Offering Free access to CCNA 200-301 Exam Questions Pool Bank

Cisco Certified Network Associate Questions and Answers

Testing Engine

Product Type: Testing Engine

$42 ~~$139.99~~

Add to Cart

PDF + Testing Engine

Product Type: PDF + Testing Engine

$55.5 ~~$184.99~~

Add to Cart

PDF Study Guide

Product Type: PDF Study Guide

$36 ~~$119.99~~

Add to Cart

Question 1

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

Options:

a DHCP Relay Agent

DHCP Binding

a DHCP Pool

DHCP Snooping

Question 2

Refer to the exhibit. All routers in the network are configured R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configure on R2 to Be elected as the DR in the network?

Options:

Option A

Option B

Option C

Option D

Question 3

Which two encoding methods are supported by REST APIs? (Choose two)

Options:

YAML

JSON

EBCDIC

SGML

XML

Question 4

What is a benefit of VRRP?

Options:

It provides traffic load balancing to destinations that are more than two hops from the source.

It provides the default gateway redundancy on a LAN using two or more routers.

It allows neighbors to share routing table information between each other.

It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision.

Question 5

What uses HTTP messages to transfer data to applications residing on different hosts?

Options:

OpenFlow

OpenStack

OpFlex

REST

Question 6

In software defined architectures, which plane is distributed and responsible for traffic forwarding?

Options:

management plane

control plane

policy plane

data plane

Question 7

Refer to the exhibit.

How does the router manage traffic to 192.168.12.16?

Options:

It selects the RIP route because it has the longest prefix inclusive of the destination address.

It chooses the OSPF route because it has the longest prefix inclusive of the destination address.

it load-balances traffic between all three routes

It chooses the EIGRP route because it has the lowest administrative distance

Question 8

A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

Options:

CDP

SNMP

SMTP

ARP

Question 9

How are VLAN hopping attacks mitigated?

Options:

enable dynamic ARP inspection

manually implement trunk ports and disable DTP

activate all ports and place in the default VLAN

configure extended VLANs

Question 10

Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable

What is the result of this configuration?

Options:

The link is in a down state.

The link is in an error disables state

The link is becomes an access port.

The link becomes a trunk port.

Question 11

Which two WAN architecture options help a business scalability and reliability for the network? (Choose two)

Options:

asychronous routing

single-homed branches

dual-homed branches

static routing

dynamic routing

Question 12

Refer to the exhibit.

Which switch in this configuration will be elected as the root bridge?

Options:

SW1

SW2

SW3

SW4

Question 13

Where is the interface between the control plane and data plane within the software-defined architecture?

Options:

control layer and the infrastructure layer

application layer and the infrastructure layer

control layer and the application layer

application layer and the management layer

Question 14

How is the native VLAN secured in a network?

Options:

separate from other VLANs within the administrative domain

give it a value in the private VLAN range

assign it as VLAN 1

configure it as a different VLAN ID on each end of the link

Question 15

Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.

Options:

Question 16

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

Options:

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

Question 17

How do servers connect to the network in a virtual environment?

Options:

wireless to an access point that is physically connected to the network

a cable connected to a physical switch on the network

a virtual switch that links to an access point that is physically connected to the network

a software switch on a hypervisor that is physically connected to the network

Question 18

After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials?

Options:

Enable the allow AAA Override

Enable the Even: Driven RRM.

Disable the LAG Mode or Next Reboot.

Enable the Authorized MIC APs against auth-list or AAA.

Question 19

When implementing a router as a DHCP server, which two features must be configured'? (Choose two)

Options:

relay agent information

database agent

address pool

smart-relay

manual bindings

Question 20

What criteria is used first during me root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 21

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

Options:

infrastructure-as-a-service

platform-as-a-service

business process as service to support different types of service

software-as-a-service

Question 22

What are two functions of a server on a network? (Choose two)

Options:

achieves redundancy by exclusively using virtual server clustering

runs applications that send and retrieve data for workstations that make requests

handles requests from multiple workstations at the same time

runs the same operating system in order to communicate with other servers

housed solely in a data center that is dedicated to a single client

Question 23

Refer to the exhibit.

An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement?

Options:

interface gi0/1

no cdp enable

interface gi0/1

clear cdp table

interface gi0/0

no cdp advertise-v2

interface gi0/0

no cdp run

Question 24

Refer to the exhibit.

What is the result if Gig1/11 receives an STP BPDU?

Options:

The port transitions to STP blocking

The port transitions to the root port

The port immediately transitions to STP forwarding.

The port goes into error-disable state

Question 25

Which network allows devices to communicate without the need to access the Internet?

Options:

1729.0.0/16

172.28.0.0/16

192.0.0.0/8

209.165.201.0/24

Question 26

Which access layer threat-mitigation technique provides security based on identity?

Options:

Dynamic ARP Inspection

using a non-default native VLAN

802.1x

DHCP snooping

Question 27

How does QoS optimize voice traffic?

Options:

reducing bandwidth usage

by reducing packet loss

by differentiating voice and video traffic

by increasing jitter

Question 28

Drag and drop the IPv6 address type characteristics from the left to the right.

Options:

Question 29

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

switchport port-security violation access

switchport port-security violation protect

switchport port-security violation restrict

switchport port-security violation shutdown

Question 30

What criteria is used first during the root port selection process?

Options:

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

Question 31

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

Options:

Layer 2 switch

load balancer

firewall

LAN controller

Question 32

Which option about JSON is true?

Options:

uses predefined tags or angle brackets () to delimit markup text

used to describe structured data that includes arrays

used for storing information

similar to HTML, it is more verbose than XML

Question 33

Refer to the exhibit.

If OSPF Is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

Options:

It load-balances traffic out of Fa0/1 and Fa0/2.

It is unreachable and discards the traffic.

It sends packets out of interface FaO/2.

It sends packets out of interface Fa0/1.

Question 34

Which two functions are performed by the core layer in a three-tier architecture? (Choose two)

Options:

Provide uninterrupted forwarding service.

Police traffic that is sent to the edge of the network.

Provide direct connectivity for end user devices.

Ensure timely data transfer between layers.

Inspect packets for malicious activity.

Question 35

What is a function of the Cisco DNA Center Overall Health Dashboard?

Options:

It provides a summary of the top 10 global issues.

It provides detailed activity logging for the 10 devices and users on the network.

It summarizes the operational status of each wireless devise on the network.

It summarizes daily and weekly CPU usage for servers and workstations in the network.

Question 36

Refer to the exhibit.

Which password must an engineer use to enter the enable mode?

Options:

adminadmin123

default

testing 1234

cisco123

Question 37

Which virtual MAC address is used by VRRP group 1?

Options:

0050.0c05.ad81

0007.c061.bc01

0000.5E00.0101

0500.3976.6401

Question 38

How are the switches in a spine-and-leaf topology interconnected?

Options:

Each leaf switch is connected to one of the spine switches.

Each leaf switch is connected to two spine switches, making a loop.

Each leaf switch is connected to each spine switch.

Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.

Question 39

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Options:

Question 40

On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

Options:

DHCP

STP

SNMP

DNS

Question 41

Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?

Options:

role-based access control

biometrics

multifactor authentication

physical access control

Question 42

What facilitates a Telnet connection between devices by entering the device name?

Options:

SNMP

DNS lookup

syslog

NTP

Question 43

What is the function of a hub-and-spoke WAN topology?

Options:

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Question 44

An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?

Options:

Option A

Option B

Option C

Option D

Question 45

Refer to the Exhibit.

After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. which error must be corrected?

Options:

There is a native VLAN mismatch

Access mode is configured on the switch ports.

The PCs are m the incorrect VLAN

All VLANs are not enabled on the trunk

Question 46

Refer to the exhibit.

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

Options:

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Question 47

An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

Options:

configure IEEE 802.1p

configure IEEE 802.1q

configure ISL

configure DSCP

Question 48

What is a DHCP client?

Options:

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts

a workstation that requests a domain name associated with its IP address

a rooter that statically assigns IP addresses to hosts

Question 49

Refer to the exhibit.

When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A verifying the IP addresses, and forwarding the packet to PC-B?

Options:

Layer 2 switch

Router

Load balancer

firewall

Question 50

What is an appropriate use for private IPv4 addressing?

Options:

on the public-facing interface of a firewall

to allow hosts inside to communicate in both directions with hosts outside the organization

on internal hosts that stream data solely to external resources

on hosts that communicates only with other internal hosts

Question 51

Refer to the exhibit.

An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the right.

Options:

Question 52

Which two protocols are supported on service-port interfaces? (Choose two.)

Options:

RADIUS

TACACS+

SCP

Telnet

SSH

Question 53

What is a difference between local AP mode and FiexConnet AP mode?

Options:

Local AP mode creates two CAPWAP tunnels per AP to the WLC

FiexConnect AP mode fails to function if the AP loses connectivity with the WLC

FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured

Local AP mode causes the AP to behave as if it were an autonomous AP

Question 54

Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?

Options:

TACACS server

wireless access point

RADIUS server

wireless LAN controller

Question 55

Which two capacities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two)

Options:

adapters that support all families of Cisco IOS software

SDKs that support interaction with third-party network equipment

customized versions for small, medium, and large enterprises

REST APIs that allow for external applications to interact natively with Cisco DNA Center

modular design that is upgradable as needed

Question 56

Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right.

Options:

Question 57

Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

Options:

cookbook

task

playbook

model

recipe

Question 58

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

It sends packets out of interface Fa0/2 only.

It sends packets out of interface Fa0/1 only.

It cannot send packets to 10.10.13 128/25

It load-balances traffic out of Fa0/1 and Fa0/2

Question 59

Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

Options:

Reassociation Request

Probe Request

Authentication Request

Association Request

Question 60

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

switch(config)#spanning-tree portfast default

switch(config)#spanning-tree portfast bpduguard default

switch(config-if)#spanning-tree portfast trunk

switch(config-if)#no spanning-tree portfast

Question 61

Refer to the exhibit.

Drag and drop the networking parameters from the left onto the correct values on the right.

Options:

Question 62

Refer to the exhibit.

Which change to the configuration on Switch?

allows the two switches to establish an GtherChannel?

Options:

Change the protocol to EtherChannel mode on.

Change the LACP mode to active

Change the LACP mode to desirable

Change the protocol to PAqP and use auto mode

Question 63

With REST API, which standard HTTP header tells a server which media type is expected by the client?

Options:

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

Question 64

What is the function of a server?

Options:

It transmits packets between hosts in the same broadcast domain.

It provides shared applications to end users.

It routes traffic between Layer 3 devices.

It Creates security zones between trusted and untrusted networks

Question 65

Which function is performed by DHCP snooping?

Options:

propagates VLAN information between switches

listens to multicast traffic for packet forwarding

provides DDoS mitigation

rate-limits certain traffic

Question 66

Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

Options:

1,6,11

1,5,10

1,2,3

5,6,7

Question 67

Drag and drop the AAA terms from the left onto the description on the right.

Options:

Question 68

What are two characteristics of a public cloud Implementation? (Choose two.)

Options:

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how It deploys network resources.

It provides services that are accessed over the Internet.

It Is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Question 69

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

longest prefix

metric

cost

administrative distance

Question 70

What is a role of access points in an enterprise network?

Options:

connect wireless devices to a wired network

support secure user logins to devices or the network

integrate with SNMP in preventing DDoS attacks

serve as a first line of defense in an enterprise network

Question 71

Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?

Options:

Ansible

Python

Puppet

Chef

Question 72

An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration requirement?

Options:

WEP

RC4

AES

TKIP

Question 73

Which type of organization should use a collapsed-core architecture?

Options:

large and requires a flexible, scalable network design

large and must minimize downtime when hardware fails

small and needs to reduce networking costs currently

small but is expected to grow dramatically in the near future

Question 74

Refer to Exhibit.

Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses?

Options:

Option A

Option B

Option C

Option D

Question 75

Refer to the exhibit.

Which route type does the routing protocol Code D represent in the output?

Options:

internal BGP route

/24 route of a locally configured IP

statically assigned route

route learned through EIGRP

Question 76

When the active router in an HSRP group fails, what router assumes the role and forwards packets?

Options:

backup

standby

listening

forwarding

Question 77

Refer to the exhibit.

An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right.

Options:

Question 78

Refer to the exhibit.

Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?

Options:

The frame is processed in VLAN 5.

The frame is processed in VLAN 11

The frame is processed in VLAN 1

The frame is dropped

Question 79

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

sniffer

mesh

flexconnect

local

Question 80

How does WPA3 improve security?

Options:

It uses SAE for authentication.

It uses a 4-way handshake for authentication.

It uses RC4 for encryption.

It uses TKIP for encryption.

Question 81

A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?

Options:

It allows the traffic to pass through unchanged

It drops the traffic

It tags the traffic with the default VLAN

It tags the traffic with the native VLAN

Question 82

When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?

Options:

DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

Question 83

Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses?

Options:

10.10.225.48 255.255.255.240

10.10.225.32 255.255.255.240

10.10.225.48 255.255.255.224

10.10.225.32 255.255.255.224

Question 84

If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames?

Options:

The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.

The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.

The new frame is placed in a queue for transmission after the previous frame.

The two frames are processed and delivered at the same time.

Question 85

What makes Cisco DNA Center different from traditional network management applications and their management of networks?

Options:

It omits supports auto-discovery of network elements in a greenfield deployment.

It modular design allows someone to implement different versions to meet the specific needs of an organization

It abstracts policy from the actual device configuration

It does not support high availability of management functions when operating in cluster mode

Question 86

Which action does the router take as rt forwards a packet through the network?

Options:

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Question 87

Refer to the exhibit.

Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Options:

passive

mode on

auto

active

Question 88

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

bridge

route

autonomous

lightweight

Question 89

A corporate office uses four floors in a building

• Floor 1 has 24 users

• Floor 2 has 29 users

• Floor 3 has 28 users

•Floor 4 has 22 users

Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?

Options:

192.168.0.0/26 as summary and 192.168.0.0/29 for each floor

192.168.0.0.24 as summary and 192.168.0.0/28 for each floor

192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

l92.168.0.0/25 as summary and 192.168.0.0/27 for each floor

Question 90

Which JSON data type is an unordered set of attribute- value pairs?

Options:

array

string

object

Boolean

Question 91

Which type of API allows SDN controllers to dynamically make changes to the network?

Options:

northbound API

REST API

SOAP API

southbound API

Question 92

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?

Options:

Device(Config)#lldp run

Device(Config)#cdp run

Device(Config-if)#cdp enable

Device(Config)#flow-sampler-map topology

Question 93

A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client.

Which configuration, when applied, meets the requirements?

Options:

Option A

Option B

Option C

Option D

Question 94

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

Options:

enable dynamic MAC address learning

implement static MAC addressing.

enable sticky MAC addressing

implement auto MAC address learning

Question 95

An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured?

Options:

switchport mode trunk

switchport mode dynamic desirable

switchport mode dynamic auto

switchport nonegotiate

Question 96

Refer to the exhibit.

How does router R1 handle traffic to 192.168.10.16?

Options:

It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.

It selects the EIGRP route because it has the lowest administrative distance.

It selects the OSPF route because it has the lowest cost.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

Question 97

What is a characteristic of spine-and-leaf architecture?

Options:

Each device is separated by the same number of hops

It provides variable latency

It provides greater predictability on STP blocked ports.

Each link between leaf switches allows for higher bandwidth.

Question 98

What role does a hypervisor provide for each virtual machine in server virtualization?

Options:

infrastructure-as-a-service.

Software-as-a-service

control and distribution of physical resources

services as a hardware controller.

Question 99

Refer to the exhibit.

A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?

Options:

207.165.200.246 via Serial0/1/0

207.165.200.254 via Serial0/0/1

207.165.200.254 via Serial0/0/0

207.165.200.250 via Serial/0/0/0

Question 100

What is a function of a Layer 3 switch?

Options:

move frames between endpoints limited to IP addresses

transmit broadcast traffic when operating in Layer 3 mode exclusively

forward Ethernet frames between VLANs using only MAC addresses

flood broadcast traffic within a VLAN

Question 101

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

Options:

Option A

Option B

Option C

Option D

Option E

Question 102

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

110

115

Question 103

Refer to me exhibit.

Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

Options:

It uses a route that is similar to the destination address

It discards the packets.

It floods packets to all learned next hops.

It Queues the packets waiting for the route to be learned.

Question 104

Refer to Exhibit.

Which action do the switches take on the trunk link?

Options:

The trunk does not form and the ports go into an err-disabled status.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 105

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

Options:

Question 106

Refer to the exhibit.

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

Options:

ipv6 route ::/0 Serial 0/0/1

ipv6 route 0/0 Serial 0/0/0

ipv6 route ::/0 Serial 0/0/0

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

ipv6 route ::/0 2000::2

Question 107

Refer to the exhibit.

Router R2 is configured with multiple routes to reach network 10 1.1 0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1 1 0/24?

Options:

eBGP

static

OSPF

EIGRP

Question 108

Refer to the exhibit.

Which route does R1 select for traffic that is destined to 192 168.16.2?

Options:

192.168.16.0/21

192.168.16.0/24

192.168 26.0/26

192.168.16.0/27

Question 109

Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

Options:

TKiP encryption

AES encryption

scrambled encryption key

SAE encryption

Question 110

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

Options:

Option A

Option B

Option C

Option D

Question 111

Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

Options:

action

management

control

data

Question 112

Refer to the exhibit.

With which metric was the route to host 172.16.0.202 learned?

Options:

110

38443

3184439

Question 113

What prevents a workstation from receiving a DHCP address?

Options:

DTP

STP

VTP

802.10

Question 114

Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right

Options:

Question 115

How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?

Options:

It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points

It allows the administrator to assign channels on a per-device or per-interface basis.

It segregates devices from different manufacturers onto different channels.

It analyzes client load and background noise and dynamically assigns a channel.

Question 116

R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the routing table?

Options:

IS-IS

RIP

Internal EIGRP

OSPF

Question 117

Refer to the exhibit.

An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Options:

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

Question 118

What are two characteristics of an SSID? (Choose Two)

Options:

It can be hidden or broadcast in a WLAN

It uniquely identifies an access point in a WLAN

It uniquely identifies a client in a WLAN

It is at most 32 characters long.

IT provides secured access to a WLAN

Question 119

An organization secures its network with multi-factor authentication using an authenticator app on employee smartphone. How is the application secured in the case of a user’s smartphone being lost or stolen?

Options:

The application requires an administrator password to reactivate after a configured Interval.

The application requires the user to enter a PIN before it provides the second factor.

The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted.

The application verifies that the user is in a specific location before it provides the second factor.

Question 120

Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface?

Options:

configure a stateful DHCPv6 server on the network

enable SLAAC on an interface

disable the EUI-64 bit process

explicitly assign a link-local address

Question 121

What is a benefit of using private IPv4 addressing?

Options:

Multiple companies can use the same addresses without conflicts.

Direct connectivity is provided to internal hosts from outside an enterprise network.

Communication to the internet Is reachable without the use of NAT.

All external hosts are provided with secure communication to the Internet.

Question 122

Which command enables HTTP access to the Cisco WLC?

Options:

config network secureweb enable

config certificate generate web admin

config network webmode enable

config network telnet enable

Question 123

Which mechanism allows WPA3 to provide a higher degree of security than its predecessors?

Options:

special-character support in preshared Keys

SAE password-based key exchange

automatic device pairing

certificate-based authentication

Question 124

Refer to the exhibit. Local access for R4 must be established and these requirements must be met:

• Only Telnet access is allowed.

• The enable password must be stored securely.

• The enable password must be applied in plain text.

• Full access to R4 must be permitted upon successful login.

Which configuration script meets the requirements?

Options:

Option

Question 125

Refer to the exhibit.

Switch AccSw2 has just been added to the network along with PC2. All VLANs have been implemented on AccSw2. How must the ports on AccSw2 be configured to establish Layer 2 connectivity between PC1 and PC2?

Options:

Question 126

Refer to the exhibit.

An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without negotiating the channel?

Options:

Change the EtherChannel mode on the neighboring interfaces to auto.

Configure the IP address of the neighboring device.

Bring up the neighboring interfaces using the no shutdown command.

Modify the static EtherChannel configuration of the device to passive mode.

Question 127

Refer to the exhibit.

Which action by the router when a packet is sourced from 10.10.10.2 and destined 10.10.10.16?

Options:

It queues the packets waiting for the route to be learned.

It floods packets to all learned next hops.

It discards the packets.

It uses a route that is similar to the destination address.

Question 128

Which set of 2.4 GHz nonoverlapping wireless channels is standard in the United States?

Options:

channels 2, 7, 9, and 11

channels 1, 6, 11, and 14

channels 2, 7, and 11

channels 1, 6, and 11

Question 129

Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?

Options:

tunnel

transport

aggressive

main

Question 130

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the next-hop devices are different?

Options:

The router chooses the route with the oldest age.

The router load-balances traffic over all routes to the destination.

The router chooses the next hop with the lowest MAC address.

The router chooses the next hop with the lowest IP address.

Question 131

Refer to the exhibit. What is the cause of the issue?

Options:

STP

port security

wrong cable type

shutdown command

Question 132

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task?

Options:

Option A

Option B

Option C

Option D

Question 133

What is a specification for SSIDS?

Options:

They are a Cisco proprietary security feature.

They must include one number and one letter.

They define the VLAN on a switch.

They are case sensitive.

Question 134

What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table?

Options:

It floods the frame unchanged across all remaining ports in the incoming VLAN.

It appends the table with a static entry for the MAC and shuts down the port.

It updates the CAM table with the destination MAC address of the frame.

It changes the checksum of the frame to a value that indicates an invalid frame.

Question 135

Refer to the exhibit.

An engineer must configure the interface that connects to PC 1 and secure it in a way that only PC1 is allowed to use the port No VLAN tagging can be used except for a voice VLAN. Which command sequence must be entered to configure the switch?

Options:

Option A

Option B

Option C

Option D

Question 136

Options:

Option A

Option B

Option C

Option D

Question 137

What is a feature of WPA?

Options:

802.1x authentication

preshared key

TKIP/MIC encryption

small Wi-Fi application

Question 138

Refer to the exhibit.

A network engineer executes the show ip route command on router D. What is the next hop to network 192.168 1 0/24 and why?

Options:

The next hop is 10.0.2.1 because it uses distance vector routing

The next hop is 10.0.2.1 because it is a link-state routing protocol

The next hop is 10.0.0.1 because it has a better administrative distance

The next hop is 10.0.0.1 because it has a higher metric.

Question 139

What is the role of SNMP in the network?

Options:

to monitor network devices and functions using a TCP underlay that operates on the presentation layer

to collect data directly from network devices using an SSL underlay that operates on the transport layer

to monitor and manage network devices using a UDP underlay that operates on the application layer

to collect telemetry and critical information from network devices using an SSH underlay that operates on the network layer

Question 140

Refer to the exhibit.

The given Windows PC is requesting the IP address of the host at To which IP address is the request sent?

Options:

192.168.1.226

192.168.1.100

192.168.1.254

192.168.1.253

Question 141

Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active?

Options:

BPDU guard

loop guard

portfast

uplinkfast

Question 142

Drag and drop the REST API call method for HTTP from the left onto the action they perform on the right.

Options:

Question 143

When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?

Options:

Question 144

What is the function of "off-the-shell" switches in a controller-based network?

Options:

providing a central view of the deployed network

forwarding packets

making routing decisions

setting packet-handling policies

Question 145

UESTION NO: 19

Refer to the exhibit.

All routers in the network are configured correctly, and the expected routes are being exchanged among the routeis. Which set or routes are learned from neighbors and Installed on router 2?

Options:

Option A

Option B

Option C

Option D

Question 146

Which cable type must be used when connecting a router and switch together using these criteria?

• Pins 1 and 2 are receivers and pins 3 and 6 are transmitters

• Auto detection MDi-X is unavailable

Options:

straight-through

rollover

crossover

console

Question 147

How is a configuration change made to a wireless AP in lightweight mode?

Options:

SSH connection to the management IP of the AP

EolP connection via the parent WLC

CAPWAP/LWAPP connection via the parent WLC

HTTPS connection directly to the out-of-band address of the AP

Question 148

Which action must be taken when password protection is Implemented?

Options:

Use less than eight characters in length when passwords are complex.

Store passwords as contacts on a mobile device with single-factor authentication.

Include special characters and make passwords as long as allowed.

Share passwords with senior IT management to ensure proper oversight.

Question 149

A DHCP pool has been created with the name NOCC. The pool is using 192.168.20.0/24 and must use the next to last usable IP address as the default gateway for the DHCP clients. What is the next step in the process?

Options:

default-router192.168.20.253

network 192.168.20.254 255.255.255.0 secondary

ip default-gateway 0.0.0.0 0.0.0.0 192.168.20.253

next-server 192.168.20.254

Question 150

Options:

Option A

Option B

Option C

Option D

Question 151

Refer to the exhibit.

What is the issue with the interface GigabitEthernet0/0/1?

Options:

Port security

High throughput

Cable disconnect

duplex mismatch

Question 152

In a cloud-computing environment what is rapid elasticity?

Options:

control and monitoring of resource consumption by the tenant

automatic adjustment of capacity based on need

pooling resources in a multitenant model based on need

self-service of computing resources by the tenant

Question 153

Refer to the exhibit.

Which command must be enable a floating default route on router A?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

Question 154

How does frame switching function on a switch?

Options:

forwards frames to a neighbor port using CDP

modifies frames that contain a known source VLAN

inspects and drops frames from unknown destinations

forwards known destinations to the destination port

Question 155

Drag and drop the statements about networking from the left onto the corresponding networking types on the right. Not all statements are used.

Options:

Question 156

Refer to the exhibit.

When router R1 receives a packet with destination IP address 10.56.0 62. through which interface does it route the packet?

Options:

Null0

VIan58

Vlan60

VIan59

Question 157

Refer to the exhibit.

Router R1 receives static routing updates from routers A. B, C, and D. The network engineer wants R1 to advertise static routes in OSPF area 1. Which nary address must be advertised in OSPF?

Options:

10.1.40.0/25

10.1.40.0/24

10.1.40.0/23

10.1.41.0/25

Question 158

Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatical togged out?

Options:

config sessions maxsessions 0

config sessions timeout 0

config serial timeout 0

config serial timeout 9600

Question 159

A network engineer starts to implement a new wireless LAN by configuring the authentication server and creating the dynamic Interface. What must be performed next to complete the basic configuration?

Options:

Install the management interface and add the management IP.

Configure high availability and redundancy tor the access points.

Enable Telnet and RADIUS access on the management interface.

Create the new WLAN and bind the dynamic interface to It.

Question 160

Which REST method updates an object in the Cisco DNA Center Intent API?

Options:

CHANGE

UPDATE

POST

PUT

Question 161

Refer to Exhibit.

Rotor to the exhibit. The IP address configurations must be completed on the DC-1 and HQ-1 routers based on these requirements:

DC-1 Gi1/0 must be the last usable address on a /30

DC-1 Gi1/1 must be the first usable address on a /29

DC-1 Gi1/2 must be the last usable address on a /28

HQ-1 Gil/3 must be the last usable address on a /29

Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used

Options:

Question 162

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

200 seconds

300 seconds

600 seconds

900 seconds

Question 163

Refer the exhibit.

What is the cause of poor performance on router R19?

Options:

excessive collisions

speed and duplex mismatch

port oversubscription

excessive CRC errors

Question 164

Refer to the exhibit.

How many objects, Keys and JSON list values are present?

Options:

three objects, two Keys, and three JSON list values

three objects, three keys and two JSON Ml values

one object, three keys, and three JSON list values

one object, three keys and two JSON list values

Question 165

Which action implements physical access control as part of the security program of an organization1?

Options:

backing up syslogs at a remote location

configuring a password for the console port

configuring enable passwords on network devices

setting up IP cameras to monitor key infrastructure

Question 166

Refer to the exhibit.

After configuring a new static route on the CPE. the engineer entered this series of commands to verify that the new configuration is operating normally When is the static default route installed into the routing table?

Options:

when 203 0 113.1 is no longer reachable as a next hop B. when the default route learned over external BGP becomes invalid

when a route to 203.0 113 1 is learned via BGP

when the default route over external BGP changes its next hop

Question 167

Which remote access protocol provides unsecured remote CLI access?

Options:

console

Telnet

Bash

SSH

Question 168

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 169

Refer to the exhibit.

A network engineer must configure the link with these requirements:

• Consume as few IP addresses as possible.

• Leave at least two additional useable IP addresses for future growth.

Which set of configurations must be applied?

Options:

Option A

Option B

Option C

Option D

Question 170

What is the role of disaggregation in controller-based networking?

Options:

It divides the control-plane and data-plane functions.

It summarizes the routes between the core and distribution layers of the network topology.

It enables a network topology to quickly adjust from a ring network to a star network

It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions.

Question 171

Drag and drop the statement about AAA services from the left to the corresponding AAA services on the right.

Options:

Question 172

Which protocol does Ansible use to push modules to nodes in a network?

Options:

SSH

SNMP

Kerberos

Telnet

Question 173

Drag and drop the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Options:

Question 174

Refer to the exhibit.

All interfaces are in the same VLAN. All switches are configured with the default STP priorities. During the STP electronics, which switch becomes the root bridge?

Options:

MDF-DC-4:08:E0:19: 08:B3:19

MDF-DC-3:08:0E:18::1A:3C:9D

MDF-DC-08:0E:18:22:05:97

MDF-DC-1:DB:E:44:02:54:79

Question 175

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

Options:

authorizing potentially compromised wireless traffic

inspecting specific files and file types for malware

authenticating end users

URL filtering

Question 176

Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture?

Options:

service port

virtual

AP-Manager

dynamic

Question 177

What are two reasons a switch experiences frame flooding? (Choose two.)

Options:

A defective patch cable is connected to the switch port

Topology changes are occurring within spanning-tree

An aged MAC (able entry is causing excessive updates

Port-security is configured globally

The forwarding table has overflowed

Question 178

Drag and drop the IPv6 address description from the left onto the IPv6 address types on the right. Not all options are used.

Options:

Question 179

How do TCP and UDP fit into a query-response model?

Options:

TCP establishes a connection prior to sending data, and UDP sends immediately.

TCP uses error detection for packets, and UDP uses error recovery.

TCP avoids using sequencing, and UDP avoids using acknowledgments.

TCP encourages out-of-order packet delivery, and UDP prevents re-ordering.

Question 180

Drag and chop the TCP/IP protocols from the left onto their primary transmission protocols on the right.

Options:

Question 181

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 182

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

Options:

Telnet

console

HTTPS

SSH

Question 183

Refer to the exhibit. Which type of JSON data is shown?

Options:

sequence

string

object

Boolean

Question 184

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

Options:

magic links

one-time passwords

digital certificates

90-day renewal policies

Question 185

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined tot the Internet. What is the administrative distance for the destination route? A. 0

B. 1

C. 2

D. 32

Options:

Question 186

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 187

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 188

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

ntp master 172.24.54.8

ntp client 172.24.54.8

ntp peer 172.24.54.8

ntp server 172.24.54.8

Question 189

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 190

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 191

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.

On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.

On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.

On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.

On both SW1 and SW2, exit the interface range configuration mode by using the exit command.

On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.

On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.

On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.

On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.

On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.

On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 192

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

Select the 802.1 x option for Auth Key Management.

Select the WPA Policy option.

Select the PSK option for Auth Key Management.

Select the AES option for Auth Key Management.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 193

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

Is the internet reachable?

Is the default gateway reachable?

Is the DNS server reachable?

Question 194

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

Options:

username CCUser privies 10 password NA!2Scc

username CCUser password NA!2Scc enable password level 5 NA!2$cc

username CCUser secret NA!2Scc

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Question 195

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 196

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

Options:

next-generation firewall to keep stateful packet inspection

multifactor authentication using two separate authentication sources

ACL to restrict incoming Telnet sessions "admin" accounts

IPS with a btock list of known attack vectors

Question 197

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 198

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

Options:

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

ip route 0.0.0.0 0.0.0.0 10.200.0.2

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Question 199

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 200

What are two lacts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

It is less expensive when purchasing patch cables.

It has a greater sensitivity to changes in temperature and moisture.

It provides greater throughput options.

It carries signals for longer distances.

It carries electrical current further distances for PoE devices.

Question 201

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

Options:

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Question 202

What is the main difference between traditional networks and controller-based networking?

Options:

Controller-based networks increase TCO for the company, and traditional networks require less investment.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

Controller-based networks are open for application requests, and traditional networks operate manually.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Question 203

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

Options:

level

message body

process ID

facility

Question 204

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 205

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

Options:

ip forward-protocol udp 137

ip default-network 192.168.52.253

ip helper-address 172.16.32.15

ip default-gateway 192.168.52.253

Question 206

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

Options:

interface port-channel 2

channel-group 2 mode desirable

interface fasteinernet 1/1

channel-group 2 mode active

interface fasteinernet 1/1

channel-group 2 mode on

interface port-channel 2

channel-group 2 mode auto

Question 207

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.

To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 208

Which CRUD operation corresponds to me HTTP GET method?

Options:

delete

create

update

read

Question 209

What is the RFC 4627 default encoding for JSON text?

Options:

UCS-2

UTF-8

Hex

GB18030

Question 210

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 211

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

Options:

ipv6 address 2001:DB8:FFFF:FCF3::1/64

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Question 212

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

Options:

int range g0/0-1

channel-group 10 mode active

int range g0/0-1 chanm.l-group 10 mode desirable

int range g0/0-1

channel-group 10 mode passive

int range g0/0-1 channel-group 10 mode auto

int range g0/0-1 channel-group 10 mode on

Question 213

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 214

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 215

Which protocol is used for secure remote CLI access?

Options:

HTTPS

HTTP

Telnet

SSH

Question 216

What is a function of a Next-Generation IPS?

Options:

makes forwarding decisions based on learned MAC addresses

serves as a controller within a controller-based network

integrates with a RADIUS server to enforce Layer 2 device authentication rules

correlates user activity with network events

Question 217

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Options:

Question 218

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 219

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 220

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 221

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

192.168.0.7

192.168.0.4

192.168.0.40

192.168.3.5

Question 222

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

Options:

VLANID

SSID

RFID

WLANID

Question 223

Refer to the exhibit.

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

Options:

There is a duplex mismatch on the interface

There is an issue with the fiber on the switch interface.

There is a speed mismatch on the interface.

There is an interface type mismatch

Question 224

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

10.10.10.5

10.10.11.2

10.10.12.2

10.10.10.9

Question 225

What are two benefits of FHRPs? (Choose two.)

Options:

They enable automatic failover of the default gateway.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

They are able to bundle multiple ports to increase bandwidth.

They prevent loops in the Layer 2 network.

They allow encrypted traffic.

Question 226

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

username cisco password 0 Cisco

Question 227

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

Options:

Option A

Option B

Option C

Option D

Question 228

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 229

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

Options:

username CNAC secret R!41!4319115@

ip ssh version 2

line vty 0 4

crypto key generate rsa 1024

transport input ssh

Question 230

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

Options:

Option A

Option B

Option C

Option D

Question 231

What causes a port to be placed in the err-disabled state?

Options:

nothing plugged into the port

link flapping

shutdown command issued on the port

latency

Question 232

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

Options:

Option A

Option B

Option C

Option D

Question 233

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Options:

heavy traffic congestion

a duplex incompatibility

a speed conflict

queuing drops

Question 234

An engineer must configure R1 for a new user account. The account must meet these requirements:

* It must be configured in the local database.

* The username is engineer.

* It must use the strongest password configurable. Which command must the engineer configure on the router?

Options:

R1 (config)# username engineer2 algorithm-type scrypt secret test2021

R1(config)# username engineer2 secret 5 .password S1$b1Ju$kZbBS1Pyh4QzwXyZ

R1(config)# username engineer2 privilege 1 password 7 test2021

R1(config)# username englneer2 secret 4 S1Sb1Ju$kZbBS1Pyh4QzwXyZ

Question 235

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 236

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 237

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Options:

Configure the OSPF priority on router A with the lowest value between the three routers.

Configure router B and router C as OSPF neighbors of router A.

Configure the router A interfaces with the highest OSPF priority value within the area.

Configure router A with a fixed OSPF router ID

Question 238

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

Options:

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Question 239

Refer to the exhibit.

A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which command must be used to fulfill the request?

Options:

ip route 172.21.34.0 255.255.255.192 10.73.65.65

ip route 172.21.34.0 255.255.255.0 10.73.65.65

ip route 172.21.34.0 255.255.128.0 10.73.65.64

ip route 172.21.34.0 255.255.255.128 10.73.65.66

Question 240

Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right.

Options:

Load More 200-301 Questions

Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Cisco 200-301 Cisco Certified Network Associate Exam Practice Test

Cisco Certified Network Associate Questions and Answers

Testing Engine

PDF + Testing Engine

PDF Study Guide

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation: