Pre Black Friday Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

200-301 Exam Dumps - Cisco Certified Network Associate

Question # 4

Refer to the exhibit.

Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

A.

Interface errors are incrementing

B.

An incorrect SFP media type was used at SiteA

C.

High usage is causing high latency

D.

The sites were connected with the wrong cable type

Full Access
Question # 5

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

A.

10.10.225.48 255.255.255.240

B.

10.10.225.32 255.255.255.240

C.

10.10.225.48 255.255.255.224

D.

10.10.225.32 255.255.255.224

Full Access
Question # 6

Refer to Exhibit.

How does SW2 interact with other switches in this VTP domain?

A.

It processes VTP updates from any VTP clients on the network on its access ports.

B.

It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports

C.

It forwards only the VTP advertisements that it receives on its trunk ports.

D.

It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports

Full Access
Question # 7

Refer to the exhibit.

Between which zones do wireless users expect to experience intermittent connectivity?

A.

between zones 1 and 2

B.

between zones 2 and 5

C.

between zones 3 and 4

D.

between zones 3 and 6

Full Access
Question # 8

Which type of traffic is sent with pure iPsec?

A.

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

B.

multicast traffic from a server at one site to hosts at another location

C.

spanning-tree updates between switches that are at two different sites

D.

unicast messages from a host at a remote site to a server at headquarters

Full Access
Question # 9

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

A.

Unicode

B.

base64

C.

decimal

D.

ASCII

Full Access
Question # 10

Why does a switch flood a frame to all ports?

A.

The frame has zero destination MAC addresses.

B.

The source MAC address of the frame is unknown

C.

The source and destination MAC addresses of the frame are the same

D.

The destination MAC address of the frame is unknown.

Full Access
Question # 11

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

A.

configure switchport nonegotiate

B.

configure switchport mode dynamic desirable

C.

configure switchport mode dynamic auto

D.

configure switchport trunk dynamic desirable

Full Access
Question # 12

What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table?

A.

It floods the frame unchanged across all remaining ports in the incoming VLAN.

B.

It appends the table with a static entry for the MAC and shuts down the port.

C.

It updates the CAM table with the destination MAC address of the frame.

D.

It changes the checksum of the frame to a value that indicates an invalid frame.

Full Access
Question # 13

Drag and drop the statements about access-point modes from the left onto the corresponding modes on the right.

Full Access
Question # 14

What is the primary different between AAA authentication and authorization?

A.

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

B.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

C.

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

D.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Full Access
Question # 15

An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which command should be used?

A.

switchport trunk allowed vlan 10

B.

switchport trunk native vlan 10

C.

switchport mode trunk

D.

switchport trunk encapsulation dot1q

Full Access
Question # 16

Refer to the exhibit.

Which route type does the routing protocol Code D represent in the output?

A.

internal BGP route

B.

/24 route of a locally configured IP

C.

statically assigned route

D.

route learned through EIGRP

Full Access
Question # 17

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

A.

ip address 192.168.0.0 255.255.0.0

B.

ip address 192.168.0.0 255.255.254.0

C.

ip address 192.168.0.0 255.255.255.128

D.

ip address 192.168.0.0 255.255.255.224

Full Access
Question # 18

Drag the descriptions of device management from the left onto the types of device management on the right.

Full Access
Question # 19

Which two QoS tools provides congestion management? ( Choose two )

A.

CAR

B.

CBWFQ

C.

PQ

D.

PBR

E.

FRTS

Full Access
Question # 20

Refer to the exhibit.

Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode?

A.

switchport mode trunk

B.

switchport mode dot1-tunnel

C.

switchport mode dynamic auto

D.

switchport mode dynamic desirable

Full Access
Question # 21

How does CAPWAP communicate between an access point in local mode and a WLC?

A.

The access point must directly connect to the WLC using a copper cable

B.

The access point must not be connected to the wired network, as it would create a loop

C.

The access point must be connected to the same switch as the WLC

D.

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

Full Access
Question # 22

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

A.

SSH

B.

HTTPS

C.

Telnet

D.

console

Full Access
Question # 23

Refer to the exhibit.

The default-information originate command is configured under the R1 OSPF configuration After testing workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet Which action corrects the configuration issue?

A.

Add the default-information originate command onR2

B.

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

C.

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2

D.

Add the always keyword to the default-information originate command on R1

Full Access
Question # 24

What is the same for both copper and fiber interfaces when using SFP modules?

A.

They support an inline optical attenuator to enhance signal strength

B.

They provide minimal interruption to services by being hot-swappable

C.

They offer reliable bandwidth up to 100 Mbps in half duplex mode

D.

They accommodate single-mode and multi-mode in a single module

Full Access
Question # 25

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Full Access
Question # 26

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Full Access
Question # 27

Refer to the exhibit.

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

A.

Configure router A to use the same MTU size as router B.

B.

Set the router B OSPF ID to a nonhost address.

C.

Configure a point-to-point link between router A and router B.

D.

Set the router B OSPF ID to the same value as its IP address

Full Access
Question # 28

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Full Access
Question # 29

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 30

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2.

Full Access
Question # 31

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Full Access
Question # 32

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Full Access
Question # 33

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

A.

It drops the frame from the switch CAM table.

B.

It floods the frame out of all ports except port Fa0/1.

C.

It shuts down the port Fa0/1 and places it in err-disable mode.

D.

It experiences a broadcast storm.

Full Access
Question # 34

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

A.

weighted random early detection

B.

traffic policing

C.

traffic shaping

D.

traffic prioritization

Full Access
Question # 35

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

A.

disabled

B.

listening

C.

forwarding

D.

learning

E.

blocking

Full Access
Question # 36

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

A.

SYIM flood

B.

reflection

C.

teardrop

D.

amplification

Full Access
Question # 37

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 38

What is an advantage of using auto mode versus static mode for power allocation when an access point is connected to a PoE switch port?

A.

All four pairs of the cable are used

B.

It detects the device is a powered device

C.

The default level is used for the access point

D.

Power policing is enabled at the same time

Full Access
Question # 39

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

A.

int range g0/0-1

channel-group 10 mode active

B.

int range g0/0-1 chanm.l-group 10 mode desirable

C.

int range g0/0-1

channel-group 10 mode passive

D.

int range g0/0-1 channel-group 10 mode auto

E.

int range g0/0-1 channel-group 10 mode on

Full Access
Question # 40

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 41

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

A.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

B.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

C.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

D.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Full Access
Question # 42

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 43

What is one reason to implement LAG on a Cisco WLC?

A.

to increase security and encrypt management frames

B.

to provide link redundancy and load balancing

C.

to allow for stateful and link-state failover

D.

to enable connected switch ports to failover and use different VLANs

Full Access
Question # 44

Refer to the exhibit.

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 45

Which wireless security protocol relies on Perfect Forward Secrecy?

A.

WPA3

B.

WPA

C.

WEP

D.

WPA2

Full Access
Question # 46

What is an expected outcome when network management automation is deployed?

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Full Access
Question # 47

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

A.

F0/4

B.

F0/0

C.

F0/1

D.

F0/3

Full Access
Question # 48

Which two components comprise part of a PKI? (Choose two.)

A.

preshared key that authenticates connections

B.

RSA token

C.

CA that grants certificates

D.

clear-text password that authenticates connections

E.

one or more CRLs

Full Access
Question # 49

What is a function of Opportunistic Wireless Encryption in an environment?

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Full Access
Question # 50

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

A.

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

B.

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

C.

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

D.

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Full Access
Question # 51

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Full Access
Question # 52

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Full Access
Question # 53

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

A.

Configure the ip dhcp relay information command under interface Gi0/1.

B.

Configure the ip dhcp smart-relay command globally on the router

C.

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

D.

Configure the ip address dhcp command under interface Gi0/0

Full Access
Question # 54

Refer to the exhibit. A multivendor network exists and the company is implementing VoIP over the network for the first time.

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 55

What is the function of a controller in a software-defined network?

A.

multicast replication at the hardware level

B.

forwarding packets

C.

fragmenting and reassembling packets

D.

setting packet-handling policies

Full Access
Question # 56

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

A.

transport input telnet

B.

crypto key generate rsa

C.

ip ssh pubkey-chain

D.

login console

E.

username cisco password 0 Cisco

Full Access
Question # 57

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Full Access
Question # 58

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

A.

Modify the configured number of the second access list.

B.

Add either the ip nat {inside|outside} command under both interfaces.

C.

Remove the overload keyword from the ip nat inside source command.

D.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Full Access
Question # 59

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

A.

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

B.

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

C.

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

D.

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Full Access
Question # 60

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

A.

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

B.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

C.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

D.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Full Access
Question # 61

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Full Access
Question # 62

Which characteristic differentiates the concept of authentication from authorization and accounting?

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Full Access
Question # 63

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

A.

router-id 10.0.0.15

B.

neighbor 10.1.2.0 cost 180

C.

ipospf priority 100

D.

network 10.0.0.0 0.0.0.255 area 0

Full Access
Question # 64

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 65

Refer to the exhibit.

Which network prefix was learned via EIGRP?

A.

172.16.0.0/16

B.

192.168.2.0/24

C.

207.165.200.0/24

D.

192.168.1.0/24

Full Access
Question # 66

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Full Access
Question # 67

What provides centralized control of authentication and roaming In an enterprise network?

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Full Access
Question # 68

Drag and drop the IPv6 address types from the left onto their description on the right.

Full Access
Question # 69

Which two network actions occur within the data plane? (Choose two.)

A.

Add or remove an 802.1Q trunking header.

B.

Make a configuration change from an incoming NETCONF RPC.

C.

Run routing protocols.

D.

Match the destination MAC address to the MAC address table.

E.

Reply to an incoming ICMP echo request.

Full Access
Question # 70

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Full Access
Question # 71

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

A.

lp route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Full Access
Question # 72

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

A.

global unicast address

B.

anycast address

C.

multicast address

D.

link-local address

Full Access
Question # 73

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

A.

shaping

B.

classification

C.

policing

D.

marking

Full Access
Question # 74

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 75

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

A)

B)

C)

D)

E)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Full Access
Question # 76

Which component controls and distributes physical resources for each virtual machine?

A.

OS

B.

hypervisor

C.

CPU

D.

physical enclosure

Full Access
Question # 77

Drag and chop the TCP/IP protocols from the left onto their primary transmission protocols on the right.

Full Access
Question # 78

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

A.

netstat-n

B.

ipconfig

C.

ifconfig

D.

netstat-r

Full Access
Question # 79

Which command enables HTTP access to the Cisco WLC?

A.

config network secureweb enable

B.

config certificate generate web admin

C.

config network webmode enable

D.

config network telnet enable

Full Access
Question # 80

Refer to the exhibit.

An engineer must configure the interface that connects to PC 1 and secure it in a way that only PC1 is allowed to use the port No VLAN tagging can be used except for a voice VLAN. Which command sequence must be entered to configure the switch?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 81

Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

A.

Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

B.

Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

C.

Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

D.

Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

Full Access
Question # 82

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

A.

switchport port-security mac-address abcd.abcd.abcd

B.

switchport port-security mac-address abed.abed.abed vlan 4

C.

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.

switchport port-security mac-address abcd.abcd.abcd vlan voice

Full Access
Question # 83

How does MAC learning function on a switch?

A.

broadcasts frames to all ports without queueing

B.

adds unknown source MAC addresses to the address table

C.

sends a retransmission request when a new frame is received

D.

sends frames with unknown destinations to a multicast group

Full Access
Question # 84

Refer to the exhibit. User traffic originating within site 0 is failing to reach an application hosted on IP address 192.168 0 10. Which is located within site A What is determined by the routing table?

A.

The default gateway for site B is configured incorrectly

B.

The lack of a default route prevents delivery of the traffic

C.

The traffic is blocked by an implicit deny in an ACL on router2

D.

The traffic to 192 168 010 requires a static route to be configured in router 1.

Full Access
Question # 85

Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used.

Full Access
Question # 86

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Full Access
Question # 87

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Full Access
Question # 88

Refer to the exhibit.

An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?

A.

Switch 1 (config-if)#channel-group 1 mode on

Swrtch2(config-if)#channel-group 1 mode passive

B.

Switch1(config-if)#channel-group 1 mode passive

Switch2(config-if)#channel-group 1 mode active

C.

Switch1{config-if)£channel-group 1 mode active

Switch2(config-if)#channel-group 1 mode passive

D.

Switch1(config-if)#channel-group 1 mode on

Switch2(config-if)#channel-group 1 mode active

Full Access
Question # 89

What is a requirement for nonoverlapping Wi-Fi channels?

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Full Access
Question # 90

Refer to the exhibit.

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

A.

ip route 172.21.34.0 255.255.255.192 10.73.65.65

B.

ip route 172.21.34.0 255.255.255.0 10.73.65.65

C.

ip route 172.21.34.0 255.255.128.0 10.73.65.64

D.

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Full Access
Question # 91

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Full Access
Question # 92

What is the difference between IPv6 unicast and anycast addressing?

A.

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

B.

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

C.

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

D.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Full Access
Question # 93

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Full Access
Question # 94

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

A.

infrastructure-as-a-service

B.

platform-as-a-service

C.

business process as service to support different types of service

D.

software-as-a-service

Full Access
Question # 95

Refer to the exhibit.

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

A.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

B.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

C.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

D.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Full Access
Question # 96

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.

A.

dual algorithm

B.

metric

C.

administrative distance

D.

hop count

Full Access
Question # 97

An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

A.

configure IEEE 802.1p

B.

configure IEEE 802.1q

C.

configure ISL

D.

configure DSCP

Full Access
Question # 98

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Full Access
Question # 99

Refer to the exhibit.

PC1 is trying to ping PC3 for the first time and sends out an ARP to S1 Which action is taken by S1?

A.

It forwards it out G0/3 only

B.

It is flooded out every port except G0/0.

C.

It drops the frame.

D.

It forwards it out interface G0/2 only.

Full Access
Question # 100

Refer to the exhibit.

What two conclusions should be made about this configuration? (Choose two )

A.

The designated port is FastEthernet 2/1

B.

This is a root bridge

C.

The spanning-tree mode is Rapid PVST+

D.

The spanning-tree mode is PVST+

E.

The root port is FastEthernet 2/1

Full Access
Question # 101

What occurs to frames during the process of frame flooding?

A.

Frames are sent to every port on the switch in the same VLAN except from the originating port

B.

Frames are sent to every port on the switch that has a matching entry in the MAC address table.

C.

Frames are sent to all ports, including those that are assigned to other VLANs.

D.

Frames are sent to every port on the switch in the same VLAN.

Full Access
Question # 102

Refer to the exhibit.

Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)

Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.

Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

A.

Ipv6 route 2001:db8:23::/128 fd00:12::2

B.

Ipv6 route 2001:db8:23::14/128 fd00:13::3

C.

Ipv6 route 2001:db8:23::14/64 fd00:12::2

D.

Ipv6 route 2001:db8:23::/64 fd00:12::2

E.

Ipv6 route 2001:db8:23::14/64 fd00:12::2 200

Full Access
Question # 103

Refer to the exhibit.

What is the result if Gig1/11 receives an STP BPDU?

A.

The port transitions to STP blocking

B.

The port transitions to the root port

C.

The port immediately transitions to STP forwarding.

D.

The port goes into error-disable state

Full Access
Question # 104

Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.

Full Access
Question # 105

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

A.

The two routers synchronize configurations to provide consistent packet forwarding

B.

The two routers negotiate one router as the active router and the other as the standby router

C.

Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them

D.

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN

E.

The two routers share the same interface IP address and default gateway traffic is load-balanced between them

Full Access
Question # 106

Which two protocols are supported on service-port interfaces? (Choose two.)

A.

RADIUS

B.

TACACS+

C.

SCP

D.

Telnet

E.

SSH

Full Access
Question # 107

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

A.

Change the channel-group mode on SW2 to auto

B.

Change the channel-group mode on SW1 to desirable.

C.

Configure the interface port-channel 1 command on both switches.

D.

Change the channel-group mode on SW1 to active or passive.

Full Access
Question # 108

Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

A.

enable secret

B.

service password-encryption

C.

username Cisco password encrypt

D.

enable password

Full Access
Question # 109

Refer to the exhibit.

How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 110

Drag and drop the network protocols from the left onto the correct transport services on the right.

Full Access
Question # 111

Refer to the exhibit.

A router reserved these five routes from different routing information sources.

Which two routes does the router install in its routing table? (Choose two)

A.

RIP route 10.0.0.0/30

B.

iBGP route 10.0.0.0/30

C.

OSPF route 10.0.0.0/30

D.

EIGRP route 10.0.0.1/32

E.

OSPF route 10.0.0.0/16

Full Access
Question # 112

An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?

A.

Physical access control

B.

Social engineering attack

C.

brute force attack

D.

user awareness

Full Access
Question # 113

Refer to the exhibit.

A network engineer configures the Cisco WLC to authenticate local wireless clients against a RADIUS server Which task must be performed to complete the process?

A.

Change the Server Status to Disabled

B.

Select Enable next to Management

C.

Select Enable next to Network User

D.

Change the Support for CoA to Enabled.

Full Access
Question # 114

Drag and drop the IPv6 address type characteristics from the left to the right.

Full Access
Question # 115

Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right

Full Access
Question # 116

In software defined architectures, which plane is distributed and responsible for traffic forwarding?

A.

management plane

B.

control plane

C.

policy plane

D.

data plane

Full Access
Question # 117

Which command on a port enters the forwarding state immediately when a PC is connected to it?

A.

switch(config)#spanning-tree portfast default

B.

switch(config)#spanning-tree portfast bpduguard default

C.

switch(config-if)#spanning-tree portfast trunk

D.

switch(config-if)#no spanning-tree portfast

Full Access
Question # 118

Refer to the exhibit.

What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?

A.

R1(config)#interface ethernet0/0

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

B.

R1(config)#interface ethernet0/0.20

R1(config)#encapsulation dot1q 20

R1(config)#ip address 10.20.20.1 255.255.255.0

C.

R1(config)#interface ethernet0/0.20

R1(config)#ip address 10.20.20.1 255.255.255.0

D.

R1(config)#interface ethernet0/0

R1(config)#ip address 10.20.20.1 255.255.255.0

Full Access
Question # 119

Which switch technology establishes a network connection immediately when it is plugged in?

A.

PortFast

B.

BPDU guard

C.

UplinkFast

D.

BackboneFast

Full Access
Question # 120

In QoS, which prioritization method is appropriate for interactive voice and video?

A.

expedited forwarding

B.

traffic policing

C.

round-robin scheduling

D.

low-latency queuing

Full Access
Question # 121

Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two. )

A.

The device Is assigned to the Global site.

B.

The device Is placed into the Unmanaged state.

C.

The device is placed into the Provisioned state.

D.

The device is placed into the Managed state.

E.

The device is assigned to the Local site.

Full Access
Question # 122

An engineer is asked to protect unused ports that are configured in the default VLAN on a switch.

Which two steps will fulfill the request? (Choose two)

A.

Configure the ports in an EtherChannel.

B.

Administratively shut down the ports

C.

Configure the port type as access and place in VLAN 99

D.

Configure the ports as trunk ports

E.

Enable the Cisco Discovery Protocol

Full Access
Question # 123

What is a characteristic of a SOHO network?

A.

connects each switch to every other switch in the network

B.

enables multiple users to share a single broadband connection

C.

provides high throughput access for 1000 or more users

D.

includes at least three tiers of devices to provide load balancing and redundancy

Full Access
Question # 124

Which state does the switch port move to when PortFast is enabled?

A.

forwarding

B.

listening

C.

blocking

D.

learning

Full Access
Question # 125

which purpose does a northbound API serve in a controller-based networking architecture?

A.

communicates between the controller and the physical network hardware

B.

reports device errors to a controller

C.

generates statistics for network hardware and traffic

D.

facilitates communication between the controller and the applications

Full Access
Question # 126

When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)

A.

ASCII

B.

base64

C.

binary

D.

decimal

E.

hexadecimal

Full Access
Question # 127

What facilitates a Telnet connection between devices by entering the device name?

A.

SNMP

B.

DNS lookup

C.

syslog

D.

NTP

Full Access
Question # 128

Refer to the exhibit.

An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the right.

Full Access
Question # 129

What is a DNS lookup operation?

A.

DNS server pings the destination to verify that it is available

B.

serves requests over destination port 53

C.

DNS server forwards the client to an alternate IP address when the primary IP is down

D.

responds to a request for IP address to domain name resolution to the DNS server

Full Access
Question # 130

Which WAN topology provides a combination of simplicity quality, and availability?

A.

partial mesh

B.

full mesh

C.

point-to-point

D.

hub-and-spoke

Full Access
Question # 131

Drag the IPv6 DNS record types from the left onto the description on the right.

Full Access
Question # 132

What are two functions of an SDN controller? (Choose two)

A.

Layer 2 forwarding

B.

coordinating VTNs

C.

tracking hosts

D.

managing the topology

E.

protecting against DDoS attacks

Full Access
Question # 133

Which type of attack can be mitigated by dynamic ARP inspection?

A.

worm

B.

malware

C.

DDoS

D.

man-in-the-middle

Full Access
Question # 134

What mechanism carries multicast traffic between remote sites and supports encryption?

A.

ISATAP

B.

GRE over iPsec

C.

iPsec over ISATAP

D.

GRE

Full Access
Question # 135

Drag and drop the functions from the left onto the correct network components on the right

Full Access
Question # 136

Refer to the exhibit.

How does the router manage traffic to 192.168.12.16?

A.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

B.

It chooses the OSPF route because it has the longest prefix inclusive of the destination address.

C.

it load-balances traffic between all three routes

D.

It chooses the EIGRP route because it has the lowest administrative distance

Full Access
Question # 137

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

A.

Both operate at a frequency of 500 MHz.

B.

Both support runs of up to 55 meters.

C.

Both support runs of up to 100 meters.

D.

Both support speeds of at least 1 Gigabit.

E.

Both support speeds up to 10 Gigabit.

Full Access
Question # 138

Refer to the exhibit.

A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?

A.

Switch trunk allowed vlan 12

B.

Switchport trunk allowed vlan none

C.

Switchport trunk allowed vlan add 13

D.

Switchport trunk allowed vlan remove 10-11

Full Access
Question # 139

Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?

A.

BPDUfilter

B.

PortFast

C.

Backbonefast

D.

BPDUguard

Full Access
Question # 140

Which function does the range of private IPv4 addresses perform?

A.

allows multiple companies to each use the same addresses without conflicts

B.

provides a direct connection for hosts from outside of the enterprise network

C.

ensures that NAT is not required to reach the internet with private range addressing

D.

enables secure communications to the internet for all external hosts

Full Access
Question # 141

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Full Access
Question # 142

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 143

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Full Access
Question # 144

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 145

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Full Access
Question # 146

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Full Access
Question # 147

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Full Access
Question # 148

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 149

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Full Access
Question # 150

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Full Access
Question # 151

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Full Access
Question # 152

Refer to the exhibit.

Rooter R1 is added to the network and configured with tie 10 0 0 64/26 and 10.0.20.0/24 subnets However traffic destined for the LAN on R3 is not access. Which command when executed on R1 defines a tunic route to reach the R3 LAN?

A)

B)

C)

A.

Option

B.

Option

C.

Option

Full Access
Question # 153

Which port type does a lightweight AP use to connect to the wired network when it is configured in local mode?

A.

EtherChannel

B.

LAG

C.

trunk

D.

access

Full Access
Question # 154

What is the MAC address used with VRRP as a virtual address?

A.

00-00-0C-07-AD-89

B.

00-00-5E-00-01-0a

C.

00-07-C0-70-AB-01

D.

00-C6-41-93-90-91

Full Access
Question # 155

A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP.

A.

Place the AP into manual containment.

B.

Remove the AP from WLC management.

C.

Manually remove the AP from Pending state.

D.

Set the AP Class Type to Friendly.

Full Access
Question # 156

Drag and drop the device behaviors from the left onto the matching HSRP slate on the right.

Full Access
Question # 157

Drag and drop each characteristic of device-management technologies from the left onto the deployment type on the right.

Full Access
Question # 158

Which 802.11 frame type is Association Response?

A.

management

B.

control

C.

action

D.

protected frame

Full Access
Question # 159

What is the temporary state that switch ports always enter immediately after the boot process when Rapid PVST+ is used?

A.

discarding

B.

listening

C.

forwarding

D.

learning

Full Access
Question # 160

Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge devices or access circuits fail?

A.

SLB

B.

FHRP

C.

VRRP

D.

HSRP

Full Access
Question # 161

What are two differences between WPA2 and WPA3 wireless security? (Choose two.)

A.

WPA3 um AES for stronger protection than WPA2 which uses SAE

B.

WPA2 uses 1 M-bit key encryption and WPA3 requires 256-brt key encryption

C.

WPA3 uses AES for stronger protection than WPA2 which uses TKIP WPA3 uses

D.

SAE tor stronger protection than WPA2 which uses AES

E.

WPA2 uses 12B-M key encryption and WPA3 supports 128 bit and 192 bit key encryption

Full Access
Question # 162

A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?

A.

ARP

B.

CDP

C.

flooding

D.

multicast

Full Access
Question # 163

When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?

A.

6

B.

8

C.

12

D.

18

Full Access
Question # 164

Which access point mode relies on a centralized controller for management, roaming, and SSID configuration?

A.

repeater mode

B.

autonomous mode

C.

bridge mode

D.

lightweight mode

Full Access
Question # 165

What is a function of the core and distribution layers in a collapsed-core architecture?

A.

The router must use IPv4 and IPv6 addresses at Layer 3.

B.

The core and distribution layers are deployed on two different devices to enable failover.

C.

The router can support HSRP for Layer 2 redundancy in an IPv6 network.

D.

The router operates on a single device or a redundant pair.

Full Access
Question # 166

Refer to the exhibit.

An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional VLANS using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth?

A.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 265 255.255.252

B.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.248

C.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.0

D.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255.255.255.128

Full Access
Question # 167

Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture?

A.

service port

B.

virtual

C.

AP-Manager

D.

dynamic

Full Access
Question # 168

Why would a network administrator choose to implement automation in a network environment?

A.

To simplify the process of maintaining a consistent configuration state across all devices

B.

To centralize device information storage

C.

To implement centralized user account management

D.

To deploy the management plane separately from the rest of the network Answer: A

Full Access
Question # 169

Drag and drop the Rapid PVST+ forwarding state actions from the left to the right. Not all actions are used.

Full Access
Question # 170

What is the role of community strings in SNMP operations?

A.

It serves as a sequence tag on SNMP traffic messages.

B.

It serves as a password lo protect access to MIB objects.

C.

It passes the Active Directory username and password that are required for device access

D.

It translates alphanumeric MIB output values to numeric values.

Full Access
Question # 171

Refer to the exhibit.

The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent?

A.

192.168.1.226

B.

192.168.1.100

C.

192.168.1.254

D.

192.168.1.253

Full Access
Question # 172

Which device segregates a network into separate zones that have their own security policies?

A.

IPS

B.

firewall

C.

access point

D.

switch

Full Access
Question # 173

Which is a fact related to FTP?

A.

It uses block numbers to identify and mitigate data-transfer errors

B.

It always operates without user authentication

C.

It relies on the well-known UDP port 69.

D.

It uses two separate connections for control and data traffic

Full Access
Question # 174

Refer to the exhibit.

The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken must be taken to complete the task?

A.

Configure the no lldp tlv-select-management-address command globally on Cat9K-2

B.

Configure the no lldp transmit command on interface G1/0/21 in Cat9K-1

C.

Configure the no lldp receive command on interface G1/0/21 on Cat9K-1

D.

Configure the no lldp mac-phy-cfg command globally on Cat9K-2

Full Access
Question # 175

When the LAG configuration is updated on a Cisco WLC which additional task must be performed when changes are complete?

A.

Flush all MAC addresses from the WLC

B.

Re-associate the WLC with the access point.

C.

Re-enable the WLC interfaces

D.

Reboot the WLC

Full Access
Question # 176

Refer to the exhibit.

R1 has just received a packet from host A that is destined to host B. Which route in the routing table is used by R1 to reac B?

A.

10.10.13.0/25 [108/0] via 10.10.10.10

B.

10.10.13.0/25 [110/2] via 10.10.10.2

C.

10.10.13.0/25 [110/2] via 10.10.10.6

D.

10.10.13.0/25 [1/0] via 10.10.10.2

Full Access
Question # 177

What describes a northbound REST API for SON?

A.

application-facing interface for SNMP GET requests

B.

network-element-facing interface for GET POST PUT and DELETE methods

C.

network-element-facing interface for the control and data planes

D.

application-facing interface far GET, POST, PUT, and DELETE methods

Full Access
Question # 178

Refer to the exhibit.

All interfaces are configured with duplex auto and ip ospf network broadcast. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency and act as a central point for exchanging OSPF information between routers?

A.

Option A

B.

Option B

C.

Option C

D.

option D

Full Access
Question # 179

What describes the functionality of southbound APIs?

A.

They use HTTP messages to communicate.

B.

They enable communication between the controller and the network device.

C.

They convey information from the controller to the SDN applications.

D.

They communicate with the management plane.

Full Access
Question # 180

Refer to the exhibit.

The network engineer is configuring router R2 as a replacement router on the network After the initial configuration is applied it is determined that R2 failed to show R1 as a neighbor Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1?

A)

B)

C)

D)

A.

Option

B.

Option

C.

Option

D.

Option

Full Access
Question # 181

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show Interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

A.

high bandwidth usage

B.

a physical cable fault

C.

a speed mismatch

D.

a cable that is too long

Full Access
Question # 182

What is a function of MAC address learning?

A.

It is enabled by default on all VLANs and interfaces

B.

It increases the potential for MAC address flooding.

C.

It is disabled by default on all interfaces connected to trunks

D.

lt increases security on the management VLAN

Full Access
Question # 183

To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security program is being deployed?

A.

user training

B.

user awareness

C.

vulnerability verification

D.

physical access control

Full Access
Question # 184

Refer to the exhibit.

Which prefix did router R1 learn from internal EIGRP?

A.

192.168.10/24

B.

192.168.3.0/24

C.

192.168.2.0/24

D.

172.16 1.0/24

Full Access
Question # 185

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 186

Refer to the exhibit.

When router R1 receives a packet with destination IP address 10.56.0 62. through which interface does it route the packet?

A.

Null0

B.

VIan58

C.

Vlan60

D.

VIan59

Full Access
Question # 187

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatical togged out?

A.

config sessions maxsessions 0

B.

config sessions timeout 0

C.

config serial timeout 0

D.

config serial timeout 9600

Full Access
Question # 188

What is the purpose of using First Hop Redundancy Protocol on a specific subnet?

A.

ensures a loop-free physical topology

B.

filters traffic based on destination IP addressing

C.

sends the default route to the hosts on a network

D.

forwards multicast hello messages between routers

Full Access
Question # 189

Which action does the router take as rt forwards a packet through the network?

A.

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

B.

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

C.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

D.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Full Access
Question # 190

What is the primary purpose of private address space?

A.

conserve globally unique address space

B.

simplify the addressing in the network

C.

limit the number of nodes reachable via the Internet

D.

reduce network complexity

Full Access
Question # 191

Refer to the exhibit.

A network engineer must block access for all computers on VLAN 20 to the web server via HTTP All other computers must be able to access the web server Which configuration when applied to switch A accomplishes this task?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 192

What are two benefits of using the PortFast feature? (Choose two )

A.

Enabled interfaces are automatically placed in listening state

B.

Enabled interfaces come up and move to the forwarding state immediately

C.

Enabled interfaces never generate topology change notifications.

D.

Enabled interfaces that move to the learning state generate switch topology change notifications

E.

Enabled interfaces wait 50 seconds before they move to the forwarding state

Full Access
Question # 193

Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

A.

DTP

B.

FTP

C.

SMTP

D.

TFTP

Full Access
Question # 194

Refer to the exhibit.

Which route type is configured to reach the internet?

A.

host route

B.

default route

C.

floating static route

D.

network route

Full Access
Question # 195

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?

A.

Device(Config)#lldp run

B.

Device(Config)#cdp run

C.

Device(Config-if)#cdp enable

D.

Device(Config)#flow-sampler-map topology

Full Access
Question # 196

Refer to the exhibit.

An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEfriemet3/1/4 port on a switch?

A.

The phone and a workstation that is connected to the phone do not have VLAN connectivity

B.

The phone and a workstation that is connected to the phone send and receive data in VLAN 50.

C.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity

D.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1

Full Access
Question # 197

What is a capability of FTP in network management operations?

A.

encrypts data before sending between data resources

B.

devices are directly connected and use UDP to pass file information

C.

uses separate control and data connections to move files between server and client

D.

offers proprietary support at the session layer when transferring data

Full Access
Question # 198

When OSPF learns multiple paths to a network, how does it select a route?

A.

It multiple the active K value by 256 to calculate the route with the lowest metric.

B.

For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.

C.

It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.

D.

It count the number of hops between the source router and the destination to determine the router with the lowest metric

Full Access
Question # 199

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

A.

Add the access-list 10 permit any command to the configuration

B.

Remove the access-class 10 in command from line vty 0.4.

C.

Add the ip access-group 10 out command to interface g0/0.

D.

Remove the password command from line vty 0 4.

Full Access
Question # 200

Refer to the exhibit.

A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 201

An organization secures its network with multi-factor authentication using an authenticator app on employee smartphone. How is the application secured in the case of a user’s smartphone being lost or stolen?

A.

The application requires an administrator password to reactivate after a configured Interval.

B.

The application requires the user to enter a PIN before it provides the second factor.

C.

The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted.

D.

The application verifies that the user is in a specific location before it provides the second factor.

Full Access
Question # 202

Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right

Full Access
Question # 203

How do AAA operations compare regarding user identification, user services and access control?

A.

Authorization provides access control and authentication tracks user services

B.

Authentication identifies users and accounting tracks user services

C.

Accounting tracks user services, and authentication provides access control

D.

Authorization identifies users and authentication provides access control

Full Access
Question # 204

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

A.

configure the hello and dead timers to match on both sides

B.

configure the same process ID for the router OSPF process

C.

configure the same router ID on both routing processes

D.

Configure the interfaces as OSPF active on both sides.

E.

configure both interfaces with the same area ID

Full Access
Question # 205

What are two benefits of network automation? (Choose two)

A.

reduced operational costs

B.

reduced hardware footprint

C.

faster changes with more reliable results

D.

fewer network failures

E.

increased network security

Full Access
Question # 206

What is a role of access points in an enterprise network?

A.

connect wireless devices to a wired network

B.

support secure user logins to devices or the network

C.

integrate with SNMP in preventing DDoS attacks

D.

serve as a first line of defense in an enterprise network

Full Access
Question # 207

How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?

A.

Cisco DNA Center device management can deploy a network more quickly than traditional campus device management

B.

Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management

C.

Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options

D.

Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

Full Access
Question # 208

A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch. What must be configured when using active mode on both sides of the connection?

A.

802.1q trunks

B.

Cisco vPC

C.

LLDP

D.

LACP

Full Access
Question # 209

Refer to me exhibit.

Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

A.

It uses a route that is similar to the destination address

B.

It discards the packets.

C.

It floods packets to all learned next hops.

D.

It Queues the packets waiting for the route to be learned.

Full Access
Question # 210

Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

A.

action

B.

management

C.

control

D.

data

Full Access
Question # 211

Refer to the exhibit.

What is the effect of this configuration?

A.

The switch port interface trust state becomes untrusted

B.

The switch port remains administratively down until the interface is connected to another switch

C.

Dynamic ARP inspection is disabled because the ARP ACL is missing

D.

The switch port remains down until it is configured to trust or untrust incoming packets

Full Access
Question # 212

Which configuration is needed to generate an RSA key for SSH on a router?

A.

Configure the version of SSH

B.

Configure VTY access.

C.

Create a user with a password.

D.

Assign a DNS domain name

Full Access
Question # 213

Refer to the exhibit.

Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

A.

passive

B.

mode on

C.

auto

D.

active

Full Access
Question # 214

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Full Access
Question # 215

What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closer? (Choose two.)

A.

enable the PortFast feature on ports

B.

implement port-based authentication

C.

configure static ARP entries

D.

configure ports to a fixed speed

E.

shut down unused ports

Full Access
Question # 216

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

A.

global unicast

B.

unique local

C.

link-local

D.

multicast

Full Access
Question # 217

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

A.

IKEv2

B.

IKEv1

C.

IPsec

D.

MD5

Full Access
Question # 218

What are two characteristics of a public cloud Implementation? (Choose two.)

A.

It is owned and maintained by one party, but it is shared among multiple organizations.

B.

It enables an organization to fully customize how It deploys network resources.

C.

It provides services that are accessed over the Internet.

D.

It Is a data center on the public Internet that maintains cloud services for only one company.

E.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Full Access
Question # 219

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

A.

10.10.10.0/28

B.

10.10.13.0/25

C.

10.10.13.144/28

D.

10.10.13.208/29

Full Access
Question # 220

What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

A.

access - core - distribution - access

B.

access - distribution - distribution - access

C.

access - core - access

D.

access -distribution - core - distribution - access

Full Access
Question # 221

Drag and drop the application protocols from the left onto the transport protocols that it uses on the right

Full Access
Question # 222

What makes Cisco DNA Center different from traditional network management applications and their management of networks?

A.

It omits supports auto-discovery of network elements in a greenfield deployment.

B.

It modular design allows someone to implement different versions to meet the specific needs of an organization

C.

It abstracts policy from the actual device configuration

D.

It does not support high availability of management functions when operating in cluster mode

Full Access
Question # 223

A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client.

Which configuration, when applied, meets the requirements?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 224

Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

A.

TKiP encryption

B.

AES encryption

C.

scrambled encryption key

D.

SAE encryption

Full Access