Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Cisco
  3. CCNA
  4. 200-301 - Cisco Certified Network Associate

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Demo: 244 questions
Total 990 questions
Get 200-301 Full Access Download 200-301 PDF

Cisco Certified Network Associate Questions and Answers

Question 1

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 2

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 3

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 4

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

Options:

A.

0

B.

1

C.

2

D.

32

Question 5

Which plane is centralized in software-defined networking?

Options:

A.

application

B.

services

C.

control

D.

data

Question 6

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

Options:

A.

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

B.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

C.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

D.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Question 7

Which AP feature provides a captive portal for users to authenticate register and accept terms before accessing the internet?

Options:

A.

One-Click

B.

Hotspot

C.

Enhanced Bluetooth

D.

Whole Home

Question 8

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

Options:

A.

Telnet

B.

console

C.

HTTPS

D.

SSH

Question 9

Why is UDP more suitable than TCP tor applications that require low latency, such as VoIP?

Options:

A.

UDP reliably guarantees delivery of all packets and TCP drops packets under heavy load.

B.

TCP sends an acknowledgment for every packet that is received and UDP operates without acknowledgments.

C.

UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.

D.

TCP uses congestion control for efficient packet delivery and UDP uses flow control mechanisms for the delivery of packets.

Question 10

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

Options:

A.

username CCUser privies 10 password NA!2Scc

B.

username CCUser password NA!2Scc enable password level 5 NA!2$cc

C.

username CCUser secret NA!2Scc

D.

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Question 11

Which two statements distinguish authentication from accounting? (Choose two.)

Options:

A.

Only authentication records the duration of a user's connection.

B.

Only authentication supports user-activity audits.

C.

Only authentication provides supporting information for billing users.

D.

Only authentication challenges users for their credentials and returns a response.

E.

Only authentication validates "who you are."

Question 12

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

Options:

A.

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

B.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

C.

ip route 0.0.0.0 0.0.0.0 10.200.0.2

D.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Question 13

Refer to the exhibit Routers R1 R2 and R3 use a protocol to identify their neighbors' IP addresses hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

Options:

A.

Configure the no cdp enable command on gO/2.

B.

Configure the no cdp run command globally.

C.

Configure the no lldp run command globally.

D.

Configure the no lldp receive command on gQV1.

Question 14

What is the difference between controller-based networks and traditional networks as they relate to control-plane and/or data-plane functions?

Options:

A.

Controller-based networks centralize all important data-plane functions, and traditional networks distribute data-plane functions.

B.

Controller-based networks centralize all important control-plane functions, and traditional networks distribute control-plane functions.

C.

Traditional networks centralize all important control-plane functions, and controller-based networks distribute control-plane functions.

D.

Traditional networks centralize all important data-plane functions, and controller-based networks distribute data-plane functions.

Question 15

What is the RFC 4627 default encoding for JSON text?

Options:

A.

UCS-2

B.

UTF-8

C.

Hex

D.

GB18030

Question 16

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 17

Refer to the exhibit. Which interface does a packet take to reach the destination address of 10.10.10.147?

Options:

A.

FastEthemet 0/0

B.

Senal0/0

C.

FastEthemet 0/1

Question 18

Drag and drop the common functions from the left onto the cofresponding network topology architecture layer on the right. Not all common functions are used.

Options:

Question 19

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

A.

It is less expensive when purchasing patch cables.

B.

It has a greater sensitivity to changes in temperature and moisture.

C.

It provides greater throughput options.

D.

It carries signals for longer distances.

E.

It carries electrical current further distances for PoE devices.

Question 20

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 21

What does the term "spirt MAC” refer to in a wireless architecture?

Options:

A.

divides data link layer functions between the AP and WLC

B.

combines the management and control functions from the data-forwarding functions

C.

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

D.

leverages two APs to handle control and data traffic

Question 22

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

Options:

A.

level

B.

message body

C.

process ID

D.

facility

Question 23

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 24

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 25

What is the main difference between traditional networks and controller-based networking?

Options:

A.

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.

Controller-based networks are open for application requests, and traditional networks operate manually.

D.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Question 26

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

Options:

A.

magic links

B.

one-time passwords

C.

digital certificates

D.

90-day renewal policies

Question 27

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 28

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 29

How does machine learning improve the detection of unauthorized network access?

Options:

A.

It monitors for outdated software.

B.

It dictates security policy updates.

C.

It identifies patterns indicating intrusions.

D.

It assigns security clearance levels.

Question 30

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

A.

Is the internet reachable?

B.

Is the default gateway reachable?

C.

Is the DNS server reachable?

Question 31

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

A.

Select the 802.1 x option for Auth Key Management.

B.

Select the WPA Policy option.

C.

Select the PSK option for Auth Key Management.

D.

Select the AES option for Auth Key Management.

E.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 32

What is an Ansible inventory?

Options:

A.

file that defines the target devices upon which commands and tasks are executed

B.

unit of Python code to be executed within Ansible

C.

collection of actions to perform on target devices, expressed in YAML format

D.

device with Ansible installed that manages target devices

Question 33

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

Options:

A.

interface port-channel 2

channel-group 2 mode desirable

B.

interface fasteinernet 1/1

channel-group 2 mode active

C.

interface fasteinernet 1/1

channel-group 2 mode on

D.

interface port-channel 2

channel-group 2 mode auto

Question 34

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

Options:

A.

