March Sale Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Cisco 200-301 Dumps

Page: 1 / 57
Total 951 questions

Cisco Certified Network Associate Questions and Answers

Question 1

Refer to the exhibit.

Which entry is the longest prefix match for host IP address 192.168.10.5?

Options:

A.

1

B.

2

C.

3

D.

4

Question 2

Refer to the exhibit.

Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request?

Options:

A.

192.168.7.4

B.

192.168.7.7

C.

192.168.7.35

D.

192.168.7.40

Question 3

What happens when a switch receives a frame with a destination MAC address that recently aged out?

Options:

A.

The switch references the MAC address aging table for historical addresses on the port that received the frame.

B.

The switch floods the frame to all ports in all VLANs except the port that received the frame

C.

The switch drops the frame and learns the destination MAC address again from the port that received the frame

D.

The switch floods the frame to all ports in the VLAN except the port that received the frame.

Question 4

Drag and drop each characteristic of device-management technologies from the left onto the deployment type on the right.

Options:

Question 5

Refer to the exhibit.

Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router?

Options:

A.

2001:db8:1a44:41a4:C801:BEFF:FE4A:1

B.

2001:db8:1a44:41a4:C081:BFFF:FE4A:1

C.

2001:db8:1a44:41a4:4562:098F:FE36:1

D.

2001:db8:1a44:41a4:C800:BAFE:FF00:1

Question 6

Which IP header field is changed by a Cisco device when QoS marking is enabled?

Options:

A.

Header Checksum

B.

Type of service

C.

DSCP

D.

ECN

Question 7

Refer to the exhibit. An engineer must configure a static network route between two networks so that host A communicates with host B. Drag and drop the commands from the left onto the routers where they must be configured on the right. Not all commands are used.

Options:

Question 8

Refer to the exhibit.

How many objects, Keys and JSON list values are present?

Options:

A.

three objects, two Keys, and three JSON list values

B.

three objects, three keys and two JSON Ml values

C.

one object, three keys, and three JSON list values

D.

one object, three keys and two JSON list values

Question 9

Drag and drop the management connection types from the left onto the definitions on the right.

Options:

Question 10

Refer to the exhibit.

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

What does the switch do when it receives the frame from host D?

Options:

A.

It creates a broadcast storm.

B.

It drops the frame from the MAC table of the switch.

C.

It shuts down the source port and places It In err-disable mode.

D.

It floods the frame out of every port except the source port.

Question 11

Options:

Question 12

How does MAC learning function on a switch?

Options:

A.

broadcasts frames to all ports without queueing

B.

adds unknown source MAC addresses to the address table

C.

sends a retransmission request when a new frame is received

D.

sends frames with unknown destinations to a multicast group

Question 13

A network engineer is upgrading a small data center to host several new applications, including server backups that are expected to account for up to 90% of the bandwidth during peak times. The data center connects to the MPLS network provider via a primary circuit and a secondary circuit. How does the engineer inexpensively update the data center to avoid saturation of the primary circuit by traffic associated with the backups?

Options:

A.

Assign traffic from the backup servers to a dedicated switch.

B.

Configure a dedicated circuit for the backup traffic.

C.

Place the backup servers in a dedicated VLAN.

D.

Advertise a more specific route for the backup traffic via the secondary circuit.

Question 14

What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?

Options:

A.

forwarding mode and provides the lowest-cost path to the root bridge for each VLAN

B.

learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN

C.

blocking mode and provides an alternate path toward the designated bridge

D.

listening mode and provides an alternate path toward the root bridge

Question 15

Refer to the exhibit.

A network engineer must provide configured IP addressing details to investigate a firewall rule Issue. Which subnet and mask Identify what is configured on the en0 interface?

Options:

A.

10.8.0.0/16

B.

10.8.64.0/18

C.

10.8.128.0/19

D.

10.8.138.0/24

Question 16

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 17

Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1 and the ISP must be configured with a manual assignment, and the LAN interface must be self-provisioned Both connections must use the applicable IPv6 networks Which two configurations must be applied to R1? (Choose two.)

Options:

A.

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127

B.

interface Gi0/0

ipv6 address 2001:db8:1:AFFF::/64 eui-64

C.

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127

D.

interface Gi0/0

ipv6 address 2001:db8:0:AFFF::/64 eui-64

E.

interface Gi0/0

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127

Question 18

Refer to the exhibit.

Which IP route command created the best path for a packet destined for 10.10.10.3?

Options:

A.

ip route 10.10.0.0 255.255.252.0 g0/0

B.

ip route 10.0.0.0 255.0.0.0 g0/0

C.

ip route 10.10.10.1 255.255.255.255 g0/0

D.

ip route 10.10.10.0 255.255.255.240 g0/0

Question 19

Which set of 2.4 GHz nonoverlapping wireless channels is standard in the United States?

Options:

A.

channels 2, 7, 9, and 11

B.

channels 1, 6, 11, and 14

C.

channels 2, 7, and 11

D.

channels 1, 6, and 11

Question 20

Which command enables HTTP access to the Cisco WLC?

Options:

A.

config network secureweb enable

B.

config certificate generate web admin

C.

config network webmode enable

D.

config network telnet enable

Question 21

Refer to the exhibit.

An engineer must configure the interface that connects to PC 1 and secure it in a way that only PC1 is allowed to use the port No VLAN tagging can be used except for a voice VLAN. Which command sequence must be entered to configure the switch?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 22

Refer to the exhibit. Each router must be configured with the last usable IP address in the subnet. Which configuration fulfills this requirement?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 23

Drag and drop the IPv6 address types from the left onto their description on the right.

Options:

Question 24

Refer to the exhibit.

A packet sourced from 172.18.33.2 is destined for 172.18.32.38. Where does the router forward the packet?

Options:

A.

GigabitEthernet0/0

B.

Loopback0

C.

10.1.1.1

D.

10.1.1.3

Question 25

Drag and drop the statement about AAA services from the left to the corresponding AAA services on the right.

Options:

Question 26

Which benefit does Cisco ONA Center provide over traditional campus management?

Options:

A.

Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditional campus management uses SNMPv2.

B.

Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.

C.

Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.

D.

Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent from traditional campus management.

Question 27

Refer to the exhibit.

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 28

Refer to the exhibit.

The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication?

Options:

A.

interface range gigabitethernet0/0/0-15 channel-group 1 mode on

B.

interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable

C.

interface port-channel 1 channel-group 1 mode auto

D.

interface port-channel 1 channel-group 1 mode passive

Question 29

Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.

Options:

Question 30

Which two wireless security stewards use Counter Mode Cipher Block Chaining Message Authentication Code Protocol for encryption and data integrity'? (Choose two.)

Options:

A.

WPA2

B.

WPA3

C.

Wi-Fi 6

D.

WEP

E.

WPA

Question 31

Refer to the exhibit.

Which configuration for RTR-1 deniess SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 32

What determines the sequence in which materials are planned during the material requirements planning (MRP) run?

Options:

A.

The control parameters of the MRP run

B.

The creation date of the materials

C.

The low-level code of the materials

D.

The replenishment lead time of the materials

Question 33

Refer to the exhibit.

What are two conclusions about this configuration? {Choose two.)

Options:

A.

The spanning-tree mode is Rapid PVST+.

B.

This is a root bridge.

C.

The root port is FastEthernet 2/1.

D.

The designated port is FastEthernet 2/1.

E.

The spanning-tree mode is PVST+.

Question 34

Which channel-group mode must be configured when multiple distribution interfaces connected to a WLC are bundled?

Options:

A.

Channel-group mode passive.

B.

Channel-group mode on.

C.

Channel-group mode desirable.

D.

Channel-group mode active.

Question 35

What is the difference between 1000BASE-LX/LH and 1000BASE-ZX interfaces?

Options:

A.

1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km.

B.

1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 10008ASE-ZX needs a conditioning patch cable with a multimode.

C.

1000BASE-LX/LH is supported on links up to 10km, and 1000BASE-ZX operates over links up to 70 km

D.

1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate.

Question 36

Drag and drop the statements about networking from the left onto the corresponding networking types on the right. Not all statements are used.

Options:

Question 37

Refer to the exhibit.

What must be configured to enable 802.11w on the WLAN?

Options:

A.

Set PMF to Required.

B.

Enable MAC Filtering.

C.

Enable WPA Policy.

D.

Set Fast Transition to Enabled

Question 38

Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP?

Options:

A.

service

B.

trunk

C.

AP-manager

D.

virtual AP connection

Question 39

Which type of hypervisor operates without an underlying OS to host virtual machines?

Options:

A.

Type 1

B.

Type 2

C.

Type 3

D.

Type 12

Question 40

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 41

Refer to the exhibit.

The P2P blocking action option is disabled on the WLC.

Options:

A.

Enable the Static IP Tunneling option.

B.

Disable the Coverage Hole Detection option.

C.

Check the DHCP Addr. Assignment check box.

D.

Set the P2P Blocking Action option to Forward-UpStream.

Question 42

Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge devices or access circuits fail?

Options:

A.

SLB

B.

FHRP

C.

VRRP

D.

HSRP

Question 43

What is a reason to configure a trunk port that connects to a WLC distribution port?

Options:

A.

Eliminate redundancy with a link failure in the data path.

B.

Allow multiple VLAN to be used in the data path.

C.

Provide redundancy if there is a link failure for out-of-band management.

D.

Permit multiple VLANs to provide out-of-band management.

Question 44

Which capability does TFTP provide?

Options:

A.

loads configuration files on systems without data storage devices

B.

provides authentication for data communications over a private data network

C.

provides encryption mechanisms for file transfer across a WAN

D.

provides secure file access within the LAN

Question 45

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 46

An engineer must configure neighbor discovery between the company router and an ISP

What is the next step to complete the configuration if the ISP uses a third-party router?

Options:

A.

Enable LLDP globally.

B.

Disable CDP on gi0/0.

C.

Enable LLDP TLVs on the ISP router.

D.

Disable auto-negotiation.

Question 47

What is the difference between an IPv6 link-local address and a unique local address?

Options:

A.

The scope of an IPv6 link-local address is limited to a loopback address, and an IPv6 unique local address is limited to a directly attached interface.

B.

The scope of an IPv6 link-local address can be used throughout a company site or network, but an IPv6 unique local address is limited to a loopback address.

C.

The scope of an IPv6 link-local address is global, but the scope of an IPv6 unique local address is limited to a loopback address.

D.

The scope of an IPv6 link-local address is limited to a directly attached interface, but an IPv6 unique local address is used throughout a company site or network.

Question 48

How is a configuration change made to a wireless AP in lightweight mode?

Options:

A.

SSH connection to the management IP of the AP

B.

EolP connection via the parent WLC

C.

CAPWAP/LWAPP connection via the parent WLC

D.

HTTPS connection directly to the out-of-band address of the AP

Question 49

A network engineer must configure an interface with IP address 10.10.10.145 and a subnet mask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask must the engineer use?

Options:

A.

/29

B.

/30

C.

/27

D.

/28

Question 50

Which two capabilities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two.)

Options:

A.

REST APIs that allow for external applications to interact natively

B.

adapters that support all families of Cisco IOS software

C.

SDKs that support interaction with third-party network equipment

D.

customized versions for small, medium, and large enterprises

E.

modular design that is upgradable as needed

Question 51

How does IPsec provide secure networking for applications within an organization?

Options:

A.

It takes advantage of FTP to secure file transfers between nodes on the network.

B.

It provides GRE tunnels to transmit traffic securely between network nodes.

C.

It enables sets of security associations between peers.

D.

It leverages TFTP providing secure file transfers among peers on the network.

Question 52

Which device segregates a network into separate zones that have their own security policies?

Options:

A.

IPS

B.

firewall

C.

access point

D.

switch

Question 53

Refer to the exhibit.

An administrator received a call from a branch office regarding poor application performance hosted at the headquarters. Ethernet 1 is connected between Router1 and the LAN switch. What identifies the issue?

Options:

A.

The QoS policy is dropping traffic.

B.

There is a duplex mismatch.

C.

The link is over utilized.

D.

The MTU is not set to the default value.

Question 54

Refer to the exhibit.

Packets are flowing from 192.168 10.1 to the destination at IP address 192.168.20 75. Which next hop will the router select for the packet?

Options:

A.

10.10101

B.

10.10.10.11

C.

10.10.10.12

D.

10.101014

Question 55

What is the functionality of the Cisco DNA Center?

Options:

A.

data center network pokey con

B.

console server that permits secure access to all network devices

C.

IP address cool distribution scheduler

D.

software-defined controller for automaton of devices and services

Question 56

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

Options:

A.

netstat-n

B.

ipconfig

C.

ifconfig

D.

netstat-r

Question 57

The clients and OHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1?

Options:

A.

ip route 192.168.10.1

B.

ip default-gateway 192.168.10.1

C.

ip helper-address 192.168.10.1

D.

ip dhcp address 192.168.10.1

Question 58

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 59

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 60

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 61

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 62

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 63

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 64

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 65

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 66

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 67

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 68

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 69

What is a role of wireless controllers in an enterprise network?

Options:

A.

centralize the management of access points in an enterprise network

B.

support standalone or controller-based architectures

C.

serve as the first line of defense in an enterprise network

D.

provide secure user logins to devices on the network.

Question 70

Which function is performed by the collapsed core layer in a two-tier architecture?

Options:

A.

enforcing routing policies

B.

marking interesting traffic for data polices

C.

attaching users to the edge of the network

D.

applying security policies

Question 71

An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result?

Options:

A.

logging trap 5

B.

logging trap 2

C.

logging trap 4

D.

logging trap 3

Question 72

Refer to the exhibit.

After the election process what is the root bridge in the HQ LAN?

Options:

A.

Switch 1

B.

Switch 2

C.

Switch 3

D.

Switch 4

Question 73

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Question 74

Refer to the exhibit.

An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two

changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose

two )

Options:

A.

Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic.

B.

Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic

C.

The source and destination IPs must be swapped in ACL 101

D.

The ACL must be configured the Gi0/2 interface inbound on R1

E.

The ACL must be moved to the Gi0/1 interface outbound on R2

Question 75

Refer to the Exhibit.

After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. which error must be corrected?

Options:

A.

There is a native VLAN mismatch

B.

Access mode is configured on the switch ports.

C.

The PCs are m the incorrect VLAN

D.

All VLANs are not enabled on the trunk

Question 76

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

A.

Add the switch in the VTP domain with a lower revision number

B.

Add the switch with DTP set to dynamic desirable

C.

Add the switch in the VTP domain with a higher revision number

D.

Add the switch with DTP set to desirable

Question 77

What is the benefit of using FHRP?

Options:

A.

reduced management overhead on network routers

B.

balancing traffic across multiple gateways in proportion to their loads

C.

higher degree of availability

D.

reduced ARP traffic on the network

Question 78

Refer to the exhibit.

After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface's configuration?

Options:

A.

Use the Ixml library to parse the data returned by the NETCONF server for the interface's configuration.

B.

Create an XML filter as a string and pass it to get_config() method as an argument.

C.

Create a JSON filter as a string and pass it to the get_config() method as an argument.

D.

Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

Question 79

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

Options:

A.

Layer 2 switch

B.

load balancer

C.

firewall

D.

LAN controller

Question 80

Which device performs stateful inspection of traffic?

Options:

A.

firewall

B.

switch

C.

access point

D.

wireless controller

Question 81

What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

Options:

A.

Filter traffic based on destination IP addressing

B.

Sends the default route to the hosts on a network

C.

ensures a loop-free physical topology

D.

forwards multicast hello messages between routers

Question 82

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

Options:

A.

IPsec tunnel mode with AH

B.

IPsec transport mode with AH

C.

IPsec tunnel mode with ESP

D.

IPsec transport mode with ESP

Question 83

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

A.

redundancy

B.

console

C.

distribution system

D.

service

Question 84

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

A.

YAML

B.

JSON

C.

EBCDIC

D.

SGML

E.

XML

Question 85

What is an appropriate use for private IPv4 addressing?

Options:

A.

on the public-facing interface of a firewall

B.

to allow hosts inside to communicate in both directions with hosts outside the organization

C.

on internal hosts that stream data solely to external resources

D.

on hosts that communicates only with other internal hosts

Question 86

What is the difference in data transmission delivery and reliability between TCP and UDP?

Options:

A.

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

B.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

C.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

D.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

Question 87

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

Options:

A.

The two routers synchronize configurations to provide consistent packet forwarding

B.

The two routers negotiate one router as the active router and the other as the standby router

C.

Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them

D.

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN

E.

The two routers share the same interface IP address and default gateway traffic is load-balanced between them

Question 88

An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface?

Options:

A.

ipv6 address 2001:db8::700:3:400F:572B

B.

ipv6 address 2001:db8:0::700:3:4F:572B

C.

ipv6 address 2001:Odb8::7:3:4F:572B

D.

ipv6 address 2001::db8:0000::700:3:400F:572B

Question 89

When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed?

Options:

A.

default-router

B.

default-gateway

C.

ip helper-address

D.

dns-server

Question 90

Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

Options:

A.

10.4.4.4

B.

10.4.4.5

C.

172.23.103.10

D.

172.23.104.4

Question 91

Which level of severity must be set to get informational syslogs?

Options:

A.

alert

B.

critical

C.

notice

D.

debug

Question 92

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

Options:

A.

Reassociation Request

B.

Probe Request

C.

Authentication Request

D.

Association Request

Question 93

Refer to the exhibit.

An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the right.

Options:

Question 94

What describes the operation of virtual machines?

Options:

A.

Virtual machines are responsible for managing and allocating host hardware resources

B.

In a virtual machine environment, physical servers must run one operating system at a time.

C.

Virtual machines are the physical hardware that support a virtual environment.

D.

Virtual machines are operating system instances that are decoupled from server hardware

Question 95

Refer to the exhibit.

What is the next hop address for traffic that is destined to host 10.0.1.5?

Options:

A.

10.0.1.3

B.

10.0.1.50

C.

10.0.1.4

D.

Loopback D

Question 96

Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

Options:

A.

lldp timer

B.

lldp holdtimt

C.

lldp reinit

D.

lldp tlv-select

Question 97

What is a DHCP client?

Options:

A.

a workstation that requests a domain name associated with its IP address

B.

a host that is configured to request an IP address automatically

C.

a server that dynamically assigns IP addresses to hosts.

D.

a router that statically assigns IP addresses to hosts.

Question 98

How do servers connect to the network in a virtual environment?

Options:

A.

wireless to an access point that is physically connected to the network

B.

a cable connected to a physical switch on the network

C.

a virtual switch that links to an access point that is physically connected to the network

D.

a software switch on a hypervisor that is physically connected to the network

Question 99

Which technology is used to improve web traffic performance by proxy caching?

Options:

A.

WSA

B.

Firepower

C.

ASA

D.

FireSIGHT

Question 100

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

Options:

A.

The device Is assigned to the Global site.

B.

The device Is placed into the Unmanaged state.

C.

The device is placed into the Provisioned state.

D.

The device is placed into the Managed state.

E.

The device is assigned to the Local site.

Question 101

Which virtual MAC address is used by VRRP group 1?

Options:

A.

0050.0c05.ad81

B.

0007.c061.bc01

C.

0000.5E00.0101

D.

0500.3976.6401

Question 102

Which device tracks the state of active connections in order to make a decision to forward a packet through?

Options:

A.

wireless access point

B.

firewall

C.

wireless LAN controller

D.

router

Question 103

Which two capacities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two)

Options:

A.

adapters that support all families of Cisco IOS software

B.

SDKs that support interaction with third-party network equipment

C.

customized versions for small, medium, and large enterprises

D.

REST APIs that allow for external applications to interact natively with Cisco DNA Center

E.

modular design that is upgradable as needed

Question 104

What is a benefit of VRRP?

Options:

A.

It provides traffic load balancing to destinations that are more than two hops from the source.

B.

It provides the default gateway redundancy on a LAN using two or more routers.

C.

It allows neighbors to share routing table information between each other.

D.

It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision.

Question 105

in Which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required?

Options:

A.

A spine switch and a leaf switch can be added with redundant connections between them

B.

A spine switch can be added with at least 40 GB uplinks

C.

A leaf switch can be added with a single connection to a core spine switch.

D.

A leaf switch can be added with connections to every spine switch

Question 106

When implementing a router as a DHCP server, which two features must be configured'? (Choose two)

Options:

A.

relay agent information

B.

database agent

C.

address pool

D.

smart-relay

E.

manual bindings

Question 107

Which switch technology establishes a network connection immediately when it is plugged in?

Options:

A.

PortFast

B.

BPDU guard

C.

UplinkFast

D.

BackboneFast

Question 108

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

A.

Clock timezone

B.

Clock summer-time-recurring

C.

Clock summer-time date

D.

Clock set

Question 109

Which command enables a router to become a DHCP client?

Options:

A.

ip address dhcp

B.

ip helper-address

C.

ip dhcp pool

D.

ip dhcp client

Question 110

Refer to the exhibit.

What is the metric of the route to the 192.168.10.33/28 subnet?

Options:

A.

84

B.

110

C.

128

D.

192

E.

193

Question 111

In software-defined architecture, which place handles switching for traffic through a Cisco router?

Options:

A.

Control

B.

Management

C.

Data

D.

application

Question 112

Refer to the exhibit.

What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?

Options:

A.

R1(config)#interface ethernet0/0

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

B.

R1(config)#interface ethernet0/0.20

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

C.

R1(config)#interface ethernet0/0.20

R1(config)#ip address 10.20.20.1 255.255.255.0

D.

R1(config)#interface ethernet0/0

R1(config)#ip address 10.20.20.1 255.255.255.0

Question 113

What protocol allows an engineer to back up 20 network router configurations globally while using the copy function?

Options:

A.

SMTP

B.

SNMP

C.

TCP

D.

FTP

Question 114

Refer to the exhibit.

Which type of configuration is represented in the output?

Options:

A.

Ansible

B.

JSON

C.

Chef

D.

Puppet

Question 115

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Question 116

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

A.

transport input telnet

B.

crypto key generate rsa

C.

ip ssh pubkey-chain

D.

login console

E.

username cisco password 0 Cisco

Question 117

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 118

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Question 119

Which action implements physical access control as part of the security program of an organization?

Options:

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 120

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 121

What is the function of the controller in a software-defined network?

Options:

A.

multicast replication at the hardware level

B.

fragmenting and reassembling packets

C.

making routing decisions

D.

forwarding packets

Question 122

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

A.

VLANID

B.

SSID

C.

RFID

D.

WLANID

Question 123

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

A.

10.10.10.5

B.

10.10.11.2

C.

10.10.12.2

D.

10.10.10.9

Question 124

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

Options:

A.

lp route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 125

Refer to the exhibit.

Which network prefix was learned via EIGRP?

Options:

A.

172.16.0.0/16

B.

192.168.2.0/24

C.

207.165.200.0/24

D.

192.168.1.0/24

Question 126

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

Options:

A.

router-id 10.0.0.15

B.

neighbor 10.1.2.0 cost 180

C.

ipospf priority 100

D.

network 10.0.0.0 0.0.0.255 area 0

Question 127

What provides centralized control of authentication and roaming In an enterprise network?

Options:

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Question 128

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 129

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 130

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 131

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Options:

Question 132

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 133

Refer to the exhibit.

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

Options:

A.

Define a NAT pool on the router.

B.

Configure static NAT translations for VLAN 200.

C.

Configure the ip nat outside command on another interface for VLAN 200.

D.

Update the NAT INSIDF RANGFS ACL

Question 134

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Question 135

What is the difference between IPv6 unicast and anycast addressing?

Options:

A.

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

B.

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

C.

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

D.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 136

Refer to the exhibit.

Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Options:

A.

SW1

B.

SW2

C.

SW3

D.

SW4

Question 137

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 138

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Question 139

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 140

Which action is taken by the data plane within a network device?

Options:

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Question 141

Which two components comprise part of a PKI? (Choose two.)

Options:

A.

preshared key that authenticates connections

B.

RSA token

C.

CA that grants certificates

D.

clear-text password that authenticates connections

E.

one or more CRLs

Question 142

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 143

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 144

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

A.

disabled

B.

listening

C.

forwarding

D.

learning

E.

blocking

Question 145

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 146

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

A.

Select the WPA Policy option with the CCKM option.

B.

Disable AES encryption.

C.

Enable Fast Transition and select the FT 802.1x option.

D.

Enable Fast Transition and select the FT PSK option.

Question 147

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Options:

A.

Configure the OSPF priority on router A with the lowest value between the three routers.

B.

Configure router B and router C as OSPF neighbors of router A.

C.

Configure the router A interfaces with the highest OSPF priority value within the area.

D.

Configure router A with a fixed OSPF router ID

Question 148

Which protocol uses the SSL?

Options:

A.

HTTP

B.

SSH

C.

HTTPS

D.

Telnet

Question 149

Refer to the exhibit.

What is a reason for poor performance on the network interface?

Options:

A.

The interface is receiving excessive broadcast traffic.

B.

The cable connection between the two devices is faulty.

C.

The interface is operating at a different speed than the connected device.

D.

The bandwidth setting of the interface is misconfigured

Question 150

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

Options:

A.

GigabitEthernet0/0

B.

GigabltEthornet0/1

C.

GigabitEthernet0/2

D.

GigabitEthernet0/3

Question 151

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

A.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

B.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

C.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

D.

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 152

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Options:

Question 153

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 154

What is an expected outcome when network management automation is deployed?

Options:

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Question 155

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

A.

F0/10

B.

F0/11

C.

F0/12

D.

F0/13

Question 156

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Options:

A.

Modify the configured number of the second access list.

B.

Add either the ip nat {inside|outside} command under both interfaces.

C.

Remove the overload keyword from the ip nat inside source command.

D.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Question 157

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

Options:

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Question 158

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 159

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 160

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

A.

interface FastEthernet0/0

ip helper-address 10.0.1.1

i

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

B.

interface FastEthernot0/1

ip helper-address 10.0.1.1

!

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

C.

interface FastEthernetO/0

ip helper-address 10.0.1.1

I

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

D.

interface FastEthernet0/1

ip helper-address 10.0.1.1

!

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 161

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

A.

Change the channel-group mode on SW2 to auto

B.

Change the channel-group mode on SW1 to desirable.

C.

Configure the interface port-channel 1 command on both switches.

D.

Change the channel-group mode on SW1 to active or passive.

Question 162

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

A)

B)

C)

D)

E)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 163

What is a requirement when configuring or removing LAG on a WLC?

Options:

A.

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

B.

The controller must be rebooted after enabling or reconfiguring LAG.

C.

The management interface must be reassigned if LAG disabled.

D.

Multiple untagged interfaces on the same port must be supported.

Question 164

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 165

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 166

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Question 167

What is one reason to implement LAG on a Cisco WLC?

Options:

A.

to increase security and encrypt management frames

B.

to provide link redundancy and load balancing

C.

to allow for stateful and link-state failover

D.

to enable connected switch ports to failover and use different VLANs

Question 168

A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply?

Options:

A.

interface vlan 2000

ipv6 address ffc0:0000:aaaa::1234:2343/64

B.

interface vlan 2000

Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64

C.

interface vlan 2000

ipv6 address fe80;0000:aaaa::1234:2343/64

D.

interface vlan 2000

ipv6 address fd00::1234:2343/64

Question 169

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 170

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

A.

shaping

B.

classification

C.

policing

D.

marking

Question 171

Which protocol is used for secure remote CLI access?

Options:

A.

HTTPS

B.

HTTP

C.

Telnet

D.

SSH

Question 172

Refer to the exhibit.

Which change to the configuration on Switch?

allows the two switches to establish an GtherChannel?

Options:

A.

Change the protocol to EtherChannel mode on.

B.

Change the LACP mode to active

C.

Change the LACP mode to desirable

D.

Change the protocol to PAqP and use auto mode

Question 173

Refer to the exhibit.

An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11 PC-1 and PC-2 must be placed in the Data VLAN and Phone-1 must be placed in the Voice VLAN Which configuration meets these requirements?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 174

How does CAPWAP communicate between an access point in local mode and a WLC?

Options:

A.

The access point must directly connect to the WLC using a copper cable

B.

The access point must not be connected to the wired network, as it would create a loop

C.

The access point must be connected to the same switch as the WLC

D.

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

Question 175

Refer to the exhibit.

Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 176

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

A.

configure switchport nonegotiate

B.

configure switchport mode dynamic desirable

C.

configure switchport mode dynamic auto

D.

configure switchport trunk dynamic desirable

Question 177

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

A.

access ports

B.

Layer 3 main Interfaces

C.

Layer 3 suninterfaces

D.

trunk ports

Question 178

What is the primary different between AAA authentication and authorization?

Options:

A.

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

B.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

C.

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

D.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Question 179

Which network plane is centralized and manages routing decisions?

Options:

A.

policy plane

B.

management plane

C.

control plane

D.

data plane

Question 180

An organization secures its network with multi-factor authentication using an authenticator app on employee smartphone. How is the application secured in the case of a user’s smartphone being lost or stolen?

Options:

A.

The application requires an administrator password to reactivate after a configured Interval.

B.

The application requires the user to enter a PIN before it provides the second factor.

C.

The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted.

D.

The application verifies that the user is in a specific location before it provides the second factor.

Question 181

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

Options:

A.

global unicast

B.

unique local

C.

link-local

D.

multicast

Question 182

Refer to the exhibit.

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

A.

209.165.200.254 via Serial0/0/1

B.

209.165.200.254 via Serial0/0/0

C.

209.165.200.246 via Serial0/1/0

D.

209.165.200.250 via Serial0/0/0

Question 183

Where does a switch maintain DHCP snooping information?

Options:

A.

in the MAC address table

B.

in the CAM table

C.

in the binding database

D.

in the frame forwarding database

Question 184

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.

Options:

Question 185

What are two benefits of FHRPs? (Choose two.)

Options:

A.

They prevent (oops in the Layer 2 network.

B.

They allow encrypted traffic.

C.

They are able to bundle muftlple ports to increase bandwidth

D.

They enable automatic failover of the default gateway.

E.

They allow multiple devices lo serve as a single virtual gateway for clients in the network

Question 186

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?

Options:

A.

ipv6 address 2001:0db8::5: a: 4F 583B

B.

ipv6 address 2001:db8::500:a:400F:583B

C.

ipv6 address 2001 db8:0::500:a:4F:583B

D.

ipv6 address 2001::db8:0000::500:a:400F:583B

Question 187

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 188

Refer to the exhibit.

What action establishes the OSPF neighbor relationship without forming an adjacency?

Options:

A.

modify hello interval

B.

modify process ID

C.

modify priority

D.

modify network type

Question 189

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 190

What are two differences between optical-fiber cabling and copper cabling? (Choose two)

Options:

A.

Light is transmitted through the core of the fiber

B.

A BNC connector is used for fiber connections

C.

The glass core component is encased in a cladding

D.

Fiber connects to physical interfaces using Rj-45 connections

E.

The data can pass through the cladding

Question 191

Which goal is achieved by the implementation of private IPv4 addressing on a network?

Options:

A.

provides an added level of protection against Internet exposure

B.

provides a reduction in size of the forwarding table on network routers

C.

allows communication across the Internet to other private networks

D.

allows servers and workstations to communicate across public network boundaries

Question 192

Which two actions influence the EIGRP route selection process? (Choose two)

Options:

A.

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

B.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

C.

The router calculates the feasible distance of all paths to the destination route

D.

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

E.

The router must use the advertised distance as the metric for any given route

Question 193

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

A.

Add the access-list 10 permit any command to the configuration

B.

Remove the access-class 10 in command from line vty 0.4.

C.

Add the ip access-group 10 out command to interface g0/0.

D.

Remove the password command from line vty 0 4.

Question 194

Which function is performed by DHCP snooping?

Options:

A.

propagates VLAN information between switches

B.

listens to multicast traffic for packet forwarding

C.

provides DDoS mitigation

D.

rate-limits certain traffic

Question 195

Which design element is a best practice when deploying an 802.11b wireless infrastructure?

Options:

A.

disabling TPC so that access points can negotiate signal levels with their attached wireless devices.

B.

setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller

C.

allocating nonoverlapping channels to access points that are in close physical proximity to one another

D.

configuring access points to provide clients with a maximum of 5 Mbps

Question 196

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

A.

management interface settings

B.

QoS settings

C.

Ip address of one or more access points

D.

SSID

E.

Profile name

Question 197

Refer to the exhibit.

An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right.

Options:

Question 198

What prevents a workstation from receiving a DHCP address?

Options:

A.

DTP

B.

STP

C.

VTP

D.

802.10

Question 199

A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

Options:

A.

cost

B.

adminstrative distance

C.

metric

D.

as-path

Question 200

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

A.

longest prefix

B.

metric

C.

cost

D.

administrative distance

Question 201

Refer to the exhibit.

A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?

Options:

A.

207.165.200.246 via Serial0/1/0

B.

207.165.200.254 via Serial0/0/1

C.

207.165.200.254 via Serial0/0/0

D.

207.165.200.250 via Serial/0/0/0

Question 202

Refer to the exhibit.

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

A.

eBGP

B.

static

C.

OSPF

D.

EIGRP

Question 203

Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?

Options:

A.

Ansible

B.

Python

C.

Puppet

D.

Chef

Question 204

Refer to the exhibit.

What does router R1 use as its OSPF router-ID?

Options:

A.

10.10.1.10

B.

10.10.10.20

C.

172.16.15.10

D.

192.168.0.1

Question 205

What is a characteristic of spine-and-leaf architecture?

Options:

A.

Each device is separated by the same number of hops

B.

It provides variable latency

C.

It provides greater predictability on STP blocked ports.

D.

Each link between leaf switches allows for higher bandwidth.

Question 206

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use 5GH2 access points?

Options:

A.

Re- Anchor Roamed Clients

B.

11ac MU-MIMO

C.

OEAP Split Tunnel

D.

Client Band Select

Question 207

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

Options:

A.

Enable Security Association Teardown Protection and set the SA Query timeout to 10

B.

Enable MAC filtering and set the SA Query timeout to 10

C.

Enable 802.1x Layer 2 security and set me Comeback timer to 10

D.

Enable the Protected Management Frame service and set the Comeback timer to 10

Question 208

What is a role of access points in an enterprise network?

Options:

A.

connect wireless devices to a wired network

B.

support secure user logins to devices or the network

C.

integrate with SNMP in preventing DDoS attacks

D.

serve as a first line of defense in an enterprise network

Question 209

Which condition must be met before an NMS handles an SNMP trap from an agent?

Options:

A.

The NMS software must be loaded with the MIB associated with the trap.

B.

The NMS must be configured on the same router as the SNMP agent

C.

The NMS must receive a trap and an inform message from the SNMP agent within a configured interval

D.

The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.

Question 210

Refer to the exhibit.

A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?

Options:

A.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh

B.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp

C.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet

D.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

Question 211

which IPv6 address block forwards packets to a multicast address rather than a unicast address?

Options:

A.

2000::/3

B.

FC00::/7

C.

FE80::/10

D.

FF00::/12

Question 212

Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

Options:

A.

TKiP encryption

B.

AES encryption

C.

scrambled encryption key

D.

SAE encryption

Question 213

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

Options:

A.

10.10.225.48 255.255.255.240

B.

10.10.225.32 255.255.255.240

C.

10.10.225.48 255.255.255.224

D.

10.10.225.32 255.255.255.224

Question 214

Refer to the exhibit.

If R1 receives a packet destined to 172.161.1, to which IP address does it send the packet?

Options:

A.

192.168.12.2

B.

192.168.13.3

C.

192.168.14.4

D.

192.168.15.5

Question 215

Refer to the exhibit.

The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another?

(Choose two.)

Options:

A.

Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.

B.

Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.

C.

Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.

D.

Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.

E.

Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

Question 216

How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?

Options:

A.

It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points

B.

It allows the administrator to assign channels on a per-device or per-interface basis.

C.

It segregates devices from different manufacturers onto different channels.

D.

It analyzes client load and background noise and dynamically assigns a channel.

Question 217

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?

Options:

A.

Device(Config)#lldp run

B.

Device(Config)#cdp run

C.

Device(Config-if)#cdp enable

D.

Device(Config)#flow-sampler-map topology

Question 218

Which technology must be implemented to configure network device monitoring with the highest security?

Options:

A.

IP SLA

B.

syslog

C.

NetFlow

D.

SNMPv3

Question 219

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

A.

port-to-multipoint

B.

broadcast

C.

point-to-point

D.

nonbroadcast

Question 220

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 221

What is a characteristic of private IPv4 addressing?

Options:

A.

traverse the Internet when an outbound ACL is applied

B.

issued by IANA in conjunction with an autonomous system number

C.

composed of up to 65.536 available addresses

D.

used without tracking or registration

Question 222

Refer to the exhibit.

What is the effect of this configuration?

Options:

A.

All ARP packets are dropped by the switch

B.

Egress traffic is passed only if the destination is a DHCP server.

C.

All ingress and egress traffic is dropped because the interface is untrusted

D.

The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Question 223

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

A.

Both use the same data-link header and trailer formats

B.

Both cable types support LP connectors

C.

Both cable types support Rj-45 connectors

D.

Both support up to 550 meters between nodes

Question 224

How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?

Options:

A.

Cisco DNA Center device management can deploy a network more quickly than traditional campus device management

B.

Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management

C.

Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options

D.

Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

Question 225

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

Options:

A.

enable dynamic MAC address learning

B.

implement static MAC addressing.

C.

enable sticky MAC addressing

D.

implement auto MAC address learning

Question 226

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

Options:

A.

6

B.

8

C.

12

D.

18

Question 227

What Is a syslog facility?

Options:

A.

Host that is configured for the system to send log messages

B.

password that authenticates a Network Management System to receive log messages

C.

group of log messages associated with the configured severity level

D.

set of values that represent the processes that can generate a log message

Question 228

What are two descriptions of three-tier network topologies? (Choose two)

Options:

A.

The core and distribution layers perform the same functions

B.

The access layer manages routing between devices in different domains

C.

The network core is designed to maintain continuous connectivity when devices fail.

D.

The core layer maintains wired connections for each host

E.

The distribution layer runs Layer 2 and Layer 3 technologies

Page: 1 / 57
Total 951 questions