Offering Free access to CCNA 200-301 Exam Questions Pool Bank

Cisco Certified Network Associate Questions and Answers

PDF + Testing Engine

Product Type: PDF + Testing Engine

$63 ~~$179.99~~

Add to Cart

Testing Engine

Product Type: Testing Engine

$47.25 ~~$134.99~~

Add to Cart

PDF Study Guide

Product Type: PDF Study Guide

$40.25 ~~$114.99~~

Add to Cart

Question 1

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 2

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 3

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 4

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 5

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.
On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.
On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.
On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.
On both SW1 and SW2, exit the interface range configuration mode by using the exit command.
On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.
On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.
On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.
On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.
On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.
On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 6

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 7

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.
To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.
To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 8

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 9

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 10

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 11

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 12

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

Options:

Option A

Option B

Option C

Option D

Question 13

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 14

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

Options:

Option A

Option B

Option C

Option D

Question 15

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 16

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

offer compression

increase security by using a WEP connection

provide authentication

protect traffic on open networks

Question 17

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

user-activity logging

service limitations

consumption-based billing

identity verification

Question 18

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Options:

Question 19

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

SYIM flood

reflection

teardrop

amplification

Question 20

Which protocol uses the SSL?

Options:

HTTP

SSH

HTTPS

Telnet

Question 21

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Options:

Modify the configured number of the second access list.

Add either the ip nat {inside|outside} command under both interfaces.

Remove the overload keyword from the ip nat inside source command.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Question 22

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

Options:

via next-hop 10.0.1.5

via next-hop 10 0 1.4

via next-hop 10.0 1.50

via next-hop 10.0 1 100

Question 23

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

Options:

Option A

Option B

Option C

Option D

Question 24

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Options:

Question 25

Which field within the access-request packet is encrypted by RADIUS?

Options:

authorized services

authenticator

username

password

Question 26

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 27

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 28

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 29

Refer to the exhibit.

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

There is a duplex mismatch on the interface

There is an issue with the fiber on the switch interface.

There is a speed mismatch on the interface.

There is an interface type mismatch

Question 30

What provides centralized control of authentication and roaming In an enterprise network?

Options:

a lightweight access point

a firewall

a wireless LAN controller

a LAN switch

Question 31

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

WLAN dynamic

management

trunk

access

Question 32

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 33

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 34

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

Options:

Option A

Option B

Option C

Option D

Question 35

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

Options:

Option A

Option B

Option C

Option D

Question 36

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

Options:

Option A

Option B

Option C

Option D

Option E

Question 37

Which wireless security protocol relies on Perfect Forward Secrecy?

Options:

WPA3

WPA

WEP

WPA2

Question 38

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

Select the WPA Policy option with the CCKM option.

Disable AES encryption.

Enable Fast Transition and select the FT 802.1x option.

Enable Fast Transition and select the FT PSK option.

Question 39

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

Options:

Option A

Option B

Option C

Option D

Question 40

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 41

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 42

Refer to the exhibit.

What is a reason for poor performance on the network interface?

Options:

The interface is receiving excessive broadcast traffic.

The cable connection between the two devices is faulty.

The interface is operating at a different speed than the connected device.

The bandwidth setting of the interface is misconfigured

Question 43

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

Options:

weighted random early detection

traffic policing

traffic shaping

traffic prioritization

Question 44

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

Question 45

Refer to the exhibit.

An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?

Options:

Switch 1 (config-if)#channel-group 1 mode on

Swrtch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode passive

Switch2(config-if)#channel-group 1 mode active

Switch1{config-if)£channel-group 1 mode active

Switch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode on

Switch2(config-if)#channel-group 1 mode active

Question 46

What is one reason to implement LAG on a Cisco WLC?

Options:

to increase security and encrypt management frames

to provide link redundancy and load balancing

to allow for stateful and link-state failover

to enable connected switch ports to failover and use different VLANs

Question 47

Which protocol is used for secure remote CLI access?

Options:

HTTPS

HTTP

Telnet

SSH

Question 48

Refer to the exhibit.

Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Options:

SW1

SW2

SW3

SW4

Question 49

What is the difference between IPv6 unicast and anycast addressing?

Options:

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 50

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 51

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

10.10.10.5

10.10.11.2

10.10.12.2

10.10.10.9

Question 52

Refer to the exhibit.

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

Options:

Option A

Option B

Option C

Option D

Question 53

Which two components comprise part of a PKI? (Choose two.)

Options:

preshared key that authenticates connections

RSA token

CA that grants certificates

clear-text password that authenticates connections

one or more CRLs

Question 54

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

username CNAC secret R!41!4319115@

ip ssh version 2

line vty 0 4

crypto key generate rsa 1024

transport input ssh

Question 55

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 56

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

VLANID

SSID

RFID

WLANID

Question 57

What is the purpose of the ip address dhcp command?