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

B.

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

C.

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Question 35

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

A.

ntp master 172.24.54.8

B.

ntp client 172.24.54.8

C.

ntp peer 172.24.54.8

D.

ntp server 172.24.54.8

Question 36

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 37

Refer to the exhibit. Which type of JSON data is shown?

Options:

A.

sequence

B.

string

C.

object

D.

Boolean

Question 38

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

Options:

A.

next-generation firewall to keep stateful packet inspection

B.

multifactor authentication using two separate authentication sources

C.

ACL to restrict incoming Telnet sessions "admin" accounts

D.

IPS with a block list of known attack vectors

Question 39

Which advantage does machine learning offer for network security?

Options:

A.

It improves real-time threat detection.

B.

It manages firewall rule sets.

C.

It enforces password complexity requirements.

D.

It controls VPN access permissions.

Question 40

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

Options:

A.

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Question 41

Which CRUD operation corresponds to me HTTP GET method?

Options:

A.

delete

B.

create

C.

update

D.

read

Question 42

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 43

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 44

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

Options:

A.

ip forward-protocol udp 137

B.

ip default-network 192.168.52.253

C.

ip helper-address 172.16.32.15

D.

ip default-gateway 192.168.52.253

Question 45

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

Options:

A.

Select the WPA2 Policy, AES, and TKIP check boxes.

B.

Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank.

C.

Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.

D.

Select the WPA2 Policy and AES check boxes.

Question 46

Which authentication method requires the user to provide a physical attribute to authenticate successfully?

Options:

A.

password

B.

muftifactor

C.

biometric

D.

certificate

Question 47

Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the DNS service. Which configuration updates the ACL efficiently?

Options:

A.

ip access-list extended Services

35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

B.

no ip access-list extended Services

ip access-list extended Services

30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

C.

ip access-list extended Services

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

D.

no ip access-list extended Services

ip access-list extended Services

permit udp 10.0.0.0 0.255.255.255 any eq 53

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

deny ip any any log

Question 48

Refer to the exhibit.

What are two conclusions about this configuration? {Choose two.)

Options:

A.

The spanning-tree mode is Rapid PVST+.

B.

This is a root bridge.

C.

The root port is FastEthernet 2/1.

D.

The designated port is FastEthernet 2/1.

E.

The spanning-tree mode is PVST+.

Question 49

Refer to the exhibit.

Router R14 is in the process of being configured. Which configuration must be used to establish a host route to PC 10?

Options:

A.

ip route 10.80.65.10 255.255.255.254 10.80.65.1

B.

ip route 10.8065.10 255.255.255.255 10.73.65.66

C.

ip route 1073.65.65 255.0.0.0 10.80.65.10

D.

ip route 10.73.65.66 0.0.0.255 10.80.65.10

Question 50

How does encryption project the wireless network?

Options:

A.

via integrity checks to identify wireless forgery attacks in the frame

B.

via specific ciphers to detect and prevent zero-day network attacks

C.

via an algorithm to change wireless data so that only the access point and client understand it

D.

via a policy to prevent unauthorized users from communicating on the wireless network

Question 51

Refer to the exhibit.

An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional VLANS using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth?

Options:

A.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 265 255.255.252

B.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.248

C.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.0

D.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255.255.255.128

Question 52

Why choose Cisco DNA Center for automated lifecycle management?

Options:

A.

To perform upgrades without service interruption

B.

To provide fast and accurate deployment of patches and updates

C.

To allow SSH access to all nodes in the network.

D.

To provide software redundancy in the network.

Question 53

Drag and drop the statements about networking from the left onto the corresponding networking types on the right

Options:

Question 54

Refer to the exhibit.

The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent?

Options:

A.

192.168.1.226

B.

192.168.1.100

C.

192.168.1.254

D.

192.168.1.253

Question 55

When is the PUT method used within HTTP?

Options:

A.

when a nonidempotent operation is needed

B.

to update a DNS server

C.

to display a web site

D.

when a read-only operation it required

Question 56

Which action implements physical access control as part of the security program of an organization1?

Options:

A.

backing up syslogs at a remote location

B.

configuring a password for the console port

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 57

When an access point is seeking to join wireless LAN controller, which message is sent to the AP- Manager interface?

Options:

A.

Discovery response

B.

DHCP request

C.

DHCP discover

D.

Discovery request

Question 58

An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer?

Options:

A.

client exclusion

B.

passive client

C.

DHCP address assignment

D.

static IP tunneling

Question 59

Refer to the exhibit.

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

What does the switch do when it receives the frame from host D?

Options:

A.

It creates a broadcast storm.

B.

It drops the frame from the MAC table of the switch.

C.

It shuts down the source port and places It In err-disable mode.

D.

It floods the frame out of every port except the source port.

Question 60

Which two transport layer protocols carry syslog messages? (Choose two.)

Options:

A.

TCP

B.

IP

C.

RTP

D.

UDP

E.

ARP

Question 61

Under which condition is TCP preferred over UDP?

Options:

A.

UDP is used when low latency is optimal, and TCP is used when latency is tolerable.

B.

TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out- of-order.

C.

TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable.

D.

UDP is used when data is highly interactive, and TCP is used when data is time-sensitive.

Question 62

Refer to the exhibit.

Which command configures a floating static route to provide a backup to the primary link?

Options:

A.

ip route 0.0.0.0 0.0.0.0 209.165.202.131

B.

ip route 209.165.201.0 255.255.255.224 209.165.202.130

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.224

D.

ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

Question 63

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

A.

sniffer

B.

mesh

C.

flexconnect

D.

local

Question 64

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

A.

20

B.

90

C.

110

D.

115

Question 65

An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?

Options:

A.

Exchange

B.

2-way

C.

Full

D.

Init

Question 66

Where is the interface between the control plane and data plane within the software-defined architecture?

Options:

A.

control layer and the infrastructure layer

B.

application layer and the infrastructure layer

C.

application layer and the management layer

D.

control layer and the application layer

Question 67

Which action does the router take as rt forwards a packet through the network?

Options:

A.

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

B.

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

C.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

D.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Question 68

What are two descriptions of three-tier network topologies? (Choose two)

Options:

A.

The core and distribution layers perform the same functions

B.

The access layer manages routing between devices in different domains

C.

The network core is designed to maintain continuous connectivity when devices fail.

D.

The core layer maintains wired connections for each host

E.

The distribution layer runs Layer 2 and Layer 3 technologies

Question 69

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

A.

port-to-multipoint

B.

broadcast

C.

point-to-point

D.

nonbroadcast

Question 70

What is the primary function of a Layer 3 device?

Options:

A.

to analyze traffic and drop unauthorized traffic from the Internet

B.

to transmit wireless traffic between hosts

C.

to pass traffic between different networks

D.

forward traffic within the same broadcast domain

Question 71

What are two characteristics of a public cloud Implementation? (Choose two.)

Options:

A.

It is owned and maintained by one party, but it is shared among multiple organizations.

B.

It enables an organization to fully customize how It deploys network resources.

C.

It provides services that are accessed over the Internet.

D.

It Is a data center on the public Internet that maintains cloud services for only one company.

E.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Question 72

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.

Options:

Question 73

Which protocol does an access point use to draw power from a connected switch?

Options:

A.

Internet Group Management Protocol

B.

Adaptive Wireless Path Protocol

C.

Cisco Discovery Protocol

D.

Neighbor Discovery Protocol

Question 74

Refer to Exhibit.

Which action do the switches take on the trunk link?

Options:

A.

The trunk does not form and the ports go into an err-disabled status.

B.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

C.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

D.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 75

Refer to the exhibit.

A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?

Options:

A.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh

B.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp

C.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet

D.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

Question 76

Which function is performed by DHCP snooping?

Options:

A.

propagates VLAN information between switches

B.

listens to multicast traffic for packet forwarding

C.

provides DDoS mitigation

D.

rate-limits certain traffic

Question 77

Which plane is centralized by an SDN controller?

Options:

A.

management-plane

B.

control-plane

C.

data-plane

D.

services-plane

Question 78

ION NO: 149

Which function does an SNMP agent perform?

Options:

A.

it sends information about MIB variables in response to requests from the NMS

B.

it requests information from remote network nodes about catastrophic system events.

C.

it manages routing between Layer 3 devices in a network

D.

it coordinates user authentication between a network device and a TACACS+ or RADIUS server

Question 79

While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface.

Which two misconfigurations cause this behavior? (Choose two)

Options:

A.

The packets fail to match any permit statement

B.

A matching permit statement is too high in the access test

C.

A matching permit statement is too broadly defined

D.

The ACL is empty

E.

A matching deny statement is too high in the access list

Question 80

Refer to the exhibit.

For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:

• Disable all neighbor discovery methods on R5 interface GiO/1.

• Permit neighbor discovery on R5 interface GiO/2.

• Verify there are no dynamically learned neighbors on R5 interface Gi0/1.

• Display the IP address of R6*s interface Gi0/2.

Which configuration must be used?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 81

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

A.

configure switchport nonegotiate

B.

configure switchport mode dynamic desirable

C.

configure switchport mode dynamic auto

D.

configure switchport trunk dynamic desirable

Question 82

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

Options:

A.

IKEv2

B.

IKEv1

C.

IPsec

D.

MD5

Question 83

What is the function of a server?

Options:

A.

It transmits packets between hosts in the same broadcast domain.

B.

It provides shared applications to end users.

C.

It routes traffic between Layer 3 devices.

D.

It Creates security zones between trusted and untrusted networks

Question 84

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

Options:

A.

configure the hello and dead timers to match on both sides

B.

configure the same process ID for the router OSPF process

C.

configure the same router ID on both routing processes

D.

Configure the interfaces as OSPF active on both sides.

E.

configure both interfaces with the same area ID

Question 85

Refer to the exhibit.

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

Options:

A.

ipv6 route ::/0 Serial 0/0/1

B.

ipv6 route 0/0 Serial 0/0/0

C.

ipv6 route ::/0 Serial 0/0/0

D.

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

E.

ipv6 route ::/0 2000::2

Question 86

Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

Options:

A.

1,6,11

B.

1,5,10

C.

1,2,3

D.

5,6,7

Question 87

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

Options:

A.

6

B.

8

C.

12

D.

18

Question 88

What is a function of TFTP in network operations?

Options:

A.

transfers a backup configuration file from a server to a switch using a username and password

B.

transfers files between file systems on a router

C.

transfers a configuration files from a server to a router on a congested link

D.

transfers IOS images from a server to a router for firmware upgrades

Question 89

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 90

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Options:

Question 91

Which action is taken by a switch port enabled for PoE power classification override?

Options:

A.

When a powered device begins drawing power from a PoE switch port a syslog message is generated

B.

As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused

C.

If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects

D.

Should a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled

Question 92

Refer to the exhibit.

An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11 PC-1 and PC-2 must be placed in the Data VLAN and Phone-1 must be placed in the Voice VLAN Which configuration meets these requirements?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 93

Refer to the exhibit.

How does router R1 handle traffic to 192.168.10.16?

Options:

A.

It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.

B.

It selects the EIGRP route because it has the lowest administrative distance.

C.

It selects the OSPF route because it has the lowest cost.

D.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

Question 94

Which configuration is needed to generate an RSA key for SSH on a router?

Options:

A.

Configure the version of SSH

B.

Configure VTY access.

C.

Create a user with a password.

D.

Assign a DNS domain name

Question 95

How does the dynamically-learned MAC address feature function?

Options:

A.

The CAM table is empty until ingress traffic arrives at each port

B.

Switches dynamically learn MAC addresses of each connecting CAM table.

C.

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

D.

It requires a minimum number of secure MAC addresses to be filled dynamically

Question 96

Refer to the exhibit.

A network engineer must block access for all computers on VLAN 20 to the web server via HTTP All other computers must be able to access the web server Which configuration when applied to switch A accomplishes this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 97

What is the benefit of configuring PortFast on an interface?

Options:

A.

After the cable is connected, the interface uses the fastest speed setting available for that cable type

B.

After the cable is connected, the interface is available faster to send and receive user data

C.

The frames entering the interface are marked with higher priority and then processed faster by a switch.

D.

Real-time voice and video frames entering the interface are processed faster

Question 98

What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

Options:

A.

access - core - distribution - access

B.

access - distribution - distribution - access

C.

access - core - access

D.

access -distribution - core - distribution - access

Question 99

What is the same for both copper and fiber interfaces when using SFP modules?

Options:

A.

They support an inline optical attenuator to enhance signal strength

B.

They provide minimal interruption to services by being hot-swappable

C.

They offer reliable bandwidth up to 100 Mbps in half duplex mode

D.

They accommodate single-mode and multi-mode in a single module

Question 100

R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the routing table?

Options:

A.

IS-IS

B.

RIP

C.

Internal EIGRP

D.

OSPF

Question 101

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

A.

The switch must be running a k9 (crypto) IOS image

B.

The Ip domain-name command must be configured on the switch

C.

IP routing must be enabled on the switch

D.

A console password must be configured on the switch

E.

Telnet must be disabled on the switch

Question 102

Refer to Exhibit.

An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Options:

A.

ipv6 router 2000::1/128 2012::1

B.

ipv6 router 2000::1/128 2012::1 5

C.

ipv6 router 2000::1/128 2012::2

D.

ipv6 router 2000::1/128 2023::2 5

E.

ipv6 router 2000::1/128 2023::3 5

Question 103

Drag and drop the AAA terms from the left onto the description on the right.

Options:

Question 104

Which set of action satisfy the requirement for multifactor authentication?

Options:

A.

The user swipes a key fob, then clicks through an email link

B.

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

C.

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

D.

The user enters a user name and password and then re-enters the credentials on a second screen

Question 105

The service password-encryption command is entered on a router. What is the effect of this configuration?

Options:

A.

restricts unauthorized users from viewing clear-text passwords in the running configuration

B.

encrypts the password exchange when a VPN tunnel is established

C.

prevents network administrators from configuring clear-text passwords

D.

protects the VLAN database from unauthorized PC connections on the switch

Question 106

Which port type supports the spanning-tree portfast command without additional configuration?

Options:

A.

access ports

B.

Layer 3 main Interfaces

C.

Layer 3 suninterfaces

D.

trunk ports

Question 107

What Is a syslog facility?

Options:

A.

Host that is configured for the system to send log messages

B.

password that authenticates a Network Management System to receive log messages

C.

group of log messages associated with the configured severity level

D.

set of values that represent the processes that can generate a log message

Question 108

Refer to the exhibit.

To which device does Router1 send packets that are destined to host 10.10.13.165?

Options:

A.

Router2

B.

Router3

C.

Router4

D.

Router5

Question 109

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

Options:

A.

Enable Security Association Teardown Protection and set the SA Query timeout to 10

B.

Enable MAC filtering and set the SA Query timeout to 10

C.

Enable 802.1x Layer 2 security and set me Comeback timer to 10

D.

Enable the Protected Management Frame service and set the Comeback timer to 10

Question 110

How does WPA3 improve security?

Options:

A.

It uses SAE for authentication.

B.

It uses a 4-way handshake for authentication.

C.

It uses RC4 for encryption.

D.

It uses TKIP for encryption.

Question 111

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 112

The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two)

Options:

A.

There is a duplex mismatch

B.

There is a speed mismatch

C.

There is a protocol mismatch

D.

The interface is shut down

E.

The interface is error-disabled

Question 113

What is a role of access points in an enterprise network?

Options:

A.

connect wireless devices to a wired network

B.

support secure user logins to devices or the network

C.

integrate with SNMP in preventing DDoS attacks

D.

serve as a first line of defense in an enterprise network

Question 114

Which type of API allows SDN controllers to dynamically make changes to the network?

Options:

A.

northbound API

B.

REST API

C.

SOAP API

D.

southbound API

Question 115

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

Options:

A.

10.10.10.0/28

B.

10.10.13.0/25

C.

10.10.13.144/28

D.

10.10.13.208/29

Question 116

What is a characteristic of private IPv4 addressing?

Options:

A.

traverse the Internet when an outbound ACL is applied

B.

issued by IANA in conjunction with an autonomous system number

C.

composed of up to 65.536 available addresses

D.

used without tracking or registration

Question 117

Refer to the exhibit.

The entire contents of the MAC address table are shown. Sales-4 sends a data frame to Sales-1.

What does the switch do as it receives the frame from Sales-4?

Options:

A.

Perform a lookup in the MAC address table and discard the frame due to a missing entry.

B.

Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.

C.

Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame.

D.

Flood the frame out of all ports except on the port where Sales-1 is connected.

Question 118

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

Options:

A.

global unicast

B.

unique local

C.

link-local

D.

multicast

Question 119

Where does a switch maintain DHCP snooping information?

Options:

A.

in the MAC address table

B.

in the CAM table

C.

in the binding database

D.

in the frame forwarding database

Question 120

Refer to the exhibit.

If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command how does the router respond?

Options:

A.

It ignores the new static route until the existing OSPF default route is removed

B.

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

C.

It starts load-balancing traffic between the two default routes

D.

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

Question 121

Refer to the exhibit.

An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEfriemet3/1/4 port on a switch?

Options:

A.

The phone and a workstation that is connected to the phone do not have VLAN connectivity

B.

The phone and a workstation that is connected to the phone send and receive data in VLAN 50.

C.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity

D.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1

Question 122

When deploying syslog, which severity level logs informational message?

Options:

A.

0

B.

2

C.

4

D.

6

Question 123

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

A.

192.168.0.7

B.

192.168.0.4

C.

192.168.0.40

D.

192.168.3.5

Question 124

What are two benefits of FHRPs? (Choose two.)

Options:

A.

They enable automatic failover of the default gateway.

B.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

C.

They are able to bundle multiple ports to increase bandwidth.

D.

They prevent loops in the Layer 2 network.

E.

They allow encrypted traffic.

Question 125

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Question 126

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

A.

F0/4

B.

F0/0

C.

F0/1

D.

F0/3

Question 127

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

Options:

A.

ipv6 address 21:EB8:C1:2200:1::331/64

B.

ipv6 address 2001:EB8:C1:22:1::331/64

C.

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

D.

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Question 128

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 129

Which protocol uses the SSL?

Options:

A.

HTTP

B.

SSH

C.

HTTPS

D.

Telnet

Question 130

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Question 131

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

A.

10.10.10.5

B.

10.10.11.2

C.

10.10.12.2

D.

10.10.10.9

Question 132

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

A.

Change the channel-group mode on SW2 to auto

B.

Change the channel-group mode on SW1 to desirable.

C.

Configure the interface port-channel 1 command on both switches.

D.

Change the channel-group mode on SW1 to active or passive.

Question 133

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 134

Which PoE mode enables powered-device detection and guarantees power when the device is detected?

Options:

A.

dynamic

B.

static

C.

active

D.

auto

Question 135

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

A.

disabled

B.

listening

C.

forwarding

D.

learning

E.

blocking

Question 136

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 137

What causes a port to be placed in the err-disabled state?

Options:

A.

nothing plugged into the port

B.

link flapping

C.

shutdown command issued on the port

D.

latency

Question 138

Which two components comprise part of a PKI? (Choose two.)

Options:

A.

preshared key that authenticates connections

B.

RSA token

C.

CA that grants certificates

D.

clear-text password that authenticates connections

E.

one or more CRLs

Question 139

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 140

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 141

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 142

What is a function of a Next-Generation IPS?

Options:

A.

makes forwarding decisions based on learned MAC addresses

B.

serves as a controller within a controller-based network

C.

integrates with a RADIUS server to enforce Layer 2 device authentication rules

D.

correlates user activity with network events

Question 143

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 144

Which action implements physical access control as part of the security program of an organization?

Options:

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 145

What is the function of the controller in a software-defined network?

Options:

A.

multicast replication at the hardware level

B.

fragmenting and reassembling packets

C.

making routing decisions

D.

forwarding packets

Question 146

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 147

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

Options:

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Question 148

Refer to the exhibit.

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

Options:

A.

Define a NAT pool on the router.

B.

Configure static NAT translations for VLAN 200.

C.

Configure the ip nat outside command on another interface for VLAN 200.

D.

Update the NAT INSIDF RANGFS ACL

Question 149

What is the difference between IPv6 unicast and anycast addressing?

Options:

A.

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

B.

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

C.

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

D.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 150

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 151

How does Rapid PVST+ create a fast loop-free network topology?

Options:

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Question 152

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

A.

VLANID

B.

SSID

C.

RFID

D.

WLANID

Question 153

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

A.

shaping

B.

classification

C.

policing

D.

marking

Question 154

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 155

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

Options:

A.

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

B.

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

C.

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

D.

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

E.

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Question 156

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

Options:

A.

via next-hop 10.0.1.5

B.

via next-hop 10 0 1.4

C.

via next-hop 10.0 1.50

D.

via next-hop 10.0 1 100

Question 157

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

A.

interface FastEthernet0/0

ip helper-address 10.0.1.1

i

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

B.

interface FastEthernot0/1

ip helper-address 10.0.1.1

!

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

C.

interface FastEthernetO/0

ip helper-address 10.0.1.1

I

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

D.

interface FastEthernet0/1

ip helper-address 10.0.1.1

!

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 158

What is a function of an endpoint on a network?

Options:

A.

forwards traffic between VLANs on a network

B.

connects server and client devices to a network

C.

allows users to record data and transmit to a tile server

D.

provides wireless services to users in a building

Question 159

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 160

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

Options:

A.

int range g0/0-1

channel-group 10 mode active

B.

int range g0/0-1 chanm.l-group 10 mode desirable

C.

int range g0/0-1

channel-group 10 mode passive

D.

int range g0/0-1 channel-group 10 mode auto

E.

int range g0/0-1 channel-group 10 mode on

Question 161

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 162

Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right.

Options:

Question 163

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Question 164

Refer to the exhibit.

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 165

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

A)

B)

C)

D)

E)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 166

What provides centralized control of authentication and roaming In an enterprise network?

Options:

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Question 167

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Question 168

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

Options:

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Question 169

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Question 170

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

A.

Configure the ip dhcp relay information command under interface Gi0/1.

B.

Configure the ip dhcp smart-relay command globally on the router

C.

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

D.

Configure the ip address dhcp command under interface Gi0/0

Question 171

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 172

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

Options:

A.

SSH

B.

HTTPS

C.

Telnet

D.

console

Question 173

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

A.

transport input telnet

B.

crypto key generate rsa

C.

ip ssh pubkey-chain

D.

login console

E.

username cisco password 0 Cisco

Question 174

Which protocol is used for secure remote CLI access?

Options:

A.

HTTPS

B.

HTTP

C.

Telnet

D.

SSH

Question 175

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

Options:

A.

GigabitEthernet0/0

B.

GigabltEthornet0/1

C.

GigabitEthernet0/2

D.

GigabitEthernet0/3

Question 176

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 177

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

Options:

A.

It drops the frame from the switch CAM table.

B.

It floods the frame out of all ports except port Fa0/1.

C.

It shuts down the port Fa0/1 and places it in err-disable mode.

D.

It experiences a broadcast storm.

Question 178

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Question 179

Which action is taken by the data plane within a network device?

Options:

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Question 180

What is the purpose of the ip address dhcp command?

Options:

A.

to configure an Interface as a DHCP server

B.

to configure an interface as a DHCP helper

C.

to configure an interface as a DHCP relay

D.

to configure an interface as a DHCP client

Question 181

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Question 182

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 183

Refer to the exhibit.

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

Options:

A.

ip route 172.21.34.0 255.255.255.192 10.73.65.65

B.

ip route 172.21.34.0 255.255.255.0 10.73.65.65

C.

ip route 172.21.34.0 255.255.128.0 10.73.65.64

D.

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Question 184

Drag and drop the IPv6 address type characteristics from the left to the right.

Options:

Question 185

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

Options:

A.

a DHCP Relay Agent

B.

DHCP Binding

C.

a DHCP Pool

D.

DHCP Snooping

Question 186

How does HSRP provide first hop redundancy?

Options:

A.

It load-balances traffic by assigning the same metric value to more than one route to the same destination m the IP routing table.

B.

It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.

C.

It forwards multiple packets to the same destination over different routed links n the data path

D.

It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN

Question 187

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 188

Which command enables a router to become a DHCP client?

Options:

A.

ip address dhcp

B.

ip helper-address

C.

ip dhcp pool

D.

ip dhcp client

Question 189

How are VLAN hopping attacks mitigated?

Options:

A.

enable dynamic ARP inspection

B.

manually implement trunk ports and disable DTP

C.

activate all ports and place in the default VLAN

D.

configure extended VLANs

Question 190

Which level of severity must be set to get informational syslogs?

Options:

A.

alert

B.

critical

C.

notice

D.

debug

Question 191

What is a role of wireless controllers in an enterprise network?

Options:

A.

centralize the management of access points in an enterprise network

B.

support standalone or controller-based architectures

C.

serve as the first line of defense in an enterprise network

D.

provide secure user logins to devices on the network.

Question 192

If a notice-level messaging is sent to a syslog server, which event has occurred?

Options:

A.

A network device has restarted

B.

An ARP inspection has failed

C.

A routing instance has flapped

D.

A debug operation is running

Question 193

Refer to the exhibit.

If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1?

Options:

A.

DHCP client

B.

access point

C.

router

D.

PC

Question 194

Which two WAN architecture options help a business improve scalability and reliability for the network? (Choose two.)

Options:

A.

asynchronous routing

B.

single-homed branches

C.

dual-homed branches

D.

static routing

E.

dynamic routing

Question 195

Which resource is able to be shared among virtual machines deployed on the same physical server?

Options:

A.

disk

B.

applications

C.

VM configuration file

D.

operating system

Question 196

Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.

Options:

Question 197

Refer to the exhibit.

What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?

Options:

A.

R1(config)#interface ethernet0/0

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

B.

R1(config)#interface ethernet0/0.20

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

C.

R1(config)#interface ethernet0/0.20

R1(config)#ip address 10.20.20.1 255.255.255.0

D.

R1(config)#interface ethernet0/0

R1(config)#ip address 10.20.20.1 255.255.255.0

Question 198

What is a DHCP client?

Options:

A.

a workstation that requests a domain name associated with its IP address

B.

a host that is configured to request an IP address automatically

C.

a server that dynamically assigns IP addresses to hosts.

D.

a router that statically assigns IP addresses to hosts.

Question 199

Which output displays a JSON data representation?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 200

Which HTTP status code is returned after a successful REST API request?

Options:

A.

200

B.

301

C.

404

D.

500

Question 201

What is the function of a hub-and-spoke WAN topology?

Options:

A.

allows access restrictions to be implemented between subscriber sites.

B.

provides direct connections between subscribers

C.

supports Layer 2 VPNs

D.

supports application optimization

Question 202

In QoS, which prioritization method is appropriate for interactive voice and video?

Options:

A.

expedited forwarding

B.

traffic policing

C.

round-robin scheduling

D.

low-latency queuing

Question 203

Which type of information resides on a DHCP server?

Options:

A.

a list of the available IP addresses in a pool

B.

a list of public IP addresses and their corresponding names

C.

usernames and passwords for the end users in a domain

D.

a list of statically assigned MAC addresses

Question 204

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

A.

Add the switch in the VTP domain with a lower revision number

B.

Add the switch with DTP set to dynamic desirable

C.

Add the switch in the VTP domain with a higher revision number

D.

Add the switch with DTP set to desirable

Question 205

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

A.

redundancy

B.

console

C.

distribution system

D.

service

Question 206

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

A.

switch(config)#spanning-tree portfast default

B.

switch(config)#spanning-tree portfast bpduguard default

C.

switch(config-if)#spanning-tree portfast trunk

D.

switch(config-if)#no spanning-tree portfast

Question 207

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Options:

Question 208

Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?

Options:

A.

role-based access control

B.

biometrics

C.

multifactor authentication

D.

physical access control

Question 209

What mechanism carries multicast traffic between remote sites and supports encryption?

Options:

A.

ISATAP

B.

GRE over iPsec

C.

iPsec over ISATAP

D.

GRE

Question 210

What is the primary purpose of a First Hop Redundancy Protocol?

Options:

A.

It allows directly connected neighbors to share configuration information.

B.

It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.

C.

It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.

D.

It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

Question 211

What is the function of a controller in controller-based networking?

Options:

A.

It serves as the centralized management point of an SDN architecture.

B.

It centralizes the data plane for the network.

C.

It is the card on a core router that maintains all routing decisions for a campus.

D.

It is a pair of core routers that maintain all routing decisions for a campus

Question 212

Which virtual MAC address is used by VRRP group 1?

Options:

A.

0050.0c05.ad81

B.

0007.c061.bc01

C.

0000.5E00.0101

D.

0500.3976.6401

Question 213

What is the difference in data transmission delivery and reliability between TCP and UDP?

Options:

A.

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

B.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

C.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

D.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

Question 214

Which access layer threat-mitigation technique provides security based on identity?

Options:

A.

Dynamic ARP Inspection

B.

using a non-default native VLAN

C.

802.1x

D.

DHCP snooping

Question 215

What are two functions of a server on a network? (Choose two)

Options:

A.

achieves redundancy by exclusively using virtual server clustering

B.

runs applications that send and retrieve data for workstations that make requests

C.

handles requests from multiple workstations at the same time

D.

runs the same operating system in order to communicate with other servers

E.

housed solely in a data center that is dedicated to a single client

Question 216

What is the benefit of using FHRP?

Options:

A.

reduced management overhead on network routers

B.

balancing traffic across multiple gateways in proportion to their loads

C.

higher degree of availability

D.

reduced ARP traffic on the network

Question 217

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

A.

switchport port-security violation access

B.

switchport port-security violation protect

C.

switchport port-security violation restrict

D.

switchport port-security violation shutdown

Question 218

Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

Options:

A.

lldp timer

B.

lldp holdtimt

C.

lldp reinit

D.

lldp tlv-select

Question 219

Refer to the exhibit.

Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)

Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.

Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

Options:

A.

Ipv6 route 2001:db8:23::/128 fd00:12::2

B.

Ipv6 route 2001:db8:23::14/128 fd00:13::3

C.

Ipv6 route 2001:db8:23::14/64 fd00:12::2

D.

Ipv6 route 2001:db8:23::/64 fd00:12::2

E.

Ipv6 route 2001:db8:23::14/64 fd00:12::2 200

Question 220

In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)

Options:

A.

It automatically provides a second authentication factor that is unknown to the original user.

B.

It uses an internal firewall to protect the password repository from unauthorized access.

C.

It protects against keystroke logging on a compromised device or web site.

D.

It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality

E.

It encourages users to create stronger passwords.

Question 221

What is the purpose of a southbound API in a control based networking architecture?

Options:

A.

Facilities communication between the controller and the applications

B.

Facilities communication between the controller and the networking hardware

C.

allows application developers to interact with the network

D.

integrates a controller with other automation and orchestration tools.

Question 222

An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result?

Options:

A.

logging trap 5

B.

logging trap 2

C.

logging trap 4

D.

logging trap 3

Question 223

Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right

Options:

Question 224

Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

Options:

A.

CPU ACL

B.

TACACS

C.

Flex ACL

D.

RADIUS

Question 225

How will Link Aggregation be Implemented on a Cisco Wireless LAN Controller?

Options:

A.

One functional physical port is needed to pass client traffic.

B.

The EthernetChannel must be configured in "mode active".

C.

When enabled, the WLC bandwidth drops to 500 Mbps.

D.

To pass client traffic, two or more ports must be configured.

Question 226

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

A.

initiates a ping request to the URL

B.

prompts the user to specify the desired IP address

C.

continuously attempts to resolve the URL until the command is cancelled

D.

sends a broadcast message in an attempt to resolve the URL

Question 227

Refer to the exhibit.

which path is used by the router for internet traffic ?

Options:

A.

209.165.200.0/27

B.

10.10.10.0/28

C.

0.0.0.0/0

D.

10.10.13.0/24

Question 228

By default, how Does EIGRP determine the metric of a route for the routing table?

Options:

A.

it uses the bandwidth and delay values of the path to calculate the route metric

B.

it uses a default metric of 10 for all routes that are learned by the router

C.

it uses a reference Bandwidth and the actual bandwidth of the connected link to calculate the route metric

D.

it counts the number of hops between the receiving and destination routers and uses that value as the metric

Question 229

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

Options:

A.

IPsec tunnel mode with AH

B.

IPsec transport mode with AH

C.

IPsec tunnel mode with ESP

D.

IPsec transport mode with ESP

Question 230

Which configuration ensures that the switch is always the root for VLAN 750?

Options:

A.

Switch(config)#spanning-tree vlan 750 priority 38003685

B.

Switch(config)#spanning-tree vlan 750 root primary

C.

Switch(config)#spanning-tree vlan 750 priority 614440

D.

Switch(config)#spanning-tree vlan 750 priority 0

Question 231

Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right

Options:

Question 232

When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

Options:

A.

The floating static route must have a higher administrative distance than the primary route so it is used as a backup

B.

The administrative distance must be higher on the primary route so that the backup route becomes secondary.

C.

The floating static route must have a lower administrative distance than the primary route so it is used as a backup

D.

The default-information originate command must be configured for the route to be installed into the routing table

Question 233

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Question 234

Which technology is used to improve web traffic performance by proxy caching?

Options:

A.

WSA

B.

Firepower

C.

ASA

D.

FireSIGHT

Question 235

Which protocol does an IPv4 host use to obtain a dynamically assigned IP address?

Options:

A.

ARP

B.

DHCP

C.

CDP

D.

DNS

Question 236

What criteria is used first during me root port selection process?

Options:

A.

local port ID

B.

lowest path cost to the root bridge

C.

lowest neighbor's bridge ID

D.

lowest neighbor's port ID

Question 237

Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

Options:

A.

Bronze

B.

Platinum

C.

Silver

D.

Gold

Question 238

What occurs to frames during the process of frame flooding?

Options:

A.

Frames are sent to every port on the switch in the same VLAN except from the originating port

B.

Frames are sent to every port on the switch that has a matching entry in the MAC address table.

C.

Frames are sent to all ports, including those that are assigned to other VLANs.

D.

Frames are sent to every port on the switch in the same VLAN.

Question 239

What are two functions of an SDN controller? (Choose two)

Options:

A.

Layer 2 forwarding

B.

coordinating VTNs

C.

tracking hosts

D.

managing the topology

E.

protecting against DDoS attacks

Question 240

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.

Options:

A.

dual algorithm

B.

metric

C.

administrative distance

D.

hop count

Question 241

Refer to the exhibit.

Which command provides this output?

Options:

A.

show ip route

B.

show ip interface

C.

show interface

D.

show cdp neighbor

Question 242

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

A.

Clock timezone

B.

Clock summer-time-recurring

C.

Clock summer-time date

D.

Clock set

Question 243

Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period?

Options:

A.

switch(config)#spanning-tree vlan 1 max-age 6

B.

switch(config)#spanning-tree vlan 1 hello-time 10

C.

switch(config)#spanning-tree vlan 1 priority 4096

D.

switch(config)#spanning-tree vlan 1 forward-time 20

Question 244

Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

Options:

A.

10.4.4.4

B.

10.4.4.5

C.

172.23.103.10

D.

172.23.104.4

Load More 200-301 Questions
Demo: 244 questions
Total 990 questions
Get 200-301 Full Access Download 200-301 PDF