Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Examstrust Logo
examstrust mcafee
  1. Home
  2. Cisco
  3. CCNA
  4. 200-301 - Cisco Certified Network Associate

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Page: 1 / 101
Total 1005 questions
Get 200-301 Full Access Download 200-301 PDF

Cisco Certified Network Associate Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$42  $139.99
Add to Cart

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$55.5  $184.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$36  $119.99
Add to Cart
Question 1

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 2

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 3

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 4

Which advantage does machine learning offer for network security?

Options:

A.

It improves real-time threat detection.

B.

It manages firewall rule sets.

C.

It enforces password complexity requirements.

D.

It controls VPN access permissions.

Question 5

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 6

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

Options:

A.

Telnet

B.

console

C.

HTTPS

D.

SSH

Question 7

What is the main difference between traditional networks and controller-based networking?

Options:

A.

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.

Controller-based networks are open for application requests, and traditional networks operate manually.

D.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Question 8

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

A.

ntp master 172.24.54.8

B.

ntp client 172.24.54.8

C.

ntp peer 172.24.54.8

D.

ntp server 172.24.54.8

Question 9

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

A.

Select the 802.1 x option for Auth Key Management.

B.

Select the WPA Policy option.

C.

Select the PSK option for Auth Key Management.

D.

Select the AES option for Auth Key Management.

E.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 10

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

Options:

A.

Select the WPA2 Policy, AES, and TKIP check boxes.

B.

Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank.

C.

Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.

D.

Select the WPA2 Policy and AES check boxes.

Question 11

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

Options:

A.

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Question 12

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 13

What is the difference between controller-based networks and traditional networks as they relate to control-plane and/or data-plane functions?

Options:

A.

Controller-based networks centralize all important data-plane functions, and traditional networks distribute data-plane functions.

B.

Controller-based networks centralize all important control-plane functions, and traditional networks distribute control-plane functions.

C.

Traditional networks centralize all important control-plane functions, and controller-based networks distribute control-plane functions.

D.

Traditional networks centralize all important data-plane functions, and controller-based networks distribute data-plane functions.

Question 14

What is the RFC 4627 default encoding for JSON text?

Options:

A.

UCS-2

B.

UTF-8

C.

Hex

D.

GB18030

Question 15

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 16

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

Options:

A.

interface port-channel 2

channel-group 2 mode desirable

B.

interface fasteinernet 1/1

channel-group 2 mode active

C.

interface fasteinernet 1/1

channel-group 2 mode on

D.

interface port-channel 2

channel-group 2 mode auto

Question 17

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

Options:

A.

0

B.

1

C.

2

D.

32

Question 18

Refer to the exhibit Routers R1 R2 and R3 use a protocol to identify their neighbors' IP addresses hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

Options:

A.

Configure the no cdp enable command on gO/2.

B.

Configure the no cdp run command globally.

C.

Configure the no lldp run command globally.

D.

Configure the no lldp receive command on gQV1.

Question 19

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

A.

It is less expensive when purchasing patch cables.

B.

It has a greater sensitivity to changes in temperature and moisture.

C.

It provides greater throughput options.

D.

It carries signals for longer distances.

E.

It carries electrical current further distances for PoE devices.

Question 20

Which plane is centralized in software-defined networking?

Options:

A.

application

B.

services

C.

control

D.

data

Question 21

Which two statements distinguish authentication from accounting? (Choose two.)

Options:

A.

Only authentication records the duration of a user's connection.

B.

Only authentication supports user-activity audits.

C.

Only authentication provides supporting information for billing users.

D.

Only authentication challenges users for their credentials and returns a response.

E.

Only authentication validates "who you are."

Question 22

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

A.

Is the internet reachable?

B.

Is the default gateway reachable?

C.

Is the DNS server reachable?

Question 23

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 24

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

Options:

A.

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

B.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

C.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

D.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Question 25

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

Options:

A.

level

B.

message body

C.

process ID

D.

facility

Question 26

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

Options:

A.

magic links

B.

one-time passwords

C.

digital certificates

D.

90-day renewal policies

Question 27

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

Options:

A.

next-generation firewall to keep stateful packet inspection

B.

multifactor authentication using two separate authentication sources

C.

ACL to restrict incoming Telnet sessions "admin" accounts

D.

IPS with a block list of known attack vectors

Question 28

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

Options:

A.

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

B.

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

C.

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Question 29

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 30

Refer to the exhibit. Which interface does a packet take to reach the destination address of 10.10.10.147?

Options:

A.

FastEthemet 0/0

B.

Senal0/0

C.

FastEthemet 0/1

Question 31

Which CRUD operation corresponds to me HTTP GET method?

Options:

A.

delete

B.

create

C.

update

D.

read

Question 32

Refer to the exhibit. Which type of JSON data is shown?

Options:

A.

sequence

B.

string

C.

object

D.

Boolean

Question 33

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 34

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 35

What is an Ansible inventory?

Options:

A.

file that defines the target devices upon which commands and tasks are executed

B.

unit of Python code to be executed within Ansible

C.

collection of actions to perform on target devices, expressed in YAML format

D.

device with Ansible installed that manages target devices

Question 36

Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the DNS service. Which configuration updates the ACL efficiently?

Options:

A.

ip access-list extended Services

35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

B.

no ip access-list extended Services

ip access-list extended Services

30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

C.

ip access-list extended Services

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

D.

no ip access-list extended Services

ip access-list extended Services

permit udp 10.0.0.0 0.255.255.255 any eq 53

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

deny ip any any log

Question 37

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

Options:

A.

ip forward-protocol udp 137

B.

ip default-network 192.168.52.253

C.

ip helper-address 172.16.32.15

D.

ip default-gateway 192.168.52.253

Question 38

How does machine learning improve the detection of unauthorized network access?

Options:

A.

It monitors for outdated software.

B.

It dictates security policy updates.

C.

It identifies patterns indicating intrusions.

D.

It assigns security clearance levels.

Question 39

Why is UDP more suitable than TCP tor applications that require low latency, such as VoIP?

Options:

A.

UDP reliably guarantees delivery of all packets and TCP drops packets under heavy load.

B.

TCP sends an acknowledgment for every packet that is received and UDP operates without acknowledgments.

C.

UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.

D.

TCP uses congestion control for efficient packet delivery and UDP uses flow control mechanisms for the delivery of packets.

Question 40

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 41

Which authentication method requires the user to provide a physical attribute to authenticate successfully?

Options:

A.

password

B.

muftifactor

C.

biometric

D.

certificate

Question 42

What does the term "spirt MAC” refer to in a wireless architecture?

Options:

A.

divides data link layer functions between the AP and WLC

B.

combines the management and control functions from the data-forwarding functions

C.

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

D.

leverages two APs to handle control and data traffic

Question 43

Which AP feature provides a captive portal for users to authenticate register and accept terms before accessing the internet?

Options:

A.

One-Click

B.

Hotspot

C.

Enhanced Bluetooth

D.

Whole Home

Question 44

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

Options:

A.

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

B.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

C.

ip route 0.0.0.0 0.0.0.0 10.200.0.2

D.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Question 45

Drag and drop the common functions from the left onto the cofresponding network topology architecture layer on the right. Not all common functions are used.

Options:

Question 46

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 47

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

Options:

A.

username CCUser privies 10 password NA!2Scc

B.

username CCUser password NA!2Scc enable password level 5 NA!2$cc

C.

username CCUser secret NA!2Scc

D.

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Question 48

Refer to the exhibit.

What is the result if Gig1/11 receives an STP BPDU?

Options:

A.

The port transitions to STP blocking

B.

The port transitions to the root port

C.

The port immediately transitions to STP forwarding.

D.

The port goes into error-disable state

Question 49

Which type of attack can be mitigated by dynamic ARP inspection?

Options:

A.

worm

B.

malware

C.

DDoS

D.

man-in-the-middle

Question 50

In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

Options:

A.

There is limited unique address space, and traffic on the new subnet will stay local within the organization.

B.

The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.

C.

Traffic on the subnet must traverse a site-to-site VPN to an outside organization.

D.

The ISP requires the new subnet to be advertised to the internet for web services.

Question 51

Which CRUD operation modifies an existing table or view?

Options:

A.

read

B.

create

C.

replace

D.

update

Question 52

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Options:

Question 53

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

Options:

A.

The two routers synchronize configurations to provide consistent packet forwarding

B.

The two routers negotiate one router as the active router and the other as the standby router

C.

Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them

D.

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN

E.

The two routers share the same interface IP address and default gateway traffic is load-balanced between them

Question 54

Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)

Options:

A.

listening

B.

blocking

C.

forwarding

D.

learning

E.

speaking

Question 55

Where does the configuration reside when a helper address Is configured lo support DHCP?

Options:

A.

on the router closest to the server

B.

on the router closest to the client

C.

on every router along the path

D.

on the switch trunk interface

Question 56

Refer to the exhibit.

A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

Options:

A.

access-list 2699 permit udp 10.20.1.0 0.0.0.255

B.

no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22

C.

access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

D.

no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

Question 57

When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

Options:

A.

spanning -tree vlan 200 priority 614440

B.

spanning -tree vlan 200 priority 38572422

C.

spanning -tree vlan 200 priority 0

D.

spanning -tree vlan 200 root primary

Question 58

What are two improvements provided by automation for network management in an SDN environment? (Choose two)

Options:

A.

Data collection and analysis tools establish a baseline for the network

B.

Artificial intelligence identifies and prevents potential design failures.

C.

Machine learning minimizes the overall error rate when automating troubleshooting processes

D.

New devices are onboarded with minimal effort

E.

Proprietary Cisco APIs leverage multiple network management tools.

Question 59

A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two)

Options:

A.

runts

B.

giants

C.

frame

D.

CRC

E.

input errors

Question 60

What is a DNS lookup operation?

Options:

A.

DNS server pings the destination to verify that it is available

B.

serves requests over destination port 53

C.

DNS server forwards the client to an alternate IP address when the primary IP is down

D.

responds to a request for IP address to domain name resolution to the DNS server

Question 61

In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)

Options:

A.

It automatically provides a second authentication factor that is unknown to the original user.

B.

It uses an internal firewall to protect the password repository from unauthorized access.

C.

It protects against keystroke logging on a compromised device or web site.

D.

It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality

E.

It encourages users to create stronger passwords.

Question 62

Which two practices are recommended for an acceptable security posture in a network? (Choose two)

Options:

A.

Backup device configurations to encrypted USB drives for secure retrieval

B.

maintain network equipment in a secure location

C.

Use a cryptographic keychain to authenticate to network devices

D.

Place internal email and file servers in a designated DMZ

E.

Disable unused or unnecessary ports, interfaces and services

Question 63

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

A.

200 seconds

B.

300 seconds

C.

600 seconds

D.

900 seconds

Question 64

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 65

Refer to the exhibit.

A network engineer must configure R1 so that it sends all packets destined to the 10.0.0.0/24 network to R3, and all packets destined to PCI to R2. Which configuration must the engineer implement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 66

Drag and drop the use cases for device-management technologies from the left onto the corresponding.