Options:

to configure an Interface as a DHCP server

to configure an interface as a DHCP helper

to configure an interface as a DHCP relay

to configure an interface as a DHCP client

Question 58

A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply?

Options:

interface vlan 2000

ipv6 address ffc0:0000:aaaa::1234:2343/64

interface vlan 2000

Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64

interface vlan 2000

ipv6 address fe80;0000:aaaa::1234:2343/64

interface vlan 2000

ipv6 address fd00::1234:2343/64

Question 59

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

Options:

enable dynamic MAC address learning

implement static MAC addressing.

enable sticky MAC addressing

implement auto MAC address learning

Question 60

While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface.

Which two misconfigurations cause this behavior? (Choose two)

Options:

The packets fail to match any permit statement

A matching permit statement is too high in the access test

A matching permit statement is too broadly defined

The ACL is empty

A matching deny statement is too high in the access list

Question 61

How does CAPWAP communicate between an access point in local mode and a WLC?

Options:

The access point must directly connect to the WLC using a copper cable

The access point must not be connected to the wired network, as it would create a loop

The access point must be connected to the same switch as the WLC

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

Question 62

What is the purpose of an SSID?

Options:

It provides network security

It differentiates traffic entering access posits

It identities an individual access point on a WLAN

It identifies a WLAN

Question 63

Refer to the exhibit.

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

209.165.200.254 via Serial0/0/1

209.165.200.254 via Serial0/0/0

209.165.200.246 via Serial0/1/0

209.165.200.250 via Serial0/0/0

Question 64

Which condition must be met before an NMS handles an SNMP trap from an agent?

Options:

The NMS software must be loaded with the MIB associated with the trap.

The NMS must be configured on the same router as the SNMP agent

The NMS must receive a trap and an inform message from the SNMP agent within a configured interval

The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.

Question 65

The service password-encryption command is entered on a router. What is the effect of this configuration?

Options:

restricts unauthorized users from viewing clear-text passwords in the running configuration

encrypts the password exchange when a VPN tunnel is established

prevents network administrators from configuring clear-text passwords

protects the VLAN database from unauthorized PC connections on the switch

Question 66

What is the primary function of a Layer 3 device?

Options:

to analyze traffic and drop unauthorized traffic from the Internet

to transmit wireless traffic between hosts

to pass traffic between different networks

forward traffic within the same broadcast domain

Question 67

Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

Options:

DTP

FTP

SMTP

TFTP

Question 68

Refer to the exhibit.

Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?

Options:

R2 is using the passive-interface default command

R1 has an incorrect network command for interface Gi1/0

R2 should have its network command in area 1

R1 interface Gil/0 has a larger MTU size

Question 69

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

The switch must be running a k9 (crypto) IOS image

The Ip domain-name command must be configured on the switch

IP routing must be enabled on the switch

A console password must be configured on the switch

Telnet must be disabled on the switch

Question 70

Refer to the exhibit.

Drag and drop the networking parameters from the left onto the correct values on the right.

Options:

Question 71

A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

Options:

ip route 10.10.1.0 255.255.255.240 10.10.255.1

ip route 10.10.1.16 255.255.255.252 10.10.255.1

ip route 10.10.1.20 255.255.255.252 10.10.255.1

ip route 10.10.1.20 255.255.255.254 10.10.255.1

Question 72

Refer to the exhibit.

Which change to the configuration on Switch?

allows the two switches to establish an GtherChannel?

Options:

Change the protocol to EtherChannel mode on.

Change the LACP mode to active

Change the LACP mode to desirable

Change the protocol to PAqP and use auto mode

Question 73

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

Options:

Enable Security Association Teardown Protection and set the SA Query timeout to 10

Enable MAC filtering and set the SA Query timeout to 10

Enable 802.1x Layer 2 security and set me Comeback timer to 10

Enable the Protected Management Frame service and set the Comeback timer to 10

Question 74

Which set of action satisfy the requirement for multifactor authentication?

Options:

The user swipes a key fob, then clicks through an email link

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

The user enters a user name and password and then re-enters the credentials on a second screen

Question 75

Refer to the exhibit.

Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Options:

passive

mode on

auto

active

Question 76

Which two primary drivers support the need for network automation? (Choose two.)

Options:

Eliminating training needs

Increasing reliance on self-diagnostic and self-healing

Policy-derived provisioning of resources

Providing a ship entry point for resource provisioning

Reducing hardware footprint

Question 77

Refer to the exhibit.

A network engineer must block access for all computers on VLAN 20 to the web server via HTTP All other computers must be able to access the web server Which configuration when applied to switch A accomplishes this task?

Options:

Option A

Option B

Option C

Option D

Question 78

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

bridge

route

autonomous

lightweight

Question 79

What is a characteristic of private IPv4 addressing?

Options:

traverse the Internet when an outbound ACL is applied

issued by IANA in conjunction with an autonomous system number

composed of up to 65.536 available addresses

used without tracking or registration

Question 80

Which goal is achieved by the implementation of private IPv4 addressing on a network?

Options:

provides an added level of protection against Internet exposure

provides a reduction in size of the forwarding table on network routers

allows communication across the Internet to other private networks

allows servers and workstations to communicate across public network boundaries

Question 81

Refer to the exhibit.

Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?

Options:

The frame is processed in VLAN 5.

The frame is processed in VLAN 11

The frame is processed in VLAN 1

The frame is dropped

Question 82

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?

Options:

ipv6 address 2001:0db8::5: a: 4F 583B

ipv6 address 2001:db8::500:a:400F:583B

ipv6 address 2001 db8:0::500:a:4F:583B

ipv6 address 2001::db8:0000::500:a:400F:583B

Question 83

What is the primary different between AAA authentication and authorization?

Options:

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Question 84

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

Options:

route with the lowest cost

route with the next hop that has the highest IP

route with the shortest prefix length

route with the lowest administrative distance

Question 85

Refer to the exhibit.

What is the effect of this configuration?

Options:

The switch port interface trust state becomes untrusted

The switch port remains administratively down until the interface is connected to another switch

Dynamic ARP inspection is disabled because the ARP ACL is missing

The switch port remains down until it is configured to trust or untrust incoming packets

Question 86

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

Option A

Option B

Option C

Option D

Question 87

Refer to the exhibit.

Which route type is configured to reach the internet?

Options:

host route

default route

floating static route

network route

Question 88

Where does a switch maintain DHCP snooping information?

Options:

in the MAC address table

in the CAM table

in the binding database

in the frame forwarding database

Question 89

Which JSON data type is an unordered set of attribute- value pairs?

Options:

array

string

object

Boolean

Question 90

Which configuration is needed to generate an RSA key for SSH on a router?

Options:

Configure the version of SSH

Configure VTY access.

Create a user with a password.

Assign a DNS domain name

Question 91

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

Question 92

Refer to the exhibit.

The show ip ospf interface command has been executed on R1 How is OSPF configured?

Options:

The interface is not participating in OSPF

A point-to-point network type is configured

The default Hello and Dead timers are in use

There are six OSPF neighbors on this interface

Question 93

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

Options:

OpenFlow

Java

REST

XML

Question 94

What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

Options:

access - core - distribution - access

access - distribution - distribution - access

access - core - access

access -distribution - core - distribution - access

Question 95

Which plane is centralized by an SDN controller?

Options:

management-plane

control-plane

data-plane

services-plane

Question 96

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

Options:

ip address 192.168.0.0 255.255.0.0

ip address 192.168.0.0 255.255.254.0

ip address 192.168.0.0 255.255.255.128

ip address 192.168.0.0 255.255.255.224

Question 97

What is a function of TFTP in network operations?

Options:

transfers a backup configuration file from a server to a switch using a username and password

transfers files between file systems on a router

transfers a configuration files from a server to a router on a congested link

transfers IOS images from a server to a router for firmware upgrades

Question 98

With REST API, which standard HTTP header tells a server which media type is expected by the client?

Options:

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

Question 99

Refer to the exhibit.

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

eBGP

static

OSPF

EIGRP

Question 100

Refer to the exhibit.

What action establishes the OSPF neighbor relationship without forming an adjacency?

Options:

modify hello interval

modify process ID

modify priority

modify network type

Question 101

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

access ports

Layer 3 main Interfaces

Layer 3 suninterfaces

trunk ports

Question 102

Refer to the exhibit.

A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?

Options:

207.165.200.246 via Serial0/1/0

207.165.200.254 via Serial0/0/1

207.165.200.254 via Serial0/0/0

207.165.200.250 via Serial/0/0/0

Question 103

A corporate office uses four floors in a building

• Floor 1 has 24 users

• Floor 2 has 29 users

• Floor 3 has 28 users

•Floor 4 has 22 users

Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?

Options:

192.168.0.0/26 as summary and 192.168.0.0/29 for each floor

192.168.0.0.24 as summary and 192.168.0.0/28 for each floor

192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

l92.168.0.0/25 as summary and 192.168.0.0/27 for each floor

Question 104

Which technology must be implemented to configure network device monitoring with the highest security?

Options:

IP SLA

syslog

NetFlow

SNMPv3

Question 105

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Options:

Question 106

Refer to the exhibit.

With which metric was the route to host 172.16.0.202 learned?

Options:

110

38443

3184439

Question 107

Which action does the router take as rt forwards a packet through the network?

Options:

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Question 108

Refer to the exhibit.

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

Options:

ipv6 route ::/0 Serial 0/0/1

ipv6 route 0/0 Serial 0/0/0

ipv6 route ::/0 Serial 0/0/0

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

ipv6 route ::/0 2000::2

Question 109

Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right

Options:

Question 110

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

enable AAA override

enable RX-SOP

enable DTIM

enable Band Select

Question 111

Which type of traffic is sent with pure iPsec?

Options:

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

multicast traffic from a server at one site to hosts at another location

spanning-tree updates between switches that are at two different sites

unicast messages from a host at a remote site to a server at headquarters

Question 112

What is the expected outcome when an EUI-64 address is generated?

Options:

The seventh bit of the original MAC address of the interface is inverted

The interface ID is configured as a random 64-bit value

The characters FE80 are inserted at the beginning of the MAC address of the interface

The MAC address of the interface is used as the interface ID without modification

Question 113

Refer to the exhibit.

If R1 receives a packet destined to 172.161.1, to which IP address does it send the packet?

Options:

192.168.12.2

192.168.13.3

192.168.14.4

192.168.15.5

Question 114

Which two QoS tools provides congestion management? ( Choose two )

Options:

CAR

CBWFQ

PBR

FRTS

Question 115

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

Options:

Option A

Option B

Option C

Option D

Option E

Question 116

The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two)

Options:

There is a duplex mismatch

There is a speed mismatch

There is a protocol mismatch

The interface is shut down

The interface is error-disabled

Question 117

Which two functions are performed by the core layer in a three-tier architecture? (Choose two)

Options:

Provide uninterrupted forwarding service.

Police traffic that is sent to the edge of the network.

Provide direct connectivity for end user devices.

Ensure timely data transfer between layers.

Inspect packets for malicious activity.

Question 118

Drag and drop the DNS lookup components from the left onto the functions on the right.

Options:

Question 119

Refer to the exhibit.

What is the metric of the route to the 192.168.10.33/28 subnet?

Options:

110

128

192

193

Question 120

How do servers connect to the network in a virtual environment?

Options:

wireless to an access point that is physically connected to the network

a cable connected to a physical switch on the network

a virtual switch that links to an access point that is physically connected to the network

a software switch on a hypervisor that is physically connected to the network

Question 121

Refer to the exhibit.

R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement?

Options:

Option

Question 122

Refer to the exhibit.

A router reserved these five routes from different routing information sources.

Which two routes does the router install in its routing table? (Choose two)

Options:

RIP route 10.0.0.0/30

iBGP route 10.0.0.0/30

OSPF route 10.0.0.0/30

EIGRP route 10.0.0.1/32

OSPF route 10.0.0.0/16

Question 123

An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface?

Options:

ipv6 address 2001:db8::700:3:400F:572B

ipv6 address 2001:db8:0::700:3:4F:572B

ipv6 address 2001:Odb8::7:3:4F:572B

ipv6 address 2001::db8:0000::700:3:400F:572B

Question 124

What event has occurred if a router sends a notice level message to a syslog server?

Options:

A TCP connection has been torn down

An ICMP connection has been built

An interface line has changed status

A certificate has expired.

Question 125

Refer to the exhibit.

What two conclusions should be made about this configuration? (Choose two )

Options:

The designated port is FastEthernet 2/1

This is a root bridge

The spanning-tree mode is Rapid PVST+

The spanning-tree mode is PVST+

The root port is FastEthernet 2/1

Question 126

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

Options:

Reassociation Request

Probe Request

Authentication Request

Association Request

Question 127

What describes the operation of virtual machines?

Options:

Virtual machines are responsible for managing and allocating host hardware resources

In a virtual machine environment, physical servers must run one operating system at a time.

Virtual machines are the physical hardware that support a virtual environment.

Virtual machines are operating system instances that are decoupled from server hardware

Question 128

Which device performs stateful inspection of traffic?

Options:

firewall

switch

access point

wireless controller

Question 129

Which state does the switch port move to when PortFast is enabled?

Options:

forwarding

listening

blocking

learning

Question 130

What causes a port to be placed in the err-disabled state?

Options:

latency

port security violation

shutdown command issued on the port

nothing plugged into the port

Question 131

Which two command sequences must you configure on switch to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two )

Options:

interface GigabitEthernet0/0/1

channel-group 10 mode on

interface GigabitEthernet0/0/1

channel-group 10 mode active

interface GigabitEthernet0/0/1

channel-group 10 mode auto

interface port-channel 10

switchport

switchport mode trunk

interface port-channel 10

no switchport

ip address 172.16.0.1.255.255.255.0

Question 132

Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard designs are recommended? (choose two.)

Options:

5GHz provides increased network capacity with up to 23 nonoveriapping channels.

For maximum throughput, the WLC is configured to dynamically set adjacent access points to the same channel.

5GHz channel selection requires an autonomous access point.

Adjacent cells with overlapping channels use a repeater access point.

Cells that overlap one another are configured to use nonoveriapping channels.

Question 133

How does Cisco DNA Center gather data from the network?

Options:

Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller

Devices establish an iPsec tunnel to exchange data with the controller

Devices use the call-home protocol to periodically send data to the controller.

The Cisco CU Analyzer tool gathers data from each licensed network device and streams it to the controller.

Question 134

Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right.

Options:

Question 135

What are two functions of an SDN controller? (Choose two)

Options:

Layer 2 forwarding

coordinating VTNs

tracking hosts

managing the topology

protecting against DDoS attacks

Question 136

What is the purpose of a southbound API in a control based networking architecture?

Options:

Facilities communication between the controller and the applications

Facilities communication between the controller and the networking hardware

allows application developers to interact with the network

integrates a controller with other automation and orchestration tools.

Question 137

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

Options:

a DHCP Relay Agent

DHCP Binding

a DHCP Pool

DHCP Snooping

Question 138

What is the function of a hub-and-spoke WAN topology?

Options:

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Question 139

Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Options:

Question 140

Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period?

Options:

switch(config)#spanning-tree vlan 1 max-age 6

switch(config)#spanning-tree vlan 1 hello-time 10

switch(config)#spanning-tree vlan 1 priority 4096

switch(config)#spanning-tree vlan 1 forward-time 20

Question 141

Refer to the exhibit.

After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface's configuration?

Options:

Use the Ixml library to parse the data returned by the NETCONF server for the interface's configuration.

Create an XML filter as a string and pass it to get_config() method as an argument.

Create a JSON filter as a string and pass it to the get_config() method as an argument.

Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

Question 142

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

Options:

Layer 2 switch

load balancer

firewall

LAN controller

Question 143

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

It sends packets out of interface Fa0/2 only.

It sends packets out of interface Fa0/1 only.

It cannot send packets to 10.10.13 128/25

It load-balances traffic out of Fa0/1 and Fa0/2

Question 144

When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)

Options:

2000::/3

2002::5

FC00::/7

FF02::1

FF02::2

Question 145

Which IPv6 address block sends packets to a group address rather than a single address?

Options:

2000::/3

FC00::/7

FE80::/10

FF00::/8

Question 146

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

Options:

Both operate at a frequency of 500 MHz.

Both support runs of up to 55 meters.

Both support runs of up to 100 meters.

Both support speeds of at least 1 Gigabit.

Both support speeds up to 10 Gigabit.

Question 147

Refer to the exhibit.

PC1 is trying to ping PC3 for the first time and sends out an ARP to S1 Which action is taken by S1?

Options:

It forwards it out G0/3 only

It is flooded out every port except G0/0.

It drops the frame.

It forwards it out interface G0/2 only.

Question 148

Which state does the switch port move to when PortFast is enabled?

Options:

learning

forwarding

blocking

listening

Question 149

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

redundancy

console

distribution system

service

Question 150

Drag the IPv6 DNS record types from the left onto the description on the right.

Options:

Question 151

When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed?

Options:

default-router

default-gateway

ip helper-address

dns-server

Question 152

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

Options:

platform-as-a-service

software-as-a-service

network-as-a-service

infrastructure-as-a-service

Question 153

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

YAML

JSON

EBCDIC

SGML

XML

Question 154

Which option about JSON is true?

Options:

uses predefined tags or angle brackets () to delimit markup text

used to describe structured data that includes arrays

used for storing information

similar to HTML, it is more verbose than XML

Question 155

What criteria is used first during the root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 156

Which technology allows for multiple operating systems to be run on a single host computer?

Options:

virtual routing and forwarding

network port ID visualization

virtual device contexts

server visualization

Question 157

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 158

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

switchport port-security violation access

switchport port-security violation protect

switchport port-security violation restrict

switchport port-security violation shutdown

Question 159

Which function is performed by the collapsed core layer in a two-tier architecture?

Options:

enforcing routing policies

marking interesting traffic for data polices

attaching users to the edge of the network

applying security policies

Question 160

What is the difference regarding reliability and communication type between TCP and UDP?

Options:

TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol

TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol

TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol

TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol

Question 161

Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

Options:

CPU ACL

TACACS

Flex ACL

RADIUS

Question 162

Refer to exhibit.

Which statement explains the configuration error message that is received?

Options:

It is a broadcast IP address

The router does not support /28 mask.

It belongs to a private IP address range.

IT is a network IP address.

Question 163

What facilitates a Telnet connection between devices by entering the device name?

Options:

SNMP

DNS lookup

syslog

NTP

Question 164

Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate? (Choose two)

Options:

OSPF area

OSPF MD5 authentication key

iPv6 address

OSPf process ID

OSPf stub flag

Question 165

Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right.

Options:

Question 166

What is a characteristic of a SOHO network?

Options:

connects each switch to every other switch in the network

enables multiple users to share a single broadband connection

provides high throughput access for 1000 or more users

includes at least three tiers of devices to provide load balancing and redundancy

Question 167

When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

Options:

The floating static route must have a higher administrative distance than the primary route so it is used as a backup

The administrative distance must be higher on the primary route so that the backup route becomes secondary.

The floating static route must have a lower administrative distance than the primary route so it is used as a backup

The default-information originate command must be configured for the route to be installed into the routing table

Question 168

Refer to Exhibit.

The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the NEW York router? (Choose two)

Options:

ipv6 route 2000::1/128 2012::1

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::3/128 s0/0/0

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 s0/0/1

Question 169

How does a switch process a frame received on Fa0/1 with the destination MAC address of 0e38.7363.657b when the table is missing the address?

Options:

lt drops the frame immediately.

It forwards the frame back out of interface Fa0/1.

It floods the frame to all interfaces except Fa0/1.

It holds the frame until the MAC address timer expires and then drops the frame.

Question 170

Refer to the exhibit.

Which command provides this output?

Options:

show ip route

show ip interface

show interface

show cdp neighbor

Question 171

What are two functions of a Layer 2 switch? (Choose two)

Options:

acts as a central point for association and authentication servers

selects the best route between networks on a WAN

moves packets within a VLAN

moves packets between different VLANs

makes forwarding decisions based on the MAC address of a packet

Question 172

What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

Options:

The Layer 2 switch drops the received frame

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

Question 173

Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

Options:

enable secret

service password-encryption

username Cisco password encrypt

enable password

Question 174

Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.

Options:

Question 175

What is the difference between 1000BASE-LX/LH and 1000BASE-ZX interfaces?

Options:

1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km.

1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 10008ASE-ZX needs a conditioning patch cable with a multimode.

1000BASE-LX/LH is supported on links up to 10km, and 1000BASE-ZX operates over links up to 70 km

1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate.

Question 176

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 177

Which command implies the use of SNMPv3?

Options:

snmp-server host

snmp-server community

snmp-server enable traps

snmp-server user

Question 178

The clients and OHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1?

Options:

ip route 192.168.10.1

ip default-gateway 192.168.10.1

ip helper-address 192.168.10.1

ip dhcp address 192.168.10.1

Question 179

A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP.

Options:

Place the AP into manual containment.

Remove the AP from WLC management.

Manually remove the AP from Pending state.

Set the AP Class Type to Friendly.

Question 180

What is used as a solution for protecting an individual network endpoint from attack?

Options:

Router

Wireless controller

Anti software

Cisco DNA Center

Question 181

What differentiates device management enabled by Cisco DNA Center from traditional campus device management?

Options:

per-device

centralized

device-by-device hands-on

CLI-oriented device

Question 182

Refer to the exhibit.

The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken must be taken to complete the task?

Options:

Configure the no lldp tlv-select-management-address command globally on Cat9K-2

Configure the no lldp transmit command on interface G1/0/21 in Cat9K-1

Configure the no lldp receive command on interface G1/0/21 on Cat9K-1

Configure the no lldp mac-phy-cfg command globally on Cat9K-2

Question 183

What is the role of the root port in a switched network?

Options:

It replaces the designated port when the designated port fails

It is the best path to the root from a nonroot switch.

It replaces the designated port when the root port fails.

It is administratively disabled until a failover occurs.

Question 184

Refer to the exhibit.

Which command must be enable a floating default route on router A?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

Question 185

Which syslog severity level is considered the most severe and results in the system being considered unusable?

Options:

Alert

Error

Emergency

Critical

Question 186

What is the definition of backdoor malware?

Options:

malicious code that is installed onto a computer to allow access by an unauthorized user

malicious code with the main purpose of downloading other malicious code

malicious program that is used to launch other malicious programs

malicious code that infects a user machine and then uses that machine to send spam

Question 187

Which IPsec transport mode encrypts the IP header and the payload?

Options:

pipe

control

transport

tunnel

Question 188

Which interface is used for out-of-band management on a WLC?

Options:

dynamic

service port

virtual

management

Question 189

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?

Options:

The APs must be connected to the switch with multiple links in LAG mode

The switch port mode must be set to trunk

The native VLAN must match the management VLAN of the AP

IEEE 802.10 trunking must be disabled on the switch port.

Question 190

In which circumstance would a network architect decide to implement a global unicast subnet instead of a unique local unicast subnet?

Options:

when the subnet must be available only within an organization

when the subnet does not need to be routable

when the addresses on the subnet must be equivalent to private IPv4 addresses

when the subnet must be routable over the internet

Question 191

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task?

Options:

Option A

Option B

Option C

Option D

Question 192

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 193

Which two protocols are used by an administrator for authentication and configuration on access points?

Options:

Kerberos

802.1Q

802.1x

TACACS+

RADIUS

Question 194

Refer to the exhibit.

The given Windows PC is requesting the IP address of the host at To which IP address is the request sent?

Options:

192.168.1.226

192.168.1.100

192.168.1.254

192.168.1.253

Question 195

Refer to the exhibit. After applying this configuration to router R1, a network engineer is verifying the implementation. If all links are operating normally, and the engineer sends a series of packets from PC1 to PC3. how are the packets routed?

Options:

They are routed to 172.16.20.2.

They are routed to 192.168.100.2.

They are distributed sent round robin to interfaces SO/0/0 and SO/0/1.

They are routed to 10.0.0.2.

Question 196

Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?

Options:

shaping

policing

CBWFQ

LLQ

Question 197

A packet from a company s branch office is destined to host 172.31.0.1 at headquarters. The sending router has three possible matches in its routing table for the packet prefixes: 172. 31.0 .0/16.72.31.0.0724. and 172.31 0 0/25. How does the router handle the packet?

Options:

It sends the traffic via prefix 172.31.0.0/16

It sends the traffic via the default gateway 0.0.0.070.

It sends the traffic via prefix 172.31.0.0/24

It sends the traffic via prefix 172.31.0.0/25

Question 198

Which REST method updates an object in the Cisco DNA Center Intent API?

Options:

CHANGE

UPDATE

POST

PUT

Question 199

Drag and drop the wireless architecture benefits from the left onto the architecture types on the right.

Options:

Question 200

Refer to the exhibit.

Switch AccSw2 has just been added to the network along with PC2. All VLANs have been implemented on AccSw2. How must the ports on AccSw2 be configured to establish Layer 2 connectivity between PC1 and PC2?

Options:

Text Description automatically generated

Question 201

Refer to the exhibit.

The administrator must configure a floating sialic default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE?

Options:

ipv6 route ::/0 2001:db8:1234:2::1 3

ipv6 route ::/128 2001 :db8:1234:2::1 3

ipv6 route ::/0 2001:db8:1234:2::1 1

ipv6 route ::/0 2001:db8:1234:2::1 2

Question 202

What are two protocols within the IPsec suite? (Choose two)

Options:

3DES

ESP

TLS

AES

Question 203

Refer to the exhibit.

The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.

Options:

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 2012::1

ipv6 route 2000:3 123 s0/0/0

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::1/128 s0/0/1

Question 204

Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right.

Options:

Question 205

Refer to the exhibit.

A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements:

• accommodates current configured VLANs

• expands the range to include VLAN 20

• allows for IEEE standard support for virtual LANs

Which configuration on the NewSwitch side of the link meets these requirements?

Options:

Option A

Option B

Option C

Option D

Question 206

Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?

Options:

Generic Router Encapsulation (GRE)

Virtual Local Area Network (VLAN)

Virtual Extensible LAN (VXLAN)

Point-to-Point Protocol

Question 207

Refer to the exhibit.

A newly configured PC fails to connect to the internet using TCP port 80 to www cisco com Which setting must be modified for the connection to work?

Options:

Subnet Mask

DNS Servers

Default Gateway

DHCP Server

Question 208

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show Interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

Options:

high bandwidth usage

a physical cable fault

a speed mismatch

a cable that is too long

Question 209

What is a characteristics of a collapsed-core network topology?

Options:

It allows the core and distribution layers to run as a single combined layer.

It enables the core and access layers to connect to one logical distribution device over an EtherChannel.

It enables all workstations in a SOHO environment to connect on a single switch with internet access.

It allows wireless devices to connect directly to the core layer, which enables faster data transmission.

Question 210

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

Options:

authorizing potentially compromised wireless traffic

inspecting specific files and file types for malware

authenticating end users

URL filtering

Question 211

What are two disadvantages of a full-mesh topology? (Choose two.)

Options:

It needs a high MTU between sites.

It has a high implementation cost.

It must have point-to-point communication.

It requires complex configuration.

It works only with BGP between sites.

Question 212

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

Options:

netstat-n

ipconfig

ifconfig

netstat-r

Question 213

Which access point mode relies on a centralized controller for management, roaming, and SSID configuration?

Options:

repeater mode

autonomous mode

bridge mode

lightweight mode

Question 214

Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.

Options:

Question 215

Refer to the exhibit.

What is represented by the word "switch’’ in line 2 of the JSON schema?

Options:

array

key

value

object

Question 216

How do UTP and STP cables compare?

Options:

STP cables are cheaper to procure and easier to install and UTP cables are more expensive and harder to install.

UTP cables are less prone to crosstalk and interference and STP cables are more prone to crosstalk and interference.

UTP cables provide taster and more reliable data transfer rates and STP cables are slower and less reliable.

STP cables are shielded and protect against electromagnetic interference and UTP lacks the same protection against electromagnetic interference.

Question 217

Refer to the exhibit.

An engineer executed the script and added commands that were not necessary for SSH and now must remove the commands.

Options:

metric

cost

longest prefix

administrative distance

Question 218

Refer to the exhibit.

A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interlace Seria10. What is the effect of the configuration as the administrator applies the command?

Options:

The permit command fails and returns an error code.

The router accepts all incoming traffic to Seria10 with the last octet of the source IP set to 0.

The sourced traffic from IP range 10.0.0.0 -10.0.0.255 is allowed on Seria10.

The router fails to apply the access list to the interface.

Question 219

Refer to the exhibit.

The Router1 routing table has multiple methods to reach 10.10.10.0/24 as shown. The default Administrative Distance is used. Drag and drop the network conditions from the left onto the routing methods that Router1 uses on the right.

Options:

Question 220

It work security team noticed that an increasing number of employees are becoming victims of phishing attacks. Which security program should be implemented to mitigate the problem?

Options:

email system patches

physical access control

software firewall enabled on all PCs

user awareness training

Question 221

Which properly is shared by 10GBase-SR and 10GBase-LR interfaces?

Options:

Both require fiber cable media for transmission.

Both require UTP cable media for transmission.

Both use the single-mode fiber type.

Both use the multimode fiber type.

Question 222

Refer to the exhibit.

How many objects, Keys and JSON list values are present?

Options:

three objects, two Keys, and three JSON list values

three objects, three keys and two JSON Ml values

one object, three keys, and three JSON list values

one object, three keys and two JSON list values

Question 223

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

200 seconds

300 seconds

600 seconds

900 seconds

Question 224

What is the purpose of classifying network traffic in QoS?

Options:

services traffic according to its class

identifies the type of traffic that will receive a particular treatment

writes the class identifier of a packet to a dedicated field in the packet header

configures traffic-matching rules on network devices

Question 225

Refer to the exhibit.

What does route 10.0.1.3/32 represent in the routing table?

Options:

the 10.0.0.0 network

a single destination address

the source 10.0.1.100

all hosts in the 10.0.1.0 subnet

Question 226

Drag and drop the WLAN components from the left onto the component details on the right.

Options:

Question 227

Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?

Options:

UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.

UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.

UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery.

UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capability to receive packets in random order.

Question 228

What is the purpose of the Cisco DNA Center controller?

Options:

to secure physical access to a data center

to scan a network and generate a Layer 2 network diagram

to securely manage and deploy network devices

to provide Layer 3 services to autonomous access points

Question 229

What is the function of northbound API?

Options:

It upgrades software and restores files.

It relies on global provisioning and configuration.

It supports distributed processing for configuration.

It provides a path between an SDN controller and network applications.

Question 230

Refer to the exhibit.

Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?

Options:

2001 :db8::5000:0004:5678:0090/64

2001 :db8:4425:5400:77ft:fe07:/64

2001 :db8::5000:00ff:fe04 0000/64

2001 :db8::5200:00ff:fe04:0000/64

Question 231

Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge devices or access circuits fail?

Options:

SLB

FHRP

VRRP

HSRP

Question 232

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

Options:

Set the QoS level to silver or greater for voice traffic.

Set the QoS level to platinum for voice traffic.

Enable Media Session Snooping on re WLAN.

Enable traffic shaping for the LAN interlace of the WLC.

Configure two different QoS rotes tor data and voice traffic.

Load More 200-301 Questions

Weekend Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Cisco Certified Network Associate Questions and Answers

PDF + Testing Engine

Testing Engine

PDF Study Guide

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: