Latest Cisco 200-301 Dumps PDF Questions Answers 2025

Cisco Certified Network Associate Questions and Answers

Question 1

Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?

Options:

HTTPS

RADIUS

TACACS+

HTTP

Buy Now

Question 2

Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?

Options:

To pass client traffic two or more ports must be configured.

The EtherChannel must be configured in "mode active"

When enabled the WLC bandwidth drops to 500 Mbps

One functional physical port is needed to pass client traffic

Question 3

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.

Options:

Question 4

Refer to the exhibit.

For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:

• Disable all neighbor discovery methods on R5 interface GiO/1.

• Permit neighbor discovery on R5 interface GiO/2.

• Verify there are no dynamically learned neighbors on R5 interface Gi0/1.

• Display the IP address of R6*s interface Gi0/2.

Which configuration must be used?

Options:

Option A

Option B

Option C

Option D

Question 5

Which result occurs when PortFast is enabled on an interface that is connected to another switch?

Options:

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

Question 6

A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

Options:

cost

adminstrative distance

metric

as-path

Question 7

A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received interface counter increments?

Options:

collision

CRC

runt

late collision

Question 8

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

bridge

route

autonomous

lightweight

Question 9

Which condition must be met before an NMS handles an SNMP trap from an agent?

Options:

The NMS software must be loaded with the MIB associated with the trap.

The NMS must be configured on the same router as the SNMP agent

The NMS must receive a trap and an inform message from the SNMP agent within a configured interval

The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.

Question 10

An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented?

Options:

switch(config-line)#IIdp port-description

switch(config)#IIdp port-description

switch(config-if)#IIdp port-description

switch#IIdp port-description

Question 11

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

Options:

Question 12

Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface?

Options:

configure a stateful DHCPv6 server on the network

enable SLAAC on an interface

disable the EUI-64 bit process

explicitly assign a link-local address

Question 13

How does CAPWAP communicate between an access point in local mode and a WLC?

Options:

The access point must directly connect to the WLC using a copper cable

The access point must not be connected to the wired network, as it would create a loop

The access point must be connected to the same switch as the WLC

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

Question 14

How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?

Options:

Cisco DNA Center device management can deploy a network more quickly than traditional campus device management

Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management

Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options

Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

Question 15

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use 5GH2 access points?

Options:

Re- Anchor Roamed Clients

11ac MU-MIMO

OEAP Split Tunnel

Client Band Select

Question 16

Which command must be entered when a device is configured as an NTP server?

Options:

ntp authenticate

ntp server

ntp peer

ntp master

Question 17

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

110

115

Question 18

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

configure switchport nonegotiate

configure switchport mode dynamic desirable

configure switchport mode dynamic auto

configure switchport trunk dynamic desirable

Question 19

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

Options:

10.10.225.48 255.255.255.240

10.10.225.32 255.255.255.240

10.10.225.48 255.255.255.224

10.10.225.32 255.255.255.224

Question 20

Refer to the exhibit.

Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Options:

passive

mode on

auto

active

Question 21

Refer to the exhibit.

How does router R1 handle traffic to 192.168.10.16?

Options:

It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.

It selects the EIGRP route because it has the lowest administrative distance.

It selects the OSPF route because it has the lowest cost.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

Question 22

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

Options:

10.10.10.0/28

10.10.13.0/25

10.10.13.144/28

10.10.13.208/29

Question 23

What is the benefit of configuring PortFast on an interface?

Options:

After the cable is connected, the interface uses the fastest speed setting available for that cable type

After the cable is connected, the interface is available faster to send and receive user data

The frames entering the interface are marked with higher priority and then processed faster by a switch.

Real-time voice and video frames entering the interface are processed faster

Question 24

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

management interface settings

QoS settings

Ip address of one or more access points

SSID

Profile name

Question 25

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?

Options:

ipv6 address 2001:0db8::5: a: 4F 583B

ipv6 address 2001:db8::500:a:400F:583B

ipv6 address 2001 db8:0::500:a:4F:583B

ipv6 address 2001::db8:0000::500:a:400F:583B

Question 26

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

Both use the same data-link header and trailer formats

Both cable types support LP connectors

Both cable types support Rj-45 connectors

Both support up to 550 meters between nodes

Question 27

Which configuration is needed to generate an RSA key for SSH on a router?

Options:

Configure the version of SSH

Configure VTY access.

Create a user with a password.

Assign a DNS domain name

Question 28

What are two descriptions of three-tier network topologies? (Choose two)

Options:

The core and distribution layers perform the same functions

The access layer manages routing between devices in different domains

The network core is designed to maintain continuous connectivity when devices fail.

The core layer maintains wired connections for each host

The distribution layer runs Layer 2 and Layer 3 technologies

Question 29

The service password-encryption command is entered on a router. What is the effect of this configuration?

