Unlock your Full 200-301 Cisco Stable Exam

Cisco Certified Network Associate Questions and Answers

Question 1

Which state does the switch port move to when PortFast is enabled?

Options:

forwarding

listening

blocking

learning

Question 2

Which two capacities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two)

Options:

adapters that support all families of Cisco IOS software

SDKs that support interaction with third-party network equipment

customized versions for small, medium, and large enterprises

REST APIs that allow for external applications to interact natively with Cisco DNA Center

modular design that is upgradable as needed

Question 3

What causes a port to be placed in the err-disabled state?

Options:

latency

port security violation

shutdown command issued on the port

nothing plugged into the port

Question 4

An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result?

Options:

logging trap 5

logging trap 2

logging trap 4

logging trap 3

Question 5

What is the difference in data transmission delivery and reliability between TCP and UDP?

Options:

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

Question 6

Which implementation provides the strongest encryption combination for the wireless environment?

Options:

WPA2 + AES

WPA + AES

WEP

WPA + TKIP

Question 7

Refer to the exhibit.

Question # 7

A router reserved these five routes from different routing information sources.

Which two routes does the router install in its routing table? (Choose two)

Options:

RIP route 10.0.0.0/30

iBGP route 10.0.0.0/30

OSPF route 10.0.0.0/30

EIGRP route 10.0.0.1/32

OSPF route 10.0.0.0/16

Question 8

What uses HTTP messages to transfer data to applications residing on different hosts?

Options:

OpenFlow

OpenStack

OpFlex

REST

Question 9

Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

Options:

CPU ACL

TACACS

Flex ACL

RADIUS

Question 10

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

redundancy

console

distribution system

service

Question 11

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Question # 11

Options:

Question 12

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

Options:

The device Is assigned to the Global site.

The device Is placed into the Unmanaged state.

The device is placed into the Provisioned state.

The device is placed into the Managed state.

The device is assigned to the Local site.

Question 13

What criteria is used first during the root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 14

Which type of wireless encryption is used for WPA2 in preshared key mode?

Options:

TKIP with RC4

RC4

AES-128

AES-256

Question 15

By default, how Does EIGRP determine the metric of a route for the routing table?

Options:

it uses the bandwidth and delay values of the path to calculate the route metric

it uses a default metric of 10 for all routes that are learned by the router

it uses a reference Bandwidth and the actual bandwidth of the connected link to calculate the route metric

it counts the number of hops between the receiving and destination routers and uses that value as the metric

Question 16

In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

Options:

There is limited unique address space, and traffic on the new subnet will stay local within the organization.

The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.

Traffic on the subnet must traverse a site-to-site VPN to an outside organization.

The ISP requires the new subnet to be advertised to the internet for web services.

Question 17

What is the primary purpose of a First Hop Redundancy Protocol?

Options:

It allows directly connected neighbors to share configuration information.

It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.

It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.

It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

Question 18

What is a role of wireless controllers in an enterprise network?

Options:

centralize the management of access points in an enterprise network

support standalone or controller-based architectures

serve as the first line of defense in an enterprise network

provide secure user logins to devices on the network.

Question 19

What is a DHCP client?

Options:

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts

a workstation that requests a domain name associated with its IP address

a rooter that statically assigns IP addresses to hosts

Question 20

Where is the interface between the control plane and data plane within the software-defined architecture?

Options:

control layer and the infrastructure layer

application layer and the infrastructure layer

control layer and the application layer

application layer and the management layer

Question 21

How do TCP and UDP differ in the way they guarantee packet delivery?

Options:

TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.

TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only.

TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only.

TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only.

Question 22

Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?

Options:

auto

active

desirable

Question 23

Refer to the exhibit.

Question # 23

Which command provides this output?

Options:

show ip route

show ip interface

show interface

show cdp neighbor

Question 24

What event has occurred if a router sends a notice level message to a syslog server?

Options:

A TCP connection has been torn down

An ICMP connection has been built

An interface line has changed status

A certificate has expired.

Question 25

How do servers connect to the network in a virtual environment?

Options:

wireless to an access point that is physically connected to the network

a cable connected to a physical switch on the network

a virtual switch that links to an access point that is physically connected to the network

a software switch on a hypervisor that is physically connected to the network

Question 26

Question # 26

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 27

Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Question # 27

Options:

Question 28

Refer to the exhibit.

Question # 28

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

It sends packets out of interface Fa0/2 only.

It sends packets out of interface Fa0/1 only.

It cannot send packets to 10.10.13 128/25

It load-balances traffic out of Fa0/1 and Fa0/2

Question 29

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

Options:

Both operate at a frequency of 500 MHz.

Both support runs of up to 55 meters.

Both support runs of up to 100 meters.

Both support speeds of at least 1 Gigabit.

Both support speeds up to 10 Gigabit.

Question 30

Refer to the exhibit.

Question # 30

What is the result if Gig1/11 receives an STP BPDU?

Options:

The port transitions to STP blocking

The port transitions to the root port

The port immediately transitions to STP forwarding.

The port goes into error-disable state

Question 31

Refer to the exhibit.

Question # 31

Which switch in this configuration will be elected as the root bridge?

Question # 31

Options:

SW1

SW2

SW3

SW4

Question 32

Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used

Question # 32

Options:

Question 33

When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)

Options:

ASCII

base64

binary

decimal

hexadecimal

Question 34

Why was the RFC 1918 address space defined?

Options:

conserve public IPv4 addressing

preserve public IPv6 address space

reduce instances of overlapping IP addresses

support the NAT protocol

Question 35

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

Options:

Reassociation Request

Probe Request

Authentication Request

Association Request

Question 36

Which HTTP status code is returned after a successful REST API request?

Options:

200

301

404

500

Question 37

Refer to the exhibit.

Question # 37

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

Options:

10.4.4.4

10.4.4.5

172.23.103.10

172.23.104.4

Question 38

An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured Drag and drop the configuration commands from the left into the correct sequence on the right Not all commands are used

Question # 38

Options:

Question 39

What is the purpose of traffic shaping?

Options:

to mitigate delays over slow links

to provide fair queuing for buffered flows

to limit the bandwidth that a flow can use to

be a marking mechanism that identifies different flows

Question 40

What must be considered when using 802:11 ta?

Options:

It is compatible with 802 lib- and 802 11-compliant wireless devices

It is used in place of 802 11b/g when many nonoverlapping channels are required

It is susceptible to interference from 2 4 GHz devices such as microwave ovens.

It is chosen over 802 11b/g when a lower-cost solution is necessary

Question 41

On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

Options:

DHCP

STP

SNMP

DNS

Question 42

What is the benefit of using FHRP?

Options:

reduced management overhead on network routers

balancing traffic across multiple gateways in proportion to their loads

higher degree of availability

reduced ARP traffic on the network

Question 43

When a switch receives a frame for a known destination MAC address, how is the frame handed?

Options:

sent to the port identified for the known MAC address

broadcast to all ports

forwarded to the first available port

flooded to all ports except the one from which it originated

Question 44

What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

Options:

The Layer 2 switch drops the received frame

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

Question 45

Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

Options:

enable secret

service password-encryption

username Cisco password encrypt

enable password

Question 46

How do TCP and UDP differ in the way that they establish a connection between two endpoints?

Options:

TCP uses synchronization packets, and UDP uses acknowledgment packets.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

UDP provides reliable message transfer and TCP is a connectionless protocol

TCP uses the three-way handshake and UDP does not guarantee message delivery

Question 47

Which type of address is the public IP address of a NAT device?

Options:

outside global

outsdwde local

inside global

insride local

outside public

inside public

Question 48

Question # 48

Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down?

Question # 48

Options:

Option A

Option B

Option C

Option D

Question 49

What is the function of a hub-and-spoke WAN topology?

Options:

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Question 50

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

Options:

platform-as-a-service

software-as-a-service

network-as-a-service

infrastructure-as-a-service

Question 51

Refer to the exhibit.

Question # 51

How does the router manage traffic to 192.168.12.16?

Options:

It selects the RIP route because it has the longest prefix inclusive of the destination address.

It chooses the OSPF route because it has the longest prefix inclusive of the destination address.

it load-balances traffic between all three routes

It chooses the EIGRP route because it has the lowest administrative distance

Question 52

Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period?

Options:

switch(config)#spanning-tree vlan 1 max-age 6

switch(config)#spanning-tree vlan 1 hello-time 10

switch(config)#spanning-tree vlan 1 priority 4096

switch(config)#spanning-tree vlan 1 forward-time 20

Question 53

Which 802.11 frame type is association response?

Options:

management

protected frame

control

action

Question 54

Which protocol does an IPv4 host use to obtain a dynamically assigned IP address?

Options:

ARP

DHCP

CDP

DNS

Question 55

What is the maximum bandwidth of a T1 point-to-point connection?

Options:

1.544 Mbps

2.048 Mbps

34.368 Mbps

43.7 Mbps

Question 56

Which WAN access technology is preferred for a small office / home office architecture?

Options:

broadband cable access

frame-relay packet switching

dedicated point-to-point leased line

Integrated Services Digital Network switching.

Question 57

Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?

Options:

role-based access control

biometrics

multifactor authentication

physical access control

Question 58

Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.

Question # 58

Options:

Question 59

Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

Options:

cookbook

task

playbook

model

recipe

Question 60

Which level of severity must be set to get informational syslogs?

Options:

alert

critical

notice

debug

Question 61

Refer to the exhibit.

Question # 61

What two conclusions should be made about this configuration? (Choose two )

Options:

The designated port is FastEthernet 2/1

This is a root bridge

The spanning-tree mode is Rapid PVST+

The spanning-tree mode is PVST+

The root port is FastEthernet 2/1

Question 62

Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right.

Question # 62

Options:

Question 63

Refer to the exhibit.

Question # 63

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 64

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Question # 64

Options:

Question 65

Refer to the exhibit.

Question # 65

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 66

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Question # 66

Options:

Question 67

Refer to the exhibit.

Question # 67

What is a reason for poor performance on the network interface?

Options:

The interface is receiving excessive broadcast traffic.

The cable connection between the two devices is faulty.

The interface is operating at a different speed than the connected device.

The bandwidth setting of the interface is misconfigured

Question 68

Which two network actions occur within the data plane? (Choose two.)

Options:

Add or remove an 802.1Q trunking header.

Make a configuration change from an incoming NETCONF RPC.

Run routing protocols.

Match the destination MAC address to the MAC address table.

Reply to an incoming ICMP echo request.

Question 69

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

shaping

classification

policing

marking

Question 70

What is the purpose of the ip address dhcp command?

Options:

to configure an Interface as a DHCP server

to configure an interface as a DHCP helper

to configure an interface as a DHCP relay

to configure an interface as a DHCP client

Question 71

Refer to the exhibit.

Question # 71

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

Select the WPA Policy option with the CCKM option.

Disable AES encryption.

Enable Fast Transition and select the FT 802.1x option.

Enable Fast Transition and select the FT PSK option.

Question 72

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

Question # 72

Options:

Option A

Option B

Option C

Option D

Question 73

Refer to the exhibit.

Question # 73

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

Options:

Define a NAT pool on the router.

Configure static NAT translations for VLAN 200.

Configure the ip nat outside command on another interface for VLAN 200.

Update the NAT INSIDF RANGFS ACL

Question 74

Refer to the exhibit.

Question # 74

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

Options:

192.168.1.0/24 via 192.168.12.2

192.168.1.128/25 via 192.168.13.3

192.168.1.192/26 via 192.168.14.4

192.168.1.224/27 via 192.168.15.5

Question 75

Which action implements physical access control as part of the security program of an organization?

Options:

configuring a password for the console port

backing up syslogs at a remote location

configuring enable passwords on network devices

setting up IP cameras to monitor key infrastructure

Question 76

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

WLAN dynamic

management

trunk

access

Question 77

Refer to the exhibit.

Question # 77

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

Question # 77

Options:

Option A

Option B

Option C

Option D

Question 78

What causes a port to be placed in the err-disabled state?

Options:

nothing plugged into the port

link flapping

shutdown command issued on the port

latency

Question 79

Refer to the exhibit.

Question # 79

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 80

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

Options:

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Question 81

Refer to the exhibit.

Question # 81

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 82

Refer to the exhibit.

Question # 82

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

Question # 82

Options:

Option A

Option B

Option C

Option D

Option E

Question 83

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

Options:

SSH

HTTPS

Telnet

console

Question 84

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 85

Refer to the exhibit.

Question # 85

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

heavy traffic congestion

a duplex incompatibility

a speed conflict

queuing drops

Question 86

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

Question 87

Refer to the exhibit.

Question # 87

Which command must be issued to enable a floating static default route on router A?

Options:

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 88

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Question # 88

Options:

Question 89

Refer to the exhibit.

Question # 89

Which network prefix was learned via EIGRP?

Options:

172.16.0.0/16

192.168.2.0/24

207.165.200.0/24

192.168.1.0/24

Question 90

Refer to the exhibit.

Question # 90

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

Options:

Configure router A to use the same MTU size as router B.

Set the router B OSPF ID to a nonhost address.

Configure a point-to-point link between router A and router B.

Set the router B OSPF ID to the same value as its IP address

Question 91

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Question # 91

Options:

Question 92

Refer to the exhibit.

Question # 92

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 93

Refer to the exhibit.

Question # 93

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 94

How does Rapid PVST+ create a fast loop-free network topology?

Options:

lt requires multiple links between core switches

It generates one spanning-tree instance for each VLAN

It maps multiple VLANs into the same spanning-tree instance

It uses multiple active paths between end stations.

Question 95

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

Question 96

A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply?

Options:

interface vlan 2000

ipv6 address ffc0:0000:aaaa::1234:2343/64

interface vlan 2000

Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64

interface vlan 2000

ipv6 address fe80;0000:aaaa::1234:2343/64

interface vlan 2000

ipv6 address fd00::1234:2343/64

Question 97

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

Question # 97

Options:

Option A

Option B

Option C

Option D

Question 98

Refer to the exhibit.

Question # 98

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

username CNAC secret R!41!4319115@

ip ssh version 2

line vty 0 4

crypto key generate rsa 1024

transport input ssh

Question 99

Refer to the exhibit.

Question # 99

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

Options:

via next-hop 10.0.1.5

via next-hop 10 0 1.4

via next-hop 10.0 1.50

via next-hop 10.0 1 100

Question 100

Refer to the exhibit.

Question # 100

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

Options:

ip route 172.21.34.0 255.255.255.192 10.73.65.65

ip route 172.21.34.0 255.255.255.0 10.73.65.65

ip route 172.21.34.0 255.255.128.0 10.73.65.64

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Question 101

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Question # 101

Options:

Question 102

Refer to the exhibit.

Question # 102

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

Options:

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Question 103

Refer to the exhibit.

Question # 103

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 104

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

global unicast address

anycast address

multicast address

link-local address

Question 105

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

Options:

ipv6 address 21:EB8:C1:2200:1::331/64

ipv6 address 2001:EB8:C1:22:1::331/64

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Question 106

What is the difference between IPv6 unicast and anycast addressing?

Options:

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 107

Which two components comprise part of a PKI? (Choose two.)

Options:

preshared key that authenticates connections

RSA token

CA that grants certificates

clear-text password that authenticates connections

one or more CRLs

Question 108

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

Options:

weighted random early detection

traffic policing

traffic shaping

traffic prioritization

Question 109

Refer to the exhibit.

Question # 109

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

Options:

switchport trunk allowed vlan 100-104

switchport trunk allowed vlan add 104

switchport trunk allowed vlan all

switchport trunk allowed vlan 104

Question 110

Refer to the exhibit.

Question # 110

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

Question # 110

Options:

Option A

Option B

Option C

Option D

Question 111

Refer to the exhibit.

Question # 111

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 112

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 113

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

user-activity logging

service limitations

consumption-based billing

identity verification

Question 114

Refer to the exhibit.

Question # 114

Which two commands when used together create port channel 10? (Choose two.)

