PDF Only
$35.00 Free Updates Upto 90 Days
- 200-301 Dumps PDF
- 970 Questions
- Updated On November 18, 2024
PDF + Test Engine
$55.00 Free Updates Upto 90 Days
- 200-301 Question Answers
- 970 Questions
- Updated On November 18, 2024
Test Engine
$45.00 Free Updates Upto 90 Days
- 200-301 Practice Questions
- 970 Questions
- Updated On November 18, 2024
How to pass Cisco 200-301 exam with the help of dumps?
DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Cisco 200-301 Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.
How Do I Know Cisco 200-301 Dumps are Worth it?
Did we mention our latest 200-301 Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.
You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Cisco Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!
IT Students Are Using our Cisco Certified Network Associate Dumps Worldwide!
It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Cisco Certified Network Associate Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.
How to Get 200-301 Real Exam Dumps?
Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the 200-301 exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!
Cisco 200-301 Exam Overview:
Detail | Information |
---|---|
Exam Code | 200-301 |
Exam Name | Cisco Certified Network Associate (CCNA) |
Exam Cost | $300 USD |
Total Time | 120 minutes |
Exam Format | Multiple-choice questions (MCQs), simulations, and drag-and-drop |
Available Languages | English and Japanese |
Passing Marks | Cisco does not publicly disclose a specific passing score. The score is determined through statistical analysis and can vary. However, a typical range is around 825-850 out of 1000. |
Cisco Certified Network Associate Exam Topics Breakdown
Content Area | Percentage |
---|---|
Domain | Percentage of Exam |
Network Fundamentals | 20% |
Network Access | 20% |
IP Connectivity | 25% |
IP Services | 10% |
Security Fundamentals | 15% |
Automation and Programmability | 10% |
Few More 200-301 Exact Exam Questions:
Question # 1
Router R4 is dynamically learning the path to the server. If R4 is connected to R1 via OSPF Area 20, to R2 v2ia R2 BGP, and to R3 via EIGRP 777, which path is installed in the routing table of R4?
A. the path through R1, because the OSPF administrative distance is 110.
B. the path through R2. because the IBGP administrative distance is 200.
C. the path through R2 because the EBGP administrative distance is 20.
D. the path through R3. because the EIGRP administrative distance is lower than OSPF and BGP'
Answer: C
Question # 2
Connectivity between three routers has been established, and IP services must be configured in the order presented to complete the implementation. Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.
A. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named PUBNET. To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.
B. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on May 1, 2018.
C. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named NETPOOL. Using a single command, exclude addresses 1 - 10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.
D. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user netadmin and password N3t4ccess must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console.
Answer:
Question # 3
Refer to the exhibit. The network engineer is configuring a new WLAN and is told to use a setup password for authentication instead of the RADIUS servers.
Which additional set of tasks must the engineer perform to complete the configuration?
A. Disable PMF Enable PSK Enable 802.1x
B. Select WPA Policy Enable CCKM Enable PSK
C. Select WPA Policy Select WPA2 Policy Enable FT PSK
D. Select WPA2 Policy Disable PMF Enable PSK
Answer: D
Question # 4
Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?
A. Set Fast Transition to Enabled.
B. Enable WPA Policy.
C. Set PMF to Required.
D. Enable MAC Filtering
Answer: B
Question # 5
Which condition must be met before an NMS handles an SNMP trap from an agent?
A. The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.
B. The NMS must receive a trap and an inform message from the SNMP agent within a configured interval.
C. The NMS software must be loaded with the MIB associated with the trap.
D. The NMS must be configured on the same router as the SNMP agent.
Answer: C
Question # 6
Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4?
A. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1
B. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
C. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps
D. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
Answer: A
Question # 7
Refer to the exhibit. An engineer assumes a configuration task from a peer. Router A must establish an OSPF neighbor relationship with neighbor 172.1.1.1. The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?
A. Configure router A to use the same MTU size as router B.
B. Configure a point-to-point link between router A and router B.
C. Set the router B OSPF ID to the same value as its IP address.
D. Set the router B OSPF ID to a nonhost address.
Answer: A
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-12.html#neighbors
Frequently Asked Questions
Question # 1
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
Question # 2
An on-site service desk technician must verify the IP address and DNS server informationon a users Windows computer. Which command must the technician enter at the commandprompt on the user's computer?
A. ipconfig /all
B. ifconfig -a
C. show interface
D. netstat -r
Question # 3
What is the default port-security behavior on a trunk link?
A. It causes a network loop when a violation occurs.
B. It disables the native VLAN configuration as soon as port security is enabled.
C. It places the port in the err-disabled state if it learns more than one MAC address.
D. It places the port in the err-disabled slate after 10 MAC addresses are statically configured.
Question # 4
Which enhancements were implemented as part of WPA3?
A. 802.1x authentication and AES-128 encryption
B. TKIP encryption improving WEP and per-packet keying
C. AES-64 m personal mode and AES-128 in enterprise mode
D. forward secrecy and SAE in personal mode for secure initial key exchange
Question # 5
Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)
A. ::ffif 1014 1011/96
B. 2001 7011046:1111:1/64
C. ;jff06bb43cd4dd111bbff02 4545234d
D. 2002 5121204b 1111:1/64
E. FF02::0WlFF00:0l)00/104
Question # 6
Which functionality is provided by the console connection on a Cisco WLC?
A. out-of-band management
B. secure in-band connectivity for device administration
C. unencrypted in-band connectivity for file transfers
D. HTTP-based GUI connectivity
Question # 7
To improve corporate security, an organization is planning to implement badgeauthentication to limit access to the data center. Which element of a security program isbeing deployed?
A. user training
B. user awareness
C. vulnerability verification
D. physical access control
Question # 8
Refer to the exhibit. What is the subnet mask for route 172.16.4.0?
A. 255.255.248.0
B. 255.255.254.0
C. 255.255.255.192
D. 255.255.240.0
Question # 9
Refer to the exhibit.
A. Option
B. Option
C. Option
Question # 10
A WLC sends alarms about a rogue AP, and the network administrator verifies that thealarms are caused by a legitimate autonomous AP.
A. Place the AP into manual containment.
B. Remove the AP from WLC management.
C. Manually remove the AP from Pending state.
D. Set the AP Class Type to Friendly.
Question # 11
Refer to the exhibit. The primary route across Gi0/0 is configured on both routers. A secondary route must beconfigured to establish connectivity between the workstation networks. Which commandset must be configured to complete this task?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 12
What is the role of community strings in SNMP operations?
A. It serves as a sequence tag on SNMP traffic messages.
B. It serves as a password lo protect access to MIB objects.
C. It passes the Active Directory username and password that are required for device access
D. It translates alphanumeric MIB output values to numeric values.
Question # 13
Refer to the exhibit. What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?
A. Select PSK under Authentication Key Management
B. Select WPA+WPA2 on Layer 2 Security
C. Select Static-WEP + 802.1X on Layer 2 Security
D. Select WPA Policy with TKIP Encryption
E. Select 802.1X from under Authentication Key Management
Question # 14
What happens when a switch receives a frame with a destination MAC address that recently aged out?
A. The switch references the MAC address aging table for historical addresses on the port that received the frame.
B. The switch floods the frame to all ports in all VLANs except the port that received the frame
C. The switch drops the frame and learns the destination MAC address again from the port that received the frame
D. The switch floods the frame to all ports in the VLAN except the port that received the frame.
Question # 15
Refer to the exhibit. What are two conclusions about this configuration? {Choose two.)
A. The spanning-tree mode is Rapid PVST+.
B. This is a root bridge.
C. The root port is FastEthernet 2/1.
D. The designated port is FastEthernet 2/1.
E. The spanning-tree mode is PVST+.
Question # 16
Refer to the exhibit. Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?
A. 2001 :db8::5000:0004:5678:0090/64
B. 2001 :db8:4425:5400:77ft:fe07:/64
C. 2001 :db8::5000:00ff:fe04 0000/64
D. 2001 :db8::5200:00ff:fe04:0000/64
Question # 17
Which two server types support dornas name to IP address resolution? (Choose two >
A. ESX host
B. resolver
C. web
D. file transfer
E. authentication
Question # 18
Refer to the exhibit. Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A networkengineer must configure R1 with a floating static route to serve as a backup route tonetwork 192.168.23. Which command must the engineer configure on R1?
A. ip route 192.168.23.0 255.255.255.0 192.168.13.3 100
B. ip route 192.168.23.0 255.255.255.0 192.168.13.3 121
C. ip route 192.168.23.0 255.255.255.255 192.168.13.3 121
D. ip route 192.168.23.0 255.255.255.0 192.168.13.3
Question # 19
What is used as a solution for protecting an individual network endpoint from attack?
A. Router
B. Wireless controller
C. Anti software
D. Cisco DNA Center
Question # 20
Which capability does TFTP provide?
A. loads configuration files on systems without data storage devices
B. provides authentication for data communications over a private data network
C. provides encryption mechanisms for file transfer across a WAN
D. provides secure file access within the LAN
Question # 21
A network engineer must configure an interface with IP address 10.10.10.145 and a subnetmask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask mustthe engineer use?
A. /29
B. /30
C. /27
D. /28
Question # 22
What is a feature of WPA?
A. 802.1x authentication
B. preshared key
C. TKIP/MIC encryption
D. small Wi-Fi application
Question # 23
Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP?
A. service
B. trunk
C. AP-manager
D. virtual AP connection
Question # 24
Refer to the exhibit. User traffic originating within site 0 is failing to reach an applicationhosted on IP address 192.168 0 10. Which is located within site A What is determined bythe routing table?
A. The default gateway for site B is configured incorrectly
B. The lack of a default route prevents delivery of the traffic
C. The traffic is blocked by an implicit deny in an ACL on router2
D. The traffic to 192 168 010 requires a static route to be configured in router 1.
Question # 25
What is the functionality of the Cisco DNA Center?
A. data center network pokey con
B. console server that permits secure access to all network devices
C. IP address cool distribution scheduler
D. software-defined controller for automaton of devices and services
Question # 26
In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?
A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet
Question # 27
In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?
A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet
Question # 28
Refer to the exhibit.When router R1 receives a packet with destination IP address 10.56.0 62. through whichinterface does it route the packet?
A. Null0
B. VIan58
C. Vlan60
D. VIan59
Question # 29
Refer to the exhibit. Which IP route command created the best path for a packet destined for 10.10.10.3?
A. ip route 10.10.0.0 255.255.252.0 g0/0
B. ip route 10.0.0.0 255.0.0.0 g0/0
C. ip route 10.10.10.1 255.255.255.255 g0/0
D. ip route 10.10.10.0 255.255.255.240 g0/0
Question # 30
What is the role of SNMP in the network?
A. to monitor network devices and functions using a TCP underlay that operates on the presentation layer
B. to collect data directly from network devices using an SSL underlay that operates on the transport layer
C. to monitor and manage network devices using a UDP underlay that operates on the application layer
D. to collect telemetry and critical information from network devices using an SSH underlay that operates on the network layer
Question # 31
Refer to the exhibit. What is the issue with the interface GigabitEthernet0/0/1?
A. Port security
B. High throughput
C. Cable disconnect
D. duplex mismatch
Question # 32
Which command do you enter so that a switch configured with Rapid PVST + listens andlearns for a specific time period?
A. switch(config)#spanning-tree vlan 1 max-age 6
B. switch(config)#spanning-tree vlan 1 hello-time 10
C. switch(config)#spanning-tree vlan 1 priority 4096
D. switch(config)#spanning-tree vlan 1 forward-time 20
Question # 33
Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?
A. virtual interface
B. management interface
C. console port
D. service port
Question # 34
Company has decided to require multifactor authentication for all systems. Which set ofparameters meets the requirement?
A. personal 10-digit PIN and RSA certificate
B. complex password and personal 10-digit PIN
C. password of 8 to 15 characters and personal 12-digit PIN
D. fingerprint scanning and facial recognition
Question # 35
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
Question # 36
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
Question # 37
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
Question # 38
Which type of IPv4 address type helps to conserve the globally unique address classes?
A. multicast
B. private
C. loopback
D. public
Question # 39
Which interface is used for out-of-band management on a WLC?
A. dynamic
B. service port
C. virtual
D. management
Question # 40
Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the internet.
A. 0
B. 1
C. 2
D. 32
Question # 41
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
Question # 42
Which benefit does Cisco ONA Center provide over traditional campus management?
A. Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditionalcampus management uses SNMPv2.
B. Cisco DNA Center automates HTTPS for secure web access, and traditional campusmanagement uses HTTP.
C. Cisco DNA Center leverages APIs, and traditional campus management requiresmanual data gathering.
D. Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent fromtraditional campus management.
Question # 43
What is a function of an endpoint?
A. It is used directly by an individual user to access network services
B. It passes unicast communication between hosts in a network
C. It transmits broadcast traffic between devices in the same VLAN
D. It provides security between trusted and untrusted sections of the network.
Question # 44
What describes the functionality of southbound APIs?
A. They use HTTP messages to communicate.
B. They enable communication between the controller and the network device.
C. They convey information from the controller to the SDN applications.
D. They communicate with the management plane.
Question # 45
Refer to the exhibit. Which action by the router when a packet is sourced from 10.10.10.2 and destined 10.10.10.16?
A. It queues the packets waiting for the route to be learned.
B. It floods packets to all learned next hops.
C. It discards the packets.
D. It uses a route that is similar to the destination address.
Question # 46
What is used to identify spurious DHCP servers?
A. DHCPREQUEST
B. DHCPDISCOVER
C. DHCPACK
D. DHCPOFFER
Question # 47
Which command implies the use of SNMPv3?
A. snmp-server host
B. snmp-server community
C. snmp-server enable traps
D. snmp-server user
Question # 48
What is a characteristics of a collapsed-core network topology?
A. It allows the core and distribution layers to run as a single combined layer.
B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel.
C. It enables all workstations in a SOHO environment to connect on a single switch with internet access.
D. It allows wireless devices to connect directly to the core layer, which enables faster data transmission.
Question # 49
What is an advantage of using auto mode versus static mode for power allocation when anaccess point is connected to a PoE switch port?
A. All four pairs of the cable are used
B. It detects the device is a powered device
C. The default level is used for the access point
D. Power policing is enabled at the same time
Question # 50
What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?
A. forwarding mode and provides the lowest-cost path to the root bridge for each VLAN
B. learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN
C. blocking mode and provides an alternate path toward the designated bridge
D. listening mode and provides an alternate path toward the root bridge
Question # 51
What is the purpose of the Cisco DNA Center controller?
A. to secure physical access to a data center
B. to scan a network and generate a Layer 2 network diagram
C. to securely manage and deploy network devices
D. to provide Layer 3 services to autonomous access points
Question # 52
What provides connection redundancy increased bandwidth and load sharing between a wireless LAN controller and a Layer 2 switch?
A. VLAN trunking
B. tunneling
C. first hop redundancy
D. link aggregation
Question # 53
Refer to the exhibit. What is the next step to complete the implementation for the partial NAT configurationshown?
A. Reconfigure the static NAT entries that overlap the NAT pool
B. Configure the NAT outside interface
C. Modify the access list for the internal network on e0/1
D. Apply the ACL to the pool configuration
Question # 54
Refer to the exhibit.
A. Option
B. Option
C. Option
D. Option
Question # 55
Why would a network administrator choose to implement automation in a network environment?
A. To simplify the process of maintaining a consistent configuration state across all devices
B. To centralize device information storage
C. To implement centralized user account management
D. To deploy the management plane separately from the rest of the network Answer: A
Question # 56
A network engineer must configure an access list on a new Cisco IOS router. The accesslist must deny HTTP traffic to network 10.125.128.32/27 from the 192.168.240.0/20network, but it must allow the 192.168.240.0/20 network to reach the rest of the 10.0.0.0/8network. Which configuration must the engineer apply?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 57
Which type of hypervisor operates without an underlying OS to host virtual machines?
A. Type 1
B. Type 2
C. Type 3
D. Type 12
Question # 58
What is the function of northbound API?
A. It upgrades software and restores files.
B. It relies on global provisioning and configuration.
C. It supports distributed processing for configuration.
D. It provides a path between an SDN controller and network applications.
Question # 59
Which advantage does the network assurance capability of Cisco DNA Center provide overtraditional campus management?
A. Cisco DNA Center correlates information from different management protocols to obtaininsights, and traditional campus management requires manual analysis.
B. Cisco DNA Center handles management tasks at the controller to reduce the load oninfrastructure devices, and traditional campus management uses the data backbone.
C. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric andnonfabric devices, and traditional campus management uses CLI exclusively.
D. Cisco DNA Center automatically compares security postures among network devices,and traditional campus management needs manual comparisons.
Question # 60
Refer to the exhibit. assigns IP addressing to the current VLAN with three PCs. The configuration must alsoaccount for the expansion of 30 additional VLANS using the same Class C subnet forsubnetting and host count. Which command set fulfills the request while reserving addressspace for the expected growth?
A. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 265 255.255.252
B. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255 255.255.248
C. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255 255.255.0
D. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.128
Question # 61
Refer to the exhibit. A Cisco engineer creates a new WLAN called lantest. Which two actions must beperformed so that only high-speed 2.4-Ghz clients connect? (Choose two.)
A. Enable the Broadcast SSID option
B. Enable the Status option.
C. Set the Radio Policy option to 802 11g Only.
D. Set the Radio Policy option to 802.11a Only.
E. Set the Interface/Interface Group(G) to an interface other than guest
Question # 62
Why would VRRP be implemented when configuring a new subnet in a multivendor environment?
A. when a gateway protocol is required that support more than two Cisco devices for redundancy
B. to enable normal operations to continue after a member failure without requiring a change In a host ARP cache
C. to ensure that the spanning-tree forwarding path to the gateway is loop-free
D. to interoperate normally with all vendors and provide additional security features for Cisco devices
Question # 63
Refer to the exhibit. Which per-hop QoS behavior is R1 applying to incoming packets?
A. queuing
B. marking
C. shaping
D. policing
Question # 64
Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?
A. tunnel
B. transport
C. aggressive
D. main
Question # 65
Which two wireless security stewards use Counter Mode Cipher Block Chaining Message Authentication Code Protocol for encryption and data integrity'? (Choose two.
A. WPA2
B. WPA3
C. Wi-Fi 6
D. WEP
E. WPA
Question # 66
Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access?
A. global unicast
B. public
C. private
D. multicast
Question # 67
Which type of port is used to connect lo the wired network when an autonomous AP mapstwo VLANs to its WLANs?
A. LAG
B. EtherChannel
C. trunk
D. access
Question # 68
A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?
A. ARP
B. CDP
C. flooding
D. multicast
Question # 69
Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active?
A. BPDU guard
B. loop guard
C. portfast
D. uplinkfast
Question # 70
Refer to the exhibit. What is the prefix length for the route that router1 will use to reach host A?
A. /25
B. /27
C. /28
D. /29
Question # 71
Which components are contained within a virtual machine?
A. physical resources, including the NIC, RAM, disk, and CPU
B. configuration files backed by physical resources from the Hypervisor
C. applications running on the Hypervisor
D. processes running on the Hypervisor and a guest OS
Question # 72
Refer to the exhibit. An engineer is configuring a new Cisco switch NewSW, to replace SW2 The details havebeen provided• Switches SW1 and SW2 are third-party devices without support for trunk ports• The existing connections must be maintained between PC1 PC2 and PC3• Allow the switch to pass traffic from future VLAN 10. Which configuration must beapplied?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 73
Refer to the exhibit. An engineer is configuring a new Cisco switch NewSW, to replace SW2 The details havebeen provided• Switches SW1 and SW2 are third-party devices without support for trunk ports• The existing connections must be maintained between PC1 PC2 and PC3• Allow the switch to pass traffic from future VLAN 10. Which configuration must beapplied?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 74
Refer to the exhibit. A network engineer is updating the configuration on router R1 to connect a new branchoffice to the company network R2 has been configured correctly. Which command must theengineer configure so that devices at the new site communicate with the main office?
A. ip route 172.25.25 0 255 255 255.0 192.168.2.1
B. ip route 172.25.25 1 255 255 255 255 g0/1
C. ip route 172.25.25.0.255.255.255.0.192.168.2.2
Question # 75
What is the purpose of configuring different levels of syslog for different devices on the network?
A. to rate-limit messages for different seventy levels from each device
B. to set the severity of syslog messages from each device
C. to identify the source from which each syslog message originated
D. to control the number of syslog messages from different devices that are stored locally
Question # 76
Which WAN topology has the highest degree of reliability?
A. full mesh
B. Point-to-point
C. hub-and-spoke
D. router-on-a-stick
Question # 77
A. Option A
B. Option B
C. Option C
D. Option D
Question # 78
An administrator must use the password complexity not manufacturer-name command toprevent users from adding “cisco” as a password. Which command must be issued beforethis command?
A. Password complexity enable
B. confreg 0x2142
C. Login authentication my-auth-list
D. service password-encryption
Question # 79
Refer to the exhibit. Each router must be configured with the last usable IP address in thesubnet. Which configuration fulfills this requirement?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 80
What are two protocols within the IPsec suite? (Choose two)
A. AH
B. 3DES
C. ESP
D. TLS
E. AES
Question # 81
What is a reason to implement LAG on a Cisco WLC?
A. Increase the available throughput on the link.
B. Increase security by encrypting management frames
C. Allow for stateful failover between WLCs
D. Enable the connected switch ports to use different Layer 2 configurations
Question # 82
Refer to the exhibit. Local access for R4 must be established and these requirements mustbe met:• Only Telnet access is allowed.• The enable password must be stored securely.• The enable password must be applied in plain text.• Full access to R4 must be permitted upon successful login.Which configuration script meets the requirements?A)
A. Option
B. Option
C. Option
D. Option
Question # 83
Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?
A. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.
B. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.
C. UDP uses flow control mechanisms for the delivery of packets, and TCP usescongestion control for efficient packet delivery.
D. UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capabilityto receive packets in random order.
Question # 84
What is a purpose of traffic shaping?
A. It enables dynamic flow identification.
B. It enables policy-based routing.
C. It provides best-effort service.
D. It limits bandwidth usage.
Question # 85
Refer to the exhibit. Which prefix did router R1 learn from internal EIGRP?
A. 192.168.10/24
B. 192.168.3.0/24
C. 192.168.2.0/24
D. 172.16 1.0/24
Question # 86
An engineer is configuring a switch port that is connected to a VoIP handset. Whichcommand must the engineer configure to enable port security with a manually assignedMAC address of abod-bod on voice VLAN 4?
A. switchport port-security mac-address abcd.abcd.abcd
B. switchport port-security mac-address abed.abed.abed vlan 4
C. switchport port-security mac-address sticky abcd.abcd.abcd vlan 4
D. switchport port-security mac-address abcd.abcd.abcd vlan voice
Question # 87
How does authentication differ from authorization?
A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.
Question # 88
How does authentication differ from authorization?
A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.
Question # 89
Which is a fact related to FTP?
A. It uses block numbers to identify and mitigate data-transfer errors
B. It always operates without user authentication
C. It relies on the well-known UDP port 69.
D. It uses two separate connections for control and data traffic
Question # 90
Which two features introduced in SNMPv2 provides the ability to retrieve large amounts ofdata in one request
A. Get
B. GetNext
C. Set
D. GetBulk
E. Inform
Question # 91
Which properly is shared by 10GBase-SR and 10GBase-LR interfaces?
A. Both require fiber cable media for transmission.
B. Both require UTP cable media for transmission.
C. Both use the single-mode fiber type.
D. Both use the multimode fiber type.
Question # 92
Refer to the exhibit. A network engineer must configure router R1 with a host route to the server. Whichcommand must the engineer configure?
A. R1(conftg)#lp route 10.10.10.0 255.255.255.0 192.168.0.2
B. R1(Config)#lp route 10.10.10.10 265.255.255.255 192 168.0.2
C. R1(config)#ip route 192.168.0.2 255.255.255.255 10.10.10.10
D. R1(config)3|p route 0.0.0.0 0.0 0.0 192 168.0.2
Question # 93
How is noise defined in Wi-Fi?
A. ratio of signal-to-noise rating supplied by the wireless device
B. signals from other Wi-Fi networks that interfere with the local signal
C. measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal
D. any interference that is not Wi-Fi traffic that degrades the desired signal
Question # 94
Refer to the exhibit. R1 has just received a packet from host A that is destined to host B. Which route in therouting table is used by R1 to reac B?
A. 10.10.13.0/25 [108/0] via 10.10.10.10
B. 10.10.13.0/25 [110/2] via 10.10.10.2
C. 10.10.13.0/25 [110/2] via 10.10.10.6
D. 10.10.13.0/25 [1/0] via 10.10.10.2
Question # 95
Refer to the exhibit. What is represented beginning with line 1 and ending with line 5?
A. value
B. object
C. key
D. array
Question # 96
Refer to the exhibit. An engineer must configure the interface that connects to PC 1 and secure it in a way thatonly PC1 is allowed to use the port No VLAN tagging can be used except for a voice VLAN.Which command sequence must be entered to configure the switch?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 97
Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, andautomatically when edge devices or access circuits fail?
A. SLB
B. FHRP
C. VRRP
D. HSRP
Question # 98
A router has two static routes to the same destination network under the same OSPFprocess. How does the router forward packets to the destination if the next-hop devices aredifferent?
A. The router chooses the route with the oldest age.
B. The router load-balances traffic over all routes to the destination.
C. The router chooses the next hop with the lowest MAC address.
D. The router chooses the next hop with the lowest IP address.
Question # 99
When a switch receives a frame for an unknown destination MAC address, how is theframe handled?
A. broadcast to all ports on the switch
B. flooded to all ports except the origination port
C. forwarded to the first available port
D. inspected and dropped by the switch
Question # 100
Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?
A. Generic Router Encapsulation (GRE)
B. Virtual Local Area Network (VLAN)
C. Virtual Extensible LAN (VXLAN)
D. Point-to-Point Protocol
Question # 101
What is the function of "off-the-shell" switches in a controller-based network?
A. providing a central view of the deployed network
B. forwarding packets
C. making routing decisions
D. setting packet-handling policies
Question # 102
What is a characteristic of RSA?
A. It uses preshared keys for encryption
B. It requires both sides to have identical keys
C. It is a private-key encryption algorithm
D. It is a public-key cryptosystem
Question # 103
Refer to the exhibit. An engineer is building a new Layer 2 LACP EtherChannel betweenSW1 and SW2. and they executed the given show commands to verify the work Whichadditional task must be performed so that the switches successfully bundle the secondmember in the LACP port-channel?
A. Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1
B. Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.
C. Configure the switchport trunk allowtd vlan add 300 command on interface FaO 2 on SW2.
D. Configure the switchport trunk allowtd vlan add 300 command on SW1 port-channel 1
Question # 104
Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1and the ISP must be configured with a manual assignment, and the LAN interface must beself-provisioned Both connections must use the applicable IPv6 networks Which twoconfigurations must be applied to R1? (Choose two.)
A. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127
B. interface Gi0/0ipv6 address 2001:db8:1:AFFF::/64 eui-64
C. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127
D. interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64
E. interface Gi0/0ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127
Question # 105
Refer to the exhibit. Router R14 is in the process of being configured. Which configuration must be used toestablish a host route to PC 10?
A. ip route 10.80.65.10 255.255.255.254 10.80.65.1
B. ip route 10.8065.10 255.255.255.255 10.73.65.66
C. ip route 1073.65.65 255.0.0.0 10.80.65.10
D. ip route 10.73.65.66 0.0.0.255 10.80.65.10
Question # 106
Refer to the exhibit. The given Windows PC is requesting the IP address of the host at www.cisco.com. Towhich IP address is the request sent?
A. 192.168.1.226
B. 192.168.1.100
C. 192.168.1.254
D. 192.168.1.253
Question # 107
A network engineer must migrate a router loopback interface to the IPv6 address space. Ifthe current IPv4 address of the interface is 10.54.73.1/32, and the engineer configures IPv6address 0.0.0.0.0:ffff:a36:4901, which prefix length must be used?
A. /64
B. /96
C. /124
D. /128
Question # 108
SW1 supports connectivity for a lobby conference room and must be secured. Theengineer must limit the connectivity from PCI lo ma SW1 and SW2 network. The MACaddresses allowed must be Limited to two. Which configuration secures the conferenceroom connectivity?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 109
What should a network administrator consider when deciding to implement automation?
A. Automated systems may have difficulty expanding network changes at scale.
B. Network automation typically is limited to the configuration and management of virtual devices within a network.
C. Network automation typically increases enterprise management operating costs.
D. Manual changes frequently lead to configuration errors and inconsistencies.
Question # 110
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
Question # 111
What are two reasons lo configure PortFast on a switch port attached to an end host? (Choose two.)
A. to enable the number of MAC addresses learned on the port to l
B. to protect the operation of the port from topology change processes
C. to enable the pod to enter the forwarding state immediately when the host boots up
D. to prevent the port from participating in Spanning Tree Protocol operations
E. to block another switch or host from communicating through the port
Question # 112
Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?
A. Set PMF to Required.
B. Enable MAC Filtering.
C. Enable WPA Policy.
D. Set Fast Transition to Enabled
Question # 113
When an access point is seeking to join wireless LAN controller, which message is sent tothe AP- Manager interface?
A. Discovery response
B. DHCP request
C. DHCP discover
D. Discovery request
Question # 114
Which WPA mode uses PSK authentication?
A. Local
B. Client
C. Enterprise
D. Personal
Question # 115
A network architect is deciding whether to implement Cisco autonomous access points orlightweight access points. Which fact about firmware updates must the architect consider?Unlike lightweight access points, which require
A. Unlike lightweight access points, which require redundant WLCs to support firmwareupgrades, autonomous access points require only one WLC.
B. Unlike autonomous access points, lightweight access points store a complete copy ofthe current firmware for backup.
C. Unlike lightweight access points, autonomous access points can recover automaticallyfrom a corrupt firmware update.
D. Unlike autonomous access points, lightweight access points require a WLC toimplement remote firmware updates.
Question # 116
What is the temporary state that switch ports always enter immediately after the bootprocess when Rapid PVST+ is used?
A. discarding
B. listening
C. forwarding
D. learning
Question # 117
What is the primary purpose of a console port on a Cisco WLC?
A. In-band management via an asynchronous transport
B. out-of-band management via an IP transport
C. in-band management via an IP transport
D. out-of-band management via an asynchronous transport
Question # 118
Refer to the exhibit All interfaces are in the same VLAN. All switches are configured with the default STPpriorities. During the STP electronics, which switch becomes the root bridge?
A. MDF-DC-4:08:E0:19: 08:B3:19
B. MDF-DC-3:08:0E:18::1A:3C:9D
C. MDF-DC-08:0E:18:22:05:97
D. MDF-DC-1:DB:E:44:02:54:79
Question # 119
Refer to the exhibit. The EtherChannel is configured with a speed of 1000 and duplex as full on both ends ofchannel group 1. What is the next step to configure the channel on switch A to respond tobut not initiate LACP communication?
A. interface range gigabitethernet0/0/0-15 channel-group 1 mode on
B. interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable
C. interface port-channel 1 channel-group 1 mode auto
D. interface port-channel 1 channel-group 1 mode passive
Question # 120
Refer to the exhibit. When router R1 is sending traffic to IP address 10.56.192 1, which interface or next hopaddress does it use to route the packet?
A. 0.0.0.0.0/0
B. 10.56.0.1
C. 10.56.128.19
D. Vlan57
Question # 121
Which type of address is shared by routers in a HSRP implementation and used by hostson the subnet as their default gateway address?
A. multicast address
B. loopback IP address
C. virtual IP address
D. broadcast address
Question # 122
A wireless access point is needed and must meet these requirements: • "zero-touch" deployed and managed by a WLC• process only real-time MAC functionality • used in a split-MAC architecture. Which access point type must be used?
A. autonomous
B. lightweight
C. mesh
D. cloud-based
Question # 123
What are two purposes of HSRP? (Choose two.)
A. It groups two or more routers to operate as one virtual router.
B. It improves network availability by providing redundant gateways.
C. It passes configuration information to hosts in a TCP/IP network.
D. It helps hosts on the network to reach remote subnets without a default gateway.
E. It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot.
Question # 124
What does a switch search for in the CAM table when forwarding a frame?
A. source MAC address and aging time
B. destination MAC address and flush time
C. source MAC address and source port
D. destination MAC address and destination port
Question # 125
Refer to the exhibit. Which switch becomes the root bridge?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 126
Two switches have been implemented and all interfaces are at the default configurationlevel. A trunk link must be implemented between two switches with these requirements:• using an industry-standard trunking protocol• permitting VLANs 1 -10 and denying other VLANsHow must the interconnecting ports be configured?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 127
Which interface enables communication between a program on the controller and a program on the networking devices?
A. northbound interface
B. software virtual interface
C. southbound interface
D. tunnel Interface
Question # 128
What is a reason to configure a trunk port that connects to a WLC distribution port?
A. Eliminate redundancy with a link failure in the data path.
B. Allow multiple VLAN to be used in the data path.
C. Provide redundancy if there is a link failure for out-of-band management.
D. Permit multiple VLANs to provide out-of-band management.
Question # 129
Refer lo the exhibit. What is the next-hop P address for R2 so that PC2 reaches the application server via ElGRP?
A. 192.168.30.1
B. 10.10 105
C. 10.10.10.6
D. 192.168.201
Question # 130
Refer to the exhibit. Rapid PVST+ mode is on the same VLAN on each switch. Which switch becomes the root bridge and why?
A. SW2, because its MAC address is the highest
B. SW3, because its priority is the highest
C. SW4, because its priority is highest and its MAC address is lower
D. SW1, because its priority is the lowest and its MAC address is higher
Question # 131
What is a benefit for external users who consume public cloud resources?
A. implemented over a dedicated WAN
B. located in the same data center as the users
C. all hosted on physical servers
D. accessed over the Internet
Question # 132
What is a function of the core and distribution layers in a collapsed-core architecture?
A. The router must use IPv4 and IPv6 addresses at Layer 3.
B. The core and distribution layers are deployed on two different devices to enable failover.
C. The router can support HSRP for Layer 2 redundancy in an IPv6 network.
D. The router operates on a single device or a redundant pair.
Question # 133
Which remote access protocol provides unsecured remote CLI access?
A. console
B. Telnet
C. Bash
D. SSH
Question # 134
Refer to the exhibit. How many objects are present in the given JSON-encoded data?
A. one
B. four
C. seven
D. nine
Question # 135
How does encryption project the wireless network?
A. via integrity checks to identify wireless forgery attacks in the frame
B. via specific ciphers to detect and prevent zero-day network attacks
C. via an algorithm to change wireless data so that only the access point and client understand it
D. via a policy to prevent unauthorized users from communicating on the wireless network
Question # 136
Which signal frequency appears 60 times per minute?
A. 1 Hz signal
B. 1 GHz signal
C. 60 Hz signal
D. 60 GHz signal
Question # 137
What is a function of MAC address learning?
A. It is enabled by default on all VLANs and interfaces
B. It increases the potential for MAC address flooding.
C. It is disabled by default on all interfaces connected to trunks
D. lt increases security on the management VLAN
Question # 138
What is a zero-day exploit?
A. It is when a new network vulnerability is discovered before a fix is available
B. It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.
C. It is when the network is saturated with malicious traffic that overloads resources and bandwidth
D. It is when an attacker inserts malicious code into a SOL server.
Question # 139
A network engineer must configure an interface with IP address 10.10.10.145 and a subnet mask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask must the engineer use?
A. /29
B. /30
C. /27
D. /28
Question # 140
What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?
A. The APs must be connected to the switch with multiple links in LAG mode
B. The switch port mode must be set to trunk
C. The native VLAN must match the management VLAN of the AP
D. IEEE 802.10 trunking must be disabled on the switch port.
Question # 141
Which command enables HTTP access to the Cisco WLC?
A. config network secureweb enable
B. config certificate generate web admin
C. config network webmode enable
D. config network telnet enable
Question # 142
Refer to the exhibit. After configuring a new static route on the CPE. the engineer entered this series of commands to verify that the new configuration is operating normally When is the static default route installed into the routing table?
A. when 203 0 113.1 is no longer reachable as a next hop B. when the default route
learned over external BGP becomes invalid
B. when a route to 203.0 113 1 is learned via BGP
C. when the default route over external BGP changes its next hop
Question # 143
What differentiates device management enabled by Cisco DNA Center from traditional campus device management?
A. per-device
B. centralized
C. device-by-device hands-on
D. CLI-oriented device
Question # 144
Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.)
A. REMOVE
B. REDIRECT
C. OPOST
D. GET
E. UPOP
Question # 145
Refer to the exhibit. Which interface is chosen to forward traffic to the host at 192.168.0.55?
A. GigabitEthernet0
B. GigabitEthernet0/1
C. Null0
D. GigabitEthernet0/3
Question # 146
When the LAG configuration is updated on a Cisco WLC which additional task must be performed when changes are complete?
A. Flush all MAC addresses from the WLC
B. Re-associate the WLC with the access point.
C. Re-enable the WLC interfaces
D. Reboot the WLC
Question # 147
Which two protocols are used by an administrator for authentication and configuration on access points?
A. Kerberos
B. 802.1Q
C. 802.1x
D. TACACS+
E. RADIUS
Question # 148
Refer to the exhibit. Traffic from R1 to the 10.10.2.0/24 subnet uses 192.168.1.2 as its next hop. An network engineer wants to update the R1 configuration so that traffic with destination 10.10.2.1 passes through router R3, and all other traffic to the 10.10.20/24 subnet passes through r2. Which command must be used?
A. Ip route 10.10.2.1 255.255.255.255 192.168.1.4 115
B. Ip route 10.10.2.0 255.255.255.0 192.168.1.4 100
C. Ip route 10.10.2.0 255.255.255.0 192.168.1.4 115
D. Ip route 10.10.2.1 255.255.255.255 192.168.1.4 100
Question # 149
Refer to Itie exhibit A network engineer started to configure port security on a new switch. These requirements must be met: * MAC addresses must be learned dynamically * Log messages must be generated without disabling the interface when unwanted traffic is seen Which two commands must be configured to complete this task"? (Choose two)
A. SW(ccnfig-if)=switchport port-security mac-address sticky
B. SW(confKj-if)=switchport port-security violation restrict
C. SW(config.if)sswitchport port-security mac-address 0010.7B84.45E6
D. SW(config-if)aswitchport port-security maximum 2
E. SW(ccnfig-if)=switchport port-security violation shutdown
Question # 150
Refer to the exhibit. An engineer must translate the PC1 IP address to 10.199.77.100 and permit PC1 to ping the loopback 0 on router R2. What command set must be used?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 151
An engineer is configuring switch SW1 to act an NTP server when all upstream NTP server connectivity fails. Which configuration must be used?
A. Option A
B. Option B
C. Option C
D. Option D
Question # 152
What are two characteristics of a small office / home office connection environment? (Choose two.)
A. It requires 10Gb ports on all uplinks.
B. It supports between 50 and 100 users.
C. It supports between 1 and 50 users.
D. It requires a core, distribution, and access layer architecture.
E. A router port connects to a broadband connection.
Question # 153
The clients and OHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1?
A. ip route 192.168.10.1
B. ip default-gateway 192.168.10.1
C. ip helper-address 192.168.10.1
D. ip dhcp address 192.168.10.1
Question # 154
Refer to the exhibit. When router R1 receives a packet with destination IP address 10.56.0 62. through which interface does it route the packet?
A. Null0
B. VIan58
C. Vlan60
D. VIan59
Question # 155
Refer to the exhibit. PC A is communicating with another device at IP address 10.227.225.255. Through which router does router Y route the traffic?
A. router A
B. router B
C. router C
D. router D
Question # 156
What are two advantages of implementing a controller-based architecture instead of a traditional network architecture? (Choose two.)
A. It allows for seamless connectivity to virtual machines.
B. It supports complex and high-scale IP addressing schemes.
C. It enables configuration task automation.
D. It provides increased scalability and management options.
E. It increases security against denial-of-service attacks.
Question # 157
A Cisco engineer notices thai two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?
A. ip ospf network broadcast
B. ip ospf dead-interval 40
C. ip ospf network point-to-point
D. ip ospf priority 0
Question # 158
Refer to the exhibit. The administrator must configure a floating sialic default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE?
A. ipv6 route ::/0 2001:db8:1234:2::1 3
B. ipv6 route ::/128 2001 :db8:1234:2::1 3
C. ipv6 route ::/0 2001:db8:1234:2::1 1
D. ipv6 route ::/0 2001:db8:1234:2::1 2
Question # 159
What describes a northbound REST API for SON?
A. application-facing interface for SNMP GET requests
B. network-element-facing interface for GET POST PUT and DELETE methods
C. network-element-facing interface for the control and data planes
D. application-facing interface far GET, POST, PUT, and DELETE methods
Question # 160
When should an engineer implement a collapsed-core architecture?
A. for small networks with minimal need for growth
B. the access and distribution layers must be on the same device
C. for large networks that are connected to multiple remote sites
D. only when using VSS technology
Question # 161
Refer to the exhibit. What is the next hop for traffic entering R1 with a destination of 10.1.2 126?
A. 10.165 20.126
B. 10.165.20.146
C. 10.165.20.166
D. 10.165 20.226
Question # 162
What is a benefit of using private IPv4 addressing?
A. Multiple companies can use the same addresses without conflicts.
B. Direct connectivity is provided to internal hosts from outside an enterprise network.
C. Communication to the internet Is reachable without the use of NAT.
D. All external hosts are provided with secure communication to the Internet.
Question # 163
Refer to the exhibit. Which entry is the longest prefix match for host IP address 192.168.10.5?
A. 1
B. 2
C. 3
D. 4
Question # 164
Which action implements physical access control as part of the security program of an organization1?
A. backing up syslogs at a remote location
B. configuring a password for the console port
C. configuring enable passwords on network devices
D. setting up IP cameras to monitor key infrastructure
Question # 165
Refer to the exhibit. The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.
A. ipv6 route 2000::1/128 2012::2
B. ipv6 route 2000::1/128 2012::1
C. ipv6 route 2000:3 123 s0/0/0
D. ipv6 route 2000::3/128 2023::3
E. ipv6 route 2000::1/128 s0/0/1
Question # 166
A network engineer is upgrading a small data center to host several new applications, including server backups that are expected to account for up to 90% of the bandwidth during peak times. The data center connects to the MPLS network provider via a primary circuit and a secondary circuit. How does the engineer inexpensively update the data center to avoid saturation of the primary circuit by traffic associated with the backups?
A. Assign traffic from the backup servers to a dedicated switch.
B. Configure a dedicated circuit for the backup traffic.
C. Place the backup servers in a dedicated VLAN.
D. Advertise a more specific route for the backup traffic via the secondary circuit.
Question # 167
Refer to the exhibit. How does router R1 handle traffic to the 172.16.1.4/30 subnet?
A. It sends all traffic over the path via 172.16.9.5 using 172.16.4.4 as a backup.
B. It sends all traffic over the path via 10.0.1.100.
C. It load-balances traffic over 172.16.9.5 and 172.16.4.4.
D. It sends all traffic over the path via 172.16.4.4.
Question # 168
Refer to the exhibit. Which configuration for RTR-1 deniess SSH access from PC-1 to any RTR-1 interface and allows all other traffic? A)
A. Option A
B. Option B
C. Option C
D. Option D
Question # 169
What is the MAC address used with VRRP as a virtual address?
A. 00-00-0C-07-AD-89
B. 00-00-5E-00-01-0a
C. 00-07-C0-70-AB-01
D. 00-C6-41-93-90-91
Question # 170
Refer to the exhibit. What is represented by the word "switch’’ in line 2 of the JSON schema?
A. array
B. key
C. value
D. object
Question # 171
Refer to the exhibit. Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?
A. Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown
B. Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown
C. Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode desirable no shutdown
D. Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown
Question # 172
Which set of 2.4 GHz nonoverlapping wireless channels is standard in the United States?
A. channels 2, 7, 9, and 11
B. channels 1, 6, 11, and 14
C. channels 2, 7, and 11
D. channels 1, 6, and 11
Question # 173
What is the role of disaggregation in controller-based networking?
A. It divides the control-plane and data-plane functions.
B. It summarizes the routes between the core and distribution layers of the network topology.
C. It enables a network topology to quickly adjust from a ring network to a star network
D. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions.
Question # 174
Refer to the exhibit. A packet sourced from 172.18.33.2 is destined for 172.18.32.38. Where does the router forward the packet?
A. GigabitEthernet0/0
B. Loopback0
C. 10.1.1.1
D. 10.1.1.3
Question # 175
Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?
A. shaping
B. policing
C. CBWFQ
D. LLQ
Question # 176
What is a function of an endpoint?
A. It is used directly by an individual user to access network services
B. It passes unicast communication between hosts in a network
C. It transmits broadcast traffic between devices in the same VLAN
D. It provides security between trusted and untrusted sections of the network.
Question # 177
What is the role of nonoverlapping channels in a wireless environment?
A. to reduce interference
B. to allow for channel bonding
C. to stabilize the RF environment
D. to increase bandwidth
Question # 178
A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage Which access point mode must be selected?
A. Lightweight with local switching disabled
B. Local with AP fallback enabled
C. OfficeExtend with high availability disabled
D. FlexConnect with local switching enabled
Question # 179
Refer to the exhibit. An engineer executed the script and added commands that were not necessary for SSH and now must remove the commands.
A. metric
B. cost
C. longest prefix
D. administrative distance
Question # 180
Which two transport layer protocols carry syslog messages? (Choose two.)
A. TCP
B. IP
C. RTP
D. UDP
E. ARP
Question # 181
Refer to the exhibit. A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements: • accommodates current configured VLANs • expands the range to include VLAN 20 • allows for IEEE standard support for virtual LANs Which configuration on the NewSwitch side of the link meets these requirements?A)
A. Option A
B. Option B
C. Option C
D. Option D
Question # 182
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
Question # 183
Which device segregates a network into separate zones that have their own security policies?
A. IPS
B. firewall
C. access point
D. switch
Question # 184
When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?
A. 6
B. 8
C. 12
D. 18
Question # 185
Refer to the exhibit. A network engineer executes the show ip route command on router D. What is the next hop to network 192.168 1 0/24 and why?
A. The next hop is 10.0.2.1 because it uses distance vector routing
B. The next hop is 10.0.2.1 because it is a link-state routing protocol
C. The next hop is 10.0.0.1 because it has a better administrative distance
D. The next hop is 10.0.0.1 because it has a higher metric.
Question # 186
Which cable type must be used to interconnect one switch using 1000 BASE-SX GBiC modules and another switch using 1000 BASE-SX SFP modules?
A. LC to SC
B. SC t ST
C. SC to SC
D. LC to LC
Question # 187
Refer to the exhibit. An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN Interface of R86. Which command must be executed on R14?
A. ip route 10.80.65.0.255.255.248.0.10.73.65.66.1
B. ip route 10.80.65.0.255.255.255..240 fa0/1 89
C. ip route 10.80.65.0.255.255.248.0.10.73.65.66.171
D. ip route 10.80.65.0.0.0.224.10.80.65.0. 255
Question # 188
A. Option A
B. Option B
C. Option C
D. Option D
Question # 189
Refer to the exhibit. Which next-hop IP address has the least desirable metric when sourced from R1?
A. 10.10.10.5
B. 10.10.10.3
C. 10.10.10.4
D. 10.10.10.2
Question # 190
How do TCP and UDP fit into a query-response model?
A. TCP establishes a connection prior to sending data, and UDP sends immediately.
B. TCP uses error detection for packets, and UDP uses error recovery.
C. TCP avoids using sequencing, and UDP avoids using acknowledgments.
D. TCP encourages out-of-order packet delivery, and UDP prevents re-ordering.
Question # 191
How does MAC learning function on a switch?
A. broadcasts frames to all ports without queueing
B. adds unknown source MAC addresses to the address table
C. sends a retransmission request when a new frame is received
D. sends frames with unknown destinations to a multicast group
Question # 192
Refer to the exhibit. Which two values does router R1 use to determine the best path to reach destinations in network 1,0.0.0/8? (Choose two.)
A. longest prefix match
B. highest administrative distance
C. highest metric
D. lowest metric
E. lowest cost to reach the next hop
Question # 193
Refer to the exhibit. A network engineer must configure communication between PC A and the file server. Which commend must be configured on switch A to prevent interruption of other communications?
A. switch port trunk allowed vlan 12
B. switchport trunk allowed vlan none
C. switchport trunk allowed vlan add 13
D. switch port trunk allowed vlan remove 10-11
Question # 194
Which encryption method is used by WPA3?
A. PSK
B. TKIP
C. SAE
D. AES
Leave a comment
Your email address will not be published. Required fields are marked *