Options:

restricts unauthorized users from viewing clear-text passwords in the running configuration

encrypts the password exchange when a VPN tunnel is established

prevents network administrators from configuring clear-text passwords

protects the VLAN database from unauthorized PC connections on the switch

Question 30

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

point-to-multipoint

point-to-point

broadcast

nonbroadcast

Question 31

How does WPA3 improve security?

Options:

It uses SAE for authentication.

It uses a 4-way handshake for authentication.

It uses RC4 for encryption.

It uses TKIP for encryption.

Question 32

Which technology must be implemented to configure network device monitoring with the highest security?

Options:

IP SLA

syslog

NetFlow

SNMPv3

Question 33

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

Options:

configure the hello and dead timers to match on both sides

configure the same process ID for the router OSPF process

configure the same router ID on both routing processes

Configure the interfaces as OSPF active on both sides.

configure both interfaces with the same area ID

Question 34

Refer to the exhibit.

The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another?

(Choose two.)

Options:

Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.

Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.

Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.

Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.

Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

Question 35

Refer to the exhibit.

An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If

the switch and DHCP server configurations are complete and correct. Which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two)

Options:

R1(config)# interface fa0/0

R1(config-if)# ip helper-address 198.51.100.100

R2(config)# interface gi0/0

R2(config-if)# ip helper-address 198.51.100.100

R1(config)# interface fa0/0

R1(config-if)# ip address dhcp

R1(config-if)# no shutdown

R2(config)# interface gi0/0

R2(config-if)# ip address dhcp

R1(config)# interface fa0/0

R1(config-if)# ip helper-address 192.0.2.2

Question 36

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

The switch must be running a k9 (crypto) IOS image

The Ip domain-name command must be configured on the switch

IP routing must be enabled on the switch

A console password must be configured on the switch

Telnet must be disabled on the switch

Question 37

Which goal is achieved by the implementation of private IPv4 addressing on a network?

Options:

provides an added level of protection against Internet exposure

provides a reduction in size of the forwarding table on network routers

allows communication across the Internet to other private networks

allows servers and workstations to communicate across public network boundaries

Question 38

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

sniffer

mesh

flexconnect

local

Question 39

Refer to the exhibit.

The default-information originate command is configured under the R1 OSPF configuration After testing workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet Which action corrects the configuration issue?

Options:

Add the default-information originate command onR2

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2

Add the always keyword to the default-information originate command on R1

Question 40

While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface.

Which two misconfigurations cause this behavior? (Choose two)

Options:

The packets fail to match any permit statement

A matching permit statement is too high in the access test

A matching permit statement is too broadly defined

The ACL is empty

A matching deny statement is too high in the access list

Question 41

What are two characteristics of a controller-based network? (Choose two)

Options:

The administrator can make configuration updates from the CLI

It uses northbound and southbound APIs to communicate between architectural layers

It moves the control plane to a central point.

It decentralizes the control plane, which allows each device to make its own forwarding decisions

It uses Telnet to report system issues.

Question 42

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

Options:

ip address 192.168.0.0 255.255.0.0

ip address 192.168.0.0 255.255.254.0

ip address 192.168.0.0 255.255.255.128

ip address 192.168.0.0 255.255.255.224

Question 43

When the active router in an HSRP group fails, what router assumes the role and forwards packets?

Options:

backup

standby

listening

forwarding

Question 44

What are two characteristics of a public cloud Implementation? (Choose two.)

Options:

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how It deploys network resources.

It provides services that are accessed over the Internet.

It Is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Question 45

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

access ports

Layer 3 main Interfaces

Layer 3 suninterfaces

trunk ports

Question 46

Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?

Options:

Ansible

Python

Puppet

Chef

Question 47

Which plane is centralized by an SDN controller?

Options:

management-plane

control-plane

data-plane

services-plane

Question 48

Refer to the exhibit.

Which route type is configured to reach the internet?

Options:

host route

default route

floating static route

network route

Question 49

An organization secures its network with multi-factor authentication using an authenticator app on employee smartphone. How is the application secured in the case of a user’s smartphone being lost or stolen?

Options:

The application requires an administrator password to reactivate after a configured Interval.

The application requires the user to enter a PIN before it provides the second factor.

The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted.

The application verifies that the user is in a specific location before it provides the second factor.

Question 50

Refer to the exhibit.

A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?

Options:

207.165.200.246 via Serial0/1/0

207.165.200.254 via Serial0/0/1

207.165.200.254 via Serial0/0/0

207.165.200.250 via Serial/0/0/0

Question 51

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

longest prefix

metric

cost

administrative distance

Question 52

An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration requirement?

Options:

WEP

RC4

AES

TKIP

Question 53

When OSPF learns multiple paths to a network, how does it select a route?

Options:

It multiple the active K value by 256 to calculate the route with the lowest metric.

For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.

It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.

It count the number of hops between the source router and the destination to determine the router with the lowest metric

Question 54

Refer to the exhibit.

What is the effect of this configuration?

Options:

All ARP packets are dropped by the switch

Egress traffic is passed only if the destination is a DHCP server.

All ingress and egress traffic is dropped because the interface is untrusted

The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Question 55

TION NO: 117

Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the reason for the problem?

Options:

The OSPF router IDs are mismatched.

Router2 is using the default hello timer.

The network statement on Router1 is misconfigured.

The OSPF process IDs are mismatched.

Question 56

which IPv6 address block forwards packets to a multicast address rather than a unicast address?

Options:

2000::/3

FC00::/7

FE80::/10

FF00::/12

Question 57

Refer to Exhibit.

Which action do the switches take on the trunk link?

Options:

The trunk does not form and the ports go into an err-disabled status.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 58

Refer to the exhibit.

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

eBGP

static

OSPF

EIGRP

Question 59

With REST API, which standard HTTP header tells a server which media type is expected by the client?

Options:

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

Question 60

Refer to the exhibit.

An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic Which configuration accomplishes this task?

Options:

Option A

Option B

Option C

Option D

Question 61

Which two actions influence the EIGRP route selection process? (Choose two)

Options:

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

The router calculates the feasible distance of all paths to the destination route

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

The router must use the advertised distance as the metric for any given route

Question 62

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

Question 63

NO: 251

Which IPsec transport mode encrypts the IP header and the payload?

Options:

pipe

control

transport

tunnel

Question 64

What is the collapsed layer in collapsed core architectures?

Options:

core and WAN

access and WAN

distribution and access

core and distribution

Question 65

Refer to the exhibit.

A network engineer configures the Cisco WLC to authenticate local wireless clients against a RADIUS server Which task must be performed to complete the process?

Options:

Change the Server Status to Disabled

Select Enable next to Management

Select Enable next to Network User

Change the Support for CoA to Enabled.

Question 66

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

Options:

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Question 67

Which benefit does Cisco ONA Center provide over traditional campus management?

Options:

Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditional campus management uses SNMPv2.

Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.

Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.

Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent from traditional campus management.

Question 68

Which type of address is shared by routers in a HSRP implementation and used by hosts on the subnet as their default gateway address?

Options:

multicast address

loopback IP address

virtual IP address

broadcast address

Question 69

Refer to the exhibit. Which functionalities will this SSID have while being used by wireless clients?

Options:

decreases network security against offline dictionary attacks and encourages easy access to the network

increases network security against offline dictionary attacks and discourages time-consuming brute force attacks

increases network security against man in the middle attacks and discourages denial of service attacks

decreases network security against air sniffing attacks and discourages the use of complex passwords

Question 70

Which cable type must be used to interconnect one switch using 1000 BASE-SX GBiC modules and another switch using 1000 BASE-SX SFP modules?

Options:

LC to SC

SC t ST

SC to SC

LC to LC

Question 71

Options:

Option A

Option B

Option C

Option D

Question 72

Refer to the exhibit.

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

Options:

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Question 73

Refer to the exhibit. What is the cause of the issue?

Options:

STP

port security

wrong cable type

shutdown command

Question 74

In a cloud-computing environment what is rapid elasticity?

Options:

control and monitoring of resource consumption by the tenant

automatic adjustment of capacity based on need

pooling resources in a multitenant model based on need

self-service of computing resources by the tenant

Question 75

What is the function of "off-the-shell" switches in a controller-based network?

Options:

providing a central view of the deployed network

forwarding packets

making routing decisions

setting packet-handling policies

Question 76

Refer to the exhibit. After applying this configuration to router R1, a network engineer is verifying the implementation. If all links are operating normally, and the engineer sends a series of packets from PC1 to PC3. how are the packets routed?

Options:

They are routed to 172.16.20.2.

They are routed to 192.168.100.2.

They are distributed sent round robin to interfaces SO/0/0 and SO/0/1.

They are routed to 10.0.0.2.

Question 77

Refer to the exhibit.

Which set of commands must be applied to the two switches to configure an LACP Layer 2 EtherChannel?

Options:

Option A

Option B

Option C

Option D

Question 78

Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two switches with these requirements:

• using an industry-standard trunking protocol

• permitting VLANs 1 -10 and denying other VLANs

How must the interconnecting ports be configured?

Options:

Option A

Option B

Option C

Option D

Question 79

Refer to the exhibit.

A network engineer started to configure two directly-connected routers as shown. Which command sequence must the engineer configure on R2 so that the two routers become OSPF neighbors?

Options:

Option A

Option B

Option C

Option D

Question 80

Which plane is centralized in software-defined networking?

Options:

application

services

control

data

Question 81

What is an Ansible inventory?

Options:

file that defines the target devices upon which commands and tasks are executed

unit of Python code to be executed within Ansible

collection of actions to perform on target devices, expressed in YAML format

device with Ansible installed that manages target devices

Question 82

Refer to the exhibit.

How many JSON objects are represented?

Options:

Question 83

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 84

Refer to the exhibit.

A packet sourced from 172.16.32 254 is destined for 172.16.32.8. What is the subnet mask of the preferred destination route?

Options:

255.255.224.0

255.255.255.0

255.255.255.192

255.255.255.252

Question 85

Drag and drop the characteristics of device-management technologies from the left onto the corresponding deployment types on the right.

Options:

Question 86

When a switch receives a frame for an unknown destination MAC address, how is the frame handled?

Options:

broadcast to all ports on the switch

flooded to all ports except the origination port

forwarded to the first available port

inspected and dropped by the switch

Question 87

Which two transport layer protocols carry syslog messages? (Choose two.)

Options:

TCP

RTP

UDP

ARP

Question 88

Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.

Options:

Question 89

A Cisco engineer notices thai two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?

Options:

ip ospf network broadcast

ip ospf dead-interval 40

ip ospf network point-to-point

ip ospf priority 0

Question 90

Which set of methods is supported with the REST API?

Options:

GET, POST, MOD, ERASE

GET, POST, ERASE, CHANGE

GET, PUT, POST, DELETE

GET, PUT, ERASE, CHANGE

Question 91

Refer to the exhibit. What is the next-hop P address for R2 so that PC2 reaches the application server via ElGRP?

Options:

192.168.30.1

10.10 105

10.10.10.6

192.168.201

Question 92

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)

Options:

::ffif 1014 1011/96

2001 7011046:1111:1/64

;jff06bb43cd4dd111bbff02 4545234d

2002 5121204b 1111:1/64

FF02::0WlFF00:0l)00/104

Question 93

What is a benefit of using private IPv4 addressing?

Options:

Multiple companies can use the same addresses without conflicts.

Direct connectivity is provided to internal hosts from outside an enterprise network.

Communication to the internet Is reachable without the use of NAT.

All external hosts are provided with secure communication to the Internet.

Question 94

Refer to the exhibit. An engineer must configure a static network route between two networks so that host A communicates with host B. Drag and drop the commands from the left onto the routers where they must be configured on the right. Not all commands are used.

Options:

Question 95

Which is a fact related to FTP?

Options:

It uses block numbers to identify and mitigate data-transfer errors

It always operates without user authentication

It relies on the well-known UDP port 69.

It uses two separate connections for control and data traffic

Question 96

NO: 258

Refer to the exhibit. A multivendor network exists and the company is implementing VoIP over the network for the first time.

Options:

Option A

Option B

Option C

Option D

Question 97

An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using the cryptographic protocol?

Options:

Option A

Option B

Option C

Option D

Question 98

Why would a network administrator choose to implement automation in a network environment?

Options:

To simplify the process of maintaining a consistent configuration state across all devices

To centralize device information storage

To implement centralized user account management

To deploy the management plane separately from the rest of the network Answer: A

Question 99

Refer to the exhibit.

A network administrator configures an interface control re switch so that it connects to interface Gi1/0/1 on switch Cat9300-1. Which configuration must be applied to the new interface?

Options:

Option A

Option B

Option C

Option D

Question 100

TION NO: 25

Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1 and the ISP must be configured with a manual assignment, and the LAN interface must be self-provisioned Both connections must use the applicable IPv6 networks Which two configurations must be applied to R1? (Choose two.)

Options:

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127

interface Gi0/0

ipv6 address 2001:db8:1:AFFF::/64 eui-64

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127

interface Gi0/0

ipv6 address 2001:db8:0:AFFF::/64 eui-64

interface Gi0/0

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127

Question 101

Which IPsec mode encapsulates the entire IP packet?

Options:

tunnel

Q-in-Q

SSL VPN

transport

Question 102

What is a function of the core and distribution layers in a collapsed-core architecture?

Options:

The router must use IPv4 and IPv6 addresses at Layer 3.

The core and distribution layers are deployed on two different devices to enable failover.

The router can support HSRP for Layer 2 redundancy in an IPv6 network.

The router operates on a single device or a redundant pair.

Question 103

Refer to the exhibit.

What is the subnet mask for route 172.16.4.0?

Options:

255.255.248.0

255.255.254.0

255.255.255.192

255.255.240.0

Question 104

An engineer must configure neighbor discovery between the company router and an ISP

What is the next step to complete the configuration if the ISP uses a third-party router?

Options:

Enable LLDP globally.

Disable CDP on gi0/0.

Enable LLDP TLVs on the ISP router.

Disable auto-negotiation.

Question 105

Refer to the exhibit.

A network engineer must configure router R1 with a host route to the server. Which command must the engineer configure?

Options:

R1(conftg)#lp route 10.10.10.0 255.255.255.0 192.168.0.2

R1(Config)#lp route 10.10.10.10 265.255.255.255 192 168.0.2

R1(config)#ip route 192.168.0.2 255.255.255.255 10.10.10.10

R1(config)3|p route 0.0.0.0 0.0 0.0 192 168.0.2

Question 106

Refer to the exhibit.

Which action must be taken so that neighbofing devices rapidly discover switch Cat9300?

Options:

Configure the cdp timer 10 command on switch Cat9300.

Enable portfast on the ports that connect to neighboring devices.

Configure the cdp holdtime 10 command on switch Cat9300.

Configure the cdp timer 10 command on the neighbors of switch Cat9300.

Question 107

Refer to the exhibit.

After configuring a new static route on the CPE. the engineer entered this series of commands to verify that the new configuration is operating normally When is the static default route installed into the routing table?

Options:

when 203 0 113.1 is no longer reachable as a next hop B. when the default route learned over external BGP becomes invalid

when a route to 203.0 113 1 is learned via BGP

when the default route over external BGP changes its next hop

Question 108

Which syslog severity level is considered the most severe and results in the system being considered unusable?

Options:

Alert

Error

Emergency

Critical

Question 109

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 110

Refer to the exhibit. A packet sourced from 172.16.32.254 is destined for 172.16.32.8. What is the subnet mask of the preferred destination route?

Options:

255.255.224.0

255.255.255.0

255.255.255.192

255.255.255.252

Question 111

Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.)

Options:

REMOVE

REDIRECT

OPOST

GET

UPOP

Question 112

Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.

Options:

Question 113

Refer to the exhibit.

An architect is managing a wireless network with APs from several branch offices connecting to the WLC in the data center. There is a new requirement for a single WLAN to process the client data traffic without sending it to the WLC. Which action must be taken to complete the request?

Options:

Enable local HTTP profiling.

Enable Disassociation Imminent.

Enable FlexConnect Local Switching.

Enable local DHCP Profiling.

Question 114

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

Is the internet reachable?

Is the default gateway reachable?

Is the DNS server reachable?

Question 115

When the LAG configuration is updated on a Cisco WLC which additional task must be performed when changes are complete?

Options:

Flush all MAC addresses from the WLC

Re-associate the WLC with the access point.

Re-enable the WLC interfaces

Reboot the WLC

Question 116

Which (unction generally performed by a traditional network device is replaced by a software-defined controller?

Options:

encryption and decryption for VPN link processing

building route tables and updating the forwarding table

changing the source or destination address during NAT operations

encapsulation and decapsulation of packets in a data-link frame

Question 117

Refer to the exhibit.

A network engineer must provide configured IP addressing details to investigate a firewall rule Issue. Which subnet and mask Identify what is configured on the en0 interface?

Options:

10.8.0.0/16

10.8.64.0/18

10.8.128.0/19

10.8.138.0/24

Question 118

What are two purposes of HSRP? (Choose two.)

Options:

It groups two or more routers to operate as one virtual router.

It improves network availability by providing redundant gateways.

It passes configuration information to hosts in a TCP/IP network.

It helps hosts on the network to reach remote subnets without a default gateway.

It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot.

Question 119

What differentiates device management enabled by Cisco DNA Center from traditional campus device management?

Options:

per-device

centralized

device-by-device hands-on

CLI-oriented device

Question 120

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatical togged out?

Options:

config sessions maxsessions 0

config sessions timeout 0

config serial timeout 0

config serial timeout 9600

Question 121

Refer to the exhibit.

What is the subnet mask of the route to the 10.10.13.160 prefix?

Options:

255.255.255.240

255.255.255.128

255.255.248.

255.255.255.248

Question 122

Refer to the exhibit. A network administrator configures the CPE to provide internet access to the company headquarters. Traffic must be load-balanced via ISP1 and ISP2 to ensure redundancy. Which two command sets must be configured on the CPE router? (Choose two.)

Options:

Question 123

Drag and drop the Ansible features from the left to the right Not all features are used.

Options:

Question 124

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

username CNAC secret R!41!4319115@

ip ssh version 2

line vty 0 4

crypto key generate rsa 1024

transport input ssh

Question 125

An engineer must configure R1 for a new user account. The account must meet these requirements:

* It must be configured in the local database.

* The username is engineer.

* It must use the strongest password configurable. Which command must the engineer configure on the router?

Options:

R1 (config)# username engineer2 algorithm-type scrypt secret test2021

R1(config)# username engineer2 secret 5 password S1$b1Ju$kZbBS1Pyh4QzwXyZ

R1(config)# username engineer2 privilege 1 password 7 test2021

R1(config)# username englneer2 secret 4 S1Sb1Ju$kZbBS1Pyh4QzwXyZ

Question 126

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 127

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 128

Refer to the exhibit.

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

Options:

192.168.1.0/24 via 192.168.12.2

192.168.1.128/25 via 192.168.13.3

192.168.1.192/26 via 192.168.14.4

192.168.1.224/27 via 192.168.15.5

Question 129

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 130

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

VLANID

SSID

RFID

WLANID

Question 131

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

Question 132

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 133

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Options:

Question 134

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

Configure the ip dhcp relay information command under interface Gi0/1.

Configure the ip dhcp smart-relay command globally on the router

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

Configure the ip address dhcp command under interface Gi0/0

Question 135

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

Question 136

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 137

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

192.168.0.7

192.168.0.4

192.168.0.40

192.168.3.5

Question 138

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Options:

Option A

Option B

Option C

Option D

Question 139

What is a function of a Next-Generation IPS?

Options:

makes forwarding decisions based on learned MAC addresses

serves as a controller within a controller-based network

integrates with a RADIUS server to enforce Layer 2 device authentication rules

correlates user activity with network events

Question 140

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

global unicast address

anycast address

multicast address

link-local address

Question 141

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

Options:

Option A

Option B

Option C

Option D

Question 142

Refer to the exhibit.

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

Options:

ip route 172.21.34.0 255.255.255.192 10.73.65.65

ip route 172.21.34.0 255.255.255.0 10.73.65.65

ip route 172.21.34.0 255.255.128.0 10.73.65.64

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Question 143

What is the function of the controller in a software-defined network?

Options:

multicast replication at the hardware level

fragmenting and reassembling packets

making routing decisions

forwarding packets

Question 144

Which protocol is used for secure remote CLI access?

Options:

HTTPS

HTTP

Telnet

SSH

Question 145

Refer to the exhibit.

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

Options:

switchport trunk allowed vlan 100-104

switchport trunk allowed vlan add 104

switchport trunk allowed vlan all

switchport trunk allowed vlan 104

Question 146

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Options:

Question 147

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

Select the WPA Policy option with the CCKM option.

Disable AES encryption.

Enable Fast Transition and select the FT 802.1x option.

Enable Fast Transition and select the FT PSK option.

Question 148

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Options:

Modify the configured number of the second access list.

Add either the ip nat {inside|outside} command under both interfaces.

Remove the overload keyword from the ip nat inside source command.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Question 149

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

Options:

Option A

Option B

Option C

Option D

Option E

Question 150

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

offer compression

increase security by using a WEP connection

provide authentication

protect traffic on open networks

Question 151

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Options:

Configure the OSPF priority on router A with the lowest value between the three routers.

Configure router B and router C as OSPF neighbors of router A.

Configure the router A interfaces with the highest OSPF priority value within the area.

Configure router A with a fixed OSPF router ID

Question 152

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 153

How does Rapid PVST+ create a fast loop-free network topology?

Options:

lt requires multiple links between core switches

It generates one spanning-tree instance for each VLAN

It maps multiple VLANs into the same spanning-tree instance

It uses multiple active paths between end stations.

Question 154

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 155

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

Options:

Option A

Option B

Option C

Option D

Question 156

Refer to the exhibit.

Which network prefix was learned via EIGRP?

Options:

172.16.0.0/16

192.168.2.0/24

207.165.200.0/24

192.168.1.0/24

Question 157

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

Options:

Option A

Option B

Option C

Option D

Question 158

Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right.

Options:

Question 159

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

Options:

Heavy usage is causing high latency.

An incorrect type of transceiver has been inserted into a device on the link.

physical network errors are being transmitted between the two sites.

The wrong cable type was used to make the connection.

Question 160

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

heavy traffic congestion

a duplex incompatibility

a speed conflict

queuing drops

Question 161

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

disabled

listening

forwarding

learning

blocking

Question 162

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 163

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

Options:

Option A

Option B

Option C

Option D

Question 164

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

F0/10

F0/11

F0/12

F0/13

Question 165

What is the purpose of the ip address dhcp command?

Options:

to configure an Interface as a DHCP server

to configure an interface as a DHCP helper

to configure an interface as a DHCP relay

to configure an interface as a DHCP client

Question 166

Which action implements physical access control as part of the security program of an organization?

Options:

configuring a password for the console port

backing up syslogs at a remote location

configuring enable passwords on network devices

setting up IP cameras to monitor key infrastructure

Question 167

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 168

What causes a port to be placed in the err-disabled state?

Options:

nothing plugged into the port

link flapping

shutdown command issued on the port

latency

Question 169

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

Options:

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Question 170

Refer to the exhibit.

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

Options:

Define a NAT pool on the router.

Configure static NAT translations for VLAN 200.

Configure the ip nat outside command on another interface for VLAN 200.

Update the NAT INSIDF RANGFS ACL

Question 171

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 172

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

shaping

classification

policing

marking

Question 173

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

unique local address

link-local address

aggregatable global address

IPv4-compatible IPv6 address

Question 174

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 175

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

Options:

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 176

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

WLAN dynamic

management

trunk

access

Question 177

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

Options:

router-id 10.0.0.15

neighbor 10.1.2.0 cost 180

ipospf priority 100

network 10.0.0.0 0.0.0.255 area 0

Question 178

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

SYIM flood

reflection

teardrop

amplification

Question 179

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 180

Which wireless security protocol relies on Perfect Forward Secrecy?

Options:

WPA3

WPA

WEP

WPA2

Question 181

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

Options:

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Question 182

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

Options:

ipv6 address 21:EB8:C1:2200:1::331/64

ipv6 address 2001:EB8:C1:22:1::331/64

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Question 183

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 184

What provides centralized control of authentication and roaming In an enterprise network?

Options:

a lightweight access point

a firewall

a wireless LAN controller

a LAN switch

Question 185

Which action is taken by the data plane within a network device?

Options:

forwards traffic to the next hop

constructs a routing table based on a routing protocol

provides CLI access to the network device

looks up an egress interface in the forwarding information base

Question 186

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 187

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.

On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.

On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.

On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.

On both SW1 and SW2, exit the interface range configuration mode by using the exit command.

On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.

On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.

On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.

On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.

On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.

On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 188

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 189

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 190

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 191

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.

To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 192

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 193

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 194

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 195

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 196

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 197

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

Options:

IPsec tunnel mode with AH

IPsec transport mode with AH

IPsec tunnel mode with ESP

IPsec transport mode with ESP

Question 198

An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?

Options:

Option A

Option B

Option C

Option D

Question 199

Which two protocols are supported on service-port interfaces? (Choose two.)

Options:

RADIUS

TACACS+

SCP

Telnet

SSH

Question 200

Which IPv6 address block sends packets to a group address rather than a single address?

Options:

2000::/3

FC00::/7

FE80::/10

FF00::/8

Question 201

Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

Options:

lldp timer

lldp holdtimt

lldp reinit

lldp tlv-select

Question 202

Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

Options:

CPU ACL

TACACS

Flex ACL

RADIUS

Question 203

What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

Options:

Filter traffic based on destination IP addressing

Sends the default route to the hosts on a network

ensures a loop-free physical topology

forwards multicast hello messages between routers

Question 204

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

YAML

JSON

EBCDIC

SGML

XML

Question 205

Drag and drop the QoS congestion management terms from the left onto the description on the right.

Options:

Question 206

A network engineer is configuring an OSPFv2 neighbor adjacency Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used

Options:

Question 207

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

Options:

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

Question 208

Refer to the exhibit.

Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)

Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.

Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

Options:

Ipv6 route 2001:db8:23::/128 fd00:12::2

Ipv6 route 2001:db8:23::14/128 fd00:13::3

Ipv6 route 2001:db8:23::14/64 fd00:12::2

Ipv6 route 2001:db8:23::/64 fd00:12::2

Ipv6 route 2001:db8:23::14/64 fd00:12::2 200

Question 209

Which type of attack can be mitigated by dynamic ARP inspection?

Options:

worm

malware

DDoS

man-in-the-middle

Question 210

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

switch(config)#spanning-tree portfast default

switch(config)#spanning-tree portfast bpduguard default

switch(config-if)#spanning-tree portfast trunk

switch(config-if)#no spanning-tree portfast

Question 211

Refer to the exhibit.

An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two

changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose

two )

Options:

Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic.

Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic

The source and destination IPs must be swapped in ACL 101

The ACL must be configured the Gi0/2 interface inbound on R1

The ACL must be moved to the Gi0/1 interface outbound on R2

Question 212

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

switchport port-security violation access

switchport port-security violation protect

switchport port-security violation restrict

switchport port-security violation shutdown

Question 213

Which CRUD operation corresponds to the HTTP GET method?

Options:

read

update

create

delete

Question 214

If a notice-level messaging is sent to a syslog server, which event has occurred?

Options:

A network device has restarted

An ARP inspection has failed

A routing instance has flapped

A debug operation is running

Question 215

Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

Options:

cookbook

task

playbook

model

recipe

Question 216

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

Add the switch in the VTP domain with a lower revision number

Add the switch with DTP set to dynamic desirable

Add the switch in the VTP domain with a higher revision number

Add the switch with DTP set to desirable

Question 217

When a switch receives a frame for a known destination MAC address, how is the frame handed?

Options:

sent to the port identified for the known MAC address

broadcast to all ports

forwarded to the first available port

flooded to all ports except the one from which it originated

Question 218

What is a similarity between OM3 and OM4 fiber optic cable?

Options:

Both have a 50 micron core diameter

Both have a 9 micron core diameter

Both have a 62.5 micron core diameter

Both have a 100 micron core diameter

Question 219

Refer to the exhibit.

A router reserved these five routes from different routing information sources.

Which two routes does the router install in its routing table? (Choose two)

Options:

RIP route 10.0.0.0/30

iBGP route 10.0.0.0/30

OSPF route 10.0.0.0/30

EIGRP route 10.0.0.1/32

OSPF route 10.0.0.0/16

Question 220

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

redundancy

console

distribution system

service

Question 221

Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?

Options:

intrusion detection

user awareness

physical access control

network authorization

Question 222

Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

Options:

10.4.4.4

10.4.4.5

172.23.103.10

172.23.104.4

Question 223

Refer to the exhibit.

Which type of configuration is represented in the output?

Options:

Ansible

JSON

Chef

Puppet

Question 224

When implementing a router as a DHCP server, which two features must be configured'? (Choose two)

Options:

relay agent information

database agent

address pool

smart-relay

manual bindings

Question 225

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 226

In QoS, which prioritization method is appropriate for interactive voice and video?

Options:

expedited forwarding

traffic policing

round-robin scheduling

low-latency queuing

Question 227

When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed?

Options:

default-router

default-gateway

ip helper-address

dns-server

Question 228

Refer to the exhibit.

Router R4 is dynamically learning the path to the server. If R4 is connected to R1 via OSPF Area 20, to R2 v2ia R2 BGP, and to R3 via EIGRP 777, which path is installed in the routing table of R4?

Options:

the path through R1, because the OSPF administrative distance is 110

the path through R2. because the IBGP administrative distance is 200

the path through R2 because the EBGP administrative distance is 20

the path through R3. because the EIGRP administrative distance is lower than OSPF and BGP

Question 229

What is a practice that protects a network from VLAN hopping attacks?

Options:

Enable dynamic ARP inspection

Configure an ACL to prevent traffic from changing VLANs

Change native VLAN to an unused VLAN ID

Implement port security on internet-facing VLANs

Question 230

What are two functions of an SDN controller? (Choose two)

Options:

Layer 2 forwarding

coordinating VTNs

tracking hosts

managing the topology

protecting against DDoS attacks

Question 231

Which technology is used to improve web traffic performance by proxy caching?

Options:

WSA

Firepower

ASA

FireSIGHT

Question 232

How are VLAN hopping attacks mitigated?

Options:

enable dynamic ARP inspection

manually implement trunk ports and disable DTP

activate all ports and place in the default VLAN

configure extended VLANs

Question 233

Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used

Options:

Question 234

What is the purpose of a southbound API in a control based networking architecture?

Options:

Facilities communication between the controller and the applications

Facilities communication between the controller and the networking hardware

allows application developers to interact with the network

integrates a controller with other automation and orchestration tools.

Question 235

What is the benefit of using FHRP?

Options:

reduced management overhead on network routers

balancing traffic across multiple gateways in proportion to their loads

higher degree of availability

reduced ARP traffic on the network

Question 236

What is a role of wireless controllers in an enterprise network?

Options:

centralize the management of access points in an enterprise network

support standalone or controller-based architectures

serve as the first line of defense in an enterprise network

provide secure user logins to devices on the network.

Question 237

Refer to the exhibit.

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

Options:

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Question 238

Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?

Options:

BPDUfilter

PortFast

Backbonefast

BPDUguard

Question 239

A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused remaining. Which action should be taken for the unused ports?

Options:

configure port in the native VLAN

configure ports in a black hole VLAN

configure in a nondefault native VLAN

configure ports as access ports

Question 240

What is a DHCP client?

Options:

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts

a workstation that requests a domain name associated with its IP address

a rooter that statically assigns IP addresses to hosts

Question 241

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

initiates a ping request to the URL

prompts the user to specify the desired IP address

continuously attempts to resolve the URL until the command is cancelled

sends a broadcast message in an attempt to resolve the URL

Question 242

Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate? (Choose two)

Options:

OSPF area

OSPF MD5 authentication key

iPv6 address

OSPf process ID

OSPf stub flag

Question 243

Which network action occurs within the data plane?

Options:

compare the destination IP address to the IP routing table.

run routing protocols (OSPF, EIGRP, RIP, BGP)

make a configuration change from an incoming NETCONF RPC

reply to an incoming ICMP echo request

Question 244

How are the switches in a spine-and-leaf topology interconnected?

Options:

Each leaf switch is connected to one of the spine switches.

Each leaf switch is connected to two spine switches, making a loop.

Each leaf switch is connected to each spine switch.

Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.

Question 245

Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.

Options:

Question 246

Refer to the exhibit.

After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface's configuration?

Options:

Use the Ixml library to parse the data returned by the NETCONF server for the interface's configuration.

Create an XML filter as a string and pass it to get_config() method as an argument.

Create a JSON filter as a string and pass it to the get_config() method as an argument.

Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

Question 247

Refer to exhibit.

Which statement explains the configuration error message that is received?

Options:

It is a broadcast IP address

The router does not support /28 mask.

It belongs to a private IP address range.

IT is a network IP address.

Exam Detail

Vendor: Cisco

Certification: CCNA

Exam Code: 200-301

Exam Name: Cisco Certified Network Associate

Last Update: Jul 15, 2025

200-301 Question Answers

Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Cisco 200-301 Dumps Questions Answers

Cisco Certified Network Associate Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer: