Explanation : The AS path attribute is used to determine the best path to a destination in BGP. The AS path lists the sequence of autonomous systems that the route has passed through, and BGP prefers paths with shorter AS paths.
3. Which of the following is an example of an IPv4 access control list (ACL)?
A. Standard ACL
B. Extended ACL
C. Time-based ACL
D. All of the above
Answer: D
Explanation : There are three types of IPv4 ACLs: standard, extended, and time-based. Standard ACLs filter traffic based on the source IP address, while extended ACLs can filter based on source and destination IP addresses, port numbers, and other criteria. Time-based ACLs allow you to specify when an ACL is active.
4. What is the purpose of control plane policing (CoPP)?
A. To protect the control plane of network devices from denial-of-service (DoS) attacks and other security threats.
B. To control network traffic and prevent congestion on the data plane.
C. To enforce network policies and access control rules.
D. To improve network performance by optimizing routing protocols.
Answer: A
Explanation : Control plane policing (CoPP) is a security feature that is used to protect the control plane of network devices from DoS attacks and other security threats. CoPP filters traffic that is destined for the control plane and drops packets that do not match specific criteria.
5. Which of the following is an example of an IPv6 first hop security feature?
A. Access control lists (ACLs)
B. Spanning tree protocol (STP)
C. Network Address Translation (NAT)
D. RA guard
Answer: D
Explanation :RA guard is an example of an IPv6 first hop security feature. RA guard prevents rogue routers from sending unsolicited router advertisements (RAs) on the network, which could lead to security vulnerabilities.
6. What is the purpose of Next Hop Resolution Protocol (NHRP) in Dynamic Multipoint VPN (DMVPN)?
a. To create a full-mesh topology between all sites
b. To map a physical IP address to a registered name
c. To manage multicast traffic across the VPN network
d. To dynamically map spoke IP addresses to the hub's public IP address
Answer: D
Explanation : To dynamically map spoke IP addresses to the hub's public IP address
7. Which of the following protocols is used for authentication and authorization in MPLS Layer 3 VPN?
a. LDP
b. GRE
c. TACACS+
d. OSPF
Answer: C. TACACS+
8. Which of the following security features in IPv6 is used to prevent rogue DHCP servers from assigning IP addresses to clients?
a. DHCP Guard
b. ND Inspection
c. RA Guard
d. Binding Table
Answer: c
Explanation : RA Guard. RA Guard is a security feature in IPv6 that is used to prevent rogue RA (Router Advertisement) messages from unauthorized devices. These messages can contain incorrect or malicious information, which can cause security vulnerabilities in the network. RA Guard helps to ensure that only authorized devices are able to send RA messages, and it can also prevent rogue DHCP servers from assigning IP addresses to clients by blocking unauthorized RA messages that contain DHCPv6 options. DHCP Guard, ND Inspection, and Binding Table are other security features in IPv6, but they are not specifically designed to prevent rogue DHCP servers.
