Unlock your Full 200-301 Cisco Stable Exam

Cisco Certified Network Associate Questions and Answers

Question 1

Which statement correctly compares traditional networks and controller-based networks?

Options:

Only traditional networks offer a centralized control plane

Only traditional networks natively support centralized management

Traditional and controller-based networks abstract policies from device configurations

Only controller-based networks decouple the control plane and the data plane

Question 2

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

110

115

Question 3

Refer to the exhibit.

Question # 3

If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command how does the router respond?

Options:

It ignores the new static route until the existing OSPF default route is removed

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

It starts load-balancing traffic between the two default routes

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

Question 4

When OSPF learns multiple paths to a network, how does it select a route?

Options:

It multiple the active K value by 256 to calculate the route with the lowest metric.

For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.

It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.

It count the number of hops between the source router and the destination to determine the router with the lowest metric

Question 5

Refer to Exhibit.

Question # 5

An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Options:

ipv6 router 2000::1/128 2012::1

ipv6 router 2000::1/128 2012::1 5

ipv6 router 2000::1/128 2012::2

ipv6 router 2000::1/128 2023::2 5

ipv6 router 2000::1/128 2023::3 5

Question 6

Which type of traffic is sent with pure iPsec?

Options:

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

multicast traffic from a server at one site to hosts at another location

spanning-tree updates between switches that are at two different sites

unicast messages from a host at a remote site to a server at headquarters

Question 7

Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right

Question # 7

Options:

Question 8

Refer to the exhibit.

Question # 8

With which metric was the route to host 172.16.0.202 learned?

Options:

110

38443

3184439

Question 9

Which command must be entered when a device is configured as an NTP server?

Options:

ntp authenticate

ntp server

ntp peer

ntp master

Question 10

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

enable AAA override

enable RX-SOP

enable DTIM

enable Band Select

Question 11

Which two primary drivers support the need for network automation? (Choose two.)

Options:

Eliminating training needs

Increasing reliance on self-diagnostic and self-healing

Policy-derived provisioning of resources

Providing a ship entry point for resource provisioning

Reducing hardware footprint

Question 12

How does the dynamically-learned MAC address feature function?

Options:

The CAM table is empty until ingress traffic arrives at each port

Switches dynamically learn MAC addresses of each connecting CAM table.

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

It requires a minimum number of secure MAC addresses to be filled dynamically

Question 13

An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration requirement?

Options:

WEP

RC4

AES

TKIP

Question 14

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Question # 14

Options:

Question 15

What benefit does controller-based networking provide versus traditional networking?

Options:

moves from a two-tier to a three-tier network architecture to provide maximum redundancy

provides an added layer of security to protect from DDoS attacks

allows configuration and monitoring of the network from one centralized port

combines control and data plane functionality on a single device to minimize latency

Question 16

Refer to the exhibit.

Question # 16

Between which zones do wireless users expect to experience intermittent connectivity?

Options:

between zones 1 and 2

between zones 2 and 5

between zones 3 and 4

between zones 3 and 6

Question 17

Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?

Options:

HTTPS

RADIUS

TACACS+

HTTP

Question 18

What is a function of TFTP in network operations?

Options:

transfers a backup configuration file from a server to a switch using a username and password

transfers files between file systems on a router

transfers a configuration files from a server to a router on a congested link

transfers IOS images from a server to a router for firmware upgrades

Question 19

Refer to Exhibit.

Question # 19

How does SW2 interact with other switches in this VTP domain?

Options:

It processes VTP updates from any VTP clients on the network on its access ports.

It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports

It forwards only the VTP advertisements that it receives on its trunk ports.

It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports

Question 20

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

The switch must be running a k9 (crypto) IOS image

The Ip domain-name command must be configured on the switch

IP routing must be enabled on the switch

A console password must be configured on the switch

Telnet must be disabled on the switch

Question 21

Refer to the exhibit.

Question # 21

The show ip ospf interface command has been executed on R1 How is OSPF configured?

Options:

The interface is not participating in OSPF

A point-to-point network type is configured

The default Hello and Dead timers are in use

There are six OSPF neighbors on this interface

Question 22

Refer to the exhibit.

Question # 22

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

Options:

ipv6 route ::/0 Serial 0/0/1

ipv6 route 0/0 Serial 0/0/0

ipv6 route ::/0 Serial 0/0/0

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

ipv6 route ::/0 2000::2

Question 23

What is the benefit of configuring PortFast on an interface?

Options:

After the cable is connected, the interface uses the fastest speed setting available for that cable type

After the cable is connected, the interface is available faster to send and receive user data

The frames entering the interface are marked with higher priority and then processed faster by a switch.

Real-time voice and video frames entering the interface are processed faster

Question 24

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

Options:

No router ID is set, and the OSPF protocol does not run.

The highest up/up physical interface IP address is selected as the router ID.

The lowest IP address is incremented by 1 and selected as the router ID.

The router ID 0.0.0.0 is selected and placed in the OSPF process.

Question 25

Refer to the exhibit.

Question # 25

Which change to the configuration on Switch?

allows the two switches to establish an GtherChannel?

Options:

Change the protocol to EtherChannel mode on.

Change the LACP mode to active

Change the LACP mode to desirable

Change the protocol to PAqP and use auto mode

Question 26

Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right

Question # 26

Options:

Question 27

Refer to the exhibit.

Question # 27

Drag and drop the networking parameters from the left onto the correct values on the right.

Question # 27

Options:

Question 28

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

Both use the same data-link header and trailer formats

Both cable types support LP connectors

Both cable types support Rj-45 connectors

Both support up to 550 meters between nodes

Question 29

Refer to the exhibit.

Question # 29

Which command configures a floating static route to provide a backup to the primary link?

Options:

ip route 0.0.0.0 0.0.0.0 209.165.202.131

ip route 209.165.201.0 255.255.255.224 209.165.202.130

ip route 0.0.0.0 0.0.0.0 209.165.200.224

ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

Question 30

Refer to the exhibit.

Question # 30

An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password?

Question # 30

Options:

Option A

Option B

Option C

Option D

Question 31

Refer to the exhibit.

Question # 31

Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Options:

Interface errors are incrementing

An incorrect SFP media type was used at SiteA

High usage is causing high latency

The sites were connected with the wrong cable type

Question 32

Refer to the exhibit.

Question # 32

Which prefix does Router 1 use for traffic to Host A?

Options:

10.10.10.0/28

10.10.13.0/25

10.10.13.144/28

10.10.13.208/29

Question 33

Refer to Exhibit.

Question # 33

Which action do the switches take on the trunk link?

Options:

The trunk does not form and the ports go into an err-disabled status.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 34

Refer to the exhibit.

Question # 34

Which route type is configured to reach the internet?

Options:

host route

default route

floating static route

network route

Question 35

What is the expected outcome when an EUI-64 address is generated?

Options:

The seventh bit of the original MAC address of the interface is inverted

The interface ID is configured as a random 64-bit value

The characters FE80 are inserted at the beginning of the MAC address of the interface

The MAC address of the interface is used as the interface ID without modification

Question 36

Refer to the exhibit.

Question # 36

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

209.165.200.254 via Serial0/0/1

209.165.200.254 via Serial0/0/0

209.165.200.246 via Serial0/1/0

209.165.200.250 via Serial0/0/0

Question 37

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

point-to-multipoint

point-to-point

broadcast

nonbroadcast

Question 38

What are two differences between optical-fiber cabling and copper cabling? (Choose two)

Options:

Light is transmitted through the core of the fiber

A BNC connector is used for fiber connections

The glass core component is encased in a cladding

Fiber connects to physical interfaces using Rj-45 connections

The data can pass through the cladding

Question 39

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

management interface settings

QoS settings

Ip address of one or more access points

SSID

Profile name

Question 40

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

Options:

route with the lowest cost

route with the next hop that has the highest IP

route with the shortest prefix length

route with the lowest administrative distance

Question 41

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

configure switchport nonegotiate

configure switchport mode dynamic desirable

configure switchport mode dynamic auto

configure switchport trunk dynamic desirable

Question 42

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

Options:

ip address 192.168.0.0 255.255.0.0

ip address 192.168.0.0 255.255.254.0

ip address 192.168.0.0 255.255.255.128

ip address 192.168.0.0 255.255.255.224

Question 43

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

bridge

route

autonomous

lightweight

Question 44

Refer to the exhibit.

Question # 44

Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

Question # 44

Options:

Option A

Option B

Option C

Option D

Question 45

When the active router in an HSRP group fails, what router assumes the role and forwards packets?

Options:

backup

standby

listening

forwarding

Question 46

Refer to the exhibit.

Question # 46

To which device does Router1 send packets that are destined to host 10.10.13.165?

Options:

Router2

Router3

Router4

Router5

Question 47

When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?

Options:

DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

Question 48

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

Options:

Unicode

base64

decimal

ASCII

Question 49

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

port-to-multipoint

broadcast

point-to-point

nonbroadcast

Question 50

How does WPA3 improve security?

Options:

It uses SAE for authentication.

It uses a 4-way handshake for authentication.

It uses RC4 for encryption.

It uses TKIP for encryption.

Question 51

Drag and drop the AAA terms from the left onto the description on the right.

Question # 51

Options:

Question 52

What are two reasons for an engineer to configure a floating state route? (Choose two)

Options:

to automatically route traffic on a secondary path when the primary path goes down

to route traffic differently based on the source IP of the packet

to enable fallback static routing when the dynamic routing protocol fails

to support load balancing via static routing

to control the return path of traffic that is sent from the router

Question 53

What is a characteristic of private IPv4 addressing?

Options:

traverse the Internet when an outbound ACL is applied

issued by IANA in conjunction with an autonomous system number

composed of up to 65.536 available addresses

used without tracking or registration

Question 54

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

Options:

OpenFlow

Java

REST

XML

Question 55

Refer to the exhibit.

Question # 55

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 56

Refer to the exhibit.

Question # 56

Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right Not all prefixes are used

Options:

Question 57

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

Question # 57

Options:

Option A

Option B

Option C

Option D

Question 58

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

offer compression

increase security by using a WEP connection

provide authentication

protect traffic on open networks

Question 59

Refer to the exhibit.

Question # 59

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

F0/10

F0/11

F0/12

F0/13

Question 60

Refer to the exhibit.

Question # 60

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 61

Refer to the exhibit.

Question # 61

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

Configure the ip dhcp relay information command under interface Gi0/1.

Configure the ip dhcp smart-relay command globally on the router

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

Configure the ip address dhcp command under interface Gi0/0

Question 62

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Question # 62

Options:

Question 63

Refer to the exhibit.

Question # 63

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Question # 63

Options:

Option A

Option B

Option C

Option D

Question 64

Which action implements physical access control as part of the security program of an organization?

Options:

configuring a password for the console port

backing up syslogs at a remote location

configuring enable passwords on network devices

setting up IP cameras to monitor key infrastructure

Question 65

Refer to the exhibit.

Question # 65

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

Question # 65

Options:

Option A

Option B

Option C

Option D

Question 66

Refer to the exhibit.

Question # 66

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Options:

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

Remark traffic as it traverses R1 and trust all markings at the access layer.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Question 67

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

Question # 67

Options:

Option A

Option B

Option C

Option D

Question 68

Which field within the access-request packet is encrypted by RADIUS?

Options:

authorized services

authenticator

username

password

Question 69

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

Options:

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Question 70

How does Rapid PVST+ create a fast loop-free network topology?

Options:

lt requires multiple links between core switches

It generates one spanning-tree instance for each VLAN

It maps multiple VLANs into the same spanning-tree instance

It uses multiple active paths between end stations.

Question 71

Which protocol uses the SSL?

Options:

HTTP

SSH

HTTPS

Telnet

Question 72

Refer to the exhibit.

Question # 72

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

heavy traffic congestion

a duplex incompatibility

a speed conflict

queuing drops

Question 73

Which two network actions occur within the data plane? (Choose two.)

Options:

Add or remove an 802.1Q trunking header.

Make a configuration change from an incoming NETCONF RPC.

Run routing protocols.

Match the destination MAC address to the MAC address table.

Reply to an incoming ICMP echo request.

Question 74

Refer to the exhibit.

Question # 74

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

Options:

Configure router A to use the same MTU size as router B.

Set the router B OSPF ID to a nonhost address.

Configure a point-to-point link between router A and router B.

Set the router B OSPF ID to the same value as its IP address

Question 75

Refer to the exhibit.

Question # 75

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 76

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

Question 77

What is a function of a Next-Generation IPS?

Options:

makes forwarding decisions based on learned MAC addresses

serves as a controller within a controller-based network

integrates with a RADIUS server to enforce Layer 2 device authentication rules

correlates user activity with network events

Question 78

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 79

Refer to the exhibit.

Question # 79

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 80

Refer to the exhibit.

Question # 80

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 81

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

disabled

listening

forwarding

learning

blocking

Question 82

What provides centralized control of authentication and roaming In an enterprise network?

Options:

a lightweight access point

a firewall

a wireless LAN controller

a LAN switch

Question 83

What is the function of the controller in a software-defined network?

Options:

multicast replication at the hardware level

fragmenting and reassembling packets

making routing decisions

forwarding packets

Question 84

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

Question 85

Refer to the exhibit.

Question # 85

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 86

Refer to the exhibit.

Question # 86

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

username CNAC secret R!41!4319115@

ip ssh version 2

line vty 0 4

crypto key generate rsa 1024

transport input ssh

Question 87

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

unique local address

link-local address

aggregatable global address

IPv4-compatible IPv6 address

Question 88

Refer to the exhibit.

Question # 88

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 89

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

user-activity logging

service limitations

consumption-based billing

identity verification

Question 90

Refer to the exhibit.

Question # 90

Which command must be issued to enable a floating static default route on router A?

Options:

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 91

What are two benefits of FHRPs? (Choose two.)

Options:

They enable automatic failover of the default gateway.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

They are able to bundle multiple ports to increase bandwidth.

They prevent loops in the Layer 2 network.

They allow encrypted traffic.

Question 92

Which protocol is used for secure remote CLI access?

Options:

HTTPS

HTTP

Telnet

SSH

Question 93

Refer to the exhibit.

Question # 93

Which network prefix was learned via EIGRP?

Options:

172.16.0.0/16

192.168.2.0/24

207.165.200.0/24

192.168.1.0/24

Question 94

Refer to the exhibit.

Question # 94

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

Change the channel-group mode on SW2 to auto

Change the channel-group mode on SW1 to desirable.

Configure the interface port-channel 1 command on both switches.

Change the channel-group mode on SW1 to active or passive.

Question 95

Refer to the exhibit.

Question # 95

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

Question # 95

Options:

Option A

Option B

Option C

Option D

Question 96

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

shaping

classification

policing

marking

Question 97

Refer to the exhibit.

Question # 97

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

There is a duplex mismatch on the interface

There is an issue with the fiber on the switch interface.

There is a speed mismatch on the interface.

There is an interface type mismatch

Question 98

Refer to the exhibit.

Question # 98

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 99

Which action is taken by the data plane within a network device?

Options:

forwards traffic to the next hop

constructs a routing table based on a routing protocol

provides CLI access to the network device

looks up an egress interface in the forwarding information base

Question 100

Refer to the exhibit.

Question # 100

What is a reason for poor performance on the network interface?

Options:

The interface is receiving excessive broadcast traffic.

The cable connection between the two devices is faulty.

The interface is operating at a different speed than the connected device.

The bandwidth setting of the interface is misconfigured

Question 101

Refer to the exhibit.

Question # 101

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 102

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Question # 102

Options:

Question 103

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

WLAN dynamic

management

trunk

access

Question 104

Refer to the exhibit.

Question # 104

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 105

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Question # 105

Options:

Question 106

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Question # 106

Options:

Question 107

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

SYIM flood

reflection

teardrop

amplification

Question 108

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Question # 108

Options:

Question 109

Refer to the exhibit.

Question # 109

The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication?

Options:

interface range gigabitethernet0/0/0-15 channel-group 1 mode on

interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable

interface port-channel 1 channel-group 1 mode auto

interface port-channel 1 channel-group 1 mode passive

Question 110

An engineer must configure neighbor discovery between the company router and an ISP

Question # 110

What is the next step to complete the configuration if the ISP uses a third-party router?

Options:

Enable LLDP globally.

Disable CDP on gi0/0.

Enable LLDP TLVs on the ISP router.

Disable auto-negotiation.

Question 111

Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?

Options:

UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.

UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.

UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery.

UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capability to receive packets in random order.

Question 112

Drag and drop the functions of AAA supporting protocols from the left onto the protocols on the right.

Question # 112

Options:

Question 113

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

Options:

site-to-site VPN

IDMVPN

IGETVPN

IPsec remote access

clientless VPN

Question 114

Refer to the exhibit.

Question # 114

After configuring a new static route on the CPE. the engineer entered this series of commands to verify that the new configuration is operating normally When is the static default route installed into the routing table?

Options:

when 203 0 113.1 is no longer reachable as a next hop B. when the default route learned over external BGP becomes invalid

when a route to 203.0 113 1 is learned via BGP

when the default route over external BGP changes its next hop

Question 115

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

Options:

Set the QoS level to silver or greater for voice traffic.

Set the QoS level to platinum for voice traffic.

Enable Media Session Snooping on re WLAN.

Enable traffic shaping for the LAN interlace of the WLC.

Configure two different QoS rotes tor data and voice traffic.

Question 116

What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table?

Options:

It floods the frame unchanged across all remaining ports in the incoming VLAN.

It appends the table with a static entry for the MAC and shuts down the port.

It updates the CAM table with the destination MAC address of the frame.

It changes the checksum of the frame to a value that indicates an invalid frame.

Question 117

Refer to the exhibit.

Question # 117

What is the next step to complete the implementation for the partial NAT configuration shown?

Options:

Reconfigure the static NAT entries that overlap the NAT pool

Configure the NAT outside interface

Modify the access list for the internal network on e0/1

Apply the ACL to the pool configuration

Question 118

Refer to the exhibit.

Question # 118

Rooter R1 is added to the network and configured with tie 10 0 0 64/26 and 10.0.20.0/24 subnets However traffic destined for the LAN on R3 is not access. Which command when executed on R1 defines a tunic route to reach the R3 LAN?

Question # 118

Options:

Option

Question 119

Drag and drop the use cases for device-management technologies from the left onto the corresponding.

Question # 119

Options:

Question 120

Refer to the exhibit.

Question # 120

A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.)

Options:

Enable the Broadcast SSID option

Enable the Status option.

Set the Radio Policy option to 802 11g Only.

Set the Radio Policy option to 802.11a Only.

Set the Interface/Interface Group(G) to an interface other than guest

Question 121

When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?

Options:

Question 122

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

Options:

authorizing potentially compromised wireless traffic

inspecting specific files and file types for malware

authenticating end users

URL filtering

Question 123

Refer to the exhibit.

Question # 123

The Router1 routing table has multiple methods to reach 10.10.10.0/24 as shown. The default Administrative Distance is used. Drag and drop the network conditions from the left onto the routing methods that Router1 uses on the right.

Question # 123

Options:

Question 124

Refer to the exhibit. User traffic originating within site 0 is failing to reach an application hosted on IP address 192.168 0 10. Which is located within site A What is determined by the routing table?

Options:

The default gateway for site B is configured incorrectly

The lack of a default route prevents delivery of the traffic

The traffic is blocked by an implicit deny in an ACL on router2

The traffic to 192 168 010 requires a static route to be configured in router 1.

Question 125

Refer to the exhibit.

A network engineer must configure communication between PC A and the file server. Which commend must be configured on switch A to prevent interruption of other communications?

Question # 125

Options:

switch port trunk allowed vlan 12

switchport trunk allowed vlan none

switchport trunk allowed vlan add 13

switch port trunk allowed vlan remove 10-11

Question 126

Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

Options:

Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

Question 127

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

Options:

switchport port-security mac-address abcd.abcd.abcd

switchport port-security mac-address abed.abed.abed vlan 4

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

switchport port-security mac-address abcd.abcd.abcd vlan voice

Question 128

Drag and drop the virtualization concepts from the left onto the matching statements on the right.

Question # 128

Options:

Question 129

Question # 129

Refer to the exhibit. An engineer is building a new Layer 2 LACP EtherChannel between SW1 and SW2. and they executed the given show commands to verify the work Which additional task must be performed so that the switches successfully bundle the second member in the LACP port-channel?

Options:

Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1

Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.

Configure the switchport trunk allowtd vlan add 300 command on interface FaO 2 on SW2.

Configure the switchport trunk allowtd vlan add 300 command on SW1 port-channel 1

Question 130

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

Options:

netstat-n

ipconfig

ifconfig

netstat-r

Question 131

Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs?

Options:

RADIUS

TACACS+

802.1X

Kerberos

Question 132

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the next-hop devices are different?

Options:

The router chooses the route with the oldest age.

The router load-balances traffic over all routes to the destination.

The router chooses the next hop with the lowest MAC address.

The router chooses the next hop with the lowest IP address.

Question 133

Which two practices are recommended for an acceptable security posture in a network? (Choose two)

Options:

Backup device configurations to encrypted USB drives for secure retrieval

maintain network equipment in a secure location

Use a cryptographic keychain to authenticate to network devices

Place internal email and file servers in a designated DMZ

Disable unused or unnecessary ports, interfaces and services

Question 134

How do TCP and UDP fit into a query-response model?

Options:

TCP establishes a connection prior to sending data, and UDP sends immediately.

TCP uses error detection for packets, and UDP uses error recovery.

TCP avoids using sequencing, and UDP avoids using acknowledgments.

TCP encourages out-of-order packet delivery, and UDP prevents re-ordering.

Question 135

Question # 135

Options:

Question 136

Refer to the exhibit.

Question # 136

The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken must be taken to complete the task?

Options:

Configure the no lldp tlv-select-management-address command globally on Cat9K-2

Configure the no lldp transmit command on interface G1/0/21 in Cat9K-1

Configure the no lldp receive command on interface G1/0/21 on Cat9K-1

Configure the no lldp mac-phy-cfg command globally on Cat9K-2

Question 137

Refer to the exhibit.

Question # 137

Which switch becomes the root bridge?

Question # 137

Options:

Option A

Option B

Option C

Option D

Question 138

Question # 138

Refer lo the exhibit. What is the next-hop P address for R2 so that PC2 reaches the application server via ElGRP?

Options:

192.168.30.1

10.10 105

10.10.10.6

192.168.201

Question 139

An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer?

Options:

client exclusion

passive client

DHCP address assignment

static IP tunneling

Question 140

Refer to the exhibit.

Question # 140

A network engineer must update the configuring on switch2 so that it sends LLDP packets.

Question # 140

Options:

Option A

Option B

Option C

Option D

Question 141

Refer to the exhibit.

Question # 141

Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? O A. 2001:db8:1a44:41a4:C801:BEFF:FE4A:1

B. 2001:db8:1a44:41a4:C081:BFFF:FE4A:1

C. 2001:db8:1a44:41a4:4562:098F:FE36:1

D. 2001:db8:1a44:41a4:C800:BAFE:FF00:1

Options:

Question 142

Which 802.11 frame type is Association Response?

Options:

management

control

action

protected frame

Question 143

What determines the sequence in which materials are planned during the material requirements planning (MRP) run?

Options:

The control parameters of the MRP run

The creation date of the materials

The low-level code of the materials

The replenishment lead time of the materials

Question 144

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatical togged out?

Options:

config sessions maxsessions 0

config sessions timeout 0

config serial timeout 0

config serial timeout 9600

Question 145

Refer to the exhibit.

Question # 145

The primary route across Gi0/0 is configured on both routers. A secondary route must be configured to establish connectivity between the workstation networks. Which command set must be configured to complete this task?

Question # 145

Options:

Option A

Option B

Option C

Option D

Question 146

Which IPv6 address range is suitable for anycast addresses for distributed services such DHCP or DNS?

Options:

FF00:1/12

2001:db8:0234:ca3e::1/128

2002:db84:3f37:ca98:be05:8/64

FE80::1/10

Question 147

Which two server types support dornas name to IP address resolution? (Choose two >

Options:

ESX host

resolver

web

file transfer

authentication

Question 148

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)

Options:

::ffif 1014 1011/96

2001 7011046:1111:1/64

;jff06bb43cd4dd111bbff02 4545234d

2002 5121204b 1111:1/64

FF02::0WlFF00:0l)00/104

Question 149

Which IP header field is changed by a Cisco device when QoS marking is enabled?

Options:

Header Checksum

Type of service

DSCP

ECN

Question 150

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Question # 150

Options:

Question 151

Drag and drop the statement about AAA services from the left to the corresponding AAA services on the right.

Question # 151

Options:

Question 152

Drag and drop the AAA lerms from the left onto the descriptions on the right.

Question # 152

Options:

Question 153

Refer to the exhibit.

Question # 153

PC A is communicating with another device at IP address 10.227.225.255. Through which router does router Y route the traffic?

Options:

router A

router B

router C

router D

Question 154

Refer to the exhibit.

Question # 154

Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?

Options:

2001 :db8::5000:0004:5678:0090/64

2001 :db8:4425:5400:77ft:fe07:/64

2001 :db8::5000:00ff:fe04 0000/64

2001 :db8::5200:00ff:fe04:0000/64

Question 155

Refer to the exhibit.

Question # 155

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

Options:

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Question 156

Refer to the exhibit.

Question # 156

The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.

Options:

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 2012::1

ipv6 route 2000:3 123 s0/0/0

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::1/128 s0/0/1

Question 157

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Question # 157

Options:

Question 158

Which cipher is supported for wireless encryption only with the WPA2 standard?

Options:

AES256

AES

RC4

SHA

Question 159

Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access?

Options:

global unicast

public

private

multicast

Question 160

Refer to the exhibit.

Question # 160

The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent?

Options:

192.168.1.226

192.168.1.100

192.168.1.254

192.168.1.253

Question 161

What differentiates device management enabled by cisco DNA center from traditional campus device management?

Options:

CLI-oriented device

device-by-device hands-on

centralized

per-device

Question 162

In a cloud-computing environment what is rapid elasticity?

Options:

control and monitoring of resource consumption by the tenant

automatic adjustment of capacity based on need

pooling resources in a multitenant model based on need

self-service of computing resources by the tenant

Question 163

In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)

Options:

It automatically provides a second authentication factor that is unknown to the original user.

It uses an internal firewall to protect the password repository from unauthorized access.

It protects against keystroke logging on a compromised device or web site.

It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality

It encourages users to create stronger passwords.

Question 164

When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)

Options:

ASCII

base64

binary

decimal

hexadecimal

Question 165

Refer to the exhibit.

Question # 165

An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G/0/1. Which access list must be applied?

Question # 165

Options:

Option A

Option B

Option C

Option D

Question 166

What criteria is used first during the root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 167

Which network allows devices to communicate without the need to access the Internet?

Options:

1729.0.0/16

172.28.0.0/16

192.0.0.0/8

209.165.201.0/24

Question 168

Which network action occurs within the data plane?

Options:

compare the destination IP address to the IP routing table.

run routing protocols (OSPF, EIGRP, RIP, BGP)

make a configuration change from an incoming NETCONF RPC

reply to an incoming ICMP echo request

Question 169

How do TCP and UDP differ in the way that they establish a connection between two endpoints?

Options:

TCP uses synchronization packets, and UDP uses acknowledgment packets.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

UDP provides reliable message transfer and TCP is a connectionless protocol

TCP uses the three-way handshake and UDP does not guarantee message delivery

Question 170

Which level of severity must be set to get informational syslogs?

Options:

alert

critical

notice

debug

Question 171

Drag the IPv6 DNS record types from the left onto the description on the right.

Question # 171

Options:

Question 172

What are network endpoints?

Options:

act as routers to connect a user to the service prowler network

a threat to the network if they are compromised

support inter-VLAN connectivity

enforce policies for campus-wide traffic going to the internet

Question 173

What is a DHCP client?

Options:

a workstation that requests a domain name associated with its IP address

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts.

a router that statically assigns IP addresses to hosts.

Question 174

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.

Options:

dual algorithm

metric

administrative distance

hop count

Question 175

Drag and drop the network protocols from the left onto the correct transport services on the right.

Question # 175

Options:

Question 176

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

Options:

infrastructure-as-a-service

platform-as-a-service

business process as service to support different types of service

software-as-a-service

Question 177

Refer to the exhibit.

Question # 177

A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

Options:

access-list 2699 permit udp 10.20.1.0 0.0.0.255

no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22

access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

Question 178

What occurs to frames during the process of frame flooding?

Options:

Frames are sent to every port on the switch in the same VLAN except from the originating port

Frames are sent to every port on the switch that has a matching entry in the MAC address table.

Frames are sent to all ports, including those that are assigned to other VLANs.

Frames are sent to every port on the switch in the same VLAN.

Question 179

What is the maximum bandwidth of a T1 point-to-point connection?

Options:

1.544 Mbps

2.048 Mbps

34.368 Mbps

43.7 Mbps

Question 180

Which action does the router take as it forwards a packet through the network?

Options:

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination

The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination

The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination

Question 181

Question # 181

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 182

In software-defined architecture, which place handles switching for traffic through a Cisco router?

Options:

Control

Management

Data

application

Question 183

Which device tracks the state of active connections in order to make a decision to forward a packet through?

Options:

wireless access point

firewall

wireless LAN controller

router

Question 184

What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?

Options:

data plane

control plane

policy plane

management plane

Question 185

Refer to the exhibit.

Question # 185

The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other VLANs are to remain tagged.

Which command accomplishes this task?

Options:

switchport access vlan 67

switchport trunk allowed vlan 67

switchport private-vlan association host 67

switchport trunk native vlan 67

Question 186

Refer to exhibit.

Question # 186

Which statement explains the configuration error message that is received?

Options:

It is a broadcast IP address

The router does not support /28 mask.

It belongs to a private IP address range.

IT is a network IP address.

Question 187

Refer to the exhibit.

Question # 187

Which password must an engineer use to enter the enable mode?

Options:

adminadmin123

default

testing 1234

cisco123

Question 188

What causes a port to be placed in the err-disabled state?

Options:

latency

port security violation

shutdown command issued on the port

nothing plugged into the port

Question 189

Refer to Exhibit.

Question # 189

The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the NEW York router? (Choose two)

Options:

ipv6 route 2000::1/128 2012::1

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::3/128 s0/0/0

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 s0/0/1

Question 190

What is a characteristic of a SOHO network?

Options:

connects each switch to every other switch in the network

enables multiple users to share a single broadband connection

provides high throughput access for 1000 or more users

includes at least three tiers of devices to provide load balancing and redundancy

Question 191

which purpose does a northbound API serve in a controller-based networking architecture?

Options:

communicates between the controller and the physical network hardware

reports device errors to a controller

generates statistics for network hardware and traffic

facilitates communication between the controller and the applications

Question 192

Which type of attack can be mitigated by dynamic ARP inspection?

Options:

worm

malware

DDoS

man-in-the-middle

Question 193

What is a characteristic of cloud-based network topology?

Options:

wireless connections provide the sole access method to services

onsite network services are provided with physical Layer 2 and Layer 3 components

services are provided by a public, private, or hybrid deployment

physical workstations are configured to share resources

Question 194

Refer to the Exhibit.

Question # 194

After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. which error must be corrected?

Options:

There is a native VLAN mismatch

Access mode is configured on the switch ports.

The PCs are m the incorrect VLAN

All VLANs are not enabled on the trunk

Question 195

What is the primary purpose of a First Hop Redundancy Protocol?

Options:

It allows directly connected neighbors to share configuration information.

It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.

It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.

It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

Question 196

Refer to the exhibit.

Question # 196

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

Options:

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Question 197

Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used

Question # 197

Options:

Question 198

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

Options:

platform-as-a-service

software-as-a-service

network-as-a-service

infrastructure-as-a-service

Question 199

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

Clock timezone

Clock summer-time-recurring

Clock summer-time date

Clock set

Question 200

Refer to the exhibit.

Question # 200

Which outcome is expected when PC_A sends data to PC_B?

Options:

The switch rewrites the source and destination MAC addresses with its own.

The source MAC address is changed.

The source and destination MAC addresses remain the same.

The destination MAC address is replaced with ffff.ffff.ffff.

Question 201

Which technology allows for multiple operating systems to be run on a single host computer?

Options:

virtual routing and forwarding

network port ID visualization

virtual device contexts

server visualization

Question 202

What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

Options:

The Layer 2 switch drops the received frame

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

Question 203

Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)

Options:

listening

blocking

forwarding

learning

speaking

Question 204

What is recommended for the wireless infrastructure design of an organization?

Options:

group access points together to increase throughput on a given channel

configure the first three access points are configured to use Channels 1, 6, and 11

include a least two access points on nonoverlapping channels to support load balancing

assign physically adjacent access points to the same Wi-Fi channel

Question 205

What does a switch use to build its MAC address table?

Options:

VTP

DTP

egress traffic

ingress traffic

Question 206

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

switchport port-security violation access

switchport port-security violation protect

switchport port-security violation restrict

switchport port-security violation shutdown

Question 207

What describes the operation of virtual machines?

Options:

Virtual machines are responsible for managing and allocating host hardware resources

In a virtual machine environment, physical servers must run one operating system at a time.

Virtual machines are the physical hardware that support a virtual environment.

Virtual machines are operating system instances that are decoupled from server hardware

Question 208

Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?

Options:

TACACS server

wireless access point

RADIUS server

wireless LAN controller

Question 209

Which 802.11 frame type is association response?

Options:

management

protected frame

control

action

Question 210

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

Add the switch in the VTP domain with a lower revision number

Add the switch with DTP set to dynamic desirable

Add the switch in the VTP domain with a higher revision number

Add the switch with DTP set to desirable

Question 211

Which configuration ensures that the switch is always the root for VLAN 750?

Options:

Switch(config)#spanning-tree vlan 750 priority 38003685

Switch(config)#spanning-tree vlan 750 root primary

Switch(config)#spanning-tree vlan 750 priority 614440

Switch(config)#spanning-tree vlan 750 priority 0

Question 212

What is the function of a hub-and-spoke WAN topology?

Options:

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Question 213

Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?

Options:

BPDUfilter

PortFast

Backbonefast

BPDUguard

Question 214

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

initiates a ping request to the URL

prompts the user to specify the desired IP address

continuously attempts to resolve the URL until the command is cancelled

sends a broadcast message in an attempt to resolve the URL

Question 215

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

YAML

JSON

EBCDIC

SGML

XML

Question 216

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

Options:

The device Is assigned to the Global site.

The device Is placed into the Unmanaged state.

The device is placed into the Provisioned state.

The device is placed into the Managed state.

The device is assigned to the Local site.

Question 217

Question # 217

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 218

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 218

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 219

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 219

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.
To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.
To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 220

Question # 220

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 221

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Question # 221

Options:

Question 222

Question # 222

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Question # 222

Options:

Question 223

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Question # 223

Options:

Question 224

Question # 224

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 225

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Question # 225

Options:

Question 226

Question # 226

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Question # 226

Options:

Question 227

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 227

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.
On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.
On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.
On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.
On both SW1 and SW2, exit the interface range configuration mode by using the exit command.
On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.
On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.
On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.
On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.
On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.
On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Load More 200-301 Questions

Weekend Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo

Activedumpsnet Navigation

Activedumpsnet Slider

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Cisco Certified Network Associate Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer: