Home > New Updated Questions 2

New Updated Questions 2

January 26th, 2013 in Premium Zone Go to comments

Note: You can test your knowledge with these questions first via this link.

Question 1

Which utility should you use when you need to add a large number of users into Cisco Unified Communications Manager?

A. Cisco Unified User Administration
B. Application User CAPF Profile
C. Cisco Unified Communications Manager Bulk Administration Tool
D. Cisco Unified Telephony User Administration

 

Answer: C

Explanation

The Bulk Administration Tool (BAT) is a very powerful web-based tool of Cisco Unified Communications Manager. BAT lets you add, update, or delete a large number of similar phones, users, or ports at the same time. When you use Cisco CallManager Administration, each database transaction requires an individual manual operation, while BAT automates the process and achieves faster add, update, and delete operations.

(Reference: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/bat/5_1_4/bat_ovr.html)

Question 2

An organization is using a centralized DHCP server for all IP phones. However, when the IP phones are powered up, the phones are unable to obtain an IP address. Which CLI command should be in the router configuration to ensure that the IP phones are able to reach the DHCP server?

A. router(config)#helper-address
B. router(config-if)#ip helper-address
C. router(config-if)#helper-address
D. router(config)#ip helper-address

 

Answer: B

Explanation

The full syntax of this command is:

router(config-if)#ip helper-address {address-of-DHCP-server}

Let’s consider an example of how to use this command with the topology below:

IP_helper-address.jpg

Suppose there is only one PC on the subnet attached with E0 interface of the router. First, PC A needs an IP address so it will send a broadcast DHCP Request. When the router receives the DHCP Request, it changes the destination IP address of the packet to the value set with the ip helper-address command. Because the PC does not yet have an IP address, the DHCP request (as sent by PC A) has an source IP address of 0.0.0.0. The router then changes the source IP address so that the DHCP Response packet can be routed back to the original subnet, and then broadcast back onto that subnet.

Question 3

With GETVPN, if a key server is configured to use multicast as the rekey transport mechanism, then under which of these conditions will the key server retransmit the rekey messages?

A. it never retransmit the rekey messages
B. it only retransmit the rekey message when it does not receive the rekey acknowledgment from at least one group member
C. it only retransmit the rekey message when it does not receive the rekey acknowledgment from all group member
D. it only retransmit the rekey message when DPD to the group members fails
E. it always retransmit the rekey message

 

Answer: E

Explanation

GETVPN combines the keying protocol Group Domain of Interpretation (GDOI) with IP security (IPsec) encryption to provide users with an efficient method to secure IP multicast traffic or unicast traffic. A GETVPN deployment has primarily three components: Key Server, Group Member and Group Domain of Interpretation (GDOI) protocol.
+ Group Members do encrypt/decrypt the traffic.
+ The responsibilities of the Key Server include maintaining the policy and creating and maintaining the keys for the group and distributing the encryption key to all the group members.. When a group member registers, the key server downloads this policy and the keys to the group member. The Key Server also rekeys the group before existing keys expire.
+ GDOI protocol is used between the Group Member and Key Server for group key and group security association (SA, also mean IPSec) management. Minimum one KS is required for a GETVPN deployment.

Since all GMs use the same key, any GM can decrypt the traffic encrypted by any other GM.

Rekey messages are sent without the use of any reliable transport. There is no efficient feedback mechanism by which receivers can indicate that they did not receive a rekey message. After key server sends out rekey messages, it does not wait to receive the rekey acknowledgment -> B and C are not correct.

Dead Peer Detection (DPD) is only used to keep track of the state of other Key Servers and it has no related with Group members or rekey message -> D is not correct.

Rekey messages are sent in advance of the SA expiration time to ensure that valid group keys are always available. Also after the registration is successful, the key server sends a multicast rekey to all the group members that have registered within a group -> E is correct but A is not.

(Good resource and reference:
+ http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/deployment_guide_c07_554713.html
+ http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/15-2mt/sec-get-vpn.html#GUID-A2442E2A-4B03-4692-9EBE-98BEB273BCEC)

Question 4

Which two directory services are supported by Cisco Unified Communications Manager for Lightweight Directory Access Protocol integration? (Choose two)

A. Windows Active Directory 2008
B. Novell eDirectory
C. iPlanet Directory Server 4.0
D. Sun ONE Directory Server
E. Open Lightweight Directory Access Protocol 2.1

 

Answer: A D

Explanation

CUCM supports LDAP integration with several widely used LDAP systems, including the following:
+ Microsoft Active Directory (2000, 2003, 2008)
+ Microsoft Active Directory Application Mode 2003
+ Microsoft Lightweight Directory Services 2008
+ iPlanet Directory Server 5.1
+ Sun ONE Directory Server (5.2, 6.x)
+ Open LDAP (2.3.39, 2.4)

(Reference: CCNA Voice 640-461 Official Certification Guide)

Question 5

Which generating QoS reports CAR tool, what two parameters are valid for report generation? (Choose two)

A. route lists
B. route patterns/hunt pilots
C. route groups
D. gateway types
E. partitions
F. IP phone directory numbers

 

Answer: B D

Explanation

+ Route Pattern: matches a set of dialed digits and triggers a call-routing process that can include one or more potential paths, providing a hierarchical set of call-routing options.
+ Hunt Pilot: a specific pattern of digits that, when matched, triggers a customizable call-coverage system.

The samples of configuring of Route Pattern and Hunt Pilot are shown below:

Route Patterns:

QoS_CAR_route_patterns_hunt_pilots.jpg

Gateway Types:

QoS_CAR_gateway_types.jpg

(Good reference: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/3_3_3/ccmsrva/sacar4.html)

Question 6

Which protocol should you use to configure Cisco Unified Personal Communicator for secure voice messaging with Cisco Unity Connection?

A. TCP
B. SSL
C. TLS
D. UDP

Answer: C

Explanation

Transport Layer Security (TLS) is a successor to Secure Sockets Layer (SSL) protocol. TLS provides secure communications on the Internet for such things as e-mail, Internet faxing, and other data transfers. We should use IMAP (TCP/TLS) protocol to configure CUPC for secure voice messaging with Cisco Unity Connection.

Question 7

An engineer is installing an IP phone in a remote location. When the engineer plugs the IP phone into the network, the phone does not power up. What is the first thing that should be checked?

A. Power over Ethernet switch
B. Cisco Unified Communications Manager Server
C. Cisco Unified Presence
D. DHCP server

 

Answer: A

Question 8

When performing backups within Cisco Unified Communications Manager, which component stores backups on a remote SFTP server?

A. Local Agent
B. Master Agent
C. Scheduler
D. Backup Controller

 

Answer: B

Explanation

One of the responsibilities of a Master Agent is to store backups of CUCM and CDR/CAR databasess on a local tape drive or a remote Secure FTP (SFTP) server.

Question 9

By default, how many failed attempts at signing into Cisco Unity Connection is a user allowed before their account is locked out?

A. 2
B. 3
C. 4
D. 5
E. 6
F. no limit

 

Answer: B

Explanation

By default, three filed attempts are allowed to sign into Cisco Unity Connection before their account is locked out:

CUC_failed_login.JPG

Question 10

Which Cisco IOS CLI command should you use to perform an IP phone cold reboot?

A. router(config-ephone)#reset
B. router(config-ephone)#restart
C. router(config-ephone-dn)#restart
D. router(config-phone)#reset

 

Answer: A

Explanation

The “reset” command in ephone configuration mode is used to perform a complete reboot of an IP phone.

Note: The “restart” command under ephone configuration mode causes the phone to perform a warm reboot and redownload its configuration file from the TFTP server.

Comments (1) Comments
  1. Watcher
    December 13th, 2013

    WARNING!!!!!!!!
    Cisco has changed the exam!
    All new questions and the minimum score to pass is now 880/1000.
    Took the test today and failed.
    🙁

Add a Comment


CAPTCHA Image
Reload Image