Weekend Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Page: 1 / 90
Total 903 questions

Cisco Certified Network Associate Questions and Answers

Question 1

Which statement correctly compares traditional networks and controller-based networks?

Options:

A.

Only traditional networks offer a centralized control plane

B.

Only traditional networks natively support centralized management

C.

Traditional and controller-based networks abstract policies from device configurations

D.

Only controller-based networks decouple the control plane and the data plane

Question 2

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

A.

20

B.

90

C.

110

D.

115

Question 3

Refer to the exhibit.

Question # 3

If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command how does the router respond?

Options:

A.

It ignores the new static route until the existing OSPF default route is removed

B.

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

C.

It starts load-balancing traffic between the two default routes

D.

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

Question 4

When OSPF learns multiple paths to a network, how does it select a route?

Options:

A.

It multiple the active K value by 256 to calculate the route with the lowest metric.

B.

For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.

C.

It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.

D.

It count the number of hops between the source router and the destination to determine the router with the lowest metric

Question 5

Refer to Exhibit.

Question # 5

An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Options:

A.

ipv6 router 2000::1/128 2012::1

B.

ipv6 router 2000::1/128 2012::1 5

C.

ipv6 router 2000::1/128 2012::2

D.

ipv6 router 2000::1/128 2023::2 5

E.

ipv6 router 2000::1/128 2023::3 5

Question 6

Which type of traffic is sent with pure iPsec?

Options:

A.

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

B.

multicast traffic from a server at one site to hosts at another location

C.

spanning-tree updates between switches that are at two different sites

D.

unicast messages from a host at a remote site to a server at headquarters

Question 7

Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right

Question # 7

Options:

Question 8

Refer to the exhibit.

Question # 8

With which metric was the route to host 172.16.0.202 learned?

Options:

A.

0

B.

110

C.

38443

D.

3184439

Question 9

Which command must be entered when a device is configured as an NTP server?

Options:

A.

ntp authenticate

B.

ntp server

C.

ntp peer

D.

ntp master

Question 10

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

A.

enable AAA override

B.

enable RX-SOP

C.

enable DTIM

D.

enable Band Select

Question 11

Which two primary drivers support the need for network automation? (Choose two.)

Options:

A.

Eliminating training needs

B.

Increasing reliance on self-diagnostic and self-healing

C.

Policy-derived provisioning of resources

D.

Providing a ship entry point for resource provisioning

E.

Reducing hardware footprint

Question 12

How does the dynamically-learned MAC address feature function?

Options:

A.

The CAM table is empty until ingress traffic arrives at each port

B.

Switches dynamically learn MAC addresses of each connecting CAM table.

C.

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

D.

It requires a minimum number of secure MAC addresses to be filled dynamically

Question 13

An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration requirement?

Options:

A.

WEP

B.

RC4

C.

AES

D.

TKIP

Question 14

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Question # 14

Options:

Question 15

What benefit does controller-based networking provide versus traditional networking?

Options:

A.

moves from a two-tier to a three-tier network architecture to provide maximum redundancy

B.

provides an added layer of security to protect from DDoS attacks

C.

allows configuration and monitoring of the network from one centralized port

D.

combines control and data plane functionality on a single device to minimize latency

Question 16

Refer to the exhibit.

Question # 16

Between which zones do wireless users expect to experience intermittent connectivity?

Options:

A.

between zones 1 and 2

B.

between zones 2 and 5

C.

between zones 3 and 4

D.

between zones 3 and 6

Question 17

Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?

Options:

A.

HTTPS

B.

RADIUS

C.

TACACS+

D.

HTTP

Question 18

What is a function of TFTP in network operations?

Options:

A.

transfers a backup configuration file from a server to a switch using a username and password

B.

transfers files between file systems on a router

C.

transfers a configuration files from a server to a router on a congested link

D.

transfers IOS images from a server to a router for firmware upgrades

Question 19

Refer to Exhibit.

Question # 19

How does SW2 interact with other switches in this VTP domain?

Options:

A.

It processes VTP updates from any VTP clients on the network on its access ports.

B.

It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports

C.

It forwards only the VTP advertisements that it receives on its trunk ports.

D.

It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports

Question 20

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

A.

The switch must be running a k9 (crypto) IOS image

B.

The Ip domain-name command must be configured on the switch

C.

IP routing must be enabled on the switch

D.

A console password must be configured on the switch

E.

Telnet must be disabled on the switch

Question 21

Refer to the exhibit.

Question # 21

The show ip ospf interface command has been executed on R1 How is OSPF configured?

Options:

A.

The interface is not participating in OSPF

B.

A point-to-point network type is configured

C.

The default Hello and Dead timers are in use

D.

There are six OSPF neighbors on this interface

Question 22

Refer to the exhibit.

Question # 22

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

Options:

A.

ipv6 route ::/0 Serial 0/0/1

B.

ipv6 route 0/0 Serial 0/0/0

C.

ipv6 route ::/0 Serial 0/0/0

D.

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

E.

ipv6 route ::/0 2000::2

Question 23

What is the benefit of configuring PortFast on an interface?

Options:

A.

After the cable is connected, the interface uses the fastest speed setting available for that cable type

B.

After the cable is connected, the interface is available faster to send and receive user data

C.

The frames entering the interface are marked with higher priority and then processed faster by a switch.

D.

Real-time voice and video frames entering the interface are processed faster

Question 24

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

Options:

A.

No router ID is set, and the OSPF protocol does not run.

B.

The highest up/up physical interface IP address is selected as the router ID.

C.

The lowest IP address is incremented by 1 and selected as the router ID.

D.

The router ID 0.0.0.0 is selected and placed in the OSPF process.

Question 25

Refer to the exhibit.

Question # 25

Which change to the configuration on Switch?

allows the two switches to establish an GtherChannel?

Options:

A.

Change the protocol to EtherChannel mode on.

B.

Change the LACP mode to active

C.

Change the LACP mode to desirable

D.

Change the protocol to PAqP and use auto mode

Question 26

Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right

Question # 26

Options:

Question 27

Refer to the exhibit.

Question # 27

Drag and drop the networking parameters from the left onto the correct values on the right.

Question # 27

Options:

Question 28

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

A.

Both use the same data-link header and trailer formats

B.

Both cable types support LP connectors

C.

Both cable types support Rj-45 connectors

D.

Both support up to 550 meters between nodes

Question 29

Refer to the exhibit.

Question # 29

Which command configures a floating static route to provide a backup to the primary link?

Options:

A.

ip route 0.0.0.0 0.0.0.0 209.165.202.131

B.

ip route 209.165.201.0 255.255.255.224 209.165.202.130

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.224

D.

ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

Question 30

Refer to the exhibit.

Question # 30

An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password?

Question # 30

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 31

Refer to the exhibit.

Question # 31

Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Options:

A.

Interface errors are incrementing

B.

An incorrect SFP media type was used at SiteA

C.

High usage is causing high latency

D.

The sites were connected with the wrong cable type

Question 32

Refer to the exhibit.

Question # 32

Which prefix does Router 1 use for traffic to Host A?

Options:

A.

10.10.10.0/28

B.

10.10.13.0/25

C.

10.10.13.144/28

D.

10.10.13.208/29

Question 33

Refer to Exhibit.

Question # 33

Which action do the switches take on the trunk link?

Options:

A.

The trunk does not form and the ports go into an err-disabled status.

B.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

C.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

D.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 34

Refer to the exhibit.

Question # 34

Which route type is configured to reach the internet?

Options:

A.

host route

B.

default route

C.

floating static route

D.

network route

Question 35

What is the expected outcome when an EUI-64 address is generated?

Options:

A.

The seventh bit of the original MAC address of the interface is inverted

B.

The interface ID is configured as a random 64-bit value

C.

The characters FE80 are inserted at the beginning of the MAC address of the interface

D.

The MAC address of the interface is used as the interface ID without modification

Question 36

Refer to the exhibit.

Question # 36

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

A.

209.165.200.254 via Serial0/0/1

B.

209.165.200.254 via Serial0/0/0

C.

209.165.200.246 via Serial0/1/0

D.

209.165.200.250 via Serial0/0/0

Question 37

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

A.

point-to-multipoint

B.

point-to-point

C.

broadcast

D.

nonbroadcast

Question 38

What are two differences between optical-fiber cabling and copper cabling? (Choose two)

Options:

A.

Light is transmitted through the core of the fiber

B.

A BNC connector is used for fiber connections

C.

The glass core component is encased in a cladding

D.

Fiber connects to physical interfaces using Rj-45 connections

E.

The data can pass through the cladding

Question 39

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

A.

management interface settings

B.

QoS settings

C.

Ip address of one or more access points

D.

SSID

E.

Profile name

Question 40

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

Options:

A.

route with the lowest cost

B.

route with the next hop that has the highest IP

C.

route with the shortest prefix length

D.

route with the lowest administrative distance

Question 41

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

A.

configure switchport nonegotiate

B.

configure switchport mode dynamic desirable

C.

configure switchport mode dynamic auto

D.

configure switchport trunk dynamic desirable

Question 42

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

Options:

A.

ip address 192.168.0.0 255.255.0.0

B.

ip address 192.168.0.0 255.255.254.0

C.

ip address 192.168.0.0 255.255.255.128

D.

ip address 192.168.0.0 255.255.255.224

Question 43

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

A.

bridge

B.

route

C.

autonomous

D.

lightweight

Question 44

Refer to the exhibit.

Question # 44

Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

A)

Question # 44

B)

Question # 44

C)

Question # 44

D)

Question # 44

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 45

When the active router in an HSRP group fails, what router assumes the role and forwards packets?

Options:

A.

backup

B.

standby

C.

listening

D.

forwarding

Question 46

Refer to the exhibit.

Question # 46

To which device does Router1 send packets that are destined to host 10.10.13.165?

Options:

A.

Router2

B.

Router3

C.

Router4

D.

Router5

Question 47

When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?

Options:

A.

DHCP relay agent

B.

DHCP server

C.

DHCPDISCOVER

D.

DHCPOFFER

Question 48

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

Options:

A.

Unicode

B.

base64

C.

decimal

D.

ASCII

Question 49

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

A.

port-to-multipoint

B.

broadcast

C.

point-to-point

D.

nonbroadcast

Question 50

How does WPA3 improve security?

Options:

A.

It uses SAE for authentication.

B.

It uses a 4-way handshake for authentication.