Options:

int range g0/0-1

channel-group 10 mode active

int range g0/0-1 chanm.l-group 10 mode desirable

int range g0/0-1

channel-group 10 mode passive

int range g0/0-1 channel-group 10 mode auto

int range g0/0-1 channel-group 10 mode on

Question 115

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

SYIM flood

reflection

teardrop

amplification

Question 116

What is a function of a Next-Generation IPS?

Options:

makes forwarding decisions based on learned MAC addresses

serves as a controller within a controller-based network

integrates with a RADIUS server to enforce Layer 2 device authentication rules

correlates user activity with network events

Question 117

Refer to the exhibit.

Question # 117

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Options:

Modify the configured number of the second access list.

Add either the ip nat {inside|outside} command under both interfaces.

Remove the overload keyword from the ip nat inside source command.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Question 118

Refer to the exhibit.

Question # 118

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

F0/10

F0/11

F0/12

F0/13

Question 119

Refer to the exhibit.

Question # 119

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Question # 119

Options:

Option A

Option B

Option C

Option D

Question 120

What is one reason to implement LAG on a Cisco WLC?

Options:

to increase security and encrypt management frames

to provide link redundancy and load balancing

to allow for stateful and link-state failover

to enable connected switch ports to failover and use different VLANs

Question 121

Refer to the exhibit.

Question # 121

Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Question # 121

Options:

SW1

SW2

SW3

SW4

Question 122

Refer to the exhibit.

Question # 122

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 123

Refer to the exhibit.

Question # 123

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

192.168.0.7

192.168.0.4

192.168.0.40

192.168.3.5

Question 124

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

disabled

listening

forwarding

learning

blocking

Question 125

What are two benefits of FHRPs? (Choose two.)

Options:

They prevent (oops in the Layer 2 network.

They allow encrypted traffic.

They are able to bundle muftlple ports to increase bandwidth

They enable automatic failover of the default gateway.

They allow multiple devices lo serve as a single virtual gateway for clients in the network

Question 126

Refer to Exhibit.

Question # 126

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Question # 126

Options:

Option A

Option B

Option C

Option D

Question 127

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Question # 127

Options:

Question 128

Which design element is a best practice when deploying an 802.11b wireless infrastructure?

Options:

disabling TPC so that access points can negotiate signal levels with their attached wireless devices.

setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller

allocating nonoverlapping channels to access points that are in close physical proximity to one another

configuring access points to provide clients with a maximum of 5 Mbps

Question 129

Why does a switch flood a frame to all ports?

Options:

The frame has zero destination MAC addresses.

The source MAC address of the frame is unknown

The source and destination MAC addresses of the frame are the same

The destination MAC address of the frame is unknown.

Question 130

Where does wireless authentication happen?

Options:

SSID

radio

band

Layer 2

Question 131

Which set of action satisfy the requirement for multifactor authentication?

Options:

The user swipes a key fob, then clicks through an email link

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

The user enters a user name and password and then re-enters the credentials on a second screen

Question 132

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

Options:

Enable Security Association Teardown Protection and set the SA Query timeout to 10

Enable MAC filtering and set the SA Query timeout to 10

Enable 802.1x Layer 2 security and set me Comeback timer to 10

Enable the Protected Management Frame service and set the Comeback timer to 10

Question 133

Refer to the exhibit.

Question # 133

What is the effect of this configuration?

Options:

The switch port interface trust state becomes untrusted

The switch port remains administratively down until the interface is connected to another switch

Dynamic ARP inspection is disabled because the ARP ACL is missing

The switch port remains down until it is configured to trust or untrust incoming packets

Question 134

An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented?

Options:

switch(config-line)#IIdp port-description

switch(config)#IIdp port-description

switch(config-if)#IIdp port-description

switch#IIdp port-description

Question 135

When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?

Options:

DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

Question 136

How does WPA3 improve security?

Options:

It uses SAE for authentication.

It uses a 4-way handshake for authentication.

It uses RC4 for encryption.

It uses TKIP for encryption.

Question 137

Which networking function occurs on the data plane?

Options:

forwarding remote client/server traffic

facilitates spanning-tree elections

processing inbound SSH management traffic

sending and receiving OSPF Hello packets

Question 138

Refer to me exhibit.

Question # 138

Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

Options:

It uses a route that is similar to the destination address

It discards the packets.

It floods packets to all learned next hops.

It Queues the packets waiting for the route to be learned.

Question 139

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

configure switchport nonegotiate

configure switchport mode dynamic desirable

configure switchport mode dynamic auto

configure switchport trunk dynamic desirable

Question 140

Refer to the exhibit.

Question # 140

Router R1 Fa0/0 is unable ping router R3 Fa0/1.

Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 141

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use 5GH2 access points?

Options:

Re- Anchor Roamed Clients

11ac MU-MIMO

OEAP Split Tunnel

Client Band Select

Question 142

Refer to the exhibit.

Question # 142

Which route type does the routing protocol Code D represent in the output?

Options:

internal BGP route

/24 route of a locally configured IP

statically assigned route

route learned through EIGRP

Question 143

A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received interface counter increments?

Options:

collision

CRC

runt

late collision

Question 144

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

management interface settings

QoS settings

Ip address of one or more access points

SSID

Profile name

Question 145

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

point-to-multipoint

point-to-point

broadcast

nonbroadcast

Question 146

Refer to the exhibit.

Question # 146

An administrator configures four switches for local authentication using passwords that are stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?

Options:

SW1

SW2

SW3

SW4

Question 147

Refer to the exhibit.

Question # 147

A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?

Options:

207.165.200.246 via Serial0/1/0

207.165.200.254 via Serial0/0/1

207.165.200.254 via Serial0/0/0

207.165.200.250 via Serial/0/0/0

Question 148

What prevents a workstation from receiving a DHCP address?

Options:

DTP

STP

VTP

802.10

Question 149

Refer to the exhibit.

Question # 149

To which device does Router1 send packets that are destined to host 10.10.13.165?

Options:

Router2

Router3

Router4

Router5

Question 150

An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled

Question # 150

Which action is necessary to complete the configuration if the ISP uses third-party network devices?

Options:

Enable LLDP globally

Disable autonegotiation

Disable Cisco Discovery Protocol on the interface

Enable LLDP-MED on the ISP device

Question 151

Refer to the exhibit.

Question # 151

Which two prefixes are included in this routing table entry? (Choose two.)

Options:

192.168.1.17

192.168.1.61

192.168.1.64

192.168.1.127

192.168.1.254

Question 152

What makes Cisco DNA Center different from traditional network management applications and their management of networks?

Options:

It omits supports auto-discovery of network elements in a greenfield deployment.

It modular design allows someone to implement different versions to meet the specific needs of an organization

It abstracts policy from the actual device configuration

It does not support high availability of management functions when operating in cluster mode

Question 153

Refer to the exhibit.

Question # 153

For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:

• Disable all neighbor discovery methods on R5 interface GiO/1.

• Permit neighbor discovery on R5 interface GiO/2.

• Verify there are no dynamically learned neighbors on R5 interface Gi0/1.

• Display the IP address of R6*s interface Gi0/2.

Which configuration must be used?

Question # 153

Options:

Option A

Option B

Option C

Option D

Question 154

With REST API, which standard HTTP header tells a server which media type is expected by the client?

Options:

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

Question 155

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

access ports

Layer 3 main Interfaces

Layer 3 suninterfaces

trunk ports

Question 156

A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

Options:

cost

adminstrative distance

metric

as-path

Question 157

What are two benefits of network automation? (Choose two)

Options:

reduced operational costs

reduced hardware footprint

faster changes with more reliable results

fewer network failures

increased network security

Question 158

Refer to the exhibit.

Question # 158

What action establishes the OSPF neighbor relationship without forming an adjacency?

Options:

modify hello interval

modify process ID

modify priority

modify network type

Question 159

Refer to the exhibit.

Question # 159

Which route type is configured to reach the internet?

Options:

host route

default route

floating static route

network route

Question 160

What is a characteristic of private IPv4 addressing?

Options:

traverse the Internet when an outbound ACL is applied

issued by IANA in conjunction with an autonomous system number

composed of up to 65.536 available addresses

used without tracking or registration

Question 161

Drag and drop to the characteristics of networking from the left onto the correct networking types on the right.

Question # 161

Options:

Question 162

What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

Options:

access - core - distribution - access

access - distribution - distribution - access

access - core - access

access -distribution - core - distribution - access

Question 163

Refer to the exhibit.

Question # 163

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

Question 164

Refer to the exhibit.

Question # 164

A network administrator assumes a task to complete the connectivity between PC A and the File Server. Switch A and Switch B have been partially configured with VLAN 10, 11, 12, and 13. What is the next step in the configuration?

Options:

Add PC A to VLAN 10 and the File Server to VLAN 11 fa VLAN segmentation

Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation

Add a router on a stick between Switch A and Switch B allowing for Inter-VLAN routing.

Add PC A to the same subnet as the Fie Server allowing for intra-VLAN communication.

Question 165

What is the expected outcome when an EUI-64 address is generated?

Options:

The seventh bit of the original MAC address of the interface is inverted

The interface ID is configured as a random 64-bit value

The characters FE80 are inserted at the beginning of the MAC address of the interface

The MAC address of the interface is used as the interface ID without modification

Question 166

Refer to the exhibit.

Question # 166

An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic Which configuration accomplishes this task?

Question # 166

Options:

Option A

Option B

Option C

Option D

Question 167

What are two characteristics of a public cloud Implementation? (Choose two.)

Options:

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how It deploys network resources.

It provides services that are accessed over the Internet.

It Is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Question 168

What is the primary different between AAA authentication and authorization?

Options:

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Question 169

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

sniffer

mesh

flexconnect

local

Question 170

Which statement correctly compares traditional networks and controller-based networks?

Options:

Only traditional networks offer a centralized control plane

Only traditional networks natively support centralized management

Traditional and controller-based networks abstract policies from device configurations

Only controller-based networks decouple the control plane and the data plane

Question 171

An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration requirement?

Options:

WEP

RC4

AES

TKIP

Question 172

Refer to the exhibit.

Question # 172

If R1 receives a packet destined to 172.161.1, to which IP address does it send the packet?

Options:

192.168.12.2

192.168.13.3

192.168.14.4

192.168.15.5

Question 173

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

Options:

configure the hello and dead timers to match on both sides

configure the same process ID for the router OSPF process

configure the same router ID on both routing processes

Configure the interfaces as OSPF active on both sides.

configure both interfaces with the same area ID

Question 174

Refer to the exhibit.

Question # 174

An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right.

Question # 174

Options:

Question 175

What is a role of access points in an enterprise network?

Options:

connect wireless devices to a wired network

support secure user logins to devices or the network

integrate with SNMP in preventing DDoS attacks

serve as a first line of defense in an enterprise network

Question 176

Which result occurs when PortFast is enabled on an interface that is connected to another switch?

Options:

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

Question 177

Refer to the exhibit.

Question # 177

The show ip ospf interface command has been executed on R1 How is OSPF configured?

Options:

The interface is not participating in OSPF

A point-to-point network type is configured

The default Hello and Dead timers are in use

There are six OSPF neighbors on this interface

Question 178

Refer to the exhibit.

Question # 178

Which two commands were used to create port channel 10? (Choose two )

Question # 178

Options:

Option A

Option B

Option C

Option D

Option E

Question 179

Which action is taken by a switch port enabled for PoE power classification override?

Options:

When a powered device begins drawing power from a PoE switch port a syslog message is generated

As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused

If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects

Should a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled

Question 180

What is the benefit of configuring PortFast on an interface?

Options:

After the cable is connected, the interface uses the fastest speed setting available for that cable type

After the cable is connected, the interface is available faster to send and receive user data

The frames entering the interface are marked with higher priority and then processed faster by a switch.

Real-time voice and video frames entering the interface are processed faster

Question 181

An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between hardware and virtual machines?

Options:

hypervisor

router

straight cable

switch

Question 182

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

Question # 182

Options:

Option A

Option B

Option C

Option D

Question 183

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

Both use the same data-link header and trailer formats

Both cable types support LP connectors

Both cable types support Rj-45 connectors

Both support up to 550 meters between nodes

Question 184

Refer to the exhibit.

Question # 184

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

eBGP

static

OSPF

EIGRP

Question 185

What Is a syslog facility?

Options:

Host that is configured for the system to send log messages

password that authenticates a Network Management System to receive log messages

group of log messages associated with the configured severity level

set of values that represent the processes that can generate a log message

Question 186

What is a difference between RADIUS and TACACS+?

Options:

RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication

TACACS+ encrypts only password information and RADIUS encrypts the entire payload

TACACS+ separates authentication and authorization, and RADIUS merges them

RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands

Question 187

Options:

LAG

EtherChannel

trunk

access

Question 188

Question # 188

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

Select the 802.1 x option for Auth Key Management.

Select the WPA Policy option.

Select the PSK option for Auth Key Management.

Select the AES option for Auth Key Management.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 189

What differentiates device management enabled by cisco DNA center from traditional campus device management?

Options:

CLI-oriented device

device-by-device hands-on

centralized

per-device

Question 190

Which AP mode serves as the primary hub in a point-to-multipoint network topology.

Options:

FlexConnect

SE-Connect

bridge

local

Question 191

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?

Options:

crypto key Import rsa pem

crypto key pubkey-chain rsa

crypto key generate rsa

crypto key zeroize rsa

Question 192

What happens when a switch receives a frame with a destination MAC address that recently aged out?

Options:

The switch references the MAC address aging table for historical addresses on the port that received the frame.

The switch floods the frame to all ports in all VLANs except the port that received the frame

The switch drops the frame and learns the destination MAC address again from the port that received the frame

The switch floods the frame to all ports in the VLAN except the port that received the frame.

Question 193

Question # 193

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

Options:

Question 194

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Question # 194

Options:

Question 195

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Question # 195

Options:

Is the internet reachable?

Is the default gateway reachable?

Is the DNS server reachable?

Question 196

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show Interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

Options:

high bandwidth usage

a physical cable fault

a speed mismatch

a cable that is too long

Question 197

Refer to the exhibit.

Question # 197

A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line but not from show running- config. Which command completes the configuration?

Options:

Device(config)# netconf lock-time 500

Device(config)# netconf max-message 1000

Device(config)# no netconf ssh acl 1

Device(config)# netconf max-sessions 100

Question 198

Refer to the exhibit.

Question # 198

Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration?

Options:

Uncheck the Guest User check box

Check the Guest User Role check box

Set the Lifetime (seconds) value to 0

Clear the Lifetime (seconds) value

Question 199

Which interface is used for out-of-band management on a WLC?

Options:

dynamic

service port

virtual

management

Question 200

Drag and drop the statements about access-point modes from the left onto the corresponding modes on the right.

Question # 200

Options:

Question 201

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

ntp master 172.24.54.8

ntp client 172.24.54.8

ntp peer 172.24.54.8

ntp server 172.24.54.8

Question 202

Refer to the exhibit.

Question # 202

A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements:

• accommodates current configured VLANs

• expands the range to include VLAN 20

• allows for IEEE standard support for virtual LANs

Which configuration on the NewSwitch side of the link meets these requirements?

Question # 202

Options:

Option A

Option B

Option C

Option D

Question 203

Question # 203

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

Options:

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Question 204

NO: 346

What must a network administrator consider when deciding whether to configure a new wireless network with APs in autonomous mode or APs running in cloud-based mode?

Options:

Autonomous mode APs are less dependent on an underlay but more complex to maintain than APs in cloud-based mode.

Cloud-based mode APs relay on underlays and are more complex to maintain than APs in autonomous mode.

Cloud-based mode APs are easy to deploy but harder to automate than APs in autonomous mode.

Autonomous mode APs are easy to deploy and automate than APs in cloud-based mode.

Question 205

Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?

Options:

Generic Router Encapsulation (GRE)

Virtual Local Area Network (VLAN)

Virtual Extensible LAN (VXLAN)

Point-to-Point Protocol

Question 206

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Question # 206

Options:

Question 207

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?

Options:

The APs must be connected to the switch with multiple links in LAG mode

The switch port mode must be set to trunk

The native VLAN must match the management VLAN of the AP

IEEE 802.10 trunking must be disabled on the switch port.

Question 208

What is a feature of WPA?

Options:

802.1x authentication

preshared key

TKIP/MIC encryption

small Wi-Fi application

Question 209

Question # 209

Options:

Option A

Option B

Option C

Option D

Question 210

Refer to the exhibit.

Question # 210

What is the next hop for traffic entering R1 with a destination of 10.1.2 126?

Options:

10.165 20.126

10.165.20.146

10.165.20.166

10.165 20.226

Question 211

Question # 211

Refer to the exhibit. Drag and drop the subnet masks from the left onto the corresponding subnets on the right. Not all subnet masks used.

Question # 211

Options:

Question 212

Refer to the exhibit.

Question # 212

A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interlace Seria10. What is the effect of the configuration as the administrator applies the command?

Options:

The permit command fails and returns an error code.

The router accepts all incoming traffic to Seria10 with the last octet of the source IP set to 0.

The sourced traffic from IP range 10.0.0.0 -10.0.0.255 is allowed on Seria10.

The router fails to apply the access list to the interface.

Question 213

Which encryption method is used by WPA3?

Options:

PSK

TKIP

SAE

AES

Question 214

Which enhancement is implemented in WPA3?

Options:

applies 802.1x authentication

usesTKIP

employs PKI to identify access points

protects against brute force attacks

Question 215

What are two benefits for using private IPv4 addressing? (Choose two.)

Options:

They alleviate the shortage of public IPv4 addresses.

They supply redundancy in the case of failure.

They offer Internet connectivity to endpoints on private networks.

They allow for Internet access from IoT devices.

They provide a layer of security from Internet threats.

Question 216

Drag and drop the management connection types from the left onto the definitions on the right.

Question # 216

Options:

Question 217

Refer to the exhibit.

Question # 217

An OSPF neighbor relationship must be configured using these guidelines:

• R1 is only permitted to establish a neighbor with R2

• R1 will never participate in DR elections

• R1 will use a router-id of 101.1.1.

Which configuration must be used?

Question # 217

Options:

Option

Question 218

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

200 seconds

300 seconds

600 seconds

900 seconds

Question 219

Question # 219

Refer to the exhibit. Company A wants to use a RADIUS server to service all user and device authentication attempts with a more secure and granular authentication approach. Not all client devices support dot1x authentication. Which two configuration changes must be made to accomplish the task? (Choose two.)

Options:

Enable AutoConfig IPSK under the Layer 2 tab.

Select Authentication server under the AAA servers tab.

Configure Enterprise Security type under the Layer 2 tab.

Set Authentication under the Layer 3 tab.

Enable WPA2 Policy under the Layer 2 tab.

Question 220

Refer to the exhibit.

Question # 220

How many JSON objects are presented?

Options:

Question 221

A network architect is deciding whether to implement Cisco autonomous access points or lightweight access points. Which fact about firmware updates must the architect consider? Unlike lightweight access points, which require

Options:

Unlike lightweight access points, which require redundant WLCs to support firmware upgrades, autonomous access points require only one WLC.

Unlike autonomous access points, lightweight access points store a complete copy of the current firmware for backup.

Unlike lightweight access points, autonomous access points can recover automatically from a corrupt firmware update.

Unlike autonomous access points, lightweight access points require a WLC to implement remote firmware updates.

Question 222

Refer to the exhibit.

Question # 222

When router R1 is sending traffic to IP address 10.56.192 1, which interface or next hop address does it use to route the packet?

Options:

0.0.0.0.0/0

10.56.0.1

10.56.128.19

Vlan57

Question 223

How is noise defined in Wi-Fi?

Options:

ratio of signal-to-noise rating supplied by the wireless device

signals from other Wi-Fi networks that interfere with the local signal

measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal

any interference that is not Wi-Fi traffic that degrades the desired signal

Question 224

What are two lacts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

It is less expensive when purchasing patch cables.

It has a greater sensitivity to changes in temperature and moisture.

It provides greater throughput options.

It carries signals for longer distances.

It carries electrical current further distances for PoE devices.

Question 225

Exhibit.

Question # 225

The switches are connected via a Cat5 Ethernet cable that was successfully tested. The Interfaces are configured as access ports and are both in a 'down" status. What is the cause of this issue?

Options:

The switches are configured with incompatible duplex settings.

The distance between the two switches is not supported by Cut5.

The speed settings on the switches are mismatched.

The portfast command is missing from the configuration.

Question 226

Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right.

Question # 226

Options:

Question 227

Which two transport layer protocols carry syslog messages? (Choose two.)

Options:

UDP

RTP

TCP

ARP

Question 228

Drag and drop the use cases for device-management technologies from the left onto the corresponding.

Question # 228

Options:

Question 229

Refer to the exhibit.

Question # 229

Router OldR is replacing another router on the network with the intention of having OldR and R2 exchange routes_ After the engineer applied the initial OSPF

configuration: the routes were still missing on both devices. Which command sequence must be issued before the clear IP ospf process command is entered to enable the neighbor relationship?

Question # 229

Options:

Option A

Option B

Option C

Option D

Question 230

Refer to the exhibit.

Question # 230

Which entry is the longest prefix match for host IP address 192.168.10.5?

Options:

Question 231

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the next-hop devices are different?

Options:

The router chooses the route with the oldest age.

The router load-balances traffic over all routes to the destination.

The router chooses the next hop with the lowest MAC address.

The router chooses the next hop with the lowest IP address.

Question 232

Refer to the exhibit.

Question # 232

Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A network engineer must configure R1 with a floating static route to serve as a backup route to network 192.168.23. Which command must the engineer configure on R1?

Options:

ip route 192.168.23.0 255.255.255.0 192.168.13.3 100

ip route 192.168.23.0 255.255.255.0 192.168.13.3 121

ip route 192.168.23.0 255.255.255.255 192.168.13.3 121

ip route 192.168.23.0 255.255.255.0 192.168.13.3

Question 233

Which (unction generally performed by a traditional network device is replaced by a software-defined controller?

Options:

encryption and decryption for VPN link processing

building route tables and updating the forwarding table

changing the source or destination address during NAT operations

encapsulation and decapsulation of packets in a data-link frame

Question 234

Refer to the exhibit.

Question # 234

An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN Interface of R86. Which command must be executed on R14?

Options:

ip route 10.80.65.0.255.255.248.0.10.73.65.66.1

ip route 10.80.65.0.255.255.255..240 fa0/1 89

ip route 10.80.65.0.255.255.248.0.10.73.65.66.171

ip route 10.80.65.0.0.0.224.10.80.65.0. 255

Question 235

Refer to the exhibit.

When router R1 receives a packet with destination IP address 10.56.0 62. through which interface does it route the packet?

Options:

Null0

VIan58

Vlan60

VIan59

Question 236

What should a network administrator consider when deciding to implement automation?

Options:

Automated systems may have difficulty expanding network changes at scale.

Network automation typically is limited to the configuration and management of virtual devices within a network.

Network automation typically increases enterprise management operating costs.

Manual changes frequently lead to configuration errors and inconsistencies.

Question 237

Which command do you enter so that a switch configured with Rapid PVST + listens and learns for a specific time period?

Options:

switch(config)#spanning-tree vlan 1 max-age 6

switch(config)#spanning-tree vlan 1 hello-time 10

switch(config)#spanning-tree vlan 1 priority 4096

switch(config)#spanning-tree vlan 1 forward-time 20

Question 238

When a switch receives a frame for an unknown destination MAC address, how is the frame handled?

Options:

broadcast to all ports on the switch

flooded to all ports except the origination port

forwarded to the first available port

inspected and dropped by the switch

Question 239

Which physical component is distributed among multiple virtual machines running on the same hypervisor?

Options:

external storage

hardware resources

network interfaces

backplane network

Question 240

A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage Which access point mode must be selected?

Options:

Lightweight with local switching disabled

Local with AP fallback enabled

OfficeExtend with high availability disabled

FlexConnect with local switching enabled

Question 241

What are two features of the DHCP relay agent? (Choose two.)

Options:

assigns DNS locally and then forwards request to DHCP server

permits one IP helper command under an individual Layer 3 interface

allows only MAC-to-IP reservations to determine the local subnet of a client

minimizes the necessary number of DHCP servers

configured under the Layer 3 interface of a router on the client subnet

Question 242

Refer to the exhibit.

Question # 242

What are two conclusions about this configuration? {Choose two.)

Options:

The spanning-tree mode is Rapid PVST+.

This is a root bridge.

The root port is FastEthernet 2/1.

The designated port is FastEthernet 2/1.

The spanning-tree mode is PVST+.

Question 243

What are two advantages of implementing a controller-based architecture instead of a traditional network architecture? (Choose two.)

Options:

It allows for seamless connectivity to virtual machines.

It supports complex and high-scale IP addressing schemes.

It enables configuration task automation.

It provides increased scalability and management options.

It increases security against denial-of-service attacks.

Question 244

What is a function of an endpoint?

Options:

It is used directly by an individual user to access network services

It passes unicast communication between hosts in a network

It transmits broadcast traffic between devices in the same VLAN

It provides security between trusted and untrusted sections of the network.

Question 245

Refer to the exhibit.

Question # 245

A network engineer must configure R1 so that it sends all packets destined to the 10.0.0.0/24 network to R3, and all packets destined to PCI to R2. Which configuration must the engineer implement?

Question # 245

Options:

Option A

Option B

Option C

Option D

Question 246

UESTION NO: 253

Refer to the exhibit.

Question # 246

Which command must be enable a floating default route on router A?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

Question 247

What are two protocols within the IPsec suite? (Choose two)

Options:

3DES

ESP

TLS

AES

Question 248

Refer to the exhibit.

Question # 248

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

Question # 248

What does the switch do when it receives the frame from host D?

Options:

It creates a broadcast storm.

It drops the frame from the MAC table of the switch.

It shuts down the source port and places It In err-disable mode.

It floods the frame out of every port except the source port.

Question 249

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Question # 249

Options:

Question 250

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Question # 250

Options:

Question 251

Question # 251

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 252

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 252

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.

On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.

On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.

On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.

On both SW1 and SW2, exit the interface range configuration mode by using the exit command.

On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.

On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.

On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.

On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.

On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.

On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 253

Question # 253

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Question # 253

Options:

Question 254

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Question # 254

Options:

Question 255

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 255

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 256

Question # 256

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 257

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 257

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.

To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 258

Question # 258

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Question # 258

Options:

Question 259

Question # 259

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Load More 200-301 Questions

Month End Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo

Activedumpsnet Navigation

Activedumpsnet Slider

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Cisco Certified Network Associate Questions and Answers

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation: