Appendix A

Answers to the “Do I Know This Already?” Quizzes

and Review Questions

Chapter 1

“Do I Know This Already?” Quiz

1. b

2. b and c

3. d

4. d

5. c

6. a and b

Review Questions

1. Possible answers include: Distributed intelligence allows for quick and

efficient decision-making at each node, while a central controller over-
sees the networkwide optimization.

2. Possible answers include: It facilitates flexible and efficient wavelength

management in DWDM systems by allowing on-the-fly addition, removal,
or redirection of wavelengths.

3. Possible answers include: Multiple Input Multiple Output (MIMO) im-

proves data throughput by transmitting multiple streams simultaneously,
enhances spectral efficiency, and increases link reliability through the use
of multiple antennas.
4. Possible answers include: E-LAN tends to be more cost-effective for
providing multipoint connectivity because it allows communication be-
tween multiple sites in a LAN-like configuration, whereas E-Tree estab-
lishes a hierarchical structure with a root site and multiple leaf sites,
which might involve additional configuration and potentially higher costs
due to the specific topology.

Chapter 2

“Do I Know This Already?” Quiz

1. b and d

2. a, c, and d

3. d

4. d

Review Questions

1. Possible answers include: Cisco IOS XR provides robust configuration

management capabilities tailored for service provider networks with key
features such as configuration rollback, commit confirm, and configura-
tion replace, to facilitate safe and efficient handling of configuration
changes because these mechanisms help minimize errors and enhance
network stability.

2. Possible answers include: Cisco IOS XR facilitates modularity in config-

uration management through its hierarchical structure, allowing you to
organize configurations into separate modules for scalability, manage-
ability, and fault isolation.

3. Possible answers include: install add source <source-location> pack-

age <package-name>.
Chapter 3

“Do I Know This Already?” Quiz

1. a, b, and d

2. b

3. d

4. b

Review Questions

1. Possible answers include: VNFI encompasses the virtualized resources

and management capabilities required for deploying and managing virtu-
alized network functions (VNFs), addressing challenges in resource allo-
cation, performance optimization, and scalability across distributed envi-
ronments, with considerations for emerging technologies such as edge
computing and 5G networks.

2. Possible answers include: The docker create command only creates a

new container based on an image but does not start it, whereas the
docker start command starts an existing container that has been previ-
ously created but is currently stopped, but it does not create a new
container.

3. Possible answers include: The key challenges include resource con-

straints, security requirements, and network integration, while strategies
involve optimizing resource utilization, implementing robust security
measures, and leveraging network automation for efficient deployment.

4. Possible answers include: While it’s technically possible to run

Kubernetes on certain Cisco devices, such as Cisco UCS servers or other
x86-based hardware that supports virtualization, it’s not a common or
recommended use case for Cisco routers.
Chapter 4

“Do I Know This Already?” Quiz

1. c

2. b

3. b

4. a, b, and c

5. c

6. d

7. a

8. a and c

9. d

10. c

Review Questions

1. Possible answers include: Path vector protocols, like BGP, provide flexi-
ble policy-based routing and prevent routing loops by explicitly propagat-
ing the path information along with each route advertisement.

2. Possible answers include: The primary advantage of using route maps

is their capability to selectively filter, modify, or manipulate routes based
on defined criteria, enabling precise control over routing behavior and
policy enforcement in network configurations.

3. Possible answers include: The primary advantage of using RPL is its

ability to create modular and reusable policy components, streamlining
network management and enhancing scalability and flexibility.
Chapter 5

“Do I Know This Already?” Quiz

1. a

2. a and d

3. a and d

4. b

5. b

Review Questions

1. Possible answers include: The single key advantage of the IS-IS protocol
over OSPF in a service provider network lies in its superior scalability in
large networks due to the scope of link-state advertisements (LSAs) and
the reduction of the complexity of the network’s link-state database.

2. Possible answers include: IS-IS areas are used to regulate the formation
of adjacencies; levels control LSP flooding.

Chapter 6

“Do I Know This Already?” Quiz

1. d

2. b and c

3. b

4. a and c

5. c

6. a, b, and d

7. b
Review Questions

1. Possible answers include: OSPF administrators should assess the

network’s size, traffic patterns, and administrative requirements to deter-
mine whether a flat OSPF design’s simplicity outweighs the scalability
benefits of hierarchical OSPF area structures.

2. Possible answers include: OSPF calculates the cost of a route based on

the inverse of the bandwidth of the link, where higher bandwidth corre-
sponds to lower cost, and this cost calculation is influenced by factors
such as network delay and interface type in determining the optimal path
for routing.

3. Possible answers include: OSPFv3 accommodates IPv6 addressing, en-

hances address configuration flexibility, and bolsters security features.

Chapter 7

“Do I Know This Already?” Quiz

1. b and d

2. a

3. c

4. c

5. a

6. b

7. d

8. b

9. b and c

10. a
Review Questions

1. Possible answers include: The iBGP relation will become an eBGP rela-
tion, which means we have to account for any configuration aspects re-
lated to iBGP, such as ebgp-multihop.

2. Possible answers include: Large service providers have a predefined

list of communities that assist in controlling their incoming/outgoing traf-
fic; in addition, they propose manipulation of use case path attributes for
their customers.

3. Possible answers include: Address Family Identifiers (AFIs), or exten-

sions, have been introduced to account for new services, protocols, and
applications.

4. Possible answers include: BGP AIGP will take effect when several au-
tonomous systems are working under the same administration for which
we need to ensure an optimal path in both inbound and outbound direc-
tions to guarantee symmetrical routing by relying on the IGP metric that
will be carried among the autonomous systems. The same holds true for
MPLS service providers where there are many provider edge (PE) devices
and many routes for which we will segment the IGP and rely on BGP for
labeled traffic between the IGP islands.

5. Possible answers include: The loopback interface is a virtual interface,

and although it will not be impacted by physical failure, an IGP will be re-
sponsible for finding an alternate path to ensure proper loopback-to-loop-
back connectivity. This will turn the BGP session from a one-hop to a mul-
tiple-hop relationship.

Chapter 8

“Do I Know This Already?” Quiz

1. b

2. b

3. a
4. b

5. a

Review Questions

1. Possible answers include: BGP next-hop tracking determines if the next

hop is reachable, validates the next hop, and then verifies the reachabil-
ity of neighbors after the next-hop calculation.

2. Possible answers include: Usually, we build an iBGP session by using

loopback interfaces as the source for that iBGP session. Most of the time,
we include redundancy internally for the loopbacks to reach each other
and therefore maintain the iBGP session.

Chapter 9

“Do I Know This Already?” Quiz

1. a

2. a and d

3. c

4. c

5. d

6. b

Review Questions

1. Possible answers include: PIM Sparse mode minimizes resource con-

sumption and operational complexity through mechanisms such as
shared trees and rendezvous points (RPs).

2. Possible answers include: IGMPv3 effectively handles Source-Specific

Multicast (SSM) by allowing receivers to specify their desired multicast
sources, reducing unnecessary traffic and optimizing resource utilization.
3. Possible answers include: The rendezvous point (RP) serves as a cen-
tralized router responsible for receiving multicast traffic from sources
and forwarding it to multicast group members upon request, while
routers use shared trees and source-specific trees to build and maintain
multicast distribution paths, offering efficient multicast traffic delivery in
IPv4 networks.

Chapter 10

“Do I Know This Already?” Quiz

1. c

2. a

3. b

4. b

5. c

6. c

7. d

8. b

Review Questions

1. Possible answers include: The OSPF process will advertise the loopback
network with a /32 mask, treating it as a host route, which means no label
will be assigned for this network because no exact match will be found in
the IGP RIB.

2. Possible answers include: PhP will remove the outermost label on the
MPLS device residing before the last device in the LSP. This will reserve
extra label lookup and speed up packet transport.

3. Possible answers include: The implicit null label is used by default and
works well when the network has no QoS requirements, or if the QoS is
end-to-end between customer edges.

Chapter 11

“Do I Know This Already?” Quiz

1. b

2. b

3. c

4. a and c

5. c

6. a

Review Questions

1. Possible answers include: EVPN solves all-active per-flow redundancy,

MAC flip-flopping over pseudowire, and duplicate frames flooding from
the core.

2. Possible answers include: In a traditional VPLS deployment, all

provider edge (PE) routers in the service provider’s network participate
in a single VPLS instance. As the number of customer sites and VPLS sub-
scribers grows, the control plane and data plane overhead associated
with maintaining full-mesh connectivity between all PE routers can be-
come significant, leading to scalability challenges.

3. Possible answers include: Two fundamental scale-limiting factors of

plain/flat VPLS architecture are signaling overhead and packet
replication.

Chapter 12

“Do I Know This Already?” Quiz

1. b
2. c

3. d

4. b

5. b

6. c

7. a

Review Questions

1. Possible answers include: The purpose of a route distinguisher is to

maintain the uniqueness of customer routes as they pass through the ser-
vice provider core network.

2. Possible answers include: NG-MVPN introduced support for hierarchi-

cal multicast trees, multicast flow identification, and optimized multicast
traffic delivery.

3. Possible answers include: An important property of the C-multicast

Import RT is that it is unique across all VRFs and all PEs. The uniqueness
property is accomplished by embedding the PE’s IP address and a locally
assigned number into the RT (the PE assigns a distinct number for each
VRF present on the PE).

Chapter 13

“Do I Know This Already?” Quiz

1. b

2. d

3. a

4. b

5. c
6. a

Review Questions

1. Possible answers include: You should consider security, scalability, re-

source utilization, and complexity.

2. Possible answers include: You will rely on BGP and send-label capabili-
ties between the IGP islands, in addition to LDP functionality within the
IGP islands.

Chapter 14

“Do I Know This Already?” Quiz

1. b

2. b

3. b

4. a

5. b

Review Questions

1. Possible answers include: RSVP does not follow the IGP, which allows
the headend node to make independent decisions.

2. Possible answers include: The choice of which bandwidth allocation

model to use depends on the way in which bandwidth allocation and pre-
emption will be managed between the tunnels of different classes. If traf-
fic engineering is required for only one of the deployed traffic classes
(e.g., for EF traffic only), then DS-TE is not required, and the standard sin-
gle bandwidth pool TE is sufficient.

3. Possible answers include: MPLS TE provides a mechanism to route traf-

fic along explicitly defined LSPs according to resource requirements.
MPLS TE LSPs are created by the RSVP signaling protocol. Constraint-
based routing is used to meet TE requirements.

Chapter 15

“Do I Know This Already?” Quiz

1. a and b

2. a and d

3. a and c

4. a

5. b

6. d

7. c and d

8. d

9. c

10. b and c

Review Questions

1. Possible answers include: Unlike traditional routing, Segment Routing

embeds routing information directly into packets, eliminating the need
for complex routing tables at each node.

2. Possible answers include: By enabling fast and efficient rerouting in

the event of link or node failures, the explicit use of segments allows for
predefined alternate paths, reducing convergence times.

3. Possible answers include: Flex-Algo provides programmability and

flexibility in defining and steering paths to accommodate diverse services
and traffic types.
4. Possible answers include: Networks with stringent requirements for
service availability, such as those supporting real-time applications or
critical services, can leverage TI-LFA to ensure a reliable response to fail-
ures with minimal disruption.

5. Possible answers include: SRv6’s ability to encode instructions directly

into IPv6 headers enable network operators to dynamically steer traffic,
create service chains, and adapt to changing network conditions without
the need for complex protocols or overlays.

Chapter 16

“Do I Know This Already?” Quiz

1. a

2. a, b, and d

3. a

4. c and d

5. c

6. b

Review Questions

1. Possible answers include: Control Plane Policing (CoPP) safeguards the

control plane from excessive traffic, an example of which is preventing
denial-of-service attacks targeting routing protocols.

2. Possible answers include: BGP Flowspec allows the specification and

distribution of traffic filtering rules using BGP with DDoS mitigation be-
ing the best example.

3. Possible answers include: BGPsec enhances BGP security by validating

the authenticity of route announcements. It employs cryptographic signa-
tures to verify the legitimacy of BGP updates, preventing malicious route
hijacking.
Chapter 17

“Do I Know This Already?” Quiz

1. c

2. a

3. d

4. b

5. b

6. d

Review Questions

1. Possible answers include: Cisco Management Plane Protection (MPP)

involves striking a delicate balance between bolstering security by re-
stricting access to management protocols and ensuring operational effi-
ciency to facilitate legitimate management tasks; such balance requires
careful consideration of access control policies, potential impact on net-
work management workflows, and ongoing monitoring and adjustment
to mitigate risks effectively.

2. Possible answers include: In REST API security, mitigating threats like

SQL injection and XSS requires robust input validation, output encoding,
and strict access control measures to prevent unauthorized access to sen-
sitive data and maintain the integrity of API endpoints.

3. Possible answers include: To counter evolving DDoS attack tactics, cy-

bersecurity professionals employ a combination of advanced detection
mechanisms, such as anomaly detection and machine learning, along
with agile mitigation strategies, including traffic filtering, rate limiting,
and DDoS scrubbing services, to swiftly identify and neutralize sophisti-
cated attacks, bolstering network resilience, and enhancing overall secu-
rity posture.
Chapter 18

“Do I Know This Already?” Quiz

1. c

2. a

3. b

4. a and c

5. a

Review Questions

1. Possible answers include: Strict mode provides stronger security but

can pose challenges in asymmetric routing scenarios, while loose mode is
more flexible but may be susceptible to IP spoofing.

2. Possible answers include: Challenges may include precise policy defini-

tion or coordination with upstream providers for effective traffic
diversion.

3. Possible answers include: The Secure Association Key (SAK) in MACsec

is a dynamically generated per-session encryption key used to encrypt
and decrypt Ethernet frames, ensuring confidentiality and integrity of
data transmitted over a secured link.

Chapter 19

“Do I Know This Already?” Quiz

1. d

2. b

3. a

4. a
5. c

6. b

Review Questions

1. Possible answers include: DS-Lite poses challenges due to its dual-stack

nature, requiring careful management of IPv4 and IPv6 address spaces,
along with the intricacies of NAT traversal and scalability concerns.

2. Possible answers include: The border router is a critical component of

MAP-T deployment because it performs the translation between IPv4 and
IPv6 addresses, allowing seamless communication between IPv4-only and
IPv6-only networks.

3. Possible answers include: Stateless NAT64 typically offers higher scala-

bility but lacks session awareness, while stateful NAT64 provides session
tracking capabilities for improved protocol support and security, albeit
with potentially lower scalability.

Chapter 20

“Do I Know This Already?” Quiz

1. d

2. c

3. a, c, and d

4. a

Review Questions

1. Possible answers include: Non-stop forwarding (NSF) ensures uninter-

rupted packet forwarding during control plane disruptions by allowing
the forwarding plane to continue operations independently.

2. Possible answers include: Non-stop routing (NSR) enhances network re-

silience by allowing routers to maintain routing table information during
control plane disruptions.

3. Possible answers include: LACP utilizes a variety of mechanisms such

as fast timers, periodic transmissions, and neighbor verification to pre-
vent link flapping and maintain stable link aggregation.

Chapter 21

“Do I Know This Already?” Quiz

1. b

2. b

3. b

4. d

5. d

6. d

Review Questions

1. Possible answers include: QoS traffic shaping dynamically adjusts traf-

fic flows through token bucket algorithms.

2. Possible answers include: RED dynamically adjusts queue limits based

on congestion indicators such as average queue length and packet drop
probability.

3. Possible answers include: In traffic policing, the burst size determines

the maximum allowed burst of traffic above the committed information
rate (CIR), while the Excess Burst size (EBS) represents the additional
burst that can be accommodated before packets are dropped, both crucial
for regulating traffic flows without compromising network performance.
Chapter 22

“Do I Know This Already?” Quiz

1. b and c

2. a

3. b

4. a

5. a

6. a

7. a

8. a

9. a

Review Questions

1. Possible answers include: NETCONF is a transport protocol; NETCONF

uses YANG and non-YANG data models to detail what “capabilities” a de-
vice provides.

2. Possible answers include: Using IPFIX instead of NetFlow provides

greater flexibility in data types that can be exported, extra customization
features, increased performance and scalability, and enhancements from
an interoperability perspective with other monitoring tools.

3. Possible answers include: SNMP can still be used in parallel with new
tools such as YANG focusing on the current network and new features to
be managed using new tools. People still like the simplicity of SNMP and
integrated MIB modules.

4. Possible answers include: Elements of the Telemetry solution that pro-

vide robustness include the data lake, for which you will analyze the
data, monitor proactively, and identify patterns.