-policy
D. router static
address-family ipv4 unicast
209.165.202.128/28 null0 tag 666
192.0.2.1/32 null0
!
route-policy test
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
endif
end-policy
!

Answer: C

New Updated 642-885 Exam Questions 642-885 PDF dumps 642-885 practice exam dumps: https://www.dumpsschool.com/642-885-exam-dumps.html

         

Facebook Comments