C.

It uses RC4 for encryption.

D.

It uses TKIP for encryption.

Question 51

Drag and drop the AAA terms from the left onto the description on the right.

Question # 51

Options:

Question 52

What are two reasons for an engineer to configure a floating state route? (Choose two)

Options:

A.

to automatically route traffic on a secondary path when the primary path goes down

B.

to route traffic differently based on the source IP of the packet

C.

to enable fallback static routing when the dynamic routing protocol fails

D.

to support load balancing via static routing

E.

to control the return path of traffic that is sent from the router

Question 53

What is a characteristic of private IPv4 addressing?

Options:

A.

traverse the Internet when an outbound ACL is applied

B.

issued by IANA in conjunction with an autonomous system number

C.

composed of up to 65.536 available addresses

D.

used without tracking or registration

Question 54

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

Options:

A.

OpenFlow

B.

Java

C.

REST

D.

XML

Question 55

Refer to the exhibit.

Question # 55

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 56

Refer to the exhibit.

Question # 56

Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right Not all prefixes are used

Options:

Question 57

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

Question # 57

B)

Question # 57

C)

Question # 57

D)

Question # 57

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 58

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Question 59

Refer to the exhibit.

Question # 59

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

A.

F0/10

B.

F0/11

C.

F0/12

D.

F0/13

Question 60

Refer to the exhibit.

Question # 60

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

A.

transport input telnet

B.

crypto key generate rsa

C.

ip ssh pubkey-chain

D.

login console

E.

username cisco password 0 Cisco

Question 61

Refer to the exhibit.

Question # 61

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

A.

Configure the ip dhcp relay information command under interface Gi0/1.

B.

Configure the ip dhcp smart-relay command globally on the router

C.

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

D.

Configure the ip address dhcp command under interface Gi0/0

Question 62

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Question # 62

Options:

Question 63

Refer to the exhibit.

Question # 63

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

A)

Question # 63

B)

Question # 63

C)

Question # 63

D)

Question # 63

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 64

Which action implements physical access control as part of the security program of an organization?

Options:

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 65

Refer to the exhibit.

Question # 65

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

A)

Question # 65

B)

Question # 65

C)

Question # 65

D)

Question # 65

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 66

Refer to the exhibit.

Question # 66

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Options:

A.

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

B.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

C.

Remark traffic as it traverses R1 and trust all markings at the access layer.

D.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Question 67

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

Question # 67

B)

Question # 67

C)

Question # 67

D)

Question # 67

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 68

Which field within the access-request packet is encrypted by RADIUS?

Options:

A.

authorized services

B.

authenticator

C.

username

D.

password

Question 69

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

Options:

A.

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

B.

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

C.

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

D.

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

E.

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Question 70

How does Rapid PVST+ create a fast loop-free network topology?

Options:

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Question 71

Which protocol uses the SSL?

Options:

A.

HTTP

B.

SSH

C.

HTTPS

D.

Telnet

Question 72

Refer to the exhibit.

Question # 72

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Question 73

Which two network actions occur within the data plane? (Choose two.)

Options:

A.

Add or remove an 802.1Q trunking header.

B.

Make a configuration change from an incoming NETCONF RPC.

C.

Run routing protocols.

D.

Match the destination MAC address to the MAC address table.

E.

Reply to an incoming ICMP echo request.

Question 74

Refer to the exhibit.

Question # 74

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

Options:

A.

Configure router A to use the same MTU size as router B.

B.

Set the router B OSPF ID to a nonhost address.

C.

Configure a point-to-point link between router A and router B.

D.

Set the router B OSPF ID to the same value as its IP address

Question 75

Refer to the exhibit.

Question # 75

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

A.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

B.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

C.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

D.

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 76

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Question 77

What is a function of a Next-Generation IPS?

Options:

A.

makes forwarding decisions based on learned MAC addresses

B.

serves as a controller within a controller-based network

C.

integrates with a RADIUS server to enforce Layer 2 device authentication rules

D.

correlates user activity with network events

Question 78

What is a function of an endpoint on a network?

Options:

A.

forwards traffic between VLANs on a network

B.

connects server and client devices to a network

C.

allows users to record data and transmit to a tile server

D.

provides wireless services to users in a building

Question 79

Refer to the exhibit.

Question # 79

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

A.

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

B.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

C.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

D.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 80

Refer to the exhibit.

Question # 80

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

A.

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

B.

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

C.

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

D.

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 81

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

A.

disabled

B.

listening

C.

forwarding

D.

learning

E.

blocking

Question 82

What provides centralized control of authentication and roaming In an enterprise network?

Options:

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Question 83

What is the function of the controller in a software-defined network?

Options:

A.

multicast replication at the hardware level

B.

fragmenting and reassembling packets

C.

making routing decisions

D.

forwarding packets

Question 84

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Question 85

Refer to the exhibit.

Question # 85

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 86

Refer to the exhibit.

Question # 86

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Question 87

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Question 88

Refer to the exhibit.

Question # 88

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 89

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Question 90

Refer to the exhibit.

Question # 90

Which command must be issued to enable a floating static default route on router A?

Options:

A.

lp route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 91

What are two benefits of FHRPs? (Choose two.)

Options:

A.

They enable automatic failover of the default gateway.

B.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

C.

They are able to bundle multiple ports to increase bandwidth.

D.

They prevent loops in the Layer 2 network.

E.

They allow encrypted traffic.

Question 92

Which protocol is used for secure remote CLI access?

Options:

A.

HTTPS

B.

HTTP

C.

Telnet

D.

SSH

Question 93

Refer to the exhibit.

Question # 93

Which network prefix was learned via EIGRP?

Options:

A.

172.16.0.0/16

B.

192.168.2.0/24

C.

207.165.200.0/24

D.

192.168.1.0/24

Question 94

Refer to the exhibit.

Question # 94

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

A.

Change the channel-group mode on SW2 to auto

B.

Change the channel-group mode on SW1 to desirable.

C.

Configure the interface port-channel 1 command on both switches.

D.

Change the channel-group mode on SW1 to active or passive.

Question 95

Refer to the exhibit.

Question # 95

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

Question # 95

B)

Question # 95

C)

Question # 95

D)

Question # 95

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 96

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

A.

shaping

B.

classification

C.

policing

D.

marking

Question 97

Refer to the exhibit.

Question # 97

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

A.

There is a duplex mismatch on the interface

B.

There is an issue with the fiber on the switch interface.

C.

There is a speed mismatch on the interface.

D.

There is an interface type mismatch

Question 98

Refer to the exhibit.

Question # 98

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

A.

interface FastEthernet0/0

ip helper-address 10.0.1.1

i

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

B.

interface FastEthernot0/1

ip helper-address 10.0.1.1

!

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

C.

interface FastEthernetO/0

ip helper-address 10.0.1.1

I

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

D.

interface FastEthernet0/1

ip helper-address 10.0.1.1

!

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 99

Which action is taken by the data plane within a network device?

Options:

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Question 100

Refer to the exhibit.

Question # 100

What is a reason for poor performance on the network interface?

Options:

A.

The interface is receiving excessive broadcast traffic.

B.

The cable connection between the two devices is faulty.

C.

The interface is operating at a different speed than the connected device.

D.

The bandwidth setting of the interface is misconfigured

Question 101

Refer to the exhibit.

Question # 101

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

A.

F0/4

B.

F0/0

C.

F0/1

D.

F0/3

Question 102

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Question # 102

Options:

Question 103

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Question 104

Refer to the exhibit.

Question # 104

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 105

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Question # 105

Options:

Question 106

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Question # 106

Options:

Question 107

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

A.

SYIM flood

B.

reflection

C.

teardrop

D.

amplification

Question 108

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Question # 108

Options:

Question 109

Refer to the exhibit.

Question # 109

The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication?

Options:

A.

interface range gigabitethernet0/0/0-15 channel-group 1 mode on

B.

interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable

C.

interface port-channel 1 channel-group 1 mode auto

D.

interface port-channel 1 channel-group 1 mode passive

Question 110

An engineer must configure neighbor discovery between the company router and an ISP

Question # 110

What is the next step to complete the configuration if the ISP uses a third-party router?

Options:

A.

Enable LLDP globally.

B.

Disable CDP on gi0/0.

C.

Enable LLDP TLVs on the ISP router.

D.

Disable auto-negotiation.

Question 111

Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?

Options:

A.

UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.

B.

UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.

C.

UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery.

D.

UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capability to receive packets in random order.

Question 112

Drag and drop the functions of AAA supporting protocols from the left onto the protocols on the right.

Question # 112

Options:

Question 113

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

Options:

A.

site-to-site VPN

B.

IDMVPN

C.

IGETVPN

D.

IPsec remote access

E.

clientless VPN

Question 114

Refer to the exhibit.

Question # 114

After configuring a new static route on the CPE. the engineer entered this series of commands to verify that the new configuration is operating normally When is the static default route installed into the routing table?

Options:

A.

when 203 0 113.1 is no longer reachable as a next hop B. when the default route learned over external BGP becomes invalid

B.

when a route to 203.0 113 1 is learned via BGP

C.

when the default route over external BGP changes its next hop

Question 115

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

Options:

A.

Set the QoS level to silver or greater for voice traffic.

B.

Set the QoS level to platinum for voice traffic.

C.

Enable Media Session Snooping on re WLAN.

D.

Enable traffic shaping for the LAN interlace of the WLC.

E.

Configure two different QoS rotes tor data and voice traffic.

Question 116

What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table?

Options:

A.

It floods the frame unchanged across all remaining ports in the incoming VLAN.

B.

It appends the table with a static entry for the MAC and shuts down the port.

C.

It updates the CAM table with the destination MAC address of the frame.

D.

It changes the checksum of the frame to a value that indicates an invalid frame.

Question 117

Refer to the exhibit.

Question # 117

What is the next step to complete the implementation for the partial NAT configuration shown?

Options:

A.

Reconfigure the static NAT entries that overlap the NAT pool

B.

Configure the NAT outside interface

C.

Modify the access list for the internal network on e0/1

D.

Apply the ACL to the pool configuration

Question 118

Refer to the exhibit.

Question # 118

Rooter R1 is added to the network and configured with tie 10 0 0 64/26 and 10.0.20.0/24 subnets However traffic destined for the LAN on R3 is not access. Which command when executed on R1 defines a tunic route to reach the R3 LAN?

A)

Question # 118

B)

Question # 118

C)

Question # 118

Options:

A.

Option

B.

Option

C.

Option

Question 119

Drag and drop the use cases for device-management technologies from the left onto the corresponding.

Question # 119

Options:

Question 120

Refer to the exhibit.

Question # 120

A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.)

Options:

A.

Enable the Broadcast SSID option

B.

Enable the Status option.

C.

Set the Radio Policy option to 802 11g Only.

D.

Set the Radio Policy option to 802.11a Only.

E.

Set the Interface/Interface Group(G) to an interface other than guest

Question 121

When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?

Options:

A.

6

B.

8

C.

12

D.

18

Question 122

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

Options:

A.

authorizing potentially compromised wireless traffic

B.

inspecting specific files and file types for malware

C.

authenticating end users

D.

URL filtering

Question 123

Refer to the exhibit.

Question # 123

The Router1 routing table has multiple methods to reach 10.10.10.0/24 as shown. The default Administrative Distance is used. Drag and drop the network conditions from the left onto the routing methods that Router1 uses on the right.

Question # 123

Options:

Question 124

Refer to the exhibit. User traffic originating within site 0 is failing to reach an application hosted on IP address 192.168 0 10. Which is located within site A What is determined by the routing table?

Options:

A.

The default gateway for site B is configured incorrectly

B.

The lack of a default route prevents delivery of the traffic

C.

The traffic is blocked by an implicit deny in an ACL on router2

D.

The traffic to 192 168 010 requires a static route to be configured in router 1.

Question 125

Refer to the exhibit.

A network engineer must configure communication between PC A and the file server. Which commend must be configured on switch A to prevent interruption of other communications?

Question # 125

Options:

A.

switch port trunk allowed vlan 12

B.

switchport trunk allowed vlan none

C.

switchport trunk allowed vlan add 13

D.

switch port trunk allowed vlan remove 10-11

Question 126

Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

Options:

A.

Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

B.

Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

C.

Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

D.

Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

Question 127

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

Options:

A.

switchport port-security mac-address abcd.abcd.abcd

B.

switchport port-security mac-address abed.abed.abed vlan 4

C.

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.

switchport port-security mac-address abcd.abcd.abcd vlan voice

Question 128

Drag and drop the virtualization concepts from the left onto the matching statements on the right.

Question # 128

Options:

Question 129

Question # 129

Refer to the exhibit. An engineer is building a new Layer 2 LACP EtherChannel between SW1 and SW2. and they executed the given show commands to verify the work Which additional task must be performed so that the switches successfully bundle the second member in the LACP port-channel?

Options:

A.

Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1

B.

Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.

C.

Configure the switchport trunk allowtd vlan add 300 command on interface FaO 2 on SW2.

D.

Configure the switchport trunk allowtd vlan add 300 command on SW1 port-channel 1

Question 130

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

Options:

A.

netstat-n

B.

ipconfig

C.

ifconfig

D.

netstat-r

Question 131

Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs?

Options:

A.

RADIUS

B.

TACACS+

C.

802.1X

D.

Kerberos

Question 132

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the next-hop devices are different?

Options:

A.

The router chooses the route with the oldest age.

B.

The router load-balances traffic over all routes to the destination.

C.

The router chooses the next hop with the lowest MAC address.

D.

The router chooses the next hop with the lowest IP address.

Question 133

Which two practices are recommended for an acceptable security posture in a network? (Choose two)

Options:

A.

Backup device configurations to encrypted USB drives for secure retrieval

B.

maintain network equipment in a secure location

C.

Use a cryptographic keychain to authenticate to network devices

D.

Place internal email and file servers in a designated DMZ

E.

Disable unused or unnecessary ports, interfaces and services

Question 134

How do TCP and UDP fit into a query-response model?

Options:

A.

TCP establishes a connection prior to sending data, and UDP sends immediately.

B.

TCP uses error detection for packets, and UDP uses error recovery.

C.

TCP avoids using sequencing, and UDP avoids using acknowledgments.

D.

TCP encourages out-of-order packet delivery, and UDP prevents re-ordering.

Question 135

Question # 135

Options:

Question 136

Refer to the exhibit.

Question # 136

The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken must be taken to complete the task?

Options:

A.

Configure the no lldp tlv-select-management-address command globally on Cat9K-2

B.

Configure the no lldp transmit command on interface G1/0/21 in Cat9K-1

C.

Configure the no lldp receive command on interface G1/0/21 on Cat9K-1

D.

Configure the no lldp mac-phy-cfg command globally on Cat9K-2

Question 137

Refer to the exhibit.

Question # 137

Which switch becomes the root bridge?

A)

Question # 137

B)

Question # 137

C)

Question # 137

D)

Question # 137

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 138

Question # 138

Refer lo the exhibit. What is the next-hop P address for R2 so that PC2 reaches the application server via ElGRP?

Options:

A.

192.168.30.1

B.

10.10 105

C.

10.10.10.6

D.

192.168.201

Question 139

An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer?

Options:

A.

client exclusion

B.

passive client

C.

DHCP address assignment

D.

static IP tunneling

Question 140

Refer to the exhibit.

Question # 140

A network engineer must update the configuring on switch2 so that it sends LLDP packets.

A)

Question # 140

B)

Question # 140

C)

Question # 140

D)

Question # 140

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 141

Refer to the exhibit.

Question # 141

Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? O A. 2001:db8:1a44:41a4:C801:BEFF:FE4A:1

B. 2001:db8:1a44:41a4:C081:BFFF:FE4A:1

C. 2001:db8:1a44:41a4:4562:098F:FE36:1

D. 2001:db8:1a44:41a4:C800:BAFE:FF00:1

Options:

Question 142

Which 802.11 frame type is Association Response?

Options:

A.

management

B.

control

C.

action

D.

protected frame

Question 143

What determines the sequence in which materials are planned during the material requirements planning (MRP) run?

Options:

A.

The control parameters of the MRP run

B.

The creation date of the materials

C.

The low-level code of the materials

D.

The replenishment lead time of the materials

Question 144

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatical togged out?

Options:

A.

config sessions maxsessions 0

B.

config sessions timeout 0

C.

config serial timeout 0

D.

config serial timeout 9600

Question 145

Refer to the exhibit.

Question # 145

The primary route across Gi0/0 is configured on both routers. A secondary route must be configured to establish connectivity between the workstation networks. Which command set must be configured to complete this task?

A)

Question # 145

B)

Question # 145

C)

Question # 145

D)

Question # 145

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 146

Which IPv6 address range is suitable for anycast addresses for distributed services such DHCP or DNS?

Options:

A.

FF00:1/12

B.

2001:db8:0234:ca3e::1/128

C.

2002:db84:3f37:ca98:be05:8/64

D.

FE80::1/10

Question 147

Which two server types support dornas name to IP address resolution? (Choose two >

Options:

A.

ESX host

B.

resolver

C.

web

D.

file transfer

E.

authentication

Question 148

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)

Options:

A.

::ffif 1014 1011/96

B.

2001 7011046:1111:1/64

C.

;jff06bb43cd4dd111bbff02 4545234d

D.

2002 5121204b 1111:1/64

E.

FF02::0WlFF00:0l)00/104

Question 149

Which IP header field is changed by a Cisco device when QoS marking is enabled?

Options:

A.

Header Checksum

B.

Type of service

C.

DSCP

D.

ECN

Question 150

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Question # 150

Options:

Question 151

Drag and drop the statement about AAA services from the left to the corresponding AAA services on the right.

Question # 151

Options:

Question 152

Drag and drop the AAA lerms from the left onto the descriptions on the right.

Question # 152

Options:

Question 153

Refer to the exhibit.

Question # 153

PC A is communicating with another device at IP address 10.227.225.255. Through which router does router Y route the traffic?

Options:

A.

router A

B.

router B

C.

router C

D.

router D

Question 154

Refer to the exhibit.

Question # 154

Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?

Options:

A.

2001 :db8::5000:0004:5678:0090/64

B.

2001 :db8:4425:5400:77ft:fe07:/64

C.

2001 :db8::5000:00ff:fe04 0000/64

D.

2001 :db8::5200:00ff:fe04:0000/64

Question 155

Refer to the exhibit.

Question # 155

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

Options:

A.

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

B.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

C.

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

D.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Question 156

Refer to the exhibit.

Question # 156

The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.

Options:

A.

ipv6 route 2000::1/128 2012::2

B.

ipv6 route 2000::1/128 2012::1

C.

ipv6 route 2000:3 123 s0/0/0

D.

ipv6 route 2000::3/128 2023::3

E.

ipv6 route 2000::1/128 s0/0/1

Question 157

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Question # 157

Options:

Question 158

Which cipher is supported for wireless encryption only with the WPA2 standard?

Options:

A.

AES256

B.

AES

C.

RC4

D.

SHA

Question 159

Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access?

Options:

A.

global unicast

B.

public

C.

private

D.

multicast

Question 160

Refer to the exhibit.

Question # 160

The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent?

Options:

A.

192.168.1.226

B.

192.168.1.100

C.

192.168.1.254

D.

192.168.1.253

Question 161

What differentiates device management enabled by cisco DNA center from traditional campus device management?

Options:

A.

CLI-oriented device

B.

device-by-device hands-on

C.

centralized

D.

per-device

Question 162

In a cloud-computing environment what is rapid elasticity?

Options:

A.

control and monitoring of resource consumption by the tenant

B.

automatic adjustment of capacity based on need

C.

pooling resources in a multitenant model based on need

D.

self-service of computing resources by the tenant

Question 163

In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)

Options:

A.

It automatically provides a second authentication factor that is unknown to the original user.

B.

It uses an internal firewall to protect the password repository from unauthorized access.

C.

It protects against keystroke logging on a compromised device or web site.

D.

It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality

E.

It encourages users to create stronger passwords.

Question 164

When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)

Options:

A.

ASCII

B.

base64

C.

binary

D.

decimal

E.

hexadecimal

Question 165

Refer to the exhibit.

Question # 165

An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G/0/1. Which access list must be applied?

Question # 165

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 166

What criteria is used first during the root port selection process?

Options:

A.

local port ID

B.

lowest path cost to the root bridge

C.

lowest neighbor's bridge ID

D.

lowest neighbor's port ID

Question 167

Which network allows devices to communicate without the need to access the Internet?

Options:

A.

1729.0.0/16

B.

172.28.0.0/16

C.

192.0.0.0/8

D.

209.165.201.0/24

Question 168

Which network action occurs within the data plane?

Options:

A.

compare the destination IP address to the IP routing table.

B.

run routing protocols (OSPF, EIGRP, RIP, BGP)

C.

make a configuration change from an incoming NETCONF RPC

D.

reply to an incoming ICMP echo request

Question 169

How do TCP and UDP differ in the way that they establish a connection between two endpoints?

Options:

A.

TCP uses synchronization packets, and UDP uses acknowledgment packets.

B.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

C.

UDP provides reliable message transfer and TCP is a connectionless protocol

D.

TCP uses the three-way handshake and UDP does not guarantee message delivery

Question 170

Which level of severity must be set to get informational syslogs?

Options:

A.

alert

B.

critical

C.

notice

D.

debug

Question 171

Drag the IPv6 DNS record types from the left onto the description on the right.

Question # 171

Options:

Question 172

What are network endpoints?

Options:

A.

act as routers to connect a user to the service prowler network

B.

a threat to the network if they are compromised

C.

support inter-VLAN connectivity

D.

enforce policies for campus-wide traffic going to the internet

Question 173

What is a DHCP client?

Options:

A.

a workstation that requests a domain name associated with its IP address

B.

a host that is configured to request an IP address automatically

C.

a server that dynamically assigns IP addresses to hosts.

D.

a router that statically assigns IP addresses to hosts.

Question 174

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.

Options:

A.

dual algorithm

B.

metric

C.

administrative distance

D.

hop count

Question 175

Drag and drop the network protocols from the left onto the correct transport services on the right.

Question # 175

Options:

Question 176

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

Options:

A.

infrastructure-as-a-service

B.

platform-as-a-service

C.

business process as service to support different types of service

D.

software-as-a-service

Question 177

Refer to the exhibit.

Question # 177

A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

Options:

A.

access-list 2699 permit udp 10.20.1.0 0.0.0.255

B.

no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22

C.

access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

D.

no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

Question 178

What occurs to frames during the process of frame flooding?

Options:

A.

Frames are sent to every port on the switch in the same VLAN except from the originating port

B.

Frames are sent to every port on the switch that has a matching entry in the MAC address table.

C.

Frames are sent to all ports, including those that are assigned to other VLANs.

D.

Frames are sent to every port on the switch in the same VLAN.

Question 179

What is the maximum bandwidth of a T1 point-to-point connection?

Options:

A.

1.544 Mbps

B.

2.048 Mbps

C.

34.368 Mbps

D.

43.7 Mbps

Question 180

Which action does the router take as it forwards a packet through the network?

Options:

A.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

B.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination

C.

The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination

D.

The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination

Question 181

Question # 181

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

A.

set the default network as 20.20.20.0/24

B.

set the default gateway as 20.20.20.2

C.

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

D.

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 182

In software-defined architecture, which place handles switching for traffic through a Cisco router?

Options:

A.

Control

B.

Management

C.

Data

D.

application

Question 183

Which device tracks the state of active connections in order to make a decision to forward a packet through?

Options:

A.

wireless access point

B.

firewall

C.

wireless LAN controller

D.

router

Question 184

What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?

Options:

A.

data plane

B.

control plane

C.

policy plane

D.

management plane

Question 185

Refer to the exhibit.

Question # 185

The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other VLANs are to remain tagged.

Which command accomplishes this task?

Options:

A.

switchport access vlan 67

B.

switchport trunk allowed vlan 67

C.

switchport private-vlan association host 67

D.

switchport trunk native vlan 67

Question 186

Refer to exhibit.

Question # 186

Which statement explains the configuration error message that is received?

Options:

A.

It is a broadcast IP address

B.

The router does not support /28 mask.

C.

It belongs to a private IP address range.

D.

IT is a network IP address.

Question 187

Refer to the exhibit.

Question # 187

Which password must an engineer use to enter the enable mode?

Options:

A.

adminadmin123

B.

default

C.

testing 1234

D.

cisco123

Question 188

What causes a port to be placed in the err-disabled state?

Options:

A.

latency

B.

port security violation

C.

shutdown command issued on the port

D.

nothing plugged into the port

Question 189

Refer to Exhibit.

Question # 189

The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the NEW York router? (Choose two)

Options:

A.

ipv6 route 2000::1/128 2012::1

B.

ipv6 route 2000::3/128 2023::3

C.

ipv6 route 2000::3/128 s0/0/0

D.

ipv6 route 2000::1/128 2012::2

E.

ipv6 route 2000::1/128 s0/0/1

Question 190

What is a characteristic of a SOHO network?

Options:

A.

connects each switch to every other switch in the network

B.

enables multiple users to share a single broadband connection

C.

provides high throughput access for 1000 or more users

D.

includes at least three tiers of devices to provide load balancing and redundancy

Question 191

which purpose does a northbound API serve in a controller-based networking architecture?

Options:

A.

communicates between the controller and the physical network hardware

B.

reports device errors to a controller

C.

generates statistics for network hardware and traffic

D.

facilitates communication between the controller and the applications

Question 192

Which type of attack can be mitigated by dynamic ARP inspection?

Options:

A.

worm

B.

malware

C.

DDoS

D.

man-in-the-middle

Question 193

What is a characteristic of cloud-based network topology?

Options:

A.

wireless connections provide the sole access method to services

B.

onsite network services are provided with physical Layer 2 and Layer 3 components

C.

services are provided by a public, private, or hybrid deployment

D.

physical workstations are configured to share resources

Question 194

Refer to the Exhibit.

Question # 194

After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. which error must be corrected?

Options:

A.

There is a native VLAN mismatch

B.

Access mode is configured on the switch ports.

C.

The PCs are m the incorrect VLAN

D.

All VLANs are not enabled on the trunk

Question 195

What is the primary purpose of a First Hop Redundancy Protocol?

Options:

A.

It allows directly connected neighbors to share configuration information.

B.

It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.

C.

It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.

D.

It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

Question 196

Refer to the exhibit.

Question # 196

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

Options:

A.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

B.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

C.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

D.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Question 197

Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used

Question # 197

Options:

Question 198

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

Options:

A.

platform-as-a-service

B.

software-as-a-service

C.

network-as-a-service

D.

infrastructure-as-a-service

Question 199

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

A.

Clock timezone

B.

Clock summer-time-recurring

C.

Clock summer-time date

D.

Clock set

Question 200

Refer to the exhibit.

Question # 200

Which outcome is expected when PC_A sends data to PC_B?

Options:

A.

The switch rewrites the source and destination MAC addresses with its own.

B.

The source MAC address is changed.

C.

The source and destination MAC addresses remain the same.

D.

The destination MAC address is replaced with ffff.ffff.ffff.

Question 201

Which technology allows for multiple operating systems to be run on a single host computer?

Options:

A.

virtual routing and forwarding

B.

network port ID visualization

C.

virtual device contexts

D.

server visualization

Question 202

What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

Options:

A.

The Layer 2 switch drops the received frame

B.

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

C.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

D.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

Question 203

Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)

Options:

A.

listening

B.

blocking

C.

forwarding

D.

learning

E.

speaking

Question 204

What is recommended for the wireless infrastructure design of an organization?

Options:

A.

group access points together to increase throughput on a given channel

B.

configure the first three access points are configured to use Channels 1, 6, and 11

C.

include a least two access points on nonoverlapping channels to support load balancing

D.

assign physically adjacent access points to the same Wi-Fi channel

Question 205

What does a switch use to build its MAC address table?

Options:

A.

VTP

B.

DTP

C.

egress traffic

D.

ingress traffic

Question 206

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

A.

switchport port-security violation access

B.

switchport port-security violation protect

C.

switchport port-security violation restrict

D.

switchport port-security violation shutdown

Question 207

What describes the operation of virtual machines?

Options:

A.

Virtual machines are responsible for managing and allocating host hardware resources

B.

In a virtual machine environment, physical servers must run one operating system at a time.

C.

Virtual machines are the physical hardware that support a virtual environment.

D.

Virtual machines are operating system instances that are decoupled from server hardware

Question 208

Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?

Options:

A.

TACACS server

B.

wireless access point

C.

RADIUS server

D.

wireless LAN controller

Question 209

Which 802.11 frame type is association response?

Options:

A.

management

B.

protected frame

C.

control

D.

action

Question 210

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

A.

Add the switch in the VTP domain with a lower revision number

B.

Add the switch with DTP set to dynamic desirable

C.

Add the switch in the VTP domain with a higher revision number

D.

Add the switch with DTP set to desirable

Question 211

Which configuration ensures that the switch is always the root for VLAN 750?

Options:

A.

Switch(config)#spanning-tree vlan 750 priority 38003685

B.

Switch(config)#spanning-tree vlan 750 root primary

C.

Switch(config)#spanning-tree vlan 750 priority 614440

D.

Switch(config)#spanning-tree vlan 750 priority 0

Question 212

What is the function of a hub-and-spoke WAN topology?

Options:

A.

allows access restrictions to be implemented between subscriber sites.

B.

provides direct connections between subscribers

C.

supports Layer 2 VPNs

D.

supports application optimization

Question 213

Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?

Options:

A.

BPDUfilter

B.

PortFast

C.

Backbonefast

D.

BPDUguard

Question 214

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

A.

initiates a ping request to the URL

B.

prompts the user to specify the desired IP address

C.

continuously attempts to resolve the URL until the command is cancelled

D.

sends a broadcast message in an attempt to resolve the URL

Question 215

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

A.

YAML

B.

JSON

C.

EBCDIC

D.

SGML

E.

XML

Question 216

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

Options:

A.

The device Is assigned to the Global site.

B.

The device Is placed into the Unmanaged state.

C.

The device is placed into the Provisioned state.

D.

The device is placed into the Managed state.

E.

The device is assigned to the Local site.

Question 217

Question # 217

Question # 217

Question # 217

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 218

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 218

Options:

Question 219

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 219

Options:

Question 220

Question # 220

Question # 220

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 221

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Question # 221Question # 221

Options:

Question 222

Question # 222

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Question # 222

Options:

Question 223

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Question # 223Question # 223

Options:

Question 224

Question # 224

Question # 224

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 225

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Question # 225Question # 225

Options:

Question 226

Question # 226

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Question # 226

Options:

Question 227

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Question # 227

Options:

Page: 1 / 90
Total 903 questions