Options:

Question 67

Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture?

Options:

A.

service port

B.

virtual

C.

AP-Manager

D.

dynamic

Question 68

Drag and drop the statements about networking from the left onto the corresponding networking types on the right

Options:

Question 69

Refer to the exhibit.

Router R14 is in the process of being configured. Which configuration must be used to establish a host route to PC 10?

Options:

A.

ip route 10.80.65.10 255.255.255.254 10.80.65.1

B.

ip route 10.8065.10 255.255.255.255 10.73.65.66

C.

ip route 1073.65.65 255.0.0.0 10.80.65.10

D.

ip route 10.73.65.66 0.0.0.255 10.80.65.10

Question 70

Refer to Exhibit.

Rotor to the exhibit. The IP address configurations must be completed on the DC-1 and HQ-1 routers based on these requirements:

DC-1 Gi1/0 must be the last usable address on a /30

DC-1 Gi1/1 must be the first usable address on a /29

DC-1 Gi1/2 must be the last usable address on a /28

HQ-1 Gil/3 must be the last usable address on a /29

Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used

Options:

Question 71

What is the functionality of the Cisco DNA Center?

Options:

A.

data center network pokey con

B.

console server that permits secure access to all network devices

C.

IP address cool distribution scheduler

D.

software-defined controller for automaton of devices and services

Question 72

Refer to the exhibit.

A network engineer must provide configured IP addressing details to investigate a firewall rule Issue. Which subnet and mask Identify what is configured on the en0 interface?

Options:

A.

10.8.0.0/16

B.

10.8.64.0/18

C.

10.8.128.0/19

D.

10.8.138.0/24

Question 73

Refer to the exhibit. What is represented by “R1” and “SW1” within the JSON output?

Options:

A.

object

B.

value

C.

key

D.

array

Question 74

Drag and drop the DNS commands from the left onto their effects on the right.

Options:

Question 75

What is a specification for SSIDS?

Options:

A.

They are a Cisco proprietary security feature.

B.

They must include one number and one letter.

C.

They define the VLAN on a switch.

D.

They are case sensitive.

Question 76

Refer to the exhibit.

Rooter R1 is added to the network and configured with tie 10 0 0 64/26 and 10.0.20.0/24 subnets However traffic destined for the LAN on R3 is not access. Which command when executed on R1 defines a tunic route to reach the R3 LAN?

A)

B)

C)

Options:

A.

Option

B.

Option

C.

Option

Question 77

Which two capabilities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two.)

Options:

A.

REST APIs that allow for external applications to interact natively

B.

adapters that support all families of Cisco IOS software

C.

SDKs that support interaction with third-party network equipment

D.

customized versions for small, medium, and large enterprises

E.

modular design that is upgradable as needed

Question 78

Refer to the exhibit.

How many JSON objects are represented?

Options:

A.

1

B.

2

C.

3

D.

4

Question 79

In which circumstance would a network architect decide to implement a global unicast subnet instead of a unique local unicast subnet?

Options:

A.

when the subnet must be available only within an organization

B.

when the subnet does not need to be routable

C.

when the addresses on the subnet must be equivalent to private IPv4 addresses

D.

when the subnet must be routable over the internet

Question 80

Drag and drop the statements about access-point modes from the left onto the corresponding modes on the right.

Options:

Question 81

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 82

What are two features of the DHCP relay agent? (Choose two.)

Options:

A.

assigns DNS locally and then forwards request to DHCP server

B.

permits one IP helper command under an individual Layer 3 interface

C.

allows only MAC-to-IP reservations to determine the local subnet of a client

D.

minimizes the necessary number of DHCP servers

E.

configured under the Layer 3 interface of a router on the client subnet

Question 83

A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage Which access point mode must be selected?

Options:

A.

Lightweight with local switching disabled

B.

Local with AP fallback enabled

C.

OfficeExtend with high availability disabled

D.

FlexConnect with local switching enabled

Question 84

What is the temporary state that switch ports always enter immediately after the boot process when Rapid PVST+ is used?

Options:

A.

discarding

B.

listening

C.

forwarding

D.

learning

Question 85

What are two reasons a switch experiences frame flooding? (Choose two.)

Options:

A.

A defective patch cable is connected to the switch port

B.

Topology changes are occurring within spanning-tree

C.

An aged MAC (able entry is causing excessive updates

D.

Port-security is configured globally

E.

The forwarding table has overflowed

Question 86

Refer to the exhibit.

Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement?

Options:

A.

Under Protected Management Frames, set the PMF option to Required.

B.

Enable CCKM under Authentication Key Management.

C.

Set the Fast Transition option and the WPA gtk-randomize State to disable.

D.

Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management.

Question 87

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 88

How is noise defined in Wi-Fi?

Options:

A.

ratio of signal-to-noise rating supplied by the wireless device

B.

signals from other Wi-Fi networks that interfere with the local signal

C.

measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal

D.

any interference that is not Wi-Fi traffic that degrades the desired signal

Question 89

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 90

What is the role of nonoverlapping channels in a wireless environment?

Options:

A.

to reduce interference

B.

to allow for channel bonding

C.

to stabilize the RF environment

D.

to increase bandwidth

Question 91

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?

Options:

A.

crypto key Import rsa pem

B.

crypto key pubkey-chain rsa

C.

crypto key generate rsa

D.

crypto key zeroize rsa

Question 92

Drag and drop the Cisco IOS attack mitigation features from the left onto the types of network attack they mitigate on the right.

Options:

Question 93

When the LAG configuration is updated on a Cisco WLC which additional task must be performed when changes are complete?

Options:

A.

Flush all MAC addresses from the WLC

B.

Re-associate the WLC with the access point.

C.

Re-enable the WLC interfaces

D.

Reboot the WLC

Question 94

Refer to the exhibit.

How many objects, Keys and JSON list values are present?

Options:

A.

three objects, two Keys, and three JSON list values

B.

three objects, three keys and two JSON Ml values

C.

one object, three keys, and three JSON list values

D.

one object, three keys and two JSON list values

Question 95

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 96

N NO: 271

Refer to the exhibit.

An engineer executed the script and added commands that were not necessary for SSH and now must remove the commands.

Options:

A.

metric

B.

cost

C.

longest prefix

D.

administrative distance

Question 97

Refer to the exhibit.

Packets are flowing from 192.168 10.1 to the destination at IP address 192.168.20 75. Which next hop will the router select for the packet?

Options:

A.

10.10101

B.

10.10.10.11

C.

10.10.10.12

D.

10.101014

Question 98

A network analyst is tasked with configuring the date and time on a router using EXEC mode. The date must be set to January 1. 2020 and the time must be set to 12:00 am. Which command should be used?

Options:

A.

clock summer-time recurring

B.

clock timezone

C.

clock summer-time date

D.

clock set

Question 99

SW1 supports connectivity for a lobby conference room and must be secured. The engineer must limit the connectivity from PCI lo ma SW1 and SW2 network. The MAC addresses allowed must be Limited to two. Which configuration secures the conference room connectivity?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 100

Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

Options:

A.

Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

B.

Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

C.

Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

D.

Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

Question 101

Refer to the exhibit.

A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interlace Seria10. What is the effect of the configuration as the administrator applies the command?

Options:

A.

The permit command fails and returns an error code.

B.

The router accepts all incoming traffic to Seria10 with the last octet of the source IP set to 0.

C.

The sourced traffic from IP range 10.0.0.0 -10.0.0.255 is allowed on Seria10.

D.

The router fails to apply the access list to the interface.

Question 102

Why implement VRRP?

Options:

A.

to provide end users with a virtual gateway in a multivendor network

B.

to leverage a weighting scheme to provide uninterrupted service

C.

to detect link failures without the overhead of Bidirectional Forwarding Detection

D.

to hand over to end users the autodiscovery of virtual gateways

Question 103

Refer to the exhibit.

Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A network engineer must configure R1 with a floating static route to serve as a backup route to network 192.168.23. Which command must the engineer configure on R1?

Options:

A.

ip route 192.168.23.0 255.255.255.0 192.168.13.3 100

B.

ip route 192.168.23.0 255.255.255.0 192.168.13.3 121

C.

ip route 192.168.23.0 255.255.255.255 192.168.13.3 121

D.

ip route 192.168.23.0 255.255.255.0 192.168.13.3

Question 104

Refer to the exhibit.

PC1 regularly sends 1800 Mbps of traffic to the server. A network engineer needs to configure the EtherChannel to disable Port Channel 1 between SW1 and SW2 when the Ge0/0 and Ge0/1 ports on SW2 go down. Which configuration must the engineer apply to the switch?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 105

Refer to the exhibit.

Which next-hop IP address has the least desirable metric when sourced from R1?

Options:

A.

10.10.10.5

B.

10.10.10.3

C.

10.10.10.4

D.

10.10.10.2

Question 106

Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?

Options:

A.

shaping

B.

policing

C.

CBWFQ

D.

LLQ

Question 107

Drag and drop the QoS terms from the left onto the descriptions on the right.

Options:

Question 108

Refer to the exhibit.

An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN Interface of R86. Which command must be executed on R14?

Options:

A.

ip route 10.80.65.0.255.255.248.0.10.73.65.66.1

B.

ip route 10.80.65.0.255.255.255..240 fa0/1 89

C.

ip route 10.80.65.0.255.255.248.0.10.73.65.66.171

D.

ip route 10.80.65.0.0.0.224.10.80.65.0. 255

Question 109

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?

Options:

A.

The APs must be connected to the switch with multiple links in LAG mode

B.

The switch port mode must be set to trunk

C.

The native VLAN must match the management VLAN of the AP

D.

IEEE 802.10 trunking must be disabled on the switch port.

Question 110

Refer to the exhibit.

Router OldR is replacing another router on the network with the intention of having OldR and R2 exchange routes_ After the engineer applied the initial OSPF

configuration: the routes were still missing on both devices. Which command sequence must be issued before the clear IP ospf process command is entered to enable the neighbor relationship?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 111

How does frame switching function on a switch?

Options:

A.

forwards frames to a neighbor port using CDP

B.

modifies frames that contain a known source VLAN

C.

inspects and drops frames from unknown destinations

D.

forwards known destinations to the destination port

Question 112

What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?

Options:

A.

forwarding mode and provides the lowest-cost path to the root bridge for each VLAN

B.

learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN

C.

blocking mode and provides an alternate path toward the designated bridge

D.

listening mode and provides an alternate path toward the root bridge

Question 113

What is a benefit of a point-to-point leased line?

Options:

A.

flexibility of design

B.

simplicity of configurator

C.

low cost

D.

full-mesh capability

Question 114

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

Options:

A.

switchport port-security mac-address abcd.abcd.abcd

B.

switchport port-security mac-address abed.abed.abed vlan 4

C.

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.

switchport port-security mac-address abcd.abcd.abcd vlan voice

Question 115

Refer to the exhibit. Drag and drop the learned prefixes from the left onto the preferred route methods from which they were learned on the right.

Options:

Question 116

Refer to the exhibit. What is the next-hop P address for R2 so that PC2 reaches the application server via ElGRP?

Options:

A.

192.168.30.1

B.

10.10 105

C.

10.10.10.6

D.

192.168.201

Question 117

What are two functions of DHCP servers? (Choose two.)

Options:

A.

prevent users from assigning their own IP addresses to hosts

B.

assign dynamic IP configurations to hosts in a network

C.

support centralized IP management

D.

issue DHCPDISCOVER messages when added to the network

E.

respond to client DHCPOFFER requests by issuing an IP address

Question 118

A network engineer must configure an access list on a new Cisco IOS router. The access list must deny HTTP traffic to network 10.125.128.32/27 from the 192.168.240.0/20 network, but it must allow the 192.168.240.0/20 network to reach the rest of the 10.0.0.0/8 network. Which configuration must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 119

Refer to the exhibit.

The P2P blocking action option is disabled on the WLC.

Options:

A.

Enable the Static IP Tunneling option.

B.

Disable the Coverage Hole Detection option.

C.

Check the DHCP Addr. Assignment check box.

D.

Set the P2P Blocking Action option to Forward-UpStream.

Question 120

Drag and drop the HTTP methods used with REST-Based APIs from the left onto the descriptions on the right.

Options:

Question 121

Refer to the exhibit.

A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line but not from show running- config. Which command completes the configuration?

Options:

A.

Device(config)# netconf lock-time 500

B.

Device(config)# netconf max-message 1000

C.

Device(config)# no netconf ssh acl 1

D.

Device(config)# netconf max-sessions 100

Question 122

Which benefit does Cisco ONA Center provide over traditional campus management?

Options:

A.

Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditional campus management uses SNMPv2.

B.

Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.

C.

Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.

D.

Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent from traditional campus management.

Question 123

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Options:

A.

Modify the configured number of the second access list.

B.

Add either the ip nat {inside|outside} command under both interfaces.

C.

Remove the overload keyword from the ip nat inside source command.

D.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Question 124

Which action implements physical access control as part of the security program of an organization?

Options:

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 125

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

A.

Configure the ip dhcp relay information command under interface Gi0/1.

B.

Configure the ip dhcp smart-relay command globally on the router

C.

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

D.

Configure the ip address dhcp command under interface Gi0/0

Question 126

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 127

What is an expected outcome when network management automation is deployed?

Options:

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Question 128

Refer to the exhibit.

Which network prefix was learned via EIGRP?

Options:

A.

172.16.0.0/16

B.

192.168.2.0/24

C.

207.165.200.0/24

D.

192.168.1.0/24

Question 129

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

A.

10.10.10.5

B.

10.10.11.2

C.

10.10.12.2

D.

10.10.10.9

Question 130

Refer to the exhibit.

What is a reason for poor performance on the network interface?

Options:

A.

The interface is receiving excessive broadcast traffic.

B.

The cable connection between the two devices is faulty.

C.

The interface is operating at a different speed than the connected device.

D.

The bandwidth setting of the interface is misconfigured

Question 131

What is the function of the controller in a software-defined network?

Options:

A.

multicast replication at the hardware level

B.

fragmenting and reassembling packets

C.

making routing decisions

D.

forwarding packets

Question 132

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 133

What is one reason to implement LAG on a Cisco WLC?

Options:

A.

to increase security and encrypt management frames

B.

to provide link redundancy and load balancing

C.

to allow for stateful and link-state failover

D.

to enable connected switch ports to failover and use different VLANs

Question 134

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 135

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

Options:

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Question 136

Refer to the exhibit.

An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?

Options:

A.

Switch 1 (config-if)#channel-group 1 mode on

Swrtch2(config-if)#channel-group 1 mode passive

B.

Switch1(config-if)#channel-group 1 mode passive

Switch2(config-if)#channel-group 1 mode active

C.

Switch1{config-if)£channel-group 1 mode active

Switch2(config-if)#channel-group 1 mode passive

D.

Switch1(config-if)#channel-group 1 mode on

Switch2(config-if)#channel-group 1 mode active

Question 137

How does Rapid PVST+ create a fast loop-free network topology?

Options:

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Question 138

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 139

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Question 140

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

Options:

A.

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

B.

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

C.

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

D.

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Question 141

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 142

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 143

Refer to the exhibit.

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

A.

There is a duplex mismatch on the interface

B.

There is an issue with the fiber on the switch interface.

C.

There is a speed mismatch on the interface.

D.

There is an interface type mismatch

Question 144

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

Options:

A.

router-id 10.0.0.15

B.

neighbor 10.1.2.0 cost 180

C.

ipospf priority 100

D.

network 10.0.0.0 0.0.0.255 area 0

Question 145

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 146

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

Options:

A.

It drops the frame from the switch CAM table.

B.

It floods the frame out of all ports except port Fa0/1.

C.

It shuts down the port Fa0/1 and places it in err-disable mode.

D.

It experiences a broadcast storm.

Question 147

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Question 148

Refer to the exhibit.

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

Options:

A.

switchport trunk allowed vlan 100-104

B.

switchport trunk allowed vlan add 104

C.

switchport trunk allowed vlan all

D.

switchport trunk allowed vlan 104

Question 149

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 150

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

Options:

A.

GigabitEthernet0/0

B.

GigabltEthornet0/1

C.

GigabitEthernet0/2

D.

GigabitEthernet0/3

Question 151

Which PoE mode enables powered-device detection and guarantees power when the device is detected?

Options:

A.

dynamic

B.

static

C.

active

D.

auto

Question 152

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 153

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

A.

global unicast address

B.

anycast address

C.

multicast address

D.

link-local address

Question 154

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 155

Refer to the exhibit.

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Options:

A.

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

B.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

C.

Remark traffic as it traverses R1 and trust all markings at the access layer.

D.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Question 156

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Options:

A.

Configure the OSPF priority on router A with the lowest value between the three routers.

B.

Configure router B and router C as OSPF neighbors of router A.

C.

Configure the router A interfaces with the highest OSPF priority value within the area.

D.

Configure router A with a fixed OSPF router ID

Question 157

Refer to the exhibit.

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

Options:

A.

192.168.1.0/24 via 192.168.12.2

B.

192.168.1.128/25 via 192.168.13.3

C.

192.168.1.192/26 via 192.168.14.4

D.

192.168.1.224/27 via 192.168.15.5

Question 158

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

Options:

A.

lp route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 159

Refer to the exhibit.

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

Options:

A.

Configure router A to use the same MTU size as router B.

B.

Set the router B OSPF ID to a nonhost address.

C.

Configure a point-to-point link between router A and router B.

D.

Set the router B OSPF ID to the same value as its IP address

Question 160

Which action is taken by the data plane within a network device?

Options:

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Question 161

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

A.

192.168.0.7

B.

192.168.0.4

C.

192.168.0.40

D.

192.168.3.5

Question 162

What is a function of an endpoint on a network?

Options:

A.

forwards traffic between VLANs on a network

B.

connects server and client devices to a network

C.

allows users to record data and transmit to a tile server

D.

provides wireless services to users in a building

Question 163

Which wireless security protocol relies on Perfect Forward Secrecy?

Options:

A.

WPA3

B.

WPA

C.

WEP

D.

WPA2

Question 164

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Question 165

What is the purpose of the ip address dhcp command?

Options:

A.

to configure an Interface as a DHCP server

B.

to configure an interface as a DHCP helper

C.

to configure an interface as a DHCP relay

D.

to configure an interface as a DHCP client

Question 166

Which protocol is used for secure remote CLI access?

Options:

A.

HTTPS

B.

HTTP

C.

Telnet

D.

SSH

Question 167

Which two components comprise part of a PKI? (Choose two.)

Options:

A.

preshared key that authenticates connections

B.

RSA token

C.

CA that grants certificates

D.

clear-text password that authenticates connections

E.

one or more CRLs

Question 168

What is the difference between IPv6 unicast and anycast addressing?

Options:

A.

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

B.

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

C.

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

D.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 169

What is a function of Opportunistic Wireless Encryption in an environment?

Options:

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Question 170

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 171

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

A.

shaping

B.

classification

C.

policing

D.

marking

Question 172

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 173

An engineer must configure R1 for a new user account. The account must meet these requirements:

* It must be configured in the local database.

* The username is engineer.

* It must use the strongest password configurable. Which command must the engineer configure on the router?

Options:

A.

R1 (config)# username engineer2 algorithm-type scrypt secret test2021

B.

R1(config)# username engineer2 secret 5 .password S1$b1Ju$kZbBS1Pyh4QzwXyZ

C.

R1(config)# username engineer2 privilege 1 password 7 test2021

D.

R1(config)# username englneer2 secret 4 S1Sb1Ju$kZbBS1Pyh4QzwXyZ

Question 174

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

A.

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

B.

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

C.

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

D.

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 175

What is a function of a Next-Generation IPS?

Options:

A.

makes forwarding decisions based on learned MAC addresses

B.

serves as a controller within a controller-based network

C.

integrates with a RADIUS server to enforce Layer 2 device authentication rules

D.

correlates user activity with network events

Question 176

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

Options:

A.

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

B.

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

C.

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

D.

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

E.

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Question 177

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 178

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Question 179

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

A.

Change the channel-group mode on SW2 to auto

B.

Change the channel-group mode on SW1 to desirable.

C.

Configure the interface port-channel 1 command on both switches.

D.

Change the channel-group mode on SW1 to active or passive.

Question 180

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 181

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

A.

VLANID

B.

SSID

C.

RFID

D.

WLANID

Question 182

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 183

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

A.

disabled

B.

listening

C.

forwarding

D.

learning

E.

blocking

Question 184

Refer to the exhibit.

Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode?

Options:

A.

switchport mode trunk

B.

switchport mode dot1-tunnel

C.

switchport mode dynamic auto

D.

switchport mode dynamic desirable

Question 185

Refer to Exhibit.

An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Options:

A.

ipv6 router 2000::1/128 2012::1

B.

ipv6 router 2000::1/128 2012::1 5

C.

ipv6 router 2000::1/128 2012::2

D.

ipv6 router 2000::1/128 2023::2 5

E.

ipv6 router 2000::1/128 2023::3 5

Question 186

Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

Options:

A.

The switch must be running a k9 (crypto) IOS image

B.

The Ip domain-name command must be configured on the switch

C.

IP routing must be enabled on the switch

D.

A console password must be configured on the switch

E.

Telnet must be disabled on the switch

Question 187

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

Options:

A.

global unicast

B.

unique local

C.

link-local

D.

multicast

Question 188

Refer to the exhibit.

If R1 receives a packet destined to 172.161.1, to which IP address does it send the packet?

Options:

A.

192.168.12.2

B.

192.168.13.3

C.

192.168.14.4

D.

192.168.15.5

Question 189

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

A.

enable AAA override

B.

enable RX-SOP

C.

enable DTIM

D.

enable Band Select

Question 190

With REST API, which standard HTTP header tells a server which media type is expected by the client?

Options:

A.

Accept-Encoding: gzip. deflate

B.

Accept-Patch: text/example; charset=utf-8

C.

Content-Type: application/json; charset=utf-8

D.

Accept: application/json

Question 191

Refer to the exhibit.

An engineer is required to verify that the network parameters are valid for the users wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.

Options:

Question 192

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

Options:

A.

No router ID is set, and the OSPF protocol does not run.

B.

The highest up/up physical interface IP address is selected as the router ID.

C.

The lowest IP address is incremented by 1 and selected as the router ID.

D.

The router ID 0.0.0.0 is selected and placed in the OSPF process.

Question 193

What are two benefits of using the PortFast feature? (Choose two )

Options:

A.

Enabled interfaces are automatically placed in listening state

B.

Enabled interfaces come up and move to the forwarding state immediately

C.

Enabled interfaces never generate topology change notifications.

D.

Enabled interfaces that move to the learning state generate switch topology change notifications

E.

Enabled interfaces wait 50 seconds before they move to the forwarding state

Question 194

What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)

Options:

A.

when the sending device waits 15 seconds before sending the frame again

B.

when the cable length limits are exceeded

C.

when one side of the connection is configured for half-duplex

D.

when Carrier Sense Multiple Access/Collision Detection is used

E.

when a collision occurs after the 32nd byte of a frame has been transmitted

Question 195

A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

Options:

A.

cost

B.

adminstrative distance

C.

metric

D.

as-path

Question 196

An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured?

Options:

A.

switchport mode trunk

B.

switchport mode dynamic desirable

C.

switchport mode dynamic auto

D.

switchport nonegotiate

Question 197

What is the expected outcome when an EUI-64 address is generated?

Options:

A.

The seventh bit of the original MAC address of the interface is inverted

B.

The interface ID is configured as a random 64-bit value

C.

The characters FE80 are inserted at the beginning of the MAC address of the interface

D.

The MAC address of the interface is used as the interface ID without modification

Question 198

Which action does the router take as rt forwards a packet through the network?

Options:

A.

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

B.

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

C.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

D.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Question 199

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

Options:

A.

configure the hello and dead timers to match on both sides

B.

configure the same process ID for the router OSPF process

C.

configure the same router ID on both routing processes

D.

Configure the interfaces as OSPF active on both sides.

E.

configure both interfaces with the same area ID

Question 200

An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled

Which action is necessary to complete the configuration if the ISP uses third-party network devices?

Options:

A.

Enable LLDP globally

B.

Disable autonegotiation

C.

Disable Cisco Discovery Protocol on the interface

D.

Enable LLDP-MED on the ISP device

Question 201

What is a characteristic of spine-and-leaf architecture?

Options:

A.

Each device is separated by the same number of hops

B.

It provides variable latency

C.

It provides greater predictability on STP blocked ports.

D.

Each link between leaf switches allows for higher bandwidth.

Question 202

Refer to the exhibit.

The default-information originate command is configured under the R1 OSPF configuration After testing workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet Which action corrects the configuration issue?

Options:

A.

Add the default-information originate command onR2

B.

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

C.

Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2

D.

Add the always keyword to the default-information originate command on R1

Question 203

Refer to the exhibit.

Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Options:

A.

Interface errors are incrementing

B.

An incorrect SFP media type was used at SiteA

C.

High usage is causing high latency

D.

The sites were connected with the wrong cable type

Question 204

What is a difference between RADIUS and TACACS+?

Options:

A.

RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication

B.

TACACS+ encrypts only password information and RADIUS encrypts the entire payload

C.

TACACS+ separates authentication and authorization, and RADIUS merges them

D.

RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands

Question 205

Refer to the exhibit.

Which two prefixes are included in this routing table entry? (Choose two.)

Options:

A.

192.168.1.17

B.

192.168.1.61

C.

192.168.1.64

D.

192.168.1.127

E.

192.168.1.254

Question 206

What are two reasons for an engineer to configure a floating state route? (Choose two)

Options:

A.

to automatically route traffic on a secondary path when the primary path goes down

B.

to route traffic differently based on the source IP of the packet

C.

to enable fallback static routing when the dynamic routing protocol fails

D.

to support load balancing via static routing

E.

to control the return path of traffic that is sent from the router

Question 207

Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Options:

Question 208

What is the primary function of a Layer 3 device?

Options:

A.

to analyze traffic and drop unauthorized traffic from the Internet

B.

to transmit wireless traffic between hosts

C.

to pass traffic between different networks

D.

forward traffic within the same broadcast domain

Question 209

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

A.

sniffer

B.

mesh

C.

flexconnect

D.

local

Question 210

Refer to the exhibit.

Only four switches are participating in the VLAN spanning-tree process.

Branch-1 priority 614440

Branch-2: priority 39082416

Branch-3: priority 0

Branch-4: root primary

Which switch becomes the permanent root bridge for VLAN 5?

Options:

A.

Branch-1

B.

Branch-2

C.

Branch-3

D.

Branch-4

Question 211

Refer to the exhibit.

An administrator configures four switches for local authentication using passwords that are stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?

Options:

A.

SW1

B.

SW2

C.

SW3

D.

SW4

Question 212

A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

Options:

A.

ip route 10.10.1.0 255.255.255.240 10.10.255.1

B.

ip route 10.10.1.16 255.255.255.252 10.10.255.1

C.

ip route 10.10.1.20 255.255.255.252 10.10.255.1

D.

ip route 10.10.1.20 255.255.255.254 10.10.255.1

Question 213

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

Options:

A.

10.10.225.48 255.255.255.240

B.

10.10.225.32 255.255.255.240

C.

10.10.225.48 255.255.255.224

D.

10.10.225.32 255.255.255.224

Question 214

Refer to the exhibit.

A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 215

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.

Options:

Question 216

Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

Options:

A.

DTP

B.

FTP

C.

SMTP

D.

TFTP

Question 217

Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two)

Options:

A.

Enable NTP authentication.

B.

Verify the time zone.

C.

Disable NTP broadcasts

D.

Specify the IP address of the NTP server

E.

Set the NTP server private key

Question 218

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

A.

port-to-multipoint

B.

broadcast

C.

point-to-point

D.

nonbroadcast

Question 219

Which type of IPv6 address is publicly routable in the same way as IPv4 public address?

Options:

A.

global unicast

B.

link-local

C.

unique local

D.

multicast

Question 220

Refer to the exhibit.

Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?

Options:

A.

The frame is processed in VLAN 5.

B.

The frame is processed in VLAN 11

C.

The frame is processed in VLAN 1

D.

The frame is dropped

Question 221

A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?

Options:

A.

point-to-multipoint

B.

point-to-point

C.

broadcast

D.

nonbroadcast

Question 222

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

A.

Add the access-list 10 permit any command to the configuration

B.

Remove the access-class 10 in command from line vty 0.4.

C.

Add the ip access-group 10 out command to interface g0/0.

D.

Remove the password command from line vty 0 4.

Question 223

Drag and drop the descriptions from the left onto the configuration-management technologies on the right.

Options:

Question 224

How does WPA3 improve security?

Options:

A.

It uses SAE for authentication.

B.

It uses a 4-way handshake for authentication.

C.

It uses RC4 for encryption.

D.

It uses TKIP for encryption.

Question 225

Refer to the exhibit.

If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command how does the router respond?

Options:

A.

It ignores the new static route until the existing OSPF default route is removed

B.

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

C.

It starts load-balancing traffic between the two default routes

D.

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

Question 226

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

A.

longest prefix

B.

metric

C.

cost

D.

administrative distance

Question 227

Which command must be entered to configure a DHCP relay?

Options:

A.

ip helper-address

B.

ip address dhcp

C.

ip dhcp pool

D.

ip dhcp relay

Question 228

Which function is performed by DHCP snooping?

Options:

A.

propagates VLAN information between switches

B.

listens to multicast traffic for packet forwarding

C.

provides DDoS mitigation

D.

rate-limits certain traffic

Question 229

Refer to the exhibit.

The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another?

(Choose two.)

Options:

A.

Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.

B.

Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.

C.

Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.

D.

Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.

E.

Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

Question 230

When deploying syslog, which severity level logs informational message?

Options:

A.

0

B.

2

C.

4

D.

6

Question 231

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 232

Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

Options:

A.

management interface settings

B.

QoS settings

C.

Ip address of one or more access points

D.

SSID

E.

Profile name

Question 233

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

Options:

A.

Both use the same data-link header and trailer formats

B.

Both cable types support LP connectors

C.

Both cable types support Rj-45 connectors

D.

Both support up to 550 meters between nodes

Question 234

Refer to the exhibit.

Which command configures a floating static route to provide a backup to the primary link?

Options:

A.

ip route 0.0.0.0 0.0.0.0 209.165.202.131

B.

ip route 209.165.201.0 255.255.255.224 209.165.202.130

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.224

D.

ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

Question 235

Refer to the exhibit.

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

A.

eBGP

B.

static

C.

OSPF

D.

EIGRP

Question 236

Drag and drop the AAA terms from the left onto the description on the right.

Options:

Question 237

TION NO: 117

Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the reason for the problem?

Options:

A.

The OSPF router IDs are mismatched.

B.

Router2 is using the default hello timer.

C.

The network statement on Router1 is misconfigured.

D.

The OSPF process IDs are mismatched.

Question 238

The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two)

Options:

A.

There is a duplex mismatch

B.

There is a speed mismatch

C.

There is a protocol mismatch

D.

The interface is shut down

E.

The interface is error-disabled

Question 239

Refer to the exhibit.

An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic Which configuration accomplishes this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 240

A corporate office uses four floors in a building

• Floor 1 has 24 users

• Floor 2 has 29 users

• Floor 3 has 28 users

•Floor 4 has 22 users

Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?

Options:

A.

192.168.0.0/26 as summary and 192.168.0.0/29 for each floor

B.

192.168.0.0.24 as summary and 192.168.0.0/28 for each floor

C.

192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

D.

l92.168.0.0/25 as summary and 192.168.0.0/27 for each floor

Question 241

Which networking function occurs on the data plane?

Options:

A.

forwarding remote client/server traffic

B.

facilitates spanning-tree elections

C.

processing inbound SSH management traffic

D.

sending and receiving OSPF Hello packets

Question 242

Refer to the exhibit.

An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEfriemet3/1/4 port on a switch?

Options:

A.

The phone and a workstation that is connected to the phone do not have VLAN connectivity

B.

The phone and a workstation that is connected to the phone send and receive data in VLAN 50.

C.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity

D.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1

Question 243

Refer to the exhibit.

A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?

Options:

A.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh

B.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp

C.

access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet

D.

access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

Question 244

What role does a hypervisor provide for each virtual machine in server virtualization?

Options:

A.

infrastructure-as-a-service.

B.

Software-as-a-service

C.

control and distribution of physical resources

D.

services as a hardware controller.

Load More 200-301 Questions
Page: 1 / 101
Total 1005 questions
Get 200-301 Full Access Download 200-301 PDF