Cisco 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) Exam Practice Test

Developer Toolkit

platform management

platform bundles

Runtime Dashboard

Dictionary

Brute-force

Phishing

Deauthentication

Ensure that the "Connect even if this network is not broadcasting" option is selected.

Limit the enabled wireless channels on the laptop to the maximum channel range that is supported by the access points.

Change the security type to WPA2-Personal AES.

Use the empty string as the hidden SSID network name.

Provision

Design

Policy

Assurance

virtual private network

deep packet inspection

stateful inspection

application awareness

packet filtering

aaa authorization exec default radius local

aaa authorization exec default radius

aaa authentication exec default radius local

aaa authentication exec default radius

Command Runner

Template Editor

Application Policies

Authentication Template

NSF

graceful restart

SSO

FHRP

event none

action 2.1 cli command "ip action 3.1 ell command 101''

action 6.0 ell command ''ip access-list extended 101''

action 6.0 cli command ''ip access-list extended 101"

When encrypted helm are required between gateways h a single group.

When the traffic load needs to be shared between multiple gateways using a single virtual IP.

When the gateway routers are a mix of Cisco and non-Cisco routers

When clients need the gateway MAC address lo Be the same between multiple gateways

There is no wireless LAN controller in the network.

The wireless LAN controller is embedded into the access point.

The wireless LAN controller exists in the cloud.

The wireless LAN controller exists in a server that is dedicated for this purpose.

when a stack member fails

when the stack primary is reset

when a switch with a higher priority is added to the stack

when the priority value of a stack member is changed to a higher value

provides fabric extension to nonfabric devices through remote registration and configuration

performs tunneling between fabric and nonfabric devices to route traffic over unknown networks

used to extend the fabric connecting to downstream nonfabric enabled Layer 2 switches

in charge of establishing Layer 3 adjacencies with nonfabric unmanaged node

TCAM is used to make Lalyer 2 forwarding decisions CAM is used to build routing tables.

The MAC address table supports partial matches .TCAM requires an exact match.

The MAC address table is contained in CAM.ACL and QoS information is stored in TCAM.

Router prefix lookups happens in CAM.MAC address table lookups happen in TCAM.

Configure Switch-1 with channel-group mode active

Configure Switch-2 with channel-group mode desirable.

Configure Switch-1 with channel-group mode on.

Configure SwKch-2 with channel-group mode auto

FIB contains routes learned through a dynamic routing protocol, and the RIB contains routes that are static or directly connected.

RIB contains the interface for a destination, and the FIB contains the next hop information.

FIB is derived from the control plane, and the RIB is derived from the data plane.

RIB is derived from the control plane, and the FIB is derived from the RIB.

0x77

AAA

0xf1

642

STP BPDU guard is enabled

A description "RSPAN" is added.

They are placed into an inactive state.

They cannot provide PoE.

Configure SW1 with dynamic auto mode on interface FastEthernet0/1.

Configure the native VLAN to be the same VLAN on both switches on interface FastEthernet0/1.

Configure SW2 with encapsulation dot1q on interface FastEthernet0/1.

Configure FastEthernet0/1 on both switches for static trunking.

00 5e0c:07:ac:12

05:44:33:83:68:6c

00:00:0c:07:ac:0c

00:05:5e:00:0c:12

distribution of IPsec keys

Redistribution between OMP and other routing protocols

facilitation of NAT detection and traversal

execution of localized policies

southbound consumer-facing RESTful API. which enables network discovery and configuration management

westbound interface, which allows the exchange of data to be used by ITSM. IPAM and reporting

an interface between the controller and the network devices, which enables network discovery and configuration management

northbound consumer-facing RESTful API, which enables network discovery and configuration management

user access based on IP address

allows devices to bypass authenticate*

network access based on the physical address of a device

simultaneous user and device authentication

Option A

Option B

Option C

Option D

00:05:0c:07:ac:30

00:00:0c:07:ac:1e

05:0c:5e:ac:07:30

00:42:18:14:05:1e

POST

GET

PUT

CREATE

initiating connections with SD-WAN routers automatically

pushing of configuration toward SD-WAN routers

onboarding of SD-WAN routers into the SD-WAN overlay

gathering telemetry data from SD-WAN routers

The switch is oversubscribed and cannot handle the additional throughput.

The printer is tying up the server with DHCP discover messages.

The web server's back end was designed for only single-threaded applications.

The workstation was configured with a static IP that is the same as the server.

The server is attempting to load balance between links 10.100 100.1 and 10 100.200.1.

The server is out of service.

There is a loop in the path to the server.

The gateway cannot translate the server domain name.

Stratum 1 devices are connected directly to an authoritative time source.

Stratum 15 devices are connected directly to an authoritative time source

Stratum 0 devices are connected directly to an authoritative time source.

Stratum 15 devices are an authoritative time source.

Cisco DNA Center is unable to collect monitoring data in Assurance.

All devices reload after detecting loss of connection to Cisco DNA Center.

Already connected users are unaffected, but new users cannot connect

Users lose connectivity.

User connectivity is unaffected.

Policy or ACLS are nor required.

There is no requirements to run IEEE 802.1X when TrustSec is enabled on a switch port.

Applications flows between hosts on the LAN to remote destinations can be encrypted.

Policy can be applied on a hop-by-hop basis.

15

20

25

10

It facilitates software upgrades lo network devices from a central point.

It facilitates a vulnerability assessment of the network devices.

It provides a high-level overview of the health of every network device.

It uses a predefined configuration through parameterized elements or variables.

Option A

Option B

Option C

Option D

primary

server

broadcast client

peer

BFD provides path failure detection in less than a second.

BFD is an efficient way to reduce memory and CPU usage.

BFD provides fault tolerance by enabling multiple routers to appear as a single virtual router.

BFD speeds up routing convergence time.

BFD enables network peers to continue forwarding packets in the event of a restart.

The local device has a higher priority selling than the active router

The virtual IP address of the HSRP group is 10.1.1.1.

If the local device fails to receive a hello from the active router for more than 5 seconds, it becomes the active router.

The hello and hold timers are set to custom values.

If a router with a higher IP address and same HSRP priority as the active router becomes available, that router becomes the new active router 5 seconds later.

low complexity and high overall solution scale

centralized reachability, security, and application policies

operates over DTLS and TLS authenticated and secured tunnels

united data plane and control plane

operates over DTLS/TLS authenticated and secured tunnels

requires manual secure tunnel configuration

uses unique per-device feature templates

uses control connections between routers

The router with the shortest uptime

The router with the lowest IP address

The router with the highest IP address

The router with the longest uptime

R2W standby 100 track 26 decrement 10

R2# standby 100 preempt

R2# track 26 interface SerialWO.1 line-protocol

R2# standby 100 priority 100

Postman

requests

nccllent

cURL

fusion router

control plane node

fabric border node

fabric edge node

to forward packets to non-LISP sites

to encapsulate the tunnel

to maintain VLAN configuration consistency

to provide EID-to-RLOC mapping

Southbound API is based on OMP and DTLS.

Northbound API is RESTful, using JSON.

Northbound API is based on RESTCONF and JSON.

Southbound API is based on NETCONF and XML.

Southbound API is based on RESTCONF and JSON.

Access control vestibule

Palm scanner

PIN pad

Digital card reader

Photo ID

Client 1 contact controller B by using an EoIP tunnel.

CAPWAP tunnel is created between controller A and controller B.

Client 1 users an EoIP tunnel to contact controller A.

The client database entry moves from controller A to controller B.

VSS

VXLAN

VPC

VLAN

anchor

foreign

mobility

transparent

with the VLAN

with the MAC address

with the IP address

with the security group tag

it indicates the preference for using LISP over native IP connectivity.

it determines the administrative distance of LISP generated routes in the RIB

It identifies the preferred RLOC address family.

it indicates the load-balancing ratio between CTRs of 9m earns priority.

Apply the correct interface to this WLAN.

Apply the changes this SSID.

Select the PSK under authentication key management.

Define the correct Radio Policy.

Cloud deployments provide a better user experience across world regions, whereas on-premises deployments depend upon region-specific conditions

Cloud deployments are inherently unsecure. whereas a secure architecture is mandatory for on-premises deployments.

Cloud deployments mandate a secure architecture, whereas on-premises deployments are inherently unsecure.

Cloud deployments must include automation infrastructure, whereas on-premises deployments often lack the ability for automation.

SW1(config)#intgi1/1

SW1(config)#switchport trunk allowed vlan 1-9,11-4094

SW2(config)#intgi1/2

SW2(config)#switchport trunk allowed vlan 10

SW2(config)#int gi1/2

SW2(config)#switchport trunk allowed vlan 1-9,11-4094

SWl(config)#intgi1/1

SW1(config)#switchport trunk allowed vlan 10

mechanism used to prevent routing protocol loops during an RP switchover

mechanism to take control from a failed RP while maintaining connectivity

First Hop Redundancy Protocol for host gateway connectivity

cluster protocol used to facilitate switch faitover

It uses VTEPs to encapsulate and decapsulate frames.

It has a 12-bit network identifier

It allows for up to 16 million VXLAN segments

It lacks support for host mobility

It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.

R1(config-router)#neighbor 10.10.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.120.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor PEER password Cisco

R1(config-router)#neighbor 10.120.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco

standby 2 priority

standby 2 preempt

standby 2 track

standby 2 timers

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Oracle VM VirtualBox

VMware server

Citrix XenServer

Microsoft Virtual PC

Option A

Option B

Option C

Option D

Router(config)# ip sla responder udp-connect 172.29.139.134 5000

Router(config)# ip sla responder tcp-connect 172.29.139.134 5000

Router(config)# ip sla responder udp-echo 172.29.139.134 5000

Router(config)# ip sla responder tcp-echo 172.29.139.134 5000

Option A

Option B

Option C

Option D

By entering the command spanning-tree portfast trunk in the interface configuration mode.

By entering the command spanning-tree portfast in the interface configuration mode

By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode

By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration mode

Proxy ETR

egress tunnel router

route reflector

HMAC algorithm

spoke

It provides multiple points of management for redundancy and improved support

It uses GLBP to balance traffic between gateways.

It provides a single point of management for improved efficiency.

It uses a single database to manage configuration for multiple switches

Remove UNII-2 and Extended UNII-2 channels from the 5 Ghz channel list

Restore the DCA default settings because this automatically avoids channel interference.

Configure channels on the UNIk2 and the Extended UNII-2 sub-bands of the 5 Ghz band only

Enable DFS channels because they are immune to radar interference.

Disable DFS channels to prevent interference with Doppler radar

SPAN session 1 monitors activity on VLAN 50 of a remote switch

SPAN session 2 only monitors egress traffic exiting port FastEthernet 0/14.

SPAN session 2 monitors all traffic entering and exiting port FastEthernet 0/15.

RSPAN session 1 is incompletely configured for monitoring

evert-driven RRM

data rate (modulation density) or QAM

channel bandwidth

number of spatial streams and spatial reuse

RF group leader

dynamic channel assignment

DDoS

ransomware

Microsoft Word macro attack

SQL injection

email phishing

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

The FIB is derived from the data plane, and the RIB is derived from the FIB.

The RIB is a database of routing prefixes, and the FIB is the Information used to choose the egress interface for each packet.

FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.

The FIB is derived from the control plane, and the RIB is derived from the FIB.

The RIB is derived from the control plane, and the FIB is derived from the RIB.

Option 43

Option 60

Option 67

Option 150

Option A

Option B

Option C

Option D

TCP

HTTPS

SSH

HTTP

Add the access-class keyword to the username command

Add the access-class keyword to the aaa authentication command

Add the autocommand keyword to the username command

Add the autocommand keyword to the aaa authentication command

R1#network 192.168.0.0 mask 255.255.0.0

R2#no network 10.0.0.0 255.255.255.0

R2#network 192.168.0.0 mask 255.255.0.0

R2#network 209.165.201.0 mask 255.255.192.0

R1#no network 10.0.0.0 255.255.255.0

Option A

Option B

Option C

Option D

container

Type 1 hypervisor

hardware pass-thru

Type 2 hypervisor

GigabitEthemet0/1 and GigabitEthernet0/1.40

only GigabitEthernet0/1

only GigabttEthernet0/0

Gigabit Ethernet0/0 and GigabitEthemet0/1

On-premises can increase compute power faster than cloud

On-premises requires less power and cooling resources than cloud

On-premises offers faster deployment than cloud

On-premises offers lower latency for physically adjacent systems than cloud.

Configure less member ports on Switch2.

Configure the same port channel interface number on both switches

Configure the same EtherChannel protocol on both switches

Configure more member ports on Switch1.

from ncclient import

import manager

from ncclient import*

import ncclient manager

It requires certificates for authentication

It is provided using NGINX acting as a proxy web server

It is used for HTTP and HTTPS requests

It is not supported on Cisco devices

Option A

Option B

Option C

Option D

The password expiry mechanism is on the AAA server and must be configured there.

Add the aaa authentication enable default Administrators command.

Add the username admin privilege 15 common-criteria*policy Administrators password 0 Cisco13579! command.

No further action Is required. The configuration is complete.

SNR

Noise

RSSI

CCI

Option A

Option B

Option C

Option D

The destination server reported it is too busy

The protocol is unreachable

The destination port is unreachable

The probe timed out

mobility MAC on the 5520 cluster

mobility MAC on the 9800 WLC

new mobility on the 5520 cluster

new mobility on the 9800 WLC

Option A

Option B

Option C

Option D

Option E

Access control lists that are applied outbound to a router interface do not affect traffic that is sourced from the router.

Only standard access control lists can block traffic from a source IP address.

After an access control list is applied to an interface, that interface must be shut and no shut for the access control list to take effect.

The access control list must contain an explicit deny to block traffic from the router.

This segment has no designated router because it is a nonbroadcast network type.

This segment has no designated router because it is a p2p network type.

Router Chicago because it has a lower router ID

Router NewYork because it has a higher router ID

least privilege

fail-safe defaults

economy of mechanism

complete mediation

End user subnets and endpoints are part of the underlay network.

The underlay switches provide endpoint physical connectivity for users.

Static routing is a requirement,

It must support IPv4 and IPv6 underlay networks

under interface saturation condition

under network convergence condition

under all network condition

under traffic classification and marking conditions.

Autonomous

Mobility Express

SD-Access wireless

Local mode

IP prefix list-based

IPsec

TACACS-based authentication

IP access list-based

Encrypted authentication

NameError: name 'json' is not defined

KeyError 'kickstart_ver_str'

7.61

7.0(3)I7(4)

Layer 3

inter-xTR

auto anchor

fast roam

Configure switchport mode trunk on SW2.

Configure switchport nonegotiate on SW3

Configure channel-group 1 mode desirable on both interfaces.

Configure channel-group 1 mode active on both interfaces.

wlcbostname.domain.com

cisco-capwap-controller.domain.com

ap-manager.domain.com

primary-wlc.domain.com

Option A

Option B

Option C

Option D

It enforces the use of a specific encoding format for NETCONF.

It collects statistical constraint analysis information.

It enables multiple leaf statements to exist within a leaf list.

It enforces configuration semantics.

It enforces configuration constraints.

line vty 0 15

absolute-timeout 600

line vty 0 15

exec-timeout

line vty 01 5

exec-timeout 10 0

line vty 0 4

exec-timeout 600

Adjust the resource reservation limits

Live migrate the VM to another host

Reset the VM

Reset the host

logging host 10.2.3.4 vrf mgmt transport tcp port 6514

logging host 10.2.3.4 vrf mgmt transport udp port 6514

logging host 10.2.3.4 vrf mgmt transport tcp port 514

logging host 10.2.3.4 vrf mgmt transport udp port 514

ISAKMP SA is authenticated and can be used for Quick Mode.

Peers have exchanged keys, but ISAKMP SA remains unauthenticated.

VPN peers agreed on parameters for the ISAKMP SA

ISAKMP SA has been created, but it has not continued to form.

sniffer

monitor

bridge

local

Router ISP#2 is configured to use SHA-1 authentication.

There is a password mismatch between router CORP and router ISP#2.

Router CORP is configured with an extended access control list.

MD5 authorization is configured incorrectly on router ISP#2.

tap

clustering

inline tap

high availability

as delay-sensitive traffic in a low latency queue

using minimal bandwidth guarantee

using the same marking as IP routing

as best effort

Configure the same protocol on the EtherChannel on switch SW1 and SW2.

Connect the configuration error on interface Gi0/1 on switch SW1.

Define the correct port members on the EtherChannel on switch SW1.

Correct the configuration error on interface Gi0/0 switch SW1.

It creates device packs through the use of an SDK

It uses an API call to interrogate the devices and register the returned data.

It obtains MIBs from each vendor that details the APIs available.

It imports available APIs for the non-Cisco device in a CSV format.

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Change the network statement on R1 to 172.16 10.0

Change the remote-as number for 192 168.100.11.

Enable synchronization on R1 and R2

Change the remote-as number on R1 to 6500.

egress tunnel routers to map resolvers to determine the appropriate egress tunnel router

ingress tunnel routers to map servers to determine the appropriate egress tunnel router

egress tunnel routers to map servers to determine the appropriate egress tunnel router

ingress tunnel routers to map resolvers to determine the appropnate egress tunnel router

AP(config-if-ssid)# authentication open wep wep_methods

AP(config-if-ssid)# authentication dynamic wep wep_methods

AP(config-if-ssid)# authentication dynamic open wep_dynamic

AP(config-if-ssid)# authentication open eap eap_methods

Include a permit statement as the first entry

Include at least one explicit deny statement

Remove the implicit deny entry

Include a permit statement as the last entry

RPs are required only when using protocol independent multicast dense mode.

By default, the RP is needed penodically to maintain sessions with sources and receivers.

RPs are required for protocol Independent multicast sparse mode and dense mode.

By default, the RP Is needed only start new sessions with sources and receivers.

ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80 extendable

ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80 extendable

ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80

ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80

ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80

ip nat inside source static tcp 10.1.1.100 8080 209.165.201.1 8080

ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80 no-alias

ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80 no-alias

The destination must be 172 30 30 2 for icmp-echo

A route back to the R1 LAN network is missing in R2.

The source-interface is configured incorrectly.

The default route has the wrong next hop IP address

The threshold value is wrong

Option A

Option B

Option C

Option D

VXLAN

IS-IS

802 1Q

CTS

MPLS EXP bits

bandwidth

DSCP

ToS

packet size

DTLS

IPsec

PGP

HTTPS

high availability

disaster recovery

live migration

multisite replication

HSRPv1

GLBP

VRRP

HSRPv2

DSW2(config-if)#spanning-tree port-priority 16

DSW2(config)#interface gi1/3

DSW1(config-if)#spanning-tree port-priority 0

DSW1(config) #interface gi1/3

DSW2(config-if)#spanning-tree port-priority 128

Configure the logging synchronous global configuration command

Configure the logging delimiter feature

Configure the logging synchronous command under the vty

Press the TAB key to reprint the command in a new line

increase the number of lines on the screen using the terminal length command

OSPF is a Cisco proprietary protocol, and EIGRP is an IETF open standard protocol.

OSPF uses the DUAL distance vector algorithm, and EIGRP uses the Dijkstra link-state algorithm

EIGRP uses the variance command lot unequal cost load balancing, and OSPF supports unequal cost balancing by default.

EIGRP uses the DUAL distance vector algorithm, and OSPF uses the Dijkstra link-state algorithm

show netconf | section rpc-reply

show netconf rpc-reply

show netconf xml rpc-reply

show netconf schema | section rpc-reply

VLAN

VTEP

VXLAN

VRF

192.168.101.18

192.168.101.6

192.168.101.10

192.168.101.14

provide QoS prioritization services such as marking, queueing, and classification for critical network traffic

provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence

provide advanced network security features such as 802. IX, DHCP snooping, VACLs, and port security

provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP

The network device was receiving NTP time when the log messages were recorded.

The network device was unable to reach The NTP server when the log messages were recorded

The network device is not configured to use NTP.

The network device is nor configured to use NTP time stamps for logging

HTTP return codes

rpc statements

JSON schema

container statements

XML schema

threat defense

security services

security intelligence

segmentation

logging host 10.10.10.1 transport tcp port 1024

logging origin-id 10.10.10.1

logging host 10.10.10.1 transport udp port 1023

logging host 10.10.10.1 transport udp port 1024

It rejects any unidirectional link traffic forwarding

It determines if the hardware is compatible to form the StackWise Virtual domain

discovers the StackWise domain and brings up SVL interfaces.

It determines which switch becomes active or standby

ISE server

local WLC

RADIUS server

anchor WLC

Specify a VRF.

Specify a different UDP port.

Specify a different flow ID

Configure a version 5 flow-export to the same destination.

Specify a different TCP port.

Option A

Option B

Option C

Option D

action 1 syslog msg "OSPF ROUTING ERROR"

action 1 syslog send "OSPF ROUTING ERROR"

action 1 syslog pattern "OSPF ROUTING ERROR"

action 1syslog write "OSPF ROUTING ERROR"

access-list acl_subnets permit ip 10.0.32.0 0 0.0.255 log

access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 log

access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 access-list acl_subnets deny ip any log

access-list acl_subnets permit ip 10.0.32.0 255.255.248.0 log

DSW2 operates in Rapid PVST+ and the new switch operates in PVST+

Both switches operate in the PVST+ mode

Spanning tree is disabled automatically on the network

Both switches operate in the Rapid PVST+ mode.

1

2

4

8

Option A

Option B

Option C

Option D

over the DS

adaptive R

802.11V

802.11k

HTTP Status Code 200

HTTP Status Code 302

HTTP Status Code 401

HTTP Status Code: 504

Deploy the APs in autonomous mode

Deploy the wireless network over the top of the fabric

Deploy a separate network for the wireless environment

Implement a Cisco DNA Center to manage the two networks

Option A

Option B

Option C

Option D

Yagi

multidirectional

directional patch

omnidirectional

Traffic coming to R1 that does not match access list SNMP is dropped.

Traffic coming to R1 that matches access list SNMP is policed.

Traffic passing through R1 that matches access list SNMP is policed.

Traffic generated by R1 that matches access list SNMP is policed.

Utilize DHCP option 17.

Configure WLC IP address on LAN switch.

Utilize DHCP option 43.

Configure an ip helper-address on the router interface

Enable port security on the switch port

aaa authentication login CONSOLE group radius local-case enable aaa

authentication login CONSOLE group radius local enable none

aaa authentication login CONSOLE group radius local enable

aaa authentication login CONSOLE group tacacs+ local enable

15 dB

16 dB

18 dB

20 dB

broadcast discover request

join request to all the WLCs

unicast discovery request to each WLC

Unicast discovery request to the first WLS that resolves the domain name

It shares the traffic load of the LAPs with the primary controller.

It avoids congestion on the primary controller by sharing the registration load on the LAPs.

It registers the LAPs if the primary controller fails.

It enables Layer 2 and Layer 3 roaming between Itself and the primary controller.

Passive

Tap

Inline tap

Inline

SNMP

NX-API

REST

RESTCONF

The server that is providing the portal has an expired certificate

The server that is providing the portal has a self-signed certificate

The connection is using an unsupported protocol

The connection is using an unsupported browser

CEF switching saves memory by sorting adjacency tables in dedicate memory on the line cards, and process switching stores all tables in the main memory

CEF switching uses adjacency tables built by the CDP protocol, and process switching uses the routing table

CEF switching uses dedicated hardware processors, and process switching uses the main processor

CEF switching uses proprietary protocol based on IS-IS for MAC address lookup, and process switching uses in MAC address table

It is installed on an operating system and supports other operating systems above it.

It is referred to as a hosted hypervisor.

Problems in the base operating system can affect the entire system.

It is completely independent of the operating system.

192.0.2.1

172.20.10.1

1.1.1.1

192.168.0.1

Option A

Option B

Option C

Option D

The response timed out based on a configured interval

The user does not have authorization to access this endpoint.

The username and password are not correct

The web server is not available

Option A

Option B

Option C

Option D

The MAC address table supports partial matches. TCAM requires an exact match.

The MAC address table is contained in TCAM ACL and QoS information is stored in CAM.

Router prefix lookups happen in TCAM. MAC address table lookups happen In CAM.

TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables

Container

Mainframe

Host

virtual machine

network data platform

network underlay

fabric overlay

network control platform

partner ecosystem

value that identifies a specific tunnel within the Cisco SD-WAN overlay

identifier that represents a specific service offered by nodes within the Cisco SD-WAN overlay

attribute that acts as a next hop for network prefixes

component set by the administrator to differentiate similar nodes that offer a common service

Cisco ISE and Enterprise Directory Services

Cisco ISE. network switches, firewalls, and routers

Cisco ISE and TACACS+

Cisco ASA and Cisco Firepower Threat Defense

13dBm

14 dBm

17dBm

20 dBm

NetFlow updates to the collector are sent 50% less frequently.

Every second IPv4 packet is forwarded to the collector for inspection.

CPU and memory utilization are reduced when compared with what is required for full NetFlow.

The resolution of sampling data increases, but it requires more performance from the router.

provides improved network security

inventories network devices

aids In the deployment network configurations

improves the user experience

vAnaiytlcs

vSmart

WAN Edge

vBond

vManage

NSF/NSR

SSO

HSRP

VRRP

software-defined segmentation

private VLANs

SD-WAN

modular QoS

identity services

EIGRP metrics are based on a combination of bandwidth and packet loss, and OSPF metrics are based on interface bandwidth.

EIGRP uses the Dijkstra algorithm, and OSPF uses The DUAL algorithm

The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is undefined

The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is 110

IKF

TLS

IPsec

ESP

detect and black ransomware in email attachments

outbound URL analysis and data transfer controls

user context analysis

blocking of fileless malware in real time

cloud-based analysis of threats

NFS share

non-linux server

local server

remote server

bare metal server

access-list 10 permit ip any any eq 21 tcp-ack

access-list 110 permit tcp any any eq 21 tcp-ack

access-list 10 permit tcp any any eq 21 established

access-list 110 permit tcp any any eq 21 established

ip sla schedule 100 start-time now life forever

ip sla schedule 30 start-time now life forever

ip sla schedule 100 start-time now life 30

ip sla schedule 100 life forever

the username "cisco" and the password "Cisco"

no username and only the password "test123"

no username and only the password "cisco123"

the username "cisco" and the password “cisco123"

VNI

GRE

VTEP

EVPN

It unshuts the loopback interface

It renames the loopback interface

It deletes the loopback interface

It displays the loopback interface

economy of mechanism

complete mediation

separation of privilege

least common mechanism

It updates wireless clients' locations in the fabric

It connects wireless clients to the fabric.

It manages wireless clients' membership information in the fabric

It configures security policies down to wireless clients in the fabric.

print(response['resut'][0||'simple_time']}

print(response[result']['body']['simple_time']}

print(response['body']['simple_time']}

print(response[jresult']['body']['simple_time']}

Option A

Option B

Option C

Option D

It is based on VXLAN technology.

Each router processes every possible destination and route

It allows host mobility only in the wireless network.

It stores remote routes in a centralized database server

Option A

Option B

Option C

Option D

Interface Gi0/0 on Switch2 must be configured as passive.

Interface Gi0/1 on Switch1 must be configured as desirable.

interface Gi0/1 on Switch2 must be configured as active.

Trucking must be enabled on both Interfaces on Switch2.

S2 is configured as LACP. Change the channel group mode to passive

S2 is configured with PAgP. Change the channel group mode to active.

S1 is configured with LACP. Change the channel group mode to on

S1 is configured as PAgP. Change the channel group mode to desirable

applications

disk

VM configuration file

operating system

Option A

Option B

Option C

Option D

VXLAN

IS-IS

OSPF

LISP

Option A

Option B

Option C

Option D

Authentication Down/Switching Down

Authentication-Central/Switch-Local

Authentication- Down/Switch-Local

Authentication-Central/Switch-Central

Configure 172.16.20.0 as a stub network.

Apply a policy to filter OSPF packets on R2.

Configure a passive Interface on R2 toward 172.16.20.0.

Configure graceful restart on the 172.16.20.0 interface.

All wireless LAN controllers are managed by the master controller.

All new APs that join the WLAN are assigned to the master controller.

Configuration on the master controller is executed on all wireless LAN controllers.

The master controller is responsible for load balancing all connecting clients to other controllers

Option

Option

Option

Option

Reload the switch to force EtherChannel renegotiation

Ensure that interfaces Gi1/0/2 and Gi1/0/3 connect to the same neighboring switch.

Ensure that the switchport parameters of Port channel1 match the parameters of the port channel on the neighbor switch

Ensure that the corresponding port channel interface on the neighbor switch is named Port-channel1.

Ensure that the neighbor interfaces of Gi1/0/2 and Gi/0/3 are configured as members of the same EtherChannel

Option A

Option B

Option C

Option D

mobility

LWAPP

CAPWAP

iPsec

better application performance

Improved security because the underlying OS is eliminated

Improved density and scalability

ability to operate on hardware that is running other OSs

Option

Option

Option

Option

the cdp neighbors

the routing table

the router processes

the running configuration

IP first-hop redundancy

communication between different nodes for cluster setup

physical link redundancy

minimal network downtime following an RP switchover

aaa authentication login default group ISE-Servers local enable

aaa authentication login default group enable local ISE-Servers

aaa authorization exec default group ISE-Servers local enable

aaa authentication login error-enable

aaa authentication login default group enable local ISE-Servers

The "params" variable sends data fields to the network appliance.

The native interface information is read from the network appliance.

The Information for all interfaces is read from the network appliance.

The "params" variable reads data fields from the network appliance

WLC1 marks me diem with an anchor entry In Its own database. The database entry is copied to the new controller and marked with a foreign entry on VVLC2.

WLC2 marks the client with an anchor entry In Its own database. The database entry Is copied to the new controller and marked with a foreign entry on WLC1

WLCl marks the client with a foreign entry in its own database. The database entry is copied to the new controller and marked with an anchor entry on WLC2.

WLC2 marks the client with a foreign entry In its own database. The database entry Is copied to the new controller and marked with an anchor entry on WLC1.

Inside source addresses are translated to the 209.165.201.0/27 subnet.

It establishes a one-to-one NAT translation.

The 10.1.1.0/27 subnet is assigned as the inside global address range.

The 209.165.201.0/27 subnet is assigned as the outside local address range.

The 10.1.1.0/27 subnet is assigned as the inside local addresses.

Cisco United Wireless Network

Cisco DNA Spaces

Cisco Catalyst switch with embedded controller

Cisco Mobility Express

The number of hops it takes to reach the master time server.

The number of hops it takes to reach the authoritative time source.

The amount of offset between the device clock and true time.

The amount of drift between the device clock and true time.

aaa authorization exec default local group tacacs+

aaa authorization exec default local group radius none

aaa authorization exec default group radius local none

aaa authorization exec default group radius local

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option E

ip http port 8888

restconf port 8888

ip http restconf port 8888

restconf http port 8888