Cisco 200-301 today updated questions - Verified by Cisco Experts

Cisco Certified Network Associate Questions and Answers

Question 1

Refer to the exhibit.

A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?

Options:

Switch trunk allowed vlan 12

Switchport trunk allowed vlan none

Switchport trunk allowed vlan add 13

Switchport trunk allowed vlan remove 10-11

Question 2

Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

Options:

enable secret

service password-encryption

username Cisco password encrypt

enable password

Question 3

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

It sends packets out of interface Fa0/2 only.

It sends packets out of interface Fa0/1 only.

It cannot send packets to 10.10.13 128/25

It load-balances traffic out of Fa0/1 and Fa0/2

Question 4

What is a practice that protects a network from VLAN hopping attacks?

Options:

Enable dynamic ARP inspection

Configure an ACL to prevent traffic from changing VLANs

Change native VLAN to an unused VLAN ID

Implement port security on internet-facing VLANs

Question 5

What is the purpose of traffic shaping?

Options:

to mitigate delays over slow links

to provide fair queuing for buffered flows

to limit the bandwidth that a flow can use to

be a marking mechanism that identifies different flows

Question 6

What is a function of Wireless LAN Controller?

Options:

use SSIDs to distinguish between wireless clients.

send LWAPP packets to access points.

monitor activity on wireless and wired LANs

Question 7

Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)

Options:

listening

blocking

forwarding

learning

speaking

Question 8

What is the function of a hub-and-spoke WAN topology?

Options:

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Question 9

Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down?

Options:

Option A

B. Option B

Option C

Option D

Question 10

Which technology is appropriate for communication between an SDN controller and applications running over the network?

Options:

OpenFlow

REST API

NETCONF

Southbound API

Question 11

Which function is performed by the collapsed core layer in a two-tier architecture?

Options:

enforcing routing policies

marking interesting traffic for data polices

attaching users to the edge of the network

applying security policies

Question 12

What is the primary purpose of a First Hop Redundancy Protocol?

Options:

It allows directly connected neighbors to share configuration information.

It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.

It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.

It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

Question 13

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

Options:

IPsec tunnel mode with AH

IPsec transport mode with AH

IPsec tunnel mode with ESP

IPsec transport mode with ESP

Question 14

What must be considered when using 802:11 ta?

Options:

It is compatible with 802 lib- and 802 11-compliant wireless devices

It is used in place of 802 11b/g when many nonoverlapping channels are required

It is susceptible to interference from 2 4 GHz devices such as microwave ovens.

It is chosen over 802 11b/g when a lower-cost solution is necessary

Question 15

Refer to the exhibit.

Which switch in this configuration will be elected as the root bridge?

Options:

SW1

SW2

SW3

SW4

Question 16

which purpose does a northbound API serve in a controller-based networking architecture?

Options:

communicates between the controller and the physical network hardware

reports device errors to a controller

generates statistics for network hardware and traffic

facilitates communication between the controller and the applications

Question 17

Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

Options:

autonomous

lightweight

bridge

mobility express

Question 18

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 19

Which virtual MAC address is used by VRRP group 1?

Options:

0050.0c05.ad81

0007.c061.bc01

0000.5E00.0101

0500.3976.6401

Question 20

What is a DHCP client?

Options:

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts

a workstation that requests a domain name associated with its IP address

a rooter that statically assigns IP addresses to hosts

Question 21

Refer to the exhibit.

If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1?

Options:

DHCP client

access point

router

Question 22

A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two)

Options:

runts

giants

frame

CRC

input errors

Question 23

Drag and drop the IPv6 address type characteristics from the left to the right.

Options:

Question 24

In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

Options:

There is limited unique address space, and traffic on the new subnet will stay local within the organization.

The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.

Traffic on the subnet must traverse a site-to-site VPN to an outside organization.

The ISP requires the new subnet to be advertised to the internet for web services.

Question 25

Which two protocols are supported on service-port interfaces? (Choose two.)

Options:

RADIUS

TACACS+

SCP

Telnet

SSH

Question 26

Which action does the router take as it forwards a packet through the network?

Options:

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination

The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination

The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination

Question 27

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 28

What is the difference in data transmission delivery and reliability between TCP and UDP?

Options:

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

Question 29

What is the role of a firewall in an enterprise network?

Options:

Forwards packets based on stateless packet inspection

Processes unauthorized packets and allows passage to less secure segments of the network

determines which packets are allowed to cross from unsecured to secured networks

explicitly denies all packets from entering an administrative domain

Question 30

What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

Options:

Filter traffic based on destination IP addressing

Sends the default route to the hosts on a network

ensures a loop-free physical topology

forwards multicast hello messages between routers

Question 31

How do TCP and UDP differ in the way that they establish a connection between two endpoints?

Options:

TCP uses synchronization packets, and UDP uses acknowledgment packets.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

UDP provides reliable message transfer and TCP is a connectionless protocol

TCP uses the three-way handshake and UDP does not guarantee message delivery

Question 32

What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two.)

Options:

serves as the network aggregation point

provides a boundary between Layer 2 and Layer 3 communications

designed to meet continuous, redundant uptime requirements

is the backbone for the network topology

physical connection point for a LAN printer

Question 33

Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right

Options:

Question 34

What is a characteristic of cloud-based network topology?

Options:

wireless connections provide the sole access method to services

onsite network services are provided with physical Layer 2 and Layer 3 components

services are provided by a public, private, or hybrid deployment

physical workstations are configured to share resources

Question 35

When implementing a router as a DHCP server, which two features must be configured'? (Choose two)

Options:

relay agent information

database agent

address pool

smart-relay

manual bindings

Question 36

What describes the operation of virtual machines?

Options:

Virtual machines are responsible for managing and allocating host hardware resources

In a virtual machine environment, physical servers must run one operating system at a time.

Virtual machines are the physical hardware that support a virtual environment.

Virtual machines are operating system instances that are decoupled from server hardware

Question 37

What is the benefit of using FHRP?

Options:

reduced management overhead on network routers

balancing traffic across multiple gateways in proportion to their loads

higher degree of availability

reduced ARP traffic on the network

Question 38

Refer to the exhibit.

An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the right.

Options:

Question 39

Which two WAN architecture options help a business improve scalability and reliability for the network? (Choose two.)

Options:

asynchronous routing

single-homed branches

dual-homed branches

static routing

dynamic routing

Question 40

Which CRUD operation corresponds to the HTTP GET method?

Options:

read

update

create

delete

Question 41

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

Options:

Reassociation Request

Probe Request

Authentication Request

Association Request

Question 42

An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured Drag and drop the configuration commands from the left into the correct sequence on the right Not all commands are used

Options:

Question 43

Which type of address is the public IP address of a NAT device?

Options:

outside global

outsdwde local

inside global

insride local

outside public

inside public

Question 44

Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

Options:

10.4.4.4

10.4.4.5

172.23.103.10

172.23.104.4

Question 45

What criteria is used first during the root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 46

Which resource is able to be shared among virtual machines deployed on the same physical server?

Options:

disk

applications

VM configuration file

operating system

Question 47

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

Options:

The device Is assigned to the Global site.

The device Is placed into the Unmanaged state.

The device is placed into the Provisioned state.

The device is placed into the Managed state.

The device is assigned to the Local site.

Question 48

What is a similarity between OM3 and OM4 fiber optic cable?

Options:

Both have a 50 micron core diameter

Both have a 9 micron core diameter

Both have a 62.5 micron core diameter

Both have a 100 micron core diameter

Question 49

What is a role of wireless controllers in an enterprise network?

Options:

centralize the management of access points in an enterprise network

support standalone or controller-based architectures

serve as the first line of defense in an enterprise network

provide secure user logins to devices on the network.

Question 50

How does Cisco DNA Center gather data from the network?

Options:

Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller

Devices establish an iPsec tunnel to exchange data with the controller

Devices use the call-home protocol to periodically send data to the controller.

The Cisco CU Analyzer tool gathers data from each licensed network device and streams it to the controller.

Question 51

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

switch(config)#spanning-tree portfast default

switch(config)#spanning-tree portfast bpduguard default

switch(config-if)#spanning-tree portfast trunk

switch(config-if)#no spanning-tree portfast

Question 52

How are VLAN hopping attacks mitigated?

Options:

enable dynamic ARP inspection

manually implement trunk ports and disable DTP

activate all ports and place in the default VLAN

configure extended VLANs

Question 53

Which state does the switch port move to when PortFast is enabled?

Options:

learning

forwarding

blocking

listening

Question 54

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

Options:

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

Question 55

What is the difference regarding reliability and communication type between TCP and UDP?

Options:

TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol

TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol

TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol

TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol

Question 56

How do TCP and UDP differ in the way they provide reliability for delivery of packets?

Options:

TCP is a connectionless protocol that does not provide reliable delivery of data, UDP is a connection-oriented protocol that uses sequencing to provide reliable delivery.

TCP does not guarantee delivery or error checking to ensure that there is no corruption of data UDP provides message acknowledgement and retransmits data if lost.

TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing

TCP uses windowing to deliver packets reliably; UDP provides reliable message transfer between hosts by establishing a three-way handshake

Question 57

How do servers connect to the network in a virtual environment?

Options:

wireless to an access point that is physically connected to the network

a cable connected to a physical switch on the network

a virtual switch that links to an access point that is physically connected to the network

a software switch on a hypervisor that is physically connected to the network

Question 58

Refer to the exhibit.

Which password must an engineer use to enter the enable mode?

Options:

adminadmin123

default

testing 1234

cisco123

Question 59

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

Options:

The two routers synchronize configurations to provide consistent packet forwarding

The two routers negotiate one router as the active router and the other as the standby router

Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN

The two routers share the same interface IP address and default gateway traffic is load-balanced between them

Question 60

If a notice-level messaging is sent to a syslog server, which event has occurred?

Options:

A network device has restarted

An ARP inspection has failed

A routing instance has flapped

A debug operation is running

Question 61

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

Select the WPA Policy option with the CCKM option.

Disable AES encryption.

Enable Fast Transition and select the FT 802.1x option.

Enable Fast Transition and select the FT PSK option.

Question 62

What is the purpose of the ip address dhcp command?

Options:

to configure an Interface as a DHCP server

to configure an interface as a DHCP helper

to configure an interface as a DHCP relay

to configure an interface as a DHCP client

Question 63

Which protocol uses the SSL?

Options:

HTTP

SSH

HTTPS

Telnet

Question 64

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

Options:

Option A

Option B

Option C

Option D

Question 65

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

10.10.10.5

10.10.11.2

10.10.12.2

10.10.10.9

Question 66

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

user-activity logging

service limitations

consumption-based billing

identity verification

Question 67

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

Options:

via next-hop 10.0.1.5

via next-hop 10 0 1.4

via next-hop 10.0 1.50

via next-hop 10.0 1 100

Question 68

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 69

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

Options:

Heavy usage is causing high latency.

An incorrect type of transceiver has been inserted into a device on the link.

physical network errors are being transmitted between the two sites.

The wrong cable type was used to make the connection.

Question 70

Refer to the exhibit.

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

Options:

ip route 172.21.34.0 255.255.255.192 10.73.65.65

ip route 172.21.34.0 255.255.255.0 10.73.65.65

ip route 172.21.34.0 255.255.128.0 10.73.65.64

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Question 71

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 72

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 73

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

Options:

SSH

HTTPS

Telnet

console

Question 74

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

unique local address

link-local address

aggregatable global address

IPv4-compatible IPv6 address

Question 75

Refer to the exhibit.

What is a reason for poor performance on the network interface?

Options:

The interface is receiving excessive broadcast traffic.

The cable connection between the two devices is faulty.

The interface is operating at a different speed than the connected device.

The bandwidth setting of the interface is misconfigured

Question 76

What causes a port to be placed in the err-disabled state?

Options:

nothing plugged into the port

link flapping

shutdown command issued on the port

latency

Question 77

What is a function of a Next-Generation IPS?

Options:

makes forwarding decisions based on learned MAC addresses

serves as a controller within a controller-based network

integrates with a RADIUS server to enforce Layer 2 device authentication rules

correlates user activity with network events

Question 78

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

Options:

It drops the frame from the switch CAM table.

It floods the frame out of all ports except port Fa0/1.

It shuts down the port Fa0/1 and places it in err-disable mode.

It experiences a broadcast storm.

Question 79

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Options:

Option A

Option B

Option C

Option D

Question 80

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

F0/10

F0/11

F0/12

F0/13

Question 81

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

Options:

Option A

Option B

Option C

Option D

Question 82

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

offer compression

increase security by using a WEP connection

provide authentication

protect traffic on open networks

Question 83

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Options:

Configure the OSPF priority on router A with the lowest value between the three routers.

Configure router B and router C as OSPF neighbors of router A.

Configure the router A interfaces with the highest OSPF priority value within the area.

Configure router A with a fixed OSPF router ID

Question 84

What provides centralized control of authentication and roaming In an enterprise network?

Options:

a lightweight access point

a firewall

a wireless LAN controller

a LAN switch

Question 85

What is an expected outcome when network management automation is deployed?

Options:

A distributed management plane must be used.

Software upgrades are performed from a central controller

Complexity increases when new device configurations are added

Custom applications are needed to configure network devices

Question 86

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 87

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

password password

crypto key generate rsa modulus 1024

ip domain-name domain

ip ssh authentication-retries 2

Question 88

Which field within the access-request packet is encrypted by RADIUS?

Options:

authorized services

authenticator

username

password

Question 89

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 90

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 91

Which PoE mode enables powered-device detection and guarantees power when the device is detected?

Options:

dynamic

static

active

auto

Question 92

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

Options:

GigabitEthernet0/0

GigabltEthornet0/1

GigabitEthernet0/2

GigabitEthernet0/3

Question 93

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 94

What is the function of the controller in a software-defined network?

Options:

multicast replication at the hardware level

fragmenting and reassembling packets

making routing decisions

forwarding packets

Question 95

Refer to the exhibit.

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

There is a duplex mismatch on the interface

There is an issue with the fiber on the switch interface.

There is a speed mismatch on the interface.

There is an interface type mismatch

Question 96

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 97

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

VLANID

SSID

RFID

WLANID

Question 98

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

Options:

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 99

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

Options:

router-id 10.0.0.15

neighbor 10.1.2.0 cost 180

ipospf priority 100

network 10.0.0.0 0.0.0.255 area 0

Question 100

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

Options:

int range g0/0-1

channel-group 10 mode active

int range g0/0-1 chanm.l-group 10 mode desirable

int range g0/0-1

channel-group 10 mode passive

int range g0/0-1 channel-group 10 mode auto

int range g0/0-1 channel-group 10 mode on

Question 101

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

192.168.0.7

192.168.0.4

192.168.0.40

192.168.3.5

Question 102

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

Options:

Option A

Option B

Option C

Option D

Question 103

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

Options:

Option A

Option B

Option C

Option D

Question 104

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 105

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

heavy traffic congestion

a duplex incompatibility

a speed conflict

queuing drops

Question 106

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

Options:

Option A

Option B

Option C

Option D

Question 107

Refer to the exhibit.

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

Options:

192.168.1.0/24 via 192.168.12.2

192.168.1.128/25 via 192.168.13.3

192.168.1.192/26 via 192.168.14.4

192.168.1.224/27 via 192.168.15.5

Question 108

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

Change the channel-group mode on SW2 to auto

Change the channel-group mode on SW1 to desirable.

Configure the interface port-channel 1 command on both switches.

Change the channel-group mode on SW1 to active or passive.

Question 109

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

Configure the ip dhcp relay information command under interface Gi0/1.

Configure the ip dhcp smart-relay command globally on the router

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

Configure the ip address dhcp command under interface Gi0/0

Question 110

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 111

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

Options:

Option A

Option B

Option C

Option D

Question 112

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 113

Which wireless security protocol relies on Perfect Forward Secrecy?

Options:

WPA3

WPA

WEP

WPA2

Question 114

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

Question 115

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

global unicast address

anycast address

multicast address

link-local address

Question 116

Refer to the exhibit.

Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Options:

SW1

SW2

SW3

SW4

Question 117

What is the difference between IPv6 unicast and anycast addressing?

Options:

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 118

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 119

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 120

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

Options:

Option A

Option B

Option C

Option D

Question 121

Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

Options:

action

management

control

data

Question 122

What benefit does controller-based networking provide versus traditional networking?

Options:

moves from a two-tier to a three-tier network architecture to provide maximum redundancy

provides an added layer of security to protect from DDoS attacks

allows configuration and monitoring of the network from one centralized port

combines control and data plane functionality on a single device to minimize latency

Question 123

Refer to the exhibit.

Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Options:

Interface errors are incrementing

An incorrect SFP media type was used at SiteA

High usage is causing high latency

The sites were connected with the wrong cable type

Question 124

The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two)

Options:

There is a duplex mismatch

There is a speed mismatch

There is a protocol mismatch

The interface is shut down

The interface is error-disabled

Question 125

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

Options:

global unicast

unique local

link-local

multicast

Question 126

If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames?

Options:

The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.

The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.

The new frame is placed in a queue for transmission after the previous frame.

The two frames are processed and delivered at the same time.

Question 127

Which type of organization should use a collapsed-core architecture?

Options:

large and requires a flexible, scalable network design

large and must minimize downtime when hardware fails

small and needs to reduce networking costs currently

small but is expected to grow dramatically in the near future

Question 128

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use 5GH2 access points?

Options:

Re- Anchor Roamed Clients

11ac MU-MIMO

OEAP Split Tunnel

Client Band Select

Question 129

Which set of action satisfy the requirement for multifactor authentication?

Options:

The user swipes a key fob, then clicks through an email link

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

The user enters a user name and password and then re-enters the credentials on a second screen

Question 130

Refer to the exhibit.

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

209.165.200.254 via Serial0/0/1

209.165.200.254 via Serial0/0/0

209.165.200.246 via Serial0/1/0

209.165.200.250 via Serial0/0/0

Question 131

Refer to the exhibit.

To which device does Router1 send packets that are destined to host 10.10.13.165?

Options:

Router2

Router3

Router4

Router5

Question 132

Which type of API allows SDN controllers to dynamically make changes to the network?

Options:

northbound API

REST API

SOAP API

southbound API

Question 133

Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right

Options:

Question 134

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

enable AAA override

enable RX-SOP

enable DTIM

enable Band Select

Question 135

Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

Options:

1,6,11

1,5,10

1,2,3

5,6,7

Question 136

Refer to the exhibit.

A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site?

Options:

Option A

Option B

Option C

Option D

Question 137

A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

Options:

ip route 10.10.1.0 255.255.255.240 10.10.255.1

ip route 10.10.1.16 255.255.255.252 10.10.255.1

ip route 10.10.1.20 255.255.255.252 10.10.255.1

ip route 10.10.1.20 255.255.255.254 10.10.255.1

Question 138

Which result occurs when PortFast is enabled on an interface that is connected to another switch?

Options:

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

Question 139

An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled

Which action is necessary to complete the configuration if the ISP uses third-party network devices?

Options:

Enable LLDP globally

Disable autonegotiation

Disable Cisco Discovery Protocol on the interface

Enable LLDP-MED on the ISP device

Question 140

Refer to the exhibit.

The default-information originate command is configured under the R1 OSPF configuration After testing workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet Which action corrects the configuration issue?

Options:

Add the default-information originate command onR2

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2

Add the always keyword to the default-information originate command on R1

Question 141

What is a characteristic of private IPv4 addressing?

Options:

traverse the Internet when an outbound ACL is applied

issued by IANA in conjunction with an autonomous system number

composed of up to 65.536 available addresses

used without tracking or registration

Question 142

Refer to the exhibit.

Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Options:

passive

mode on

auto

active

Question 143

Refer to the exhibit.

A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?

Options:

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

Question 144

What makes Cisco DNA Center different from traditional network management applications and their management of networks?

Options:

It omits supports auto-discovery of network elements in a greenfield deployment.

It modular design allows someone to implement different versions to meet the specific needs of an organization

It abstracts policy from the actual device configuration

It does not support high availability of management functions when operating in cluster mode

Question 145

Which JSON data type is an unordered set of attribute- value pairs?

Options:

array

string

object

Boolean

Question 146

How does the dynamically-learned MAC address feature function?

Options:

The CAM table is empty until ingress traffic arrives at each port

Switches dynamically learn MAC addresses of each connecting CAM table.

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

It requires a minimum number of secure MAC addresses to be filled dynamically

Question 147

What is a role of access points in an enterprise network?

Options:

connect wireless devices to a wired network

support secure user logins to devices or the network

integrate with SNMP in preventing DDoS attacks

serve as a first line of defense in an enterprise network

Question 148

Refer to the exhibit.

How does router R1 handle traffic to 192.168.10.16?

Options:

It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.

It selects the EIGRP route because it has the lowest administrative distance.

It selects the OSPF route because it has the lowest cost.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

Question 149

What prevents a workstation from receiving a DHCP address?

Options:

DTP

STP

VTP

802.10

Question 150

Which technology can prevent client devices from arbitrarily connecting to the network without state remediation?

Options:

802.1x

IP Source Guard

MAC Authentication Bypass

802.11n

Question 151

Refer to the exhibit.

An engineer is required to verify that the network parameters are valid for the users wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.

Options:

Question 152

Refer to the exhibit.

Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?

Options:

R2 is using the passive-interface default command

R1 has an incorrect network command for interface Gi1/0

R2 should have its network command in area 1

R1 interface Gil/0 has a larger MTU size

Question 153

Where does a switch maintain DHCP snooping information?

Options:

in the MAC address table

in the CAM table

in the binding database

in the frame forwarding database

Question 154

Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface?

Options:

configure a stateful DHCPv6 server on the network

enable SLAAC on an interface

disable the EUI-64 bit process

explicitly assign a link-local address

Question 155

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

Options:

10.10.225.48 255.255.255.240

10.10.225.32 255.255.255.240

10.10.225.48 255.255.255.224

10.10.225.32 255.255.255.224

Question 156

Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic?

Options:

FIFO

WFQ

WRED

Question 157

What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)

Options:

when the sending device waits 15 seconds before sending the frame again

when the cable length limits are exceeded

when one side of the connection is configured for half-duplex

when Carrier Sense Multiple Access/Collision Detection is used

when a collision occurs after the 32nd byte of a frame has been transmitted

Question 158

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?

Options:

Device(Config)#lldp run

Device(Config)#cdp run

Device(Config-if)#cdp enable

Device(Config)#flow-sampler-map topology

Question 159

Refer to the exhibit.

What is the effect of this configuration?

Options:

All ARP packets are dropped by the switch

Egress traffic is passed only if the destination is a DHCP server.

All ingress and egress traffic is dropped because the interface is untrusted

The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Question 160

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

Options:

No router ID is set, and the OSPF protocol does not run.

The highest up/up physical interface IP address is selected as the router ID.

The lowest IP address is incremented by 1 and selected as the router ID.

The router ID 0.0.0.0 is selected and placed in the OSPF process.

Question 161

When the active router in an HSRP group fails, what router assumes the role and forwards packets?

Options:

backup

standby

listening

forwarding

Question 162

Refer to the exhibit.

For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:

• Disable all neighbor discovery methods on R5 interface GiO/1.

• Permit neighbor discovery on R5 interface GiO/2.

• Verify there are no dynamically learned neighbors on R5 interface Gi0/1.

• Display the IP address of R6*s interface Gi0/2.

Which configuration must be used?

Options:

Option A

Option B

Option C

Option D

Question 163

Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two )

Options:

Telnet

SSH

HTTP

HTTPS

TFTP

Question 164

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

Both use the same data-link header and trailer formats

Both cable types support LP connectors

Both cable types support Rj-45 connectors

Both support up to 550 meters between nodes

Question 165

What is a capability of FTP in network management operations?

Options:

encrypts data before sending between data resources

devices are directly connected and use UDP to pass file information

uses separate control and data connections to move files between server and client

offers proprietary support at the session layer when transferring data

Question 166

What are two descriptions of three-tier network topologies? (Choose two)

Options:

The core and distribution layers perform the same functions

The access layer manages routing between devices in different domains

The network core is designed to maintain continuous connectivity when devices fail.

The core layer maintains wired connections for each host

The distribution layer runs Layer 2 and Layer 3 technologies

Question 167

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

Option A

Option B

Option C

Option D

Question 168

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

management interface settings

QoS settings

Ip address of one or more access points

SSID

Profile name

Question 169

Refer to Exhibit.

An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Options:

ipv6 router 2000::1/128 2012::1

ipv6 router 2000::1/128 2012::1 5

ipv6 router 2000::1/128 2012::2

ipv6 router 2000::1/128 2023::2 5

ipv6 router 2000::1/128 2023::3 5

Question 170

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

point-to-multipoint

point-to-point

broadcast

nonbroadcast

Question 171

Which configuration is needed to generate an RSA key for SSH on a router?

Options:

Configure the version of SSH

Configure VTY access.

Create a user with a password.

Assign a DNS domain name

Question 172

Refer to the exhibit.

Only four switches are participating in the VLAN spanning-tree process.

Branch-1 priority 614440

Branch-2: priority 39082416

Branch-3: priority 0

Branch-4: root primary

Which switch becomes the permanent root bridge for VLAN 5?

Options:

Branch-1

Branch-2

Branch-3

Branch-4

Question 173

Refer to the exhibit.

With which metric was the route to host 172.16.0.202 learned?

Options:

110

38443

3184439

Question 174

Which function is performed by DHCP snooping?

Options:

propagates VLAN information between switches

listens to multicast traffic for packet forwarding

provides DDoS mitigation

rate-limits certain traffic

Question 175

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

Options:

Option A

Option B

Option C

Option D

Question 176

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

access ports

Layer 3 main Interfaces

Layer 3 suninterfaces

trunk ports

Question 177

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

Options:

10.10.10.0/28

10.10.13.0/25

10.10.13.144/28

10.10.13.208/29

Question 178

Drag and drop the descriptions from the left onto the configuration-management technologies on the right.

Options:

Question 179

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

110

115

Question 180

Refer to the exhibit.

An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right.

Options:

Question 181

Refer to the exhibit.

What is the next hop for traffic entering R1 with a destination of 10.1.2 126?

Options:

10.165 20.126

10.165.20.146

10.165.20.166

10.165 20.226

Question 182

What are two capabilities provided by VRRP within a LAN network? (Choose two.)

Options:

dynamic routing updates

bandwidth optimization

granular QoS

load sharing

redundancy

Question 183

In which circumstance would a network architect decide to implement a global unicast subnet instead of a unique local unicast subnet?

Options:

when the subnet must be available only within an organization

when the subnet does not need to be routable

when the addresses on the subnet must be equivalent to private IPv4 addresses

when the subnet must be routable over the internet

Question 184

Refer the exhibit.

What is the cause of poor performance on router R19?

Options:

excessive collisions

speed and duplex mismatch

port oversubscription

excessive CRC errors

Question 185

Which functionality is provided by the console connection on a Cisco WLC?

Options:

out-of-band management

secure in-band connectivity for device administration

unencrypted in-band connectivity for file transfers

HTTP-based GUI connectivity

Question 186

What does WPA3 provide in wireless networking?

Options:

safeguards against brute force attacks with SAE

optional Protected Management Frame negotiation

backward compatibility with WPAand WPA2

increased security and requirement of a complex configuration

Question 187

A Cisco engineer notices thai two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?

Options:

ip ospf network broadcast

ip ospf dead-interval 40

ip ospf network point-to-point

ip ospf priority 0

Question 188

Drag and drop the QoS terms from the left onto the descriptions on the right.

Options:

Question 189

How do UTP and STP cables compare?

Options:

STP cables are cheaper to procure and easier to install and UTP cables are more expensive and harder to install.

UTP cables are less prone to crosstalk and interference and STP cables are more prone to crosstalk and interference.

UTP cables provide taster and more reliable data transfer rates and STP cables are slower and less reliable.

STP cables are shielded and protect against electromagnetic interference and UTP lacks the same protection against electromagnetic interference.

Question 190

What is the primary purpose of private address space?

Options:

conserve globally unique address space

simplify the addressing in the network

limit the number of nodes reachable via the Internet

reduce network complexity

Question 191

Refer to the exhibit. Each router must be configured with the last usable IP address in the subnet. Which configuration fulfills this requirement?

Options:

Option A

Option B

Option C

Option D

Question 192

What are two examples of multifactor authentication? (Choose two.)

Options:

single sign-on

unique user knowledge

passwords that expire

soft tokens

shared password responsibility

Question 193

What is the functionality of the Cisco DNA Center?

Options:

data center network pokey con

console server that permits secure access to all network devices

IP address cool distribution scheduler

software-defined controller for automaton of devices and services

Question 194

Refer to the exhibit.

How many JSON objects are represented?

Options:

Question 195

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?

Options:

crypto key Import rsa pem

crypto key pubkey-chain rsa

crypto key generate rsa

crypto key zeroize rsa

Question 196

What is the default port-security behavior on a trunk link?

Options:

It causes a network loop when a violation occurs.

It disables the native VLAN configuration as soon as port security is enabled.

It places the port in the err-disabled state if it learns more than one MAC address.

It places the port in the err-disabled slate after 10 MAC addresses are statically configured.

Question 197

A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?

Options:

ARP

CDP

flooding

multicast

Question 198

Refer to the exhibit.

A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.)

Options:

Enable the Broadcast SSID option

Enable the Status option.

Set the Radio Policy option to 802 11g Only.

Set the Radio Policy option to 802.11a Only.

Set the Interface/Interface Group(G) to an interface other than guest

Question 199

Why choose Cisco DNA Center for automated lifecycle management?

Options:

To perform upgrades without service interruption

To provide fast and accurate deployment of patches and updates

To allow SSH access to all nodes in the network.

To provide software redundancy in the network.

Question 200

Refer to the exhibit.

In which structure does the word "warning" directly reside?

Options:

array

object

Boolean

string

Question 201

NO: 222

Refer to the exhibit.

Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration?

Options:

Uncheck the Guest User check box

Check the Guest User Role check box

Set the Lifetime (seconds) value to 0

Clear the Lifetime (seconds) value

Question 202

How does IPsec provide secure networking for applications within an organization?

Options:

It provides GRE tunnels to transmit traffic securely between network nodes.

It enables sets of security associations between peers.

It leverages TFTP providing secure file transfers among peers on the network.

Question 203

Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?

Options:

virtual interface

management interface

console port

service port

Question 204

Refer to the exhibit.

Which configuration for RTR-1 deniess SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

Options:

Option A

Option B

Option C

Option D

Question 205

Which REST method updates an object in the Cisco DNA Center Intent API?

Options:

CHANGE

UPDATE

POST

PUT

Question 206

Which two practices are recommended for an acceptable security posture in a network? (Choose two)

Options:

Backup device configurations to encrypted USB drives for secure retrieval

maintain network equipment in a secure location

Use a cryptographic keychain to authenticate to network devices

Place internal email and file servers in a designated DMZ

Disable unused or unnecessary ports, interfaces and services

Question 207

What is a difference between an IPv6 multicast address and an IPv6 anycast address?

Options:

A packet sent to an IPv6 multicast address is delivered to one or more destinations at once, but a packet sent to an IPv6 anycast address is routed to the closest interface with that address.

An IPv6 multicast address uses the prefix 2002::/15 and forwards to one destination, and an IPv6 anycast address uses the prefix ff00::/8 and forwards to any destination in a group.

IPv6 multicast addresses are used to transition from IPv4 to IPv6, and IPv6 anycast addresses are used for address aggregation in an IPv6-only environment.

An IPv6 multicast address is assigned to numerous interfaces within a subnet, but an IPv6 anycast address is used for a predefined group of nodes in an all-IPv6 routers group.

Question 208

Refer to the exhibit.

Traffic from R1 to the 10.10.2.0/24 subnet uses 192.168.1.2 as its next hop. An network engineer wants to update the R1 configuration so that traffic with destination 10.10.2.1 passes through router R3, and all other traffic to the 10.10.20/24 subnet passes through r2. Which command must be used?

Options:

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 115

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 100

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 115

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 100

Question 209

Drag and drop the statements about networking from me left onto the corresponding networking types on the right

Options:

Question 210

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

200 seconds

300 seconds

600 seconds

900 seconds

Question 211

Refer to the exhibit.

What is missing from this output for it to be executed?

Options:

double quotes C") around the "Cisco Devices" string

curly brace ()) at the end

exclamation point (!) at the beginning of each line

square bracket ([) at the beginning

Question 212

Refer to the exhibit.

What is represented by the word "switch’’ in line 2 of the JSON schema?

Options:

array

key

value

object

Question 213

What is a zero-day exploit?

Options:

It is when a new network vulnerability is discovered before a fix is available

It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.

It is when the network is saturated with malicious traffic that overloads resources and bandwidth

It is when an attacker inserts malicious code into a SOL server.

Question 214

Refer to the exhibit.

SW_1 and SW_12 represent two companies that are merging. They use separate network vendors. The VLANs on both Sides have been migrated to share IP subnets. Which command sequence must be issued on both sides to join the two companies and pass all VLANs between the companies?

Options:

switchport mode trunk

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan all

switchport dot1q ethertype 0800

switchport mode dynamic desirable

switchport trunk allowed vlan all

switchport trunk native vlan 7

switchport dynamic auto

switchport nonegotiate

Question 215

What is a function performed by a web server?

Options:

provide an application that is transmitted over HTTP

send and retrieve email from client devices

authenticate and authorize a user's identity

securely store flies for FTP access

Question 216

Drag and drop the Wi-Fi terms from the left onto the descriptions on the right.

Options:

Question 217

Drag and drop the virtualization concepts from the left onto the matching statements on the right.

Options:

Question 218

Options:

Option A

Option B

Option C

Option D

Question 219

Refer to the exhibit.

The network engineer is configuring router R2 as a replacement router on the network After the initial configuration is applied it is determined that R2 failed to show R1 as a neighbor Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1?

Options:

Option

Question 220

Refer to the exhibit. What is the cause of the issue?

Options:

STP

port security

wrong cable type

shutdown command

Question 221

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)

Options:

::ffif 1014 1011/96

2001 7011046:1111:1/64

;jff06bb43cd4dd111bbff02 4545234d

2002 5121204b 1111:1/64

FF02::0WlFF00:0l)00/104

Question 222

Refer to the exhibit.

Router OldR is replacing another router on the network with the intention of having OldR and R2 exchange routes_ After the engineer applied the initial OSPF

configuration: the routes were still missing on both devices. Which command sequence must be issued before the clear IP ospf process command is entered to enable the neighbor relationship?

Options:

Option A

Option B

Option C

Option D

Question 223

What is a feature of WPA?

Options:

802.1x authentication

preshared key

TKIP/MIC encryption

small Wi-Fi application

Question 224

Refer to the exhibit.

What does route 10.0.1.3/32 represent in the routing table?

Options:

the 10.0.0.0 network

a single destination address

the source 10.0.1.100

all hosts in the 10.0.1.0 subnet

Question 225

What is a specification for SSIDS?

Options:

They are a Cisco proprietary security feature.

They must include one number and one letter.

They define the VLAN on a switch.

They are case sensitive.

Question 226

Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?

Options:

tunnel

transport

aggressive

main

Question 227

Drag and drop the IPv6 address details from the left onto the corresponding types on the right.

Options:

Question 228

What must be considered before deploying virtual machines?

Options:

location of the virtual machines within the data center environment

whether to leverage VSM to map multiple virtual processors to two or more virtual machines

resource limitations, such as the number of CPU cores and the amount of memory

support for physical peripherals, such as monitors, keyboards, and mice

Question 229

Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right.

Options:

Question 230

Refer to the exhibit.

The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication?

Options:

interface range gigabitethernet0/0/0-15 channel-group 1 mode on

interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable

interface port-channel 1 channel-group 1 mode auto

interface port-channel 1 channel-group 1 mode passive

Question 231

Which type of hypervisor operates without an underlying OS to host virtual machines?

Options:

Type 1

Type 2

Type 3

Type 12

Question 232

A network engineer is replacing the switches that belong to a managed-services client with new Cisco Catalyst switches. The new switches will be configured for updated security standards, including replacing Telnet services with encrypted connections and doubling the modulus size from 1024. Which two commands must the engineer configure on the new switches? (Choose two.)

Options:

crypto key generate rsa general-keys modulus 1024

transport input all

crypto key generate rsa usage-keys

crypto key generate rsa modulus 2048

transport Input ssh

Question 233

Which cable type must be used to interconnect one switch using 1000 BASE-SX GBiC modules and another switch using 1000 BASE-SX SFP modules?

Options:

LC to SC

SC t ST

SC to SC

LC to LC

Question 234

Which port type does a lightweight AP use to connect to the wired network when it is configured in local mode?

Options:

EtherChannel

LAG

trunk

access

Question 235

Refer to the exhibit.

A network engineer configures the CCNA WLAN so that clients must authenticate hourly and to limit the number of simultaneous connections to the WLAN to Which two actions complete this configuration? (Choose two.)

Options:

Enable the Enable Session Timeout option and set the value to 3600.

Set the Maximum Allowed Clients value to 10.

Enable the Client Exclusion option and set the value to 3600.

Enable the Wi-Fi Direct Clients Policy option.

Set the Maximum Allowed Clients Per AP Radio value to 10.

Question 236

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

Options:

Set the QoS level to silver or greater for voice traffic.

Set the QoS level to platinum for voice traffic.

Enable Media Session Snooping on re WLAN.

Enable traffic shaping for the LAN interlace of the WLC.

Configure two different QoS rotes tor data and voice traffic.

Question 237

Drag and drop each characteristic of device-management technologies from the left onto the deployment type on the right.

Options:

Question 238

What is a reason to configure a trunk port that connects to a WLC distribution port?

Options:

Eliminate redundancy with a link failure in the data path.

Allow multiple VLAN to be used in the data path.

Provide redundancy if there is a link failure for out-of-band management.

Permit multiple VLANs to provide out-of-band management.

Question 239

Refer to the exhibit.

Drag and drop the destination IPs from the left onto the paths to reach those destinations on the right.

Options:

Question 240

Refer to Itie exhibit

A network engineer started to configure port security on a new switch. These requirements must be met:

* MAC addresses must be learned dynamically

* Log messages must be generated without disabling the interface when unwanted traffic is seen

Which two commands must be configured to complete this task"? (Choose two)

Options:

SW(ccnfig-if)=switchport port-security mac-address sticky

SW(confKj-if)=switchport port-security violation restrict

SW(config.if)sswitchport port-security mac-address 0010.7B84.45E6

SW(config-if)aswitchport port-security maximum 2

SW(ccnfig-if)=switchport port-security violation shutdown

Question 241

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

Options:

ip forward-protocol udp 137

ip default-network 192.168.52.253

ip helper-address 172.16.32.15

ip default-gateway 192.168.52.253

Question 242

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

Options:

next-generation firewall to keep stateful packet inspection

multifactor authentication using two separate authentication sources

ACL to restrict incoming Telnet sessions "admin" accounts

IPS with a btock list of known attack vectors

Question 243

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

Options:

level

message body

process ID

facility

Question 244

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

Options:

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Question 245

Which CRUD operation corresponds to me HTTP GET method?

Options:

delete

create

update

read

Question 246

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

Options:

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

ip route 0.0.0.0 0.0.0.0 10.200.0.2

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Question 247

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

Select the 802.1 x option for Auth Key Management.

Select the WPA Policy option.

Select the PSK option for Auth Key Management.

Select the AES option for Auth Key Management.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 248

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

Options:

interface port-channel 2

channel-group 2 mode desirable

interface fasteinernet 1/1

channel-group 2 mode active

interface fasteinernet 1/1

channel-group 2 mode on

interface port-channel 2

channel-group 2 mode auto

Question 249

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined tot the Internet. What is the administrative distance for the destination route? A. 0

B. 1

C. 2

D. 32

Options:

Question 250

What is the main difference between traditional networks and controller-based networking?

Options:

Controller-based networks increase TCO for the company, and traditional networks require less investment.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

Controller-based networks are open for application requests, and traditional networks operate manually.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Question 251

What are two lacts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

It is less expensive when purchasing patch cables.

It has a greater sensitivity to changes in temperature and moisture.

It provides greater throughput options.

It carries signals for longer distances.

It carries electrical current further distances for PoE devices.

Question 252

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 253

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

Options:

username CCUser privies 10 password NA!2Scc

username CCUser password NA!2Scc enable password level 5 NA!2$cc

username CCUser secret NA!2Scc

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Question 254

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

Options:

Telnet

console

HTTPS

SSH

Question 255

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 256

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 257

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 258

What is the RFC 4627 default encoding for JSON text?

Options:

UCS-2

UTF-8

Hex

GB18030

Question 259

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 260

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 261

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

Options:

ipv6 address 2001:DB8:FFFF:FCF3::1/64

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Question 262

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

Options:

magic links

one-time passwords

digital certificates

90-day renewal policies

Question 263

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.

On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.

On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.

On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.

On both SW1 and SW2, exit the interface range configuration mode by using the exit command.

On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.

On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.

On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.

On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.

On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.

On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 264

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 265

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 266

Refer to the exhibit. Which type of JSON data is shown?

Options:

sequence

string

object

Boolean

Question 267

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 268

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

Is the internet reachable?

Is the default gateway reachable?

Is the DNS server reachable?

Question 269

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

ntp master 172.24.54.8

ntp client 172.24.54.8

ntp peer 172.24.54.8

ntp server 172.24.54.8

Question 270

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.

To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 271

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Load More 200-301 Questions

Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Cisco Certified Network Associate Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options: