Share your CCDA v2.1 Experience

June 19th, 2011 in CCDA 640-864

The new CCDA DESGN 640-864 Exam has come to replace for the old CCDA 640-863. It will take some time to update this site with this new exam. In the mean time we create this “Share your CCDA v2.1 Experience” section for everyone to share the experience after taking this new exam.

Please share with us your experience after taking the new CCDA 640-864 (CCDA v2.1) exam, your materials, the way you learned, your recommendations…

Your posts are warmly welcome!

Drag and Drop Questions

March 20th, 2011 in CCDA

Here you will find answers to Drag and Drop Questions

Question 1

Click and drag the QoS feature type on the left to the category of QoS mechanism on the right.

QoS_Feature.jpg


Answer:

+ classification and marking: ACLs
+ congestion avoidance: WRED
+ traffic conditioners: CAR
+ congestion management: LLQ
+ link efficiency: LFI

Explanation

Classification is the process of partitioning traffic into multiple priority levels or classes of service. Information in the frame or packet header is inspected, and the frame’s priority is determined.Marking is the process of changing the priority or class of service (CoS) setting within a frame or packet to indicate its classification. Classification is usually performed with access control lists (ACL), QoS class maps, or route maps, using various match criteria.

Congestion-avoidance techniques monitor network traffic loads so that congestion can be anticipated and avoided before it becomes problematic. Congestion-avoidance techniques allow packets from streams identified as being eligible for early discard (those with lower priority) to be dropped when the queue is getting full. Congestion avoidance techniques provide preferential treatment for high priority traffic under congestion situations while maximizing network throughput and capacity utilization and minimizing packet loss and delay.

Weighted random early detection (WRED) is the Cisco implementation of the random early detection (RED) mechanism. WRED extends RED by using the IP Precedence bits in the IP packet header to determine which traffic should be dropped; the drop-selection process is weighted by the IP precedence.

Traffic conditioner consists of policing and shaping. Policing either discards the packet or modifies some aspect of it, such as its IP Precedence or CoS bits, when the policing agent determines that the packet meets a given criterion. In comparison, traffic shaping attempts to adjust the transmission rate of packets that match a certain criterion. Shaper typically delays excess traffic by using a buffer or queuing mechanism to hold packets and shape the flow when the source’s data rate is higher than expected. For example, generic traffic shaping uses a weighted fair queue to delay packets to shape the flow. Traffic conditioner is also referred to as Committed Access Rate (CAR).

Congestion management includes two separate processes: queuing, which separates traffic into various queues or buffers, and scheduling, which decides from which queue traffic is to be sent next. There are two types of queues: the hardware queue (also called the transmit queue or TxQ) and software queues. Software queues schedule packets into the hardware queue based on the QoS requirements and include the following types: weighted fair queuing (WFQ), priority queuing (PQ), custom queuing (CQ), class-based WFQ (CBWFQ), and low latency queuing (LLQ).

LLQ is also known as Priority Queuing–Class-Based Weighted Fair Queuing (PQ-CBWFQ). LLQ provides a single priority but it’s preferred for VoIP networks because it can also configure guaranteed bandwidth for different classes of traffic queue. For example, all voice call traffic would be assigned to the priority queue, VoIP signaling and video would be assigned to a traffic class, FTP traffic would be assigned to a low-priority traffic class, and all other traffic would
be assigned to a regular class.

Link efficiency techniques, including link fragmentation and interleaving (LFI) and compression. LFI prevents small voice packets from being queued behind large data packets, which could lead to unacceptable delays on low-speed links. With LFI, the voice gateway fragments large packets into smaller equal-sized frames and interleaves them with small voice packets so that a  voice packet does not have to wait until the entire large data packet is sent. LFI reduces and ensures a more predictable voice delay.

(Reference: Cisco Press Designing for Cisco Internetwork Solutions)

Question 2

Click and drag the Cisco Self-Defending Network term on the left to the SDN description on the right. Not all terms will be used.

Cisco-Self-Defending.jpg


Answer:

+ provides secure network access, isolates and controls infected devices attempting access: Trust and Identity Management
+ uses encryption and authentication to provide secure transport across untrusted networks: Secure Connectivity
+ uses security integrated into routers, switches, and appliances to defend against attacks: Threat Defense
+ integrates security into the network to identify, prevent, and adapt to threats: Cisco Self-Defending Network

Explanation

Trust and identity management solutions provide secure network access and admission at any point in the network and isolate and control infected or unpatched devices that attempt to access the network. If you are trusted, you are granted access.

We can understand “trust” is the security policy applied on two or more network entities and allows them to communicate or not in a specific circumstance. “Identity” is the “who” of a trust relationship.

The main purpose of Secure Connectivity is to protect the integrity and privacy of the information and it is mostly done by encryption and authentication. The purpose of encryption is to guarantee confidentiality; only authorized entities can encrypt and decrypt data. Authentication is used to establish the subject’s identity. For example, the users are required to provide username and password to access a resource…

Question 3

Match the Cisco security solution on the left to its function on the right.

Cisco Security.jpg


Answer:

+ protects the endpoints (desktops, laptops and servers): Cisco Security Agent
+ provides multiple functions as a high performance security appliance: ASA
+ prevents DDoS attacks: Anomaly Guard and Detector
+ provides Web-Based VPN services: SSL Service Module
+ prevents attacks inline: IPS Appliance

Question 4

Bandwidth_Usage.jpg

 

Answer:

+ limits the number of frames transmitted before an acknowledgement is received: window size
+ reduces data size to save transmission time, optimizing the use of WAN bandwidth: data compression
+ allows network administrators to manage the varying demands generated by applications: queuing
+ discards packets or modifies some aspect of them (such as IP precedence): traffic policing

Question 5

Place the PPDIOO Methodology in the correct order

Optimize Step 1
Design Step 2
Prepare Step 3
Implement Step 4
Operate Step 5
Plan Step 6


Answer:

Step 1: Prepare
Step 2: Plan
Step 3: Design
Step 4: Implement
Step 5: Operate
Step 6: Optimize