Tag - Authentication

what is difference between RIPv1 and RIPv2?

There are only three main Differences between Rip1 and Rip2

RIP version 1:

In Rip Version 1 use Broadcast and it is Class Full Routing protocol. No Authenticaion Required in Rip Version 1

RIP version 2:

In Rip version 2 use Multicast ( 244.0.0.9) and it is class less routing protocol. Authentication Required in Rip Version 2

Differences between Rip V1 and Rip V2
  • Broadcast
  • Multicast 244.0.0.9
  • Class Full Routing protocol (support FLSM)
  • Class Less Routing Protocol (support VLSM)
  • No Authentication
  • Authentication

Routing Interview Questions

Difference between RIPv1 and RIPv2?

  •  ripv1 is classfull & ripv2 is classless routing protocol.
  • ripv1 does not support authentication ripv2 support authentication.
  • ripv1 forward broadcast where ripv2 forward multicast.Multicast address is 224.0.0.9

 

Significant differences 

Message format:
RIP-1 message format contains a number of “must be zero” fields, these fields are used by RIP-2’s extended functionality. These fields are Routing Domain (2 bytes), Route Tag (2 bytes), Subnet Mask (4 bytes) and Next Hop (4 bytes). The Version field contains a value of 1 for RIP-1 message and 2 for RIP-2.

Routing per Subnet:
RIP-1 supported subnet entries only within the subnetted network. This enforces strict hierarchical routing. RIP-2 allows routing on the subnet outside of the network by passing subnet mask information in parallel with the address. This also allows support of variable length masks within the same network or aggregation of several class-C addresses within one address group.

Authentication:
RIP-1 is not a secure routing protocol. Any host sending packets from UDP port 520 would be regarded a router and trusted by its neighbours. RIP-2 includes an authentication procedure, which specifies that the first entry in a packet replaced by an “authentication segment”. The packet will contain a 32-bit command, an “address family identified” of 0xFFFF, an “authentication type” that identifies the algorithm in use, 16 bytes of authentication data, and then 24 destination-metric pairs.

Routing Domains, Next Hop
RIP-2 supports multiple autonomous systems on the same wire by using a 16-bit “Routing Domain” number. A route identifies whether the destination network of a packet by examining this field. RIP-2 also includes a “Next Hop” field to indicate the best relay hop for the other logical network on the same wire.

Multicast
RIP-1 uses a broadcast address to send routing advertisements to all nodes on the same wire. RIP-2 utilises a class-D address (224.0.0.9) for periodic multicasts. This effectively prevents other non-router hosts on the same wire from receiving routing messages.

Read MORE RIPv1 and RIPv2

 

Cisco Latest Dumps – Instant Download:

CodeName/Title PDF
010-151Supporting Cisco Data Center System Devices (DCTECH)Order PDF
100-105Interconnecting Cisco Networking Devices Part 1 (ICND1)Order PDF
100-490Cisco Certified Technician Routing & Switching (RSTECH)Order PDF
200-105Interconnecting Cisco Networking Devices Part 2 (ICND2)Order PDF
200-125Cisco Certified Network Associate (CCNA)Order PDF
200-150Introducing Cisco Data Center NetworkingOrder PDF
200-155Introducing Cisco Data Center TechnologiesOrder PDF
200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)Order PDF
200-301 Cisco Certified Network Associate (CCNA)Order PDF
200-310Designing for Cisco Internetwork SolutionsOrder PDF
200-355CCNA Wireless Implementing Cisco Wireless Network FundamentalsOrder PDF
200-401Managing Industrial Networks with Cisco Networking TechnologiesOrder PDF
200-601Managing Industrial Networks for Manufacturing with Cisco TechnologiesOrder PDF
200-901DevNet Associate (DEVASC)Order PDF
210-060CCNA Collaboration Implementing Cisco Collaboration Devices (CICD)Order PDF
210-065CCNA Collaboration Implementing Cisco Video Network Devices (CIVND)Order PDF
210-250CCNA Cyber Ops Understanding Cisco Cybersecurity FundamentalsOrder PDF
210-255CCNA Cyber Ops Implementing Cisco Cybersecurity OperationsOrder PDF
210-260CCNA Security Implementing Cisco Network SecurityOrder PDF
210-451Understanding Cisco Cloud FundamentalsOrder PDF
210-455Introducing Cisco Cloud AdministrationOrder PDF
300-070Implementing Cisco IP Telephony and Video, Part 1 (CIPTV1)Order PDF
300-075Implementing Cisco IP Telephony and Video, Part 2 (CIPTV2)Order PDF
300-080Troubleshooting Cisco IP Telephony and Video (CTCOLLAB)Order PDF
300-085Implementing Cisco Collaboration Applications (CAPPS)Order PDF
300-101CCNP Implementing Cisco IP Routing (ROUTE v2.0)Order PDF
300-115CCNP Cisco IP Switched Networks (SWITCH v2.0)Order PDF
300-135CCNP Troubleshooting and Maintaining Cisco IP Networks (TSHOOT v2.0)Order PDF
300-160Designing Cisco Data Center InfrastructureOrder PDF
300-165Implementing Cisco Data Center InfrastructureOrder PDF
300-170Implementing Cisco Data Center Virtualization and AutomationOrder PDF
300-175Implementing Cisco Data Center Unified ComputingOrder PDF
300-180Troubleshooting Cisco Data Center Infrastructure (DCIT)Order PDF
300-206CCNP Security Implementing Cisco Edge Network Security Solutions (SENSS)Order PDF
300-208CCNP Security Implementing Cisco Secure Access Solutions (SISAS)Order PDF
300-209CCNP Security Implementing Cisco Secure Mobility Solutions (SIMOS)Order PDF
300-210CCNP Security Implementing Cisco Threat Control SolutionsOrder PDF
300-215Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR)Order PDF
300-320Designing Cisco Network Service ArchitecturesOrder PDF
300-360Designing Cisco Wireless Enterprise NetworksOrder PDF
300-365Deploying Cisco Wireless Enterprise NetworksOrder PDF
300-370Troubleshooting Cisco Wireless Enterprise NetworkOrder PDF
300-375Securing Cisco Wireless Enterprise NetworksOrder PDF
300-410Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)Order PDF
300-415Implementing Cisco SD-WAN Solutions (ENSDWI)Order PDF
300-420Designing Cisco Enterprise Networks (ENSLD)Order PDF
300-425Designing Cisco Enterprise Wireless Networks (300-425 ENWLSD)Order PDF
300-430Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI)Order PDF
300-435Automating Cisco Enterprise Solutions (ENAUTO)Order PDF
300-460Implementing and Troubleshooting the Cisco Cloud InfrastructureOrder PDF
300-465Designing the Cisco CloudOrder PDF
300-475Building the Cisco Cloud with Application Centric InfrastructureOrder PDF
300-510Implementing Cisco Service Provider Advanced Routing Solutions (SPRI)Order PDF
300-515Implementing Cisco Service Provider VPN Services (SPVI)Order PDF
300-535Automating Cisco Service Provider Solutions (SPAUTO)Order PDF
300-550Designing and Implementing Cisco Network ProgrammabilityOrder PDF
300-610Designing Cisco Data Center Infrastructure (DCID)Order PDF
300-615Troubleshooting Cisco Data Center Infrastructure (DCIT)Order PDF
300-620Implementing Cisco Application Centric Infrastructure (DCACI)Order PDF
300-625Configuring Cisco MDS 9000 Series Switches (DCSAN)Order PDF
300-630Implementing Cisco Application Centric Infrastructure - AdvancedOrder PDF
300-635Automating Cisco Data Center Solutions (DCAUTO)Order PDF
300-710Securing Networks with Cisco Firepower (300-710 SNCF)Order PDF
300-715Implementing and Configuring Cisco Identity Services Engine (300-715 SISE)Order PDF
300-720Securing Email with Cisco Email Security Appliance (300-720 SESA)Order PDF
300-725Securing the Web with Cisco Web Security Appliance (300-725 SWSA)Order PDF
300-730Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)Order PDF
300-735Automating Cisco Security Solutions (SAUTO)Order PDF
300-810Implementing Cisco Collaboration Applications (CLICA)Order PDF
300-815Implementing Cisco Advanced Call Control and Mobility Services (CLASSM)Order PDF
300-820Implementing Cisco Collaboration Cloud and Edge SolutionsOrder PDF
300-825 Implementing Cisco Collaboration ConferencingOrder PDF
300-835Automating Cisco Collaboration Solutions (CLAUTO)Order PDF
300-910Implementing DevOps Solutions and Practices using Cisco Platforms (DEVOPS)Order PDF
300-915Developing Solutions Using Cisco IoT and Edge Platforms (DEVIOT)Order PDF
300-920Developing Applications for Cisco Webex and Webex Devices (DEVWBX)Order PDF
350-018CCIE Security Written Exam v4.0Order PDF
350-030CCIE Voice Written v3.0Order PDF
350-080CCIE Data Center WrittenOrder PDF
350-201Performing CyberOps Using Core Security Technologies (CBRCOR)Order PDF
350-401Implementing Cisco Enterprise Network Core Technologies (ENCOR)Order PDF
350-501Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)Order PDF
350-601Implementing Cisco Data Center Core Technologies (DCCOR)Order PDF
350-701Implementing and Operating Cisco Security Core TechnologiesOrder PDF
350-801Implementing Cisco Collaboration Core Technologies (CLCOR)Order PDF
350-901 Developing Applications using Cisco Core Platforms and APIs (DEVCOR)Order PDF
352-001CCDE Design WrittenOrder PDF
400-051CCIE Collaboration WrittenOrder PDF
400-101CCIE Routing and Switching WrittenOrder PDF
400-151CCIE Data Center Written ExamOrder PDF
400-201CCIE SP Written v4.1Order PDF
400-251CCIE Security Written ExamOrder PDF
400-351CCIE Wireless Written ExamOrder PDF
500-006Implementing Cisco TelePresence Video Solution, Part 2Order PDF
500-007Implementing Cisco TelePresence Video Solution, Part 1Order PDF
500-051Unified Communications Contact Center Express Implementation - UCCXOrder PDF
500-052Deploying Cisco Unified Contact Center ExpressOrder PDF
500-170Designing the FlexPod Solution (FPDESIGN)Order PDF
500-171Implementing and Administering the FlexPod Solution (FPIMPADM)Order PDF
500-220Cisco Meraki Solutions SpecialistOrder PDF
500-230Cisco Service Provider Routing Field EngineerOrder PDF
500-240 Cisco Mobile Backhaul for Field EngineersOrder PDF
500-254Implementing and Configuring Cisco Identity Services EngineOrder PDF
500-265Advanced Security Architecture for System EngineersOrder PDF
500-275Securing Cisco Networks with Sourcefire FireAMP EndpointsGet PDF File
500-285Securing Cisco Networks with Sourcefire Intrusion Prevention SystemOrder PDF
500-301Cisco Cloud Collaboration SolutionsOrder PDF
500-325Cisco Collaboration Servers and AppliancesGet PDF File
500-440Designing Cisco Unified Contact Center Enterprise (UCCED)Order PDF
500-450Implementing and Supporting Cisco Unified Contact Center Enterprise (UCCEIS)Order PDF
500-451Enterprise Network Unified Access EssentialsOrder PDF
500-452Enterprise Networks Core and WANOrder PDF
500-470Cisco Enterprise Networks SDA, SDWAN and ISE Exam for System EngineersOrder PDF
500-490Designing Cisco Enterprise Networks (ENDESIGN)Order PDF
500-551Cisco Networking: On-Premise and Cloud SolutionsOrder PDF
600-210Implementing Cisco Service Provider Mobility UMTS Networks (SPUMTS)Order PDF
500-651Advanced Security Architecture for Systems EngineersOrder PDF
500-701Cisco Video Infrastructure DesignGet PDF File
500-710Video infrastructure implementationGet PDF File
600-212Implementing Cisco Service Provider Mobility LTE Networks (SPLTE)Get PDF File
600-455Designing Cisco Unified Contact Center EnterpriseGet PDF File
600-460Implementing andSupporting Cisco Unified Contact Center EnterpriseOrder PDF
640-692Supporting Cisco Routing and Switching Network Devices (RSTECH)Get PDF File
640-875Building Cisco Service Provider Next-Generation Networks, Part 1 (SPNGN1)Order PDF
640-878Building Cisco Service Provider Next-Generation Networks, Part 2 (SPNGN2)Get PDF File
640-911Introducing Cisco Data Center Networking - DCICNOrder PDF
642-737Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0Order PDF
642-742Implementing Cisco Unified Wireless Voice Networks (IUWVN)Order PDF
642-747Implementing Cisco Unified Wireless Mobility Services (IUWMS)Order PDF
642-883Deploying Cisco Service Provider Network Routing (SPROUTE)Order PDF
642-885Deploying Cisco Service Provider Advanced Routing (SPADVROUTE)Order PDF
642-887Implementing Cisco Service Provider Next-Generation Core
Network Services (SPCORE)
Order PDF
642-889Implementing Cisco Service Provider Next-Generation Edge
Network Services (SPEDGE)
Order PDF
642-902Implementing Cisco IP Routing (ROUTE v1.0)Order PDF
642-998Designing Cisco Data Center Unified Computing (DCUCD)Order PDF
644-066Routing and Switching Solutions for System Engineers - RSSSEGet PDF File
644-906Advanced Routing and Switching for Field Engineers - ARSFEOrder PDF
646-048Advanced Routing and Switching for Account Managers - ARSAMGet PDF File
646-365Cisco Express Foundation for Account Managers (CXFA)Get PDF File
646-985Data Center Networking Solution Sales (DCNSS)Get PDF File
648-232Cisco WebEx Solutions Design and Implementation - CWSDIOrder PDF
648-244Designing and Implementing Cisco Unified Communications
on Unified Computing Systems - DIUCUCS
Get PDF File
648-375Cisco Express Foundation for Systems Engineers (CXFS)Get PDF File
648-385Cisco Express Foundation for Field EngineersGet PDF File
650-059Cisco Lifecycle Services Advanced Routing and SwitchingGet PDF File
650-082Mobile Internet Technology for System EngineersGet PDF File
650-127Authorized Connected Grid Engineer Knowledge VerificationGet PDF File
650-128Authorized Connected Grid Account Manager Knowledge VerificationGet PDF File
650-292TelePresence Video Sales Specialist for ExpressGet PDF File
650-293TelePresence Video Sales Engineer for ExpressGet PDF File
650-472Introduction to 802.1X Operations for Cisco Security ProfessionalsGet PDF File
650-474Introducing Cisco Identity Services Engine for System EngineerGet PDF File
650-621Lifecycle Services for Advanced Wireless LAN (LCSAWLAN)Get PDF File
650-987Cisco Data Center Unified Computing Sales SpecialistGet PDF File
700-037Advanced Collaboration Architecture Sales SpecialistOrder PDF
700-038Advanced Collaboration Architecture Field EngineerOrder PDF
700-039Advanced Collaboration Architecture Sales EngineerOrder PDF
700-070Cisco TelePresence IX5000 Series Immersive SolutionsGet PDF File
700-101Business Edition 6000 for Sales EngineersGet PDF File
700-104Business Edition 6000 for Account Managers (BE6KAM)Get PDF File
700-150Introduction to Cisco SalesOrder PDF
700-260Advanced Security Architecture for Account ManagerGet PDF File
700-265Cisco Advanced Security Architecture for Account ManagersGet PDF File
700-302Advanced Borderless Network Architecture Field EngineerGet PDF File
700-501SMB Solutions for EngineersOrder PDF
700-505SMB Solutions for Account ManagersOrder PDF
700-651Cisco Collaboration Architecture Sales EssentialsGet PDF File
700-703Application Centric Infrastructure for Field Engineers ExamGet PDF File
700-751Cisco SMB Product and Positioning Technical OverviewOrder PDF
700-765Cisco Security Architecture for System EngineersOrder PDF
810-403Selling Business OutcomesOrder PDF
810-440Adopting The Cisco Business Architecture ApproachOrder PDF
820-427Building Business Specialist SkillsOrder PDF
820-605Cisco Customer Success Manager (CSM)Order PDF
840-450Mastering The Cisco Business Architecture DisciplineOrder PDF

IPSEC related questions and their answers

* Question

Which IPSec rule is used for the Olympia branch and what does it define? (Choose two)

A – 102
B – 116
C – 127
D – IP traffic sourced from 10.10.10.0/24 destined to 10.5.15.0/24 will use the VPN.
E – IP traffic sourced from 10.10.10.0/24 destined to 10.8.28.0/24 will use the VPN.
F – IP traffic sourced from 10.10.10.0/24 destined to 10.5.33.0/24 will use the VPN.

 

Answer: B E

Explanation:

From the output above, we learn that the IPSec Rule is 116. Next click on “IPSec Rules” and select the Name/Number of 116 to view the rule applied to it. You will see a “permit” rule for traffic from 10.10.10.0/24 to 10.8.28.0/24 (notice that the picture shown the wildcard masks, which are inverse subnet masks)

IPSec

Question 

Which defined peer IP address an local subnet belong to Crvce? (Choose two)

A – peer address 192.168.55.159
B – peer address 192.168.89.192
C – peer address 192.168.195.23
D – subnet 10.5.15.0/24
E – subnet 10.7.23.0/24
F – subnet 10.4.38.0/24

 

Answer: A D

* Question 

Which algorithm as defined by the transform set is used for providing data confidentiality when connected to Tyre?

A – ESP-3DES-SHA
B – ESP-3DES-SHA1
C – ESP-3DES-SHA2
D- ESP-3DES
E – ESP-SHA-HMAC

*Answer: D

Explanation:

In the site-to-site VPN branch we see something like this  but in the Tranform Set sub-branch, we see

so the answer should be ESP-3DES-SHA2 or ESP-3DES?

To answer this question, we should review the concept:

“Data confidentiality is the use of encryption to scramble data as it travels across an insecure media”. Data confidentiality therefore means encryption.

“The transform set is a group of attributes that are exchanged together, which eliminates the need to coordinate and negotiate individual paramvcers”. In the picture above, we can see 3 parts of the transform-set ESP-3DES-SHA2:

IPsec protocol: ESP
IPsec encryption type: 3DES
IPsec authentication: SHA2

The question wants to ask which algorithm is used for providing data confidentiality (encryption), therefore the answer should be D – ESP-3DES.

Question 

Which peer authentication method and which IPSEC mode is used to connect to the branch locations? (Choose two)

A – Digital Certificate
B – Pre-Shared Key
C – Transport Mode
D – Tunnel Mode
E – GRE/IPSEC Transport Mode
F – GRE/IPSEC Tunnel Mode

 

Answer: B D

CCNA – EIGRP Questions

Here you will find answers to EIGRP Questions

Question 2:

As a Cisco technician, you need to know EIGRP protocol very well. Which of the following is true about EIGRP successor routes? (Choose two)

A – A successor route is used by EIGRP to forward traffic to a destination
B – Successor routes are stored in the neighbor table following the discovery process
C – Successor routes are flagged as “active” in the routing table
D – A successor route may be backed up by a feasible successor route

Answer: A D

Explanation:

B is not correct because neighbor table only contains a list of directly connected EIGRP routers that have an adjacency with this router, it doesn’t contain successor routes.

C is not correct because successor routes are not flagged as “active”, they are always the best route to reach remote networks and are always used to send packets.

A and D are correct because successor route is the best and primary route to a remote network. It is stored in the routing table and topology table. If this route fails, a backup route (called feasible successor route) in the topology table will be used to route traffic to a destination.

Question 3:

Which two statements are true regarding EIGRP? (Choose two)

A – Passive routes are in the process of being calculated by DUAL
B – EIGRP supports VLSM, route summarization, and routing update authentication
C – EIGRP exchanges full routing table information with neighboring routers with every update
D – If the feasible successor has a higher advertised distance than the successor route, it becomes the primary route
E – A query process is used to discover a replacement for a failed route if a feasible successor is not identified from the current routing information

Answer: B E

Explanation:

Diffusing Update Algorithm (DUAL) is the algorithm for selecting and maintaining the best path to each remote network. DUAL tracks all the routes advertised by neighbors and selects routes based on feasible successors. It inserts lowest cost paths into the routing table (these routes are known as primary routes or successor routes) -> A is not correct.

EIGRP is still a distance-vector protocol, but has certain features that belong to link-state algorithms (like OSPF) than distance-vector algorithms. For example, EIGRP sends a partial routing table update, which includes just routes that have been changed, not the full routing table like distance-vector algorithms -> C is not correct.

The feasible successor route will become the primary route when its advertised distance is higher than the feasible distance of the successor route. The feasible successor route can be used in the event that the successor route goes down. Notice that the feasible successor route does not get installed in the routing table but is kept in the topology table as a backup route -> D is not correct.

“Support VLSM, route summarization, and routing update authentication” are the features of EIGRP -> B is correct.

When a route fails and has no feasible successor, EIGRP uses a distributed algorithm called Diffusing Update Algorithm (DUAL) to discover a replacement for a failed route. When a new route is found, DUAL adds it to the routing table -> E is correct.

Copyright ©2010 - 2022 Ciscoforall.com | Privacy Policy | Terms & Conditions