CCNP - ENCOR (350-401) > EXAM 2 > Flashcards

EXAM 2 Flashcards

(108 cards)

Study These Flashcards
1
Q

Where is port security often found in the classic three tier networking model of Cisco Systems?
A. Core
B. Access
C. Distribution
D. Backbone

A

B. Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the technology used for the control plane of the overlay in a Cisco SD-Access solution
A. CTS
B. VXLAN
C. LISP
D. IS-IS

A

C. LISP

Breakdown of Cisco SD-Access Control Plane Technologies
In Cisco SD-Access architecture:
* LISP (Locator/ID Separation Protocol) is used as the control plane for the overlay network.
* It separates the device identity (Endpoint Identifier, EID) from its location (Routing Locator, RLOC).
* This enables efficient endpoint mobility and scalable routing within the fabric.
* VXLAN (Virtual Extensible LAN) is used as the data plane encapsulation protocol.
* It encapsulates Layer 2 frames in Layer 3 packets, allowing for scalable network virtualization.
* CTS (Cisco TrustSec) is used for security and policy enforcement, not for control or data plane functions.
* IS-IS is a traditional routing protocol, but not used as the control plane in SD-Access overlays.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why might you choose a cloud solution over on-premises?
A. reatest level of control over the solution
B. CapEx instead of OpEx
C. Long contract lengths
D. Rapid provisioning
E. Pay up front models

A

D. Rapid provisioning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What enhancement of VXLAN is used for optimized use in a Cisco SD-Access solution?
A. NVI
B. VNID
C. VNI
D. SGT
E. VTEP

A

C. VNI

In SD-Access:
* VNI enables scalable Layer 2/Layer 3 segmentation.
* SGT works alongside VXLAN to enforce security policies.
* VTEPs are typically fabric edge nodes that handle VXLAN encapsulation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the LACP modes of operation? Choose two.
A. On
B. Active
C. Desirable
D. Auto
E. Passive

A

B. Active
E. Passive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You are troubleshooting BGP and you would like to view a list of your BGP peers in a succinct table form. Which command should you use?
A. show ip bgp hosts
B. show ip bgp summary
C. show ip bgp
D. show ip bgp neighbors

A

B. show ip bgp summary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What do you use with an IP SLA to do sophisticated tests?
A. A WLC
B. Any IP-based host system
C. Nexus 9000 series device
D. Nexus 7000 series device
E. RTR Responder

A

E. RTR Responder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What asset tag technology can function with the location services of Cisco WLAN technologies?
A. CCX
B. 802.1X
C. RSSI
D. RFID

A

D. RFID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What component does a Virtual Machine often connect to?
A. Virtual cloud
B. Virtual router
C. Virtual switch
D. Virtual fabric

A

C. Virtual switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are two responsibilities for a fabric edge node in the Cisco SD-Access solution? (Choose 2)
A. ISP endpoint registration
B. Route traffic to an external Layer 3 network
C. VXLAN encapsulation/de-encapsulation
D. Encapsulate the data plane traffic into LISP

A

B. Route traffic to an external Layer 3 network
C. VXLAN encapsulation/de-encapsulation

The two correct responsibilities of a fabric edge node in a Cisco SD-Access solution are:
✅ B. Route traffic to an external Layer 3 network
✅ C. VXLAN encapsulation/de-encapsulation

🔍 Explanation of Each Option

🧠 Fabric Edge Node Responsibilities (Cisco SD-Access)
* Acts as the onboarding point for wired endpoints.
* Performs VXLAN encapsulation/de-encapsulation for traffic entering and exiting the fabric.
* Registers endpoint identity (EID) with the LISP control plane.
* Provides anycast Layer 3 gateway functionality.
* Enforces group-based policies using Security Group Tags (SGTs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

With the three-tier design model, each layer is focused on set roles for the network. Which layer provisions policy-based connectivity according to this model?
A. Core
B. Distribution
C. Access
D. Flat network

A

B. Distribution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

which of the following should be considered in fabric capacity planning for your enterprise network design? (Choose 2)
A. 3-tier design sufficiency
B. 2-tier design sufficiency
C. Total network bandwidth utilization
D. Per switch bandwidth utilization

A

C. Total network bandwidth utilization
D. Per switch bandwidth utilization

Why These Matter
* Total network bandwidth utilization helps you understand aggregate traffic demands across the fabric. This is essential for sizing uplinks, core capacity, and ensuring the network can handle peak loads without congestion.
* Per switch bandwidth utilization ensures that individual switches (especially edge and distribution nodes) are not overwhelmed. This helps prevent bottlenecks and supports efficient traffic flow across the fabric.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the characteristics of the distributed WLC deployment within a campus network? Choose all that apply
A. Only one WLC is needed
B. WLCs connected through distribution routers
C. WLCs can have separate RF and mobility groups
D. CAPWAP tunnels stay within the building.

A

B. WLCs connected through distribution routers
C. WLCs can have separate RF and mobility groups

Key Traits of Distributed WLC Deployment
* Each site or building may have its own WLC.
* CAPWAP tunnels terminate locally, reducing backhaul traffic.
* RF and mobility groups can be customized per location.
* Enhances scalability and fault isolation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which best characterizes an on-premises deployment design? Choose 2
A. Uses company’s infrastructure
B. Uses provider’s infrastructure
C. Complete control
D. Shared control

A

A. Uses company’s infrastructure
C. Complete control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You have a lightweight access point Cisco WiFi network in your enterprise. You have been asked to configure local web authentication in this area. What device is responsible for presenting this authentication to the clients?
A. The foreign WLC
B. The anchor WLC
C. The local WLC
D. The ISE

A

C. The local WLC

Local Web Authentication = WLC-hosted portal
External Web Authentication = ISE or external server-hosted portal
In a Cisco Wi-Fi network using lightweight access points, Local Web Authentication (LWA) is a method where the Wireless LAN Controller (WLC) itself hosts and presents the web portal for client authentication.
* The local WLC is responsible for:
* Redirecting unauthenticated clients to the web portal.
* Hosting the login page (or redirecting to an external server, if configured).
* Applying access control policies based on authentication results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are configuring a new gateway in your Enterprise, and you notice the command no vrrp preempt. What is the purpose of this command?
A. This command ensures that a gateway with a higher priority value immediately becomes the new master device in the VRRP group
B. This command ensures that a standby device cannot become the master device due to a priority change
C. This command ensures that VRRP version 2 is in use
D. This command ensures that there is automated load balancing in the VRRP group

A

B. This command ensures that a standby device cannot become the master device due to a priority change

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a key difference between OSPF and EIGRP?
A. OSPF is a hybrid protocol
B. EIGRP can load balance unequal cost paths
C. EIGRP uses a cost metric
D. OSPF uses a composite metric

A

B. EIGRP can load balance unequal cost paths

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

There are API response codes you should be familiar with when working with RESTful APIs and your Cisco equipment. Which of these categories represent success, client problems, and server problems? (Choose 3)
A. 100
B. 200
C. 300
D. 400
E. 500

A

B. 200
D. 400
E. 500

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Cisco SD-Access is composed of an underlay and overlay network. What defines the underlay, when deploying the SD-Access network? Choose 2
A. Physical routers and switches
B. Establishing IP connectivity via routing protocols
C. Virtualized networking
D. Using VRFs

A

A. Physical routers and switches
B. Establishing IP connectivity via routing protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which is the purpose of the control plane node in SD-Access?
A. Encapsulates data packets
B. tracks all endpoints in the SD-Access network
C. Associates them to an RLOC
D. Secures and segments

A

D. Secures and segments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are the two namespaces used by LISP for traffic forwarding?
A. FQDN
B. NetBIOS
C. EID
D. RLOC

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Q: What does the mnemonic OCEAN stand for in OSPF?

A

O – Open standard
* C – Cost metric (based on bandwidth)
* E – Equal-cost load balancing only
* A – Algorithm: SPF (Dijkstra)
* N – Narrow scope (pure link-state)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does the mnemonic BEAD stand for in EIGRP?

A

B – Balanced hybrid protocol
* E – Efficient composite metric (bandwidth, delay, reliability, load)
* A – Adaptive load balancing (supports unequal-cost paths)
* D – DUAL algorithm (Diffusing Update Algorithm)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which protocol supports unequal-cost load balancing?

A

EIGRP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which protocol uses the Dijkstra SPF algorithm?
OSPF
26
What type of metric does OSPF use?
Cost metric based on bandwidth
27
What type of metric does EIGRP use?
Composite metric (bandwidth, delay, reliability, load)
28
The policy plane in SD-Access assigns SGT value to packets entering the network. What is the purpose of the tag? A. Enforce access policy B. Traffic forwarding C. Enable automation D. Authenticate users
A. Enforce access policy
29
The Cisco DNA Center is a central component of SD-Access networks, as it serves as which network plane? A. Control Plane B. Management Plane C. Data Plane D. Policy Plane
B. Management Plane
30
The traditional network in the campus fabric takes on what particular role in an SD-Access solution? A. Overlay B. Identity and Access C. Underlay D. Management Framework
C. Underlay
31
Which QoS feature uses the FIFO queuing strategy, and does not provide any packet reordering? A. Best-Effort B. IntServ C. DiffServ D. SoftServ
A. Best-Effort
32
Which QoS feature uses signaling across network devices to provide bandwidth reservation? A. Best-Effort B. IntServ C. DiffServ D. SoftServ
B. IntServ ## Footnote Integrated Services (IntServ) is a QoS architecture that uses signaling protocols—specifically RSVP (Resource Reservation Protocol)—to reserve bandwidth across network devices for specific traffic flows.
33
Which QoS feature uses “marking” on packets to allow routers to make decisions based on the markings? A. Best-Effort B. IntServ C. DiffServ D. SoftServ
C. DiffServ
34
Within the IPv4 header, which field is used to mark packets for DiffServ? A. Padding B. TTL C. Protocol D. ToS
D. ToS
35
What does marking do to the packet for DiffServ? A. Alters ToS bits B. Encapsulates Packets C. Changes how routers treat packets D. Adds a header to packet
A. Alters ToS bits
36
What does DSCP stand for in QoS?
Differentiated Services Code Point
37
Which field in the IP header does DSCP modify?
The Type of Service (ToS) byte
38
What does marking a packet with DSCP do?
Alters ToS bits to change how routers treat the packet
39
Does DiffServ encapsulate packets or add headers?
No, it modifies existing header bits (ToS field)
40
What are the three main Per-Hop Behaviors (PHBs) in DiffServ?
* EF (Expedited Forwarding) – Low latency, high priority * AF (Assured Forwarding) – Reliable delivery with multiple drop precedence levels * BE (Best Effort) – No QoS guarantees
41
What DSCP value is typically used for Expedited Forwarding (EF)?
DSCP 46 (binary )
42
What is the DSCP range for Assured Forwarding (AF)?
DSCP values from AF11 to AF43 (e.g., AF21 = DSCP 18)
43
What is the DSCP value for Best Effort traffic?
DSCP 0
44
How many bits are used for DSCP in the IP header?
6 bits (out of the 8-bit ToS byte)
45
What does a router use DSCP markings for?
To apply QoS policies like queuing, scheduling, and dropping
46
As packets fill the output buffer of the interface, new packets entering are “tail-dropped”. What QoS tool prevents this? A. FHRP B. WRED C. RED D. PHB
B. WRED ## Footnote Why WRED Prevents Tail Drop Tail drop occurs when a router’s output buffer is full and new packets are simply dropped—often leading to TCP global synchronization and degraded performance. WRED is a smarter congestion avoidance mechanism that: * Monitors queue depth and begins dropping packets before the buffer is full. * Randomly drops lower-priority packets based on DSCP markings. * Prevents global TCP synchronization by spreading out packet loss.
47
Which of the following are considered traffic conditioners for QoS? A. DSCP & IP Precedence B. WRED & RED C. Policing & Shaping D. LFI & OIL
C. Policing & Shaping
48
What is the DSCP value for latency-sensitive traffic, like voice traffic, when using EF PHB? A. DSCP 0 B. DSCP 12 C. DSCP 6 D. DSCP 46
D. DSCP 46
49
What is the first element of a QoS policy? A. Classification of traffic B. Marking of traffic C. Scheduling of Traffic D. Dropping of Traffic
A. Classification of traffic
50
Once QoS policies are rolled out, which of the following is **not** true? A. Monitoring of Service Level B. Nothing, it is complete C. Periodic Adjustments D. Tuning policies
B. Nothing, it is complete
51
When considering your network traffic, what does marking do for QoS that Classification does not? A. Schedules traffic B. Routes traffic C. Sets attribute of frame or packet D. Drops Traffic
C. Sets attribute of frame or packet
52
How is traffic marked that avoids the need for repetition and classification at every node the traffic passes? A. By Frame B. By Interface C. By Subnet D. By Service Level
D. By Service Level ## Footnote Traffic is marked by service level using QoS tools like DSCP (Differentiated Services Code Point) or CoS (Class of Service). This marking allows each network device to: * Recognize the priority of the packet without reclassifying it. * Apply consistent treatment across the network. * Avoid repetitive classification at every hop. This is a foundational concept in QoS design:
53
Why would you make a snapshot of a VM before making changes to it? A. To revert those changes if necessary B. To keep the VM compact C. To archive before destroying D. All of the above
A. To revert those changes if necessary ## Footnote Creating a snapshot of a virtual machine (VM) before making changes is like setting a restore point. It captures the VM’s entire state—including disk, memory, and configuration—so you can roll back if something goes wrong. Snapshots are especially useful when: - Applying software updates or patches - Testing new configurations - Installing third-party applications - Making risky changes to system files or services Think of it as an “undo” button for your VM. If the change causes instability or breaks functionality, you can revert instantly.
54
Which of the following is a mac-address of Hyper-v based VM? A. 00:1C:42:11:22:33 B. 00:15:5d:aa:bb:cc C. 00:05:69:dd:ee:ff D. 08:00:27:44:55:66
B. 00:15:5d:aa:bb:cc ## Footnote Hyper-V uses a specific MAC address range for its virtual machines. According to Microsoft documentation, the default range is: * Prefix: * Range: to This prefix is reserved by Microsoft for Hyper-V-generated MAC addresses, whether dynamic or static.
55
Which of the following is a mac-address of VMWare Workstation based VM? A. 00:1C:42:11:22:33 B. 00:15:5d:aa:bb:cc C. 00:05:69:dd:ee:ff D. 08:00:27:44:55:66
C. 00:05:69:dd:ee:ff ## Footnote VMware Workstation uses specific Organizationally Unique Identifiers (OUIs) to generate MAC addresses for its virtual machines. One of the registered prefixes for VMware is: * 00:05:69 – Assigned to VMware ESX and VMware GSX Server, and also used in VMware Workstation environments Other common VMware MAC address prefixes include: * 00:0C:29 * 00:50:56 * 00:1C:14 These prefixes help identify the hypervisor source of the VM’s network interface.
56
Which of the following are types of virtual switches on VMware ESXi? Pick 2. A. Distributed Switch (dvSwitch) B. Standard Switch (vSwitch) C. Open vSwitch D. VPC
A. Distributed Switch (dvSwitch) B. Standard Switch (vSwitch)
57
Which of the following are considered advantages of using virtual switches instead of physical switches? Pick 2 A. Dedicated hardware B. Specialized NIC needed C. Over-subscribing of the physical NIC D. VM migration to different networks
C. Over-subscribing of the physical NIC D. VM migration to different networks
58
What is the processing required every time a broadcast is received by a virtual switch? A. Broadcast radiation B. Broadcast storming C. Broadcast streaming D. Broadcast fanning
A. Broadcast radiation
59
Which virtualization scenario would use a distributed vSwitch? A. VMs on the same physical host B. VMs across multiple hosts C. VMs on Type 2 Hypervisor D. Multiple physical servers
B. VMs across multiple hosts ## Footnote Why Distributed vSwitch Is Used Across Hosts A Distributed vSwitch (DvSwitch) in VMware is designed to provide centralized network management across multiple ESXi hosts. It allows virtual machines (VMs) to maintain consistent network configurations—even when they migrate between hosts using vMotion. Key features: * Centralized configuration via vCenter Server * Consistent port groups and VLANs across all hosts * Simplified management for large-scale environments * Supports advanced features like NetFlow, port mirroring, and Network I/O Control
60
What is a Standard vSwitch (vSS) in VMware?
A local virtual switch configured per ESXi host; used for basic VM networking.
61
What is a Distributed vSwitch (DvSwitch)?
A centralized virtual switch managed via vCenter that spans multiple ESXi hosts.
62
Which vSwitch type supports vMotion across hosts with consistent network settings?
Distributed vSwitch (DvSwitch)
63
Which vSwitch type is best for single-host environments?
Standard vSwitch (vSS)
64
What tool is required to manage a Distributed vSwitch?
VMware vCenter Server
65
Can a Standard vSwitch be used across multiple hosts?
No, it is local to each ESXi host.
66
Which vSwitch supports advanced features like NetFlow and port mirroring?
Distributed vSwitch (DvSwitch)
67
Do Type 2 hypervisors like VMware Workstation support Distributed vSwitches?
No, DvSwitch is only available in vSphere environments.
68
What is the main benefit of using a Distributed vSwitch?
Centralized network configuration and consistent policy enforcement across hosts.
69
What happens to VM networking during vMotion if using a Standard vSwitch?
Manual configuration may be needed on the destination host to match settings.
70
On the Cisco IOS router, you run the `debug ip packet` command, and you have another device ping it (or ping the address of one its own interfaces), you see `routed via RIB`for each received ping. Which switching type is running? A. Process Switching B. Fast Switching C. Cisco Express Forwarding D. No switching
A. Process Switching ## Footnote When you see **Routed via RIB** in the output of the **debug ip packet** command on a Cisco IOS router, it indicates that the packet was processed using the Routing Information Base (RIB)—which is a hallmark of Process Switching. Process Switching involves: * The CPU examining each packet individually * Looking up the destination in the RIB * Making a forwarding decision manually for each packet This is the slowest and most CPU-intensive switching method, typically used only for debugging or when other switching methods are disabled.
71
72
What is Process Switching in Cisco routers
,A switching method where the CPU manually processes each packet by consulting the Routing Information Base (RIB).
73
What is Fast Switching in Cisco routers
,A switching method that uses a cache to store forwarding decisions, speeding up packet processing.
74
What is Cisco Express Forwarding (CEF)
,A high-speed switching method that uses the Forwarding Information Base (FIB) and adjacency tables for efficient packet forwarding.
75
Which switching method is the slowest and most CPU-intensive
,Process Switching
76
Which switching method uses a cache for forwarding decisions
,Fast Switching
77
Which switching method uses the FIB and adjacency tables
,Cisco Express Forwarding (CEF)
78
What debug output indicates Process Switching
,routed via RIB
79
What debug output indicates Fast Switching
,routed via cache
80
What debug output indicates Cisco Express Forwarding (CEF)
,routed via FIB
81
Which switching method is enabled by default on modern Cisco routers
,Cisco Express Forwarding (CEF)
82
Why is Process Switching rarely used in production environments
,It is slow and consumes significant CPU resources.
83
What is the main advantage of Fast Switching over Process Switching
,It reduces CPU usage by caching forwarding decisions.
84
What is the main advantage of Cisco Express Forwarding (CEF) over Fast Switching
,It provides faster and more scalable packet forwarding using pre-built tables.
85
Which switching method is best suited for high-performance networks
,Cisco Express Forwarding (CEF)
86
What happens if Cisco Express Forwarding (CEF) is disabled
,The router falls back to Fast Switching or Process Switching.
87
Which command is run on a Cisco IOS router interface to use Fast Switching? A. `no ip route-cache` B. `ip route-cache` C. `route-cache enable` D. Nothing, it is default
B. `ip route-cache` ## Footnote On Cisco IOS routers, Fast Switching is enabled by default on interfaces that support it. The command: **ip route cache** is used to explicitly enable Fast Switching on an interface if it has been disabled. This command allows the router to build a route cache after the first packet is processed, speeding up subsequent packet forwarding.
88
Which two components are in use for CEF to work successfully? A. CPU B. FIB C. Adjacency table D. Nothing, it just works
B. FIB C. Adjacency table
89
If we want to enable CEF on a per-interface basis, which command do we run on each interface? A. `no ip route-cache cef` B. `ip cef` C. `route-cache enable ref` D. `ip route-cache cef`
D. `ip route-cache cef`
90
By default, idle CAM table entries are kept for how many seconds before they are deleted? A. 300 B. 180 C. 50 D. 30
A. 300
91
A switch flags a MAC address as “flapping” when which condition occurs? A. An endpoint reboots often. B. A MAC address is learned on alternating ports C. `shutdown` and `no shutdown` issued D. All of the above
B. A MAC address is learned on alternating ports
92
Which of the following does a TCAM table not store on a layer 3 switch? A. ACL info B. Routing Table C. MAC Addresses D. QoS info
C. MAC Addresses ## Footnote TCAM vs CAM in Layer 3 Switches TCAM (Ternary Content Addressable Memory) is optimized for high-speed lookups involving: * Access Control Lists (ACLs) * Routing tables (IP prefixes) * QoS policies It supports "don't care" bits, making it ideal for longest-prefix match operations and complex filtering. CAM (Content Addressable Memory), on the other hand, is used for: * Exact match lookups, such as MAC address tables in Layer 2 switching
93
What does VMR refer to in the entries of the TCAM? A. Virtual Memory Route B. Virtual Memory Request C. Value Mask Requirement D. Value Mask Result
D. Value Mask Result
94
It’s your first time configuring a VRF on R1.You choose to configure on Gi0/1, which has an IP address 192.168.1.1/24 on it. When you do, something has changed in your interface configuration, what is it? A. Interface does an automatic shutdown/no shutdown B. The IP address is removed C. An interface will come out of shutdown D. An interface will be put into shutdown
B. The IP address is removed
95
What type of VRF configuration doesn’t require a route-target configuration and can use static or dynamic routing in each VRF instance? A. VRF-lite B. VRFs C. VPNs D. VLANs
A. VRF-lite
96
Which type of interface cannot be used for VRF configuration? A. router sub-interfaces B. Layer 2 interfaces C. router physical interfaces D. Loopback interface
B. Layer 2 interfaces
97
Which is considered a benefit of using VRFs for different tenants? A. Integrated Routing Table B. Partial routing table C. Isolated routing tables D. no real benefit
C. Isolated routing tables
98
What command does the admin for TenantA run to see the routing table for Tenant A? A. `show ip route | include TenantA` B. `show ip route | exclude TenantB` C. `show ip route` D. `show ip route vrf TenantA`
D. `show ip route vrf TenantA`
99
LISP uses which two name spaces as the architecture and protocol? Choose 2. A. MAC B. ARP C. EID D. RLOC
C. EID D. RLOC ## Footnote LISP Architecture: Two Name Spaces LISP (Locator/ID Separation Protocol) separates the traditional IP address function into two distinct namespaces: EID - Endpoint Identifier - Identifies the host (e.g., a device like a laptop or server) RLOC - Routing Locator - Identifies the location of the host in the network, typically assigned to routers or gateways This separation improves routing scalability, mobility, and multihoming by allowing endpoints to move without changing their identity (EID), while RLOCs handle reachability.
100
What does the ITR component of LISP perform on the received packet? Pick 2 A. Encapsulates to remote LISP site B. Natively forwards to non LISP site C. Forwards to firewall D. Forwards to endpoint
A. Encapsulates to remote LISP site B. Natively forwards to non LISP site ## Footnote The ITR is responsible for handling packets entering a LISP-enabled site. Upon receiving a packet, it performs one of two actions: | Action | Description | | Encapsulates to remote LISP site | If the destination is a LISP-enabled site, the ITR encapsulates the packet using LISP and forwards it to the appropriate RLOC | | Natively forwards to non-LISP site | If the destination is outside the LISP domain, the ITR forwards the packet using traditional IP routing (no encapsulation) | These behaviors allow seamless communication between LISP and non-LISP environments.
101
Which router type in LISP architecture receives packets, decapsulates them, and forwards them to EIDs at the local site? A. ITR B. OTR C. ETR D. RTR
C. ETR ## Footnote The ETR is responsible for handling packets arriving at a LISP-enabled site. Its key functions include: * Decapsulation: Removes the LISP header from incoming packets * Forwarding to EIDs: Delivers the decapsulated packets to the appropriate Endpoint Identifiers (hosts or devices) within the local site This makes the ETR the receiving counterpart to the ITR, which encapsulates and sends packets out.
102
Which router receives packets from non-LISP sites to encapsulate them to forward them to LISP sites? A. ITR B. ETR C. PETR D. PITR
D. PITR ## Footnote What PITR Does in LISP Architecture The Proxy Ingress Tunnel Router (PITR) is a specialized LISP router that: * Receives packets from non-LISP sites * Encapsulates them using LISP * Forwards them to LISP-enabled destinations This allows non-LISP networks to communicate with LISP sites, even though they don’t understand LISP themselves. 🔄 Related Role: PETR For the reverse direction (LISP to non-LISP), the PETR (Proxy Egress Tunnel Router): * Receives encapsulated packets from LISP sites * Decapsulates them * Forwards them natively to non-LISP destinations
103
Which LISP router de-encapsulates packets to deliver them from LISP to non-LISP sites? A. ITR B. ETR C. PITR D. PETR
D. PETR ## Footnote PETR For the reverse direction (LISP to non-LISP), the PETR (Proxy Egress Tunnel Router): * Receives encapsulated packets from LISP sites * Decapsulates them * Forwards them natively to non-LISP destinations
104
What are the two functions of the MR in LISP? Pick 2 A. Receive MAP requests encapsulated by the ITR B. Decapsulates the MAP requests and forwards them to the ALT topology C. Encapsulates the MAP request D. Routes and Forwards
A. Receive MAP requests encapsulated by the ITR B. Decapsulates the MAP requests and forwards them to the ALT topology ## Footnote The Map Resolver (MR) plays a key role in the LISP control plane, helping ITRs discover how to reach EIDs. Its two main functions are: | Function | Description | | Receives encapsulated Map-Requests from ITRs | ITRs send Map-Requests to the MR to resolve EIDs to RLOCs | | Decapsulates and forwards to ALT topology | The MR strips the LISP header and forwards the request to the appropriate Map Server (MS) via the ALT (Alternative Logical Topology) | This enables scalable and efficient resolution of endpoint identifiers in LISP deployments.
105
Which LISP component configures the LISP site policy for authenticating other LISP sites? A. MS B. MR C. ALT D. ITR
A. MS
106
Which two best describes VXLAN? Pick 2 A. Tunneling that extends L2 networks over an IP network B. Encapsulates MAC in UDP C. Tunneling that extends IP networks over L2 networks D. Encapsulates MAC in TCP
A. Tunneling that extends L2 networks over an IP network B. Encapsulates MAC in UDP ## Footnote VXLAN is a network overlay protocol designed to address limitations of traditional VLANs in large-scale environments. Here's what it does: | Feature | Description | | L2 over L3 tunneling | VXLAN allows Layer 2 segments (like VLANs) to be extended across a Layer 3 IP network | | MAC-in-UDP encapsulation | It encapsulates Layer 2 Ethernet frames inside UDP packets, enabling scalable and flexible transport | VXLAN uses UDP port 4789 by default and introduces a VXLAN Network Identifier (VNI) to distinguish virtual segments.
107
What component terminates VXLAN tunnels? A. Endpoints B. VTEPs C. VRFs D. VLANs
B. VTEPs
108
Each VTEPs has two interfaces: which interface is used for sending and receiving VXLAN encapsulated traffic? A. Local LAN B. Trunk port C. IP Interface D. Access Port
C. IP Interface
CCNP - ENCOR (350-401)
flashcards
Decks in class (17)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions