Weekend Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Cisco > CCNA > 200-301

200-301 Cisco Certified Network Associate Question and Answers

Question # 4

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

A)

B)

C)

D)

E)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Full Access
Question # 5

What should a network administrator consider when deciding to implement automation?

A.

Automated systems may have difficulty expanding network changes at scale.

B.

Network automation typically is limited to the configuration and management of virtual devices within a network.

C.

Network automation typically increases enterprise management operating costs.

D.

Manual changes frequently lead to configuration errors and inconsistencies.

Full Access
Question # 6

ESTION NO: 268

To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security program is being deployed?

A.

user training

B.

user awareness

C.

vulnerability verification

D.

physical access control

Full Access
Question # 7

Refer to the exhibit.

A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?

A.

Switch trunk allowed vlan 12

B.

Switchport trunk allowed vlan none

C.

Switchport trunk allowed vlan add 13

D.

Switchport trunk allowed vlan remove 10-11

Full Access
Question # 8

Which functionality is provided by the console connection on a Cisco WLC?

A.

out-of-band management

B.

secure in-band connectivity for device administration

C.

unencrypted in-band connectivity for file transfers

D.

HTTP-based GUI connectivity

Full Access
Question # 9

Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.

Full Access
Question # 10

What are two reasons a switch experiences frame flooding? (Choose two.)

A.

A defective patch cable is connected to the switch port

B.

Topology changes are occurring within spanning-tree

C.

An aged MAC (able entry is causing excessive updates

D.

Port-security is configured globally

E.

The forwarding table has overflowed

Full Access
Question # 11

Refer to the exhibit.

An architect is managing a wireless network with APs from several branch offices connecting to the WLC in the data center. There is a new requirement for a single WLAN to process the client data traffic without sending it to the WLC. Which action must be taken to complete the request?

A.

Enable local HTTP profiling.

B.

Enable Disassociation Imminent.

C.

Enable FlexConnect Local Switching.

D.

Enable local DHCP Profiling.

Full Access
Question # 12

Refer to the exhibit.

Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?

A.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

B.

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

C.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

interface GigabitEthernet0/0 ip access-group 100 in

D.

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any

line vty 0 15 ip access-group 100 in

Full Access
Question # 13

Refer to the exhibit.

What is the result if Gig1/11 receives an STP BPDU?

A.

The port transitions to STP blocking

B.

The port transitions to the root port

C.

The port immediately transitions to STP forwarding.

D.

The port goes into error-disable state

Full Access
Question # 14

Which WAN access technology is preferred for a small office / home office architecture?

A.

broadband cable access

B.

frame-relay packet switching

C.

dedicated point-to-point leased line

D.

Integrated Services Digital Network switching.

Full Access
Question # 15

Refer to the exhibit.

How does the router manage traffic to 192.168.12.16?

A.

It selects the RIP route because it has the longest prefix inclusive of the destination address.

B.

It chooses the OSPF route because it has the longest prefix inclusive of the destination address.

C.

it load-balances traffic between all three routes

D.

It chooses the EIGRP route because it has the lowest administrative distance

Full Access
Question # 16

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

A.

via next-hop 10.0.1.5

B.

via next-hop 10 0 1.4

C.

via next-hop 10.0 1.50

D.

via next-hop 10.0 1 100

Full Access
Question # 17

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

A.

Is the internet reachable?

B.

Is the default gateway reachable?

C.

Is the DNS server reachable?

Full Access
Question # 18

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

A.

shaping

B.

classification

C.

policing

D.

marking

Full Access
Question # 19

Refer to the exhibit.

An engineer is required to verify that the network parameters are valid for the users wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.

Full Access
Question # 20

Which PoE mode enables powered-device detection and guarantees power when the device is detected?

A.

dynamic

B.

static

C.

active

D.

auto

Full Access
Question # 21

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

A.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

B.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

C.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

D.

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Full Access
Question # 22

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Full Access
Question # 23

What is the primary effect of the spanning-tree portfast command?

A.

it enables BPDU messages

B.

It minimizes spanning-tree convergence time

C.

It immediately puts the port into the forwarding state when the switch is reloaded

D.

It immediately enables the port in the listening state

Full Access
Question # 24

In QoS, which prioritization method is appropriate for interactive voice and video?

A.

expedited forwarding

B.

traffic policing

C.

round-robin scheduling

D.

low-latency queuing

Full Access
Question # 25

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Full Access
Question # 26

What is the difference between controller-based networks and traditional networks as they relate to control-plane and/or data-plane functions?

A.

Controller-based networks centralize all important data-plane functions, and traditional networks distribute data-plane functions.

B.

Controller-based networks centralize all important control-plane functions, and traditional networks distribute control-plane functions.

C.

Traditional networks centralize all important control-plane functions, and controller-based networks distribute control-plane functions.

D.

Traditional networks centralize all important data-plane functions, and controller-based networks distribute data-plane functions.

Full Access
Question # 27

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

A.

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

B.

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

C.

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

D.

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Full Access
Question # 28

What is the function of the controller in a software-defined network?

A.

multicast replication at the hardware level

B.

fragmenting and reassembling packets

C.

making routing decisions

D.

forwarding packets

Full Access
Question # 29

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 30

Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

A.

VLANID

B.

SSID

C.

RFID

D.

WLANID

Full Access
Question # 31

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Full Access
Question # 32

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

A.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

B.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

C.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

D.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Full Access
Question # 33

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

A.

F0/10

B.

F0/11

C.

F0/12

D.

F0/13

Full Access
Question # 34

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

A.

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

B.

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

C.

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

D.

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

E.

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Full Access
Question # 35

Refer to the exhibit.

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

A.

Define a NAT pool on the router.

B.

Configure static NAT translations for VLAN 200.

C.

Configure the ip nat outside command on another interface for VLAN 200.

D.

Update the NAT INSIDF RANGFS ACL

Full Access
Question # 36

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 37

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

A.

int range g0/0-1

channel-group 10 mode active

B.

int range g0/0-1 chanm.l-group 10 mode desirable

C.

int range g0/0-1

channel-group 10 mode passive

D.

int range g0/0-1 channel-group 10 mode auto

E.

int range g0/0-1 channel-group 10 mode on

Full Access
Question # 38

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Full Access
Question # 39

Refer to the exhibit.

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

A.

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

B.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

C.

Remark traffic as it traverses R1 and trust all markings at the access layer.

D.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Full Access
Question # 40

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

A.

router-id 10.0.0.15

B.

neighbor 10.1.2.0 cost 180

C.

ipospf priority 100

D.

network 10.0.0.0 0.0.0.255 area 0

Full Access
Question # 41

What is a role of wireless controllers in an enterprise network?

A.

centralize the management of access points in an enterprise network

B.

support standalone or controller-based architectures

C.

serve as the first line of defense in an enterprise network

D.

provide secure user logins to devices on the network.

Full Access
Question # 42

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Full Access
Question # 43

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

A.

6

B.

8

C.

12

D.

18

Full Access
Question # 44

Refer to the exhibit.

Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?

A.

R2 is using the passive-interface default command

B.

R1 has an incorrect network command for interface Gi1/0

C.

R2 should have its network command in area 1

D.

R1 interface Gil/0 has a larger MTU size

Full Access
Question # 45

Refer to the exhibit.

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 46

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Full Access
Question # 47

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

A.

Select the 802.1 x option for Auth Key Management.

B.

Select the WPA Policy option.

C.

Select the PSK option for Auth Key Management.

D.

Select the AES option for Auth Key Management.

E.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Full Access
Question # 48

Refer to the exhibit Routers R1 R2 and R3 use a protocol to identify their neighbors' IP addresses hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

A.

Configure the no cdp enable command on gO/2.

B.

Configure the no cdp run command globally.

C.

Configure the no lldp run command globally.

D.

Configure the no lldp receive command on gQV1.

Full Access
Question # 49

Refer to the exhibit. Which interface does a packet take to reach the destination address of 10.10.10.147?

A.

FastEthemet 0/0

B.

Senal0/0

C.

FastEthemet 0/1

Full Access
Question # 50

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 51

Which authentication method requires the user to provide a physical attribute to authenticate successfully?

A.

password

B.

muftifactor

C.

biometric

D.

certificate

Full Access
Question # 52

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

A.

username CCUser privies 10 password NA!2Scc

B.

username CCUser password NA!2Scc enable password level 5 NA!2$cc

C.

username CCUser secret NA!2Scc

D.

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Full Access
Question # 53

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

A.

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

B.

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

C.

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Full Access
Question # 54

Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

A.

action

B.

management

C.

control

D.

data

Full Access
Question # 55

Which protocol does an access point use to draw power from a connected switch?

A.

Internet Group Management Protocol

B.

Adaptive Wireless Path Protocol

C.

Cisco Discovery Protocol

D.

Neighbor Discovery Protocol

Full Access
Question # 56

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

A.

ip address 192.168.0.0 255.255.0.0

B.

ip address 192.168.0.0 255.255.254.0

C.

ip address 192.168.0.0 255.255.255.128

D.

ip address 192.168.0.0 255.255.255.224

Full Access
Question # 57

Refer to the exhibit.

What does router R1 use as its OSPF router-ID?

A.

10.10.1.10

B.

10.10.10.20

C.

172.16.15.10

D.

192.168.0.1

Full Access
Question # 58

Refer to the exhibit.

An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?

A.

ipv6 route ::/0 Serial 0/0/1

B.

ipv6 route 0/0 Serial 0/0/0

C.

ipv6 route ::/0 Serial 0/0/0

D.

ip route 0.0.0.0.0.0.0.0 Serial 0/0/0

E.

ipv6 route ::/0 2000::2

Full Access
Question # 59

Which two QoS tools provides congestion management? ( Choose two )

A.

CAR

B.

CBWFQ

C.

PQ

D.

PBR

E.

FRTS

Full Access
Question # 60

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

A.

IKEv2

B.

IKEv1

C.

IPsec

D.

MD5

Full Access
Question # 61

What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

A.

access - core - distribution - access

B.

access - distribution - distribution - access

C.

access - core - access

D.

access -distribution - core - distribution - access

Full Access
Question # 62

Refer to the exhibit.

What is the effect of this configuration?

A.

The switch port interface trust state becomes untrusted

B.

The switch port remains administratively down until the interface is connected to another switch

C.

Dynamic ARP inspection is disabled because the ARP ACL is missing

D.

The switch port remains down until it is configured to trust or untrust incoming packets

Full Access
Question # 63

Which action is taken by a switch port enabled for PoE power classification override?

A.

When a powered device begins drawing power from a PoE switch port a syslog message is generated

B.

As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused

C.

If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects

D.

Should a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled

Full Access
Question # 64

Refer to the exhibit.

An administrator configures four switches for local authentication using passwords that are stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?

A.

SW1

B.

SW2

C.

SW3

D.

SW4

Full Access
Question # 65

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

A.

sniffer

B.

mesh

C.

flexconnect

D.

local

Full Access
Question # 66

Which two statements distinguish authentication from accounting? (Choose two.)

A.

Only authentication records the duration of a user's connection.

B.

Only authentication supports user-activity audits.

C.

Only authentication provides supporting information for billing users.

D.

Only authentication challenges users for their credentials and returns a response.

E.

Only authentication validates "who you are."

Full Access
Question # 67

How does machine learning improve the detection of unauthorized network access?

A.

It monitors for outdated software.

B.

It dictates security policy updates.

C.

It identifies patterns indicating intrusions.

D.

It assigns security clearance levels.

Full Access
Question # 68

Refer to the exhibit.

A network engineer must block access for all computers on VLAN 20 to the web server via HTTP All other computers must be able to access the web server Which configuration when applied to switch A accomplishes this task?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 69

A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch. What must be configured when using active mode on both sides of the connection?

A.

802.1q trunks

B.

Cisco vPC

C.

LLDP

D.

LACP

Full Access
Question # 70

What is the primary function of a Layer 3 device?

A.

to analyze traffic and drop unauthorized traffic from the Internet

B.

to transmit wireless traffic between hosts

C.

to pass traffic between different networks

D.

forward traffic within the same broadcast domain

Full Access
Question # 71

An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled

Which action is necessary to complete the configuration if the ISP uses third-party network devices?

A.

Enable LLDP globally

B.

Disable autonegotiation

C.

Disable Cisco Discovery Protocol on the interface

D.

Enable LLDP-MED on the ISP device

Full Access
Question # 72

How does CAPWAP communicate between an access point in local mode and a WLC?

A.

The access point must directly connect to the WLC using a copper cable

B.

The access point must not be connected to the wired network, as it would create a loop

C.

The access point must be connected to the same switch as the WLC

D.

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

Full Access
Question # 73

Refer to the exhibit.

To which device does Router1 send packets that are destined to host 10.10.13.165?

A.

Router2

B.

Router3

C.

Router4

D.

Router5

Full Access
Question # 74

What is the RFC 4627 default encoding for JSON text?

A.

UCS-2

B.

UTF-8

C.

Hex

D.

GB18030

Full Access
Question # 75

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

A.

interface port-channel 2

channel-group 2 mode desirable

B.

interface fasteinernet 1/1

channel-group 2 mode active

C.

interface fasteinernet 1/1

channel-group 2 mode on

D.

interface port-channel 2

channel-group 2 mode auto

Full Access
Question # 76

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

A.

0

B.

1

C.

2

D.

32

Full Access
Question # 77

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 78

Refer to the exhibit.

Drag and drop the networking parameters from the left onto the correct values on the right.

Full Access
Question # 79

The service password-encryption command is entered on a router. What is the effect of this configuration?

A.

restricts unauthorized users from viewing clear-text passwords in the running configuration

B.

encrypts the password exchange when a VPN tunnel is established

C.

prevents network administrators from configuring clear-text passwords

D.

protects the VLAN database from unauthorized PC connections on the switch

Full Access
Question # 80

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

A.

OpenFlow

B.

Java

C.

REST

D.

XML

Full Access
Question # 81

What is a role of access points in an enterprise network?

A.

connect wireless devices to a wired network

B.

support secure user logins to devices or the network

C.

integrate with SNMP in preventing DDoS attacks

D.

serve as a first line of defense in an enterprise network

Full Access
Question # 82

Which action does the router take as it forwards a packet through the network?

A.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

B.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination

C.

The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination

D.

The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination

Full Access
Question # 83

Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right.

Full Access
Question # 84

How do TCP and UDP differ in the way they guarantee packet delivery?

A.

TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.

B.

TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only.

C.

TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only.

D.

TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only.

Full Access
Question # 85

What criteria is used first during the root port selection process?

A.

local port ID

B.

lowest path cost to the root bridge

C.

lowest neighbor's bridge ID

D.

lowest neighbor's port ID

Full Access
Question # 86

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

A.

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Full Access
Question # 87

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Full Access
Question # 88

What does the term "spirt MAC” refer to in a wireless architecture?

A.

divides data link layer functions between the AP and WLC

B.

combines the management and control functions from the data-forwarding functions

C.

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

D.

leverages two APs to handle control and data traffic

Full Access
Question # 89

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

A.

magic links

B.

one-time passwords

C.

digital certificates

D.

90-day renewal policies

Full Access
Question # 90

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

A.

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

B.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

C.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

D.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Full Access
Question # 91

An engineer is configuring switch SW1 to act an NTP server when all upstream NTP server connectivity fails. Which configuration must be used?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 92

Refer to the exhibit.

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

What does the switch do when it receives the frame from host D?

A.

It creates a broadcast storm.

B.

It drops the frame from the MAC table of the switch.

C.

It shuts down the source port and places It In err-disable mode.

D.

It floods the frame out of every port except the source port.

Full Access
Question # 93

Refer to the exhibit. What is the cause of the issue?

A.

STP

B.

port security

C.

wrong cable type

D.

shutdown command

Full Access
Question # 94

What is a function of an endpoint?

A.

It is used directly by an individual user to access network services

B.

It passes unicast communication between hosts in a network

C.

It transmits broadcast traffic between devices in the same VLAN

D.

It provides security between trusted and untrusted sections of the network.

Full Access
Question # 95

Refer to the exhibit.

A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements:

• accommodates current configured VLANs

• expands the range to include VLAN 20

• allows for IEEE standard support for virtual LANs

Which configuration on the NewSwitch side of the link meets these requirements?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 96

Refer to the exhibit.

For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:

• Disable all neighbor discovery methods on R5 interface GiO/1.

• Permit neighbor discovery on R5 interface GiO/2.

• Verify there are no dynamically learned neighbors on R5 interface Gi0/1.

• Display the IP address of R6*s interface Gi0/2.

Which configuration must be used?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 97

Which condition must be met before an NMS handles an SNMP trap from an agent?

A.

The NMS software must be loaded with the MIB associated with the trap.

B.

The NMS must be configured on the same router as the SNMP agent

C.

The NMS must receive a trap and an inform message from the SNMP agent within a configured interval

D.

The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.

Full Access
Question # 98

Refer to the exhibit.

An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEfriemet3/1/4 port on a switch?

A.

The phone and a workstation that is connected to the phone do not have VLAN connectivity

B.

The phone and a workstation that is connected to the phone send and receive data in VLAN 50.

C.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity

D.

The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1

Full Access
Question # 99

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

A.

configure the hello and dead timers to match on both sides

B.

configure the same process ID for the router OSPF process

C.

configure the same router ID on both routing processes

D.

Configure the interfaces as OSPF active on both sides.

E.

configure both interfaces with the same area ID

Full Access
Question # 100

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

A.

10.10.10.0/28

B.

10.10.13.0/25

C.

10.10.13.144/28

D.

10.10.13.208/29

Full Access
Question # 101

Which network plane is centralized and manages routing decisions?

A.

policy plane

B.

management plane

C.

control plane

D.

data plane

Full Access
Question # 102

Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

A.

1,6,11

B.

1,5,10

C.

1,2,3

D.

5,6,7

Full Access
Question # 103

What prevents a workstation from receiving a DHCP address?

A.

DTP

B.

STP

C.

VTP

D.

802.10

Full Access
Question # 104

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

A.

route with the lowest cost

B.

route with the next hop that has the highest IP

C.

route with the shortest prefix length

D.

route with the lowest administrative distance

Full Access
Question # 105

What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closer? (Choose two.)

A.

enable the PortFast feature on ports

B.

implement port-based authentication

C.

configure static ARP entries

D.

configure ports to a fixed speed

E.

shut down unused ports

Full Access
Question # 106

Which type of traffic is sent with pure iPsec?

A.

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

B.

multicast traffic from a server at one site to hosts at another location

C.

spanning-tree updates between switches that are at two different sites

D.

unicast messages from a host at a remote site to a server at headquarters

Full Access
Question # 107

What is a similarly between 1000BASE-LX and 1000BASE-T standards?

A.

Both use the same data-link header and trailer formats

B.

Both cable types support LP connectors

C.

Both cable types support Rj-45 connectors

D.

Both support up to 550 meters between nodes

Full Access
Question # 108

What is a function of a Layer 3 switch?

A.

move frames between endpoints limited to IP addresses

B.

transmit broadcast traffic when operating in Layer 3 mode exclusively

C.

forward Ethernet frames between VLANs using only MAC addresses

D.

flood broadcast traffic within a VLAN

Full Access
Question # 109

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

A.

Unicode

B.

base64

C.

decimal

D.

ASCII

Full Access
Question # 110

If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames?

A.

The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.

B.

The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.

C.

The new frame is placed in a queue for transmission after the previous frame.

D.

The two frames are processed and delivered at the same time.

Full Access
Question # 111

Which set of action satisfy the requirement for multifactor authentication?

A.

The user swipes a key fob, then clicks through an email link

B.

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

C.

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

D.

The user enters a user name and password and then re-enters the credentials on a second screen

Full Access
Question # 112

Which technology can prevent client devices from arbitrarily connecting to the network without state remediation?

A.

802.1x

B.

IP Source Guard

C.

MAC Authentication Bypass

D.

802.11n

Full Access
Question # 113

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

A.

longest prefix

B.

metric

C.

cost

D.

administrative distance

Full Access
Question # 114

Which two outcomes are predictable behaviors for HSRP? (Choose two)

A.

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.

B.

The two routers negotiate one router as the active router and the other as the standby router

C.

Each router has a different IP address both routers act as the default gateway on the LAN, and traffic is load balanced between them.

D The two routers synchronize configurations to provide consistent packet forwarding

D.

The two routed share the same IP address, and default gateway traffic is load-balanced between them

Full Access
Question # 115

Which type of organization should use a collapsed-core architecture?

A.

large and requires a flexible, scalable network design

B.

large and must minimize downtime when hardware fails

C.

small and needs to reduce networking costs currently

D.

small but is expected to grow dramatically in the near future

Full Access
Question # 116

Which two actions influence the EIGRP route selection process? (Choose two)

A.

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

B.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

C.

The router calculates the feasible distance of all paths to the destination route

D.

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

E.

The router must use the advertised distance as the metric for any given route

Full Access
Question # 117

A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client.

Which configuration, when applied, meets the requirements?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 118

Which command must be entered to configure a DHCP relay?

A.

ip helper-address

B.

ip address dhcp

C.

ip dhcp pool

D.

ip dhcp relay

Full Access
Question # 119

What are two characteristics of a public cloud Implementation? (Choose two.)

A.

It is owned and maintained by one party, but it is shared among multiple organizations.

B.

It enables an organization to fully customize how It deploys network resources.

C.

It provides services that are accessed over the Internet.

D.

It Is a data center on the public Internet that maintains cloud services for only one company.

E.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

Full Access
Question # 120

Drag and drop the AAA terms from the left onto the description on the right.

Full Access
Question # 121

Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two)

A.

Enable NTP authentication.

B.

Verify the time zone.

C.

Disable NTP broadcasts

D.

Specify the IP address of the NTP server

E.

Set the NTP server private key

Full Access
Question # 122

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

A.

level

B.

message body

C.

process ID

D.

facility

Full Access
Question # 123

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Full Access
Question # 124

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

A.

Select the WPA2 Policy, AES, and TKIP check boxes.

B.

Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank.

C.

Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.

D.

Select the WPA2 Policy and AES check boxes.

Full Access
Question # 125

A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the next-hop devices are different?

A.

The router chooses the route with the oldest age.

B.

The router load-balances traffic over all routes to the destination.

C.

The router chooses the next hop with the lowest MAC address.

D.

The router chooses the next hop with the lowest IP address.

Full Access
Question # 126

What is a difference between an IPv6 multicast address and an IPv6 anycast address?

A.

A packet sent to an IPv6 multicast address is delivered to one or more destinations at once, but a packet sent to an IPv6 anycast address is routed to the closest interface with that address.

B.

An IPv6 multicast address uses the prefix 2002::/15 and forwards to one destination, and an IPv6 anycast address uses the prefix ff00::/8 and forwards to any destination in a group.

C.

IPv6 multicast addresses are used to transition from IPv4 to IPv6, and IPv6 anycast addresses are used for address aggregation in an IPv6-only environment.

D.

An IPv6 multicast address is assigned to numerous interfaces within a subnet, but an IPv6 anycast address is used for a predefined group of nodes in an all-IPv6 routers group.

Full Access
Question # 127

How does authentication differ from authorization?

A.

Authentication verifies the identity of a person accessing a network, and authorization determines what resource a user can access.

B.

Authentication is used to record what resource a user accesses, and authorization is used to determine what resources a user can access

C.

Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network

D.

Authentication is used to verify a person's identity, and authorization is used to create syslog messages for logins.

Full Access
Question # 128

Refer to the exhibit.

An engineer is updating the management access configuration of switch SW1 to allow secured, encrypted remote configuration. Which two commands or command sequences must the engineer apply to the switch? (Choose two.)

A.

SW1(config)#enable secret ccnaTest123

B.

SW1(config)#username NEW secret R3mote123

C.

SW1(config)#line vty 0 15 SW1(config-line)#transport input ssh

D.

SW1(config)# crypto key generate rsa

E.

SW1(config)# interface f0/1 SW1(confif-if)# switchport mode trunk

Full Access
Question # 129

Drag and drop the Ansible features from the left to the right Not all features are used.

Full Access
Question # 130

Refer to the exhibit. User traffic originating within site 0 is failing to reach an application hosted on IP address 192.168 0 10. Which is located within site A What is determined by the routing table?

A.

The default gateway for site B is configured incorrectly

B.

The lack of a default route prevents delivery of the traffic

C.

The traffic is blocked by an implicit deny in an ACL on router2

D.

The traffic to 192 168 010 requires a static route to be configured in router 1.

Full Access
Question # 131

Which two transport layer protocols carry syslog messages? (Choose two.)

A.

UDP

B.

RTP

C.

IP

D.

TCP

E.

ARP

Full Access
Question # 132

Refer to the exhibit.

Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A network engineer must configure R1 with a floating static route to serve as a backup route to network 192.168.23. Which command must the engineer configure on R1?

A.

ip route 192.168.23.0 255.255.255.0 192.168.13.3 100

B.

ip route 192.168.23.0 255.255.255.0 192.168.13.3 121

C.

ip route 192.168.23.0 255.255.255.255 192.168.13.3 121

D.

ip route 192.168.23.0 255.255.255.0 192.168.13.3

Full Access
Question # 133

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Full Access
Question # 134

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Full Access
Question # 135

Which REST method updates an object in the Cisco DNA Center Intent API?

A.

CHANGE

B.

UPDATE

C.

POST

D.

PUT

Full Access
Question # 136

Refer to the exhibit.

How does router R1 handle traffic to the 172.16.1.4/30 subnet?

A.

It sends all traffic over the path via 172.16.9.5 using 172.16.4.4 as a backup.

B.

It sends all traffic over the path via 10.0.1.100.

C.

It load-balances traffic over 172.16.9.5 and 172.16.4.4.

D.

It sends all traffic over the path via 172.16.4.4.

Full Access
Question # 137

Refer to the exhibit.

What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?

A.

Select PSK under Authentication Key Management

B.

Select WPA+WPA2 on Layer 2 Security

C.

Select Static-WEP + 802.1X on Layer 2 Security

D.

Select WPA Policy with TKIP Encryption

E.

Select 802.1X from under Authentication Key Management

Full Access
Question # 138

SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.)

A.

Set the QoS level to silver or greater for voice traffic.

B.

Set the QoS level to platinum for voice traffic.

C.

Enable Media Session Snooping on re WLAN.

D.

Enable traffic shaping for the LAN interlace of the WLC.

E.

Configure two different QoS rotes tor data and voice traffic.

Full Access
Question # 139

What is a requirement for nonoverlapping Wi-Fi channels?

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Full Access
Question # 140

Refer to the exhibit.

How should the configuration be updated to allow PC1 and PC2 access to the Internet?

A.

Modify the configured number of the second access list.

B.

Add either the ip nat {inside|outside} command under both interfaces.

C.

Remove the overload keyword from the ip nat inside source command.

D.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Full Access
Question # 141

What is an expected outcome when network management automation is deployed?

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Full Access
Question # 142

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

A.

Select the WPA Policy option with the CCKM option.

B.

Disable AES encryption.

C.

Enable Fast Transition and select the FT 802.1x option.

D.

Enable Fast Transition and select the FT PSK option.

Full Access
Question # 143

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

A.

SSH

B.

HTTPS

C.

Telnet

D.

console

Full Access
Question # 144

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Full Access
Question # 145

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Full Access
Question # 146

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

A.

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

B.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

C.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

D.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Full Access
Question # 147

Which characteristic differentiates the concept of authentication from authorization and accounting?

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Full Access
Question # 148

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Full Access
Question # 149

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

A.

ipv6 address 21:EB8:C1:2200:1::331/64

B.

ipv6 address 2001:EB8:C1:22:1::331/64

C.

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

D.

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Full Access
Question # 150

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

A.

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

B.

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

C.

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

D.

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Full Access
Question # 151

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Full Access
Question # 152

An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 153

Which action does the router take as rt forwards a packet through the network?

A.

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

B.

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

C.

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

D.

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

Full Access
Question # 154

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?

A.

ipv6 address 2001:0db8::5: a: 4F 583B

B.

ipv6 address 2001:db8::500:a:400F:583B

C.

ipv6 address 2001 db8:0::500:a:4F:583B

D.

ipv6 address 2001::db8:0000::500:a:400F:583B

Full Access
Question # 155

Refer to me exhibit.

Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

A.

It uses a route that is similar to the destination address

B.

It discards the packets.

C.

It floods packets to all learned next hops.

D.

It Queues the packets waiting for the route to be learned.

Full Access
Question # 156

What are two benefits of using the PortFast feature? (Choose two )

A.

Enabled interfaces are automatically placed in listening state

B.

Enabled interfaces come up and move to the forwarding state immediately

C.

Enabled interfaces never generate topology change notifications.

D.

Enabled interfaces that move to the learning state generate switch topology change notifications

E.

Enabled interfaces wait 50 seconds before they move to the forwarding state

Full Access
Question # 157

Which communication interaction takes place when a southbound API Is used?

A.

between the SDN controller and PCs on the network

B.

between the SON controller and switches and routers on the network

C.

between the SON controller and services and applications on the network

D.

between network applications and switches and routers on the network

Full Access
Question # 158

Which technology must be implemented to configure network device monitoring with the highest security?

A.

IP SLA

B.

syslog

C.

NetFlow

D.

SNMPv3

Full Access
Question # 159

A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?

A.

Device(Config)#lldp run

B.

Device(Config)#cdp run

C.

Device(Config-if)#cdp enable

D.

Device(Config)#flow-sampler-map topology

Full Access
Question # 160

Refer to the exhibit.

Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?

A.

The frame is processed in VLAN 5.

B.

The frame is processed in VLAN 11

C.

The frame is processed in VLAN 1

D.

The frame is dropped

Full Access
Question # 161

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Full Access
Question # 162

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

A.

Configure the OSPF priority on router A with the lowest value between the three routers.

B.

Configure router B and router C as OSPF neighbors of router A.

C.

Configure the router A interfaces with the highest OSPF priority value within the area.

D.

Configure router A with a fixed OSPF router ID

Full Access
Question # 163

Refer to the exhibit.

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

A.

Configure router A to use the same MTU size as router B.

B.

Set the router B OSPF ID to a nonhost address.

C.

Configure a point-to-point link between router A and router B.

D.

Set the router B OSPF ID to the same value as its IP address

Full Access
Question # 164

Refer to the exhibit.

Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

A.

SW1

B.

SW2

C.

SW3

D.

SW4

Full Access
Question # 165

What is a function of Opportunistic Wireless Encryption in an environment?

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Full Access
Question # 166

Which field within the access-request packet is encrypted by RADIUS?

A.

authorized services

B.

authenticator

C.

username

D.

password

Full Access
Question # 167

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 168

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 169

What provides centralized control of authentication and roaming In an enterprise network?

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Full Access
Question # 170

Refer to the exhibit.

Which network prefix was learned via EIGRP?

A.

172.16.0.0/16

B.

192.168.2.0/24

C.

207.165.200.0/24

D.

192.168.1.0/24

Full Access
Question # 171

Refer to the exhibit.

What is a reason for poor performance on the network interface?

A.

The interface is receiving excessive broadcast traffic.

B.

The cable connection between the two devices is faulty.

C.

The interface is operating at a different speed than the connected device.

D.

The bandwidth setting of the interface is misconfigured

Full Access
Question # 172

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 173

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0'1 interface for the router to assign a unique 64-brt IPv6 address to Itself?

A.

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

B.

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

C.

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

D.

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Full Access
Question # 174

Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right.

Full Access
Question # 175

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Full Access
Question # 176

Which action implements physical access control as part of the security program of an organization?

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Full Access
Question # 177

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Full Access
Question # 178

What is the purpose of the ip address dhcp command?

A.

to configure an Interface as a DHCP server

B.

to configure an interface as a DHCP helper

C.

to configure an interface as a DHCP relay

D.

to configure an interface as a DHCP client

Full Access
Question # 179

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Full Access
Question # 180

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Full Access
Question # 181

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Full Access
Question # 182

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 183

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Full Access
Question # 184

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 185

How does Rapid PVST+ create a fast loop-free network topology?

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Full Access
Question # 186

Refer to the exhibit.

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

A.

switchport trunk allowed vlan 100-104

B.

switchport trunk allowed vlan add 104

C.

switchport trunk allowed vlan all

D.

switchport trunk allowed vlan 104

Full Access
Question # 187

Which two network actions occur within the data plane? (Choose two.)

A.

Add or remove an 802.1Q trunking header.

B.

Make a configuration change from an incoming NETCONF RPC.

C.

Run routing protocols.

D.

Match the destination MAC address to the MAC address table.

E.

Reply to an incoming ICMP echo request.

Full Access
Question # 188

Which channel-group mode must be configured when multiple distribution interfaces connected to a WLC are bundled?

A.

Channel-group mode passive.

B.

Channel-group mode on.

C.

Channel-group mode desirable.

D.

Channel-group mode active.

Full Access
Question # 189

Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?

A.

tunnel

B.

transport

C.

aggressive

D.

main

Full Access
Question # 190

What is a benefit of using private IPv4 addressing?

A.

Multiple companies can use the same addresses without conflicts.

B.

Direct connectivity is provided to internal hosts from outside an enterprise network.

C.

Communication to the internet Is reachable without the use of NAT.

D.

All external hosts are provided with secure communication to the Internet.

Full Access
Question # 191

What is the function of northbound API?

A.

It upgrades software and restores files.

B.

It relies on global provisioning and configuration.

C.

It supports distributed processing for configuration.

D.

It provides a path between an SDN controller and network applications.

Full Access
Question # 192

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show Interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

A.

high bandwidth usage

B.

a physical cable fault

C.

a speed mismatch

D.

a cable that is too long

Full Access
Question # 193

Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two switches with these requirements:

• using an industry-standard trunking protocol

• permitting VLANs 1 -10 and denying other VLANs

How must the interconnecting ports be configured?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 194

Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?

A.

virtual interface

B.

management interface

C.

console port

D.

service port

Full Access
Question # 195

Exhibit.

The switches are connected via a Cat5 Ethernet cable that was successfully tested. The Interfaces are configured as access ports and are both in a 'down" status. What is the cause of this issue?

A.

The switches are configured with incompatible duplex settings.

B.

The distance between the two switches is not supported by Cut5.

C.

The speed settings on the switches are mismatched.

D.

The portfast command is missing from the configuration.

Full Access
Question # 196

Why would a network administrator choose to implement automation in a network environment?

A.

To simplify the process of maintaining a consistent configuration state across all devices

B.

To centralize device information storage

C.

To implement centralized user account management

D.

To deploy the management plane separately from the rest of the network Answer: A

Full Access
Question # 197

Refer to the exhibit.

The administrator must configure a floating sialic default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE?

A.

ipv6 route ::/0 2001:db8:1234:2::1 3

B.

ipv6 route ::/128 2001 :db8:1234:2::1 3

C.

ipv6 route ::/0 2001:db8:1234:2::1 1

D.

ipv6 route ::/0 2001:db8:1234:2::1 2

Full Access
Question # 198

Refer to the exhibit.

An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional VLANS using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth?

A.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 265 255.255.252

B.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.248

C.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255 255.255.0

D.

Switch(config)#interface vlan 10

Switch(config-if)#ip address 192.168.0.1 255.255.255.128

Full Access
Question # 199

Refer to the exhibit An IPv6 address must be obtained automatically on the LAN interface on R1 Which command must be implemented to accomplish the task?

A.

Ipv6 address 2001:dbB:d8d2:1008:4343:61:0010::/64

B.

Ipv6 address autoconfig

C.

Ipv6 address fe80::/10

D.

Ipv6 address dhcp

Full Access
Question # 200

Drag and drop the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.

Full Access
Question # 201

What is a zero-day exploit?

A.

It is when a new network vulnerability is discovered before a fix is available

B.

It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.

C.

It is when the network is saturated with malicious traffic that overloads resources and bandwidth

D.

It is when an attacker inserts malicious code into a SOL server.

Full Access
Question # 202

A wireless access point is needed and must meet these requirements:

• "zero-touch" deployed and managed by a WLC

• process only real-time MAC functionality

• used in a split-MAC architecture. Which access point type must be used?

A.

autonomous

B.

lightweight

C.

mesh

D.

cloud-based

Full Access
Question # 203

What is a purpose of traffic shaping?

A.

It enables dynamic flow identification.

B.

It enables policy-based routing.

C.

It provides best-effort service.

D.

It limits bandwidth usage.

Full Access
Question # 204

What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?

A.

forwarding mode and provides the lowest-cost path to the root bridge for each VLAN

B.

learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN

C.

blocking mode and provides an alternate path toward the designated bridge

D.

listening mode and provides an alternate path toward the root bridge

Full Access
Question # 205

Refer to the exhibit.

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

A.

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

B.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

C.

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

D.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Full Access
Question # 206

Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.)

A.

REMOVE

B.

REDIRECT

C.

OPOST

D.

GET

E.

UPOP

Full Access
Question # 207

Refer to the exhibit.

A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interlace Seria10. What is the effect of the configuration as the administrator applies the command?

A.

The permit command fails and returns an error code.

B.

The router accepts all incoming traffic to Seria10 with the last octet of the source IP set to 0.

C.

The sourced traffic from IP range 10.0.0.0 -10.0.0.255 is allowed on Seria10.

D.

The router fails to apply the access list to the interface.

Full Access
Question # 208

Which type of port is used to connect lo the wired network when an autonomous AP maps two VLANs to its WLANs?

A.

LAG

B.

EtherChannel

C.

trunk

D.

access

Full Access
Question # 209

Refer to the exhibit.

Which two values does router R1 use to identify valid routes for the R3 loopback address 1.1.1.3/32? (Choose two.)

A.

lowest cost to teach the next hop

B.

highest metric

C.

highest administrative distance

D.

lowest metric

E.

lowest administrative distance

Full Access
Question # 210

Which two features introduced in SNMPv2 provides the ability to retrieve large amounts of data in one request

A.

Get

B.

GetNext

C.

Set

D.

GetBulk

E.

Inform

Full Access
Question # 211

The clients and OHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1?

A.

ip route 192.168.10.1

B.

ip default-gateway 192.168.10.1

C.

ip helper-address 192.168.10.1

D.

ip dhcp address 192.168.10.1

Full Access
Question # 212

When should an engineer implement a collapsed-core architecture?

A.

for small networks with minimal need for growth

B.

the access and distribution layers must be on the same device

C.

for large networks that are connected to multiple remote sites

D.

only when using VSS technology

Full Access
Question # 213

Which device segregates a network into separate zones that have their own security policies?

A.

IPS

B.

firewall

C.

access point

D.

switch

Full Access
Question # 214

Refer to the exhibit.

The primary route across Gi0/0 is configured on both routers. A secondary route must be configured to establish connectivity between the workstation networks. Which command set must be configured to complete this task?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 215

TION NO: 228

The address block 192 168 32 0/24 must be subnetted into smaller networks The engineer must meet these requirements

• Create 8 new subnets

• Each subnet must accommodate 30 hosts

• Interface VLAN 10 must use the last usable IP in the first new subnet

• A Layer 3 interface is used

Which configuration must be applied to the interface?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 216

Which physical component is distributed among multiple virtual machines running on the same hypervisor?

A.

external storage

B.

hardware resources

C.

network interfaces

D.

backplane network

Full Access
Question # 217

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Full Access
Question # 218

Refer to the exhibit.

A newly configured PC fails to connect to the internet using TCP port 80 to www cisco com Which setting must be modified for the connection to work?

A.

Subnet Mask

B.

DNS Servers

C.

Default Gateway

D.

DHCP Server

Full Access
Question # 219

A network engineer starts to implement a new wireless LAN by configuring the authentication server and creating the dynamic Interface. What must be performed next to complete the basic configuration?

A.

Install the management interface and add the management IP.

B.

Configure high availability and redundancy tor the access points.

C.

Enable Telnet and RADIUS access on the management interface.

D.

Create the new WLAN and bind the dynamic interface to It.

Full Access
Question # 220

Refer to the exhibit.

A network engineer is updating the configuration on router R1 to connect a new branch office to the company network R2 has been configured correctly. Which command must the engineer configure so that devices at the new site communicate with the main office?

A.

ip route 172.25.25 0 255 255 255.0 192.168.2.1

B.

ip route 172.25.25 1 255 255 255 255 g0/1

C.

ip route 172.25.25.0.255.255.255.0.192.168.2.2

Full Access
Question # 221

Refer to the exhibit.

The image server and client A are running an application that transfers an extremely high volume of data between the two. An engineer is configuring a dedicated circuit between R1 and R2. Which set of commands must the engineer apply to the routers so that only traffic between the image server and client A is forces to use the new circuit?

A.

R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6

R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5

B.

R1(config)#ip route 10.10.13.10 255.255.255.128 10.10.10.6

R2(config)#lp route 192.168.0.100 255.255.255.0 10.10.10.5

C.

R1(config)#ip route 10.10.13.10 255.255.255.252 10.10.10.6

R2(config)#tp route 192.168.0.100 255.255.255.252 10.10.10.5

D.

R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2

R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1

Full Access
Question # 222

Refer to the exhibit. The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two.)

A.

ip route 10.10.10.0 255.255.255.0 192.168.2.3

B.

ip route 10.10.10.10 255.255.255.255 192.168.2.2

C.

ip route 10.10.10.10 255.255.255.255 g0/1

D.

ip route 10.10.10.8 255.255.255.248 g0/1

E.

ip route 10.10.10.0 255.255.255.248 192.168.2.2

Full Access
Question # 223

What is used to identify spurious DHCP servers?

A.

DHCPREQUEST

B.

DHCPDISCOVER

C.

DHCPACK

D.

DHCPOFFER

Full Access
Question # 224

Which plane is centralized in software-defined networking?

A.

application

B.

services

C.

control

D.

data

Full Access
Question # 225

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 226

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Full Access
Question # 227

Which advantage does machine learning offer for network security?

A.

It improves real-time threat detection.

B.

It manages firewall rule sets.

C.

It enforces password complexity requirements.

D.

It controls VPN access permissions.

Full Access
Question # 228

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

A.

It is less expensive when purchasing patch cables.

B.

It has a greater sensitivity to changes in temperature and moisture.

C.

It provides greater throughput options.

D.

It carries signals for longer distances.

E.

It carries electrical current further distances for PoE devices.

Full Access
Question # 229

Refer to the exhibit. Which type of JSON data is shown?

A.

sequence

B.

string

C.

object

D.

Boolean

Full Access
Question # 230

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Full Access
Question # 231

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

A.

ntp master 172.24.54.8

B.

ntp client 172.24.54.8

C.

ntp peer 172.24.54.8

D.

ntp server 172.24.54.8

Full Access
Question # 232

Which AP feature provides a captive portal for users to authenticate register and accept terms before accessing the internet?

A.

One-Click

B.

Hotspot

C.

Enhanced Bluetooth

D.

Whole Home

Full Access
Question # 233

What is the main difference between traditional networks and controller-based networking?

A.

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.

Controller-based networks are open for application requests, and traditional networks operate manually.

D.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Full Access
Question # 234

What is an Ansible inventory?

A.

file that defines the target devices upon which commands and tasks are executed

B.

unit of Python code to be executed within Ansible

C.

collection of actions to perform on target devices, expressed in YAML format

D.

device with Ansible installed that manages target devices

Full Access
Question # 235

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

A.

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

B.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

C.

ip route 0.0.0.0 0.0.0.0 10.200.0.2

D.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Full Access
Question # 236

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

A.

Telnet

B.

console

C.

HTTPS

D.

SSH

Full Access
Question # 237

Which CRUD operation corresponds to me HTTP GET method?

A.

delete

B.

create

C.

update

D.

read

Full Access
Question # 238

Why is UDP more suitable than TCP tor applications that require low latency, such as VoIP?

A.

UDP reliably guarantees delivery of all packets and TCP drops packets under heavy load.

B.

TCP sends an acknowledgment for every packet that is received and UDP operates without acknowledgments.

C.

UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.

D.

TCP uses congestion control for efficient packet delivery and UDP uses flow control mechanisms for the delivery of packets.

Full Access
Question # 239

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

A.

next-generation firewall to keep stateful packet inspection

B.

multifactor authentication using two separate authentication sources

C.

ACL to restrict incoming Telnet sessions "admin" accounts

D.

IPS with a block list of known attack vectors

Full Access
Question # 240

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Full Access
Question # 241

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

A.

ip forward-protocol udp 137

B.

ip default-network 192.168.52.253

C.

ip helper-address 172.16.32.15

D.

ip default-gateway 192.168.52.253

Full Access
Question # 242

Drag and drop the common functions from the left onto the cofresponding network topology architecture layer on the right. Not all common functions are used.

Full Access
Question # 243

Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the DNS service. Which configuration updates the ACL efficiently?

A.

ip access-list extended Services

35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

B.

no ip access-list extended Services

ip access-list extended Services

30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

C.

ip access-list extended Services

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

D.

no ip access-list extended Services

ip access-list extended Services

permit udp 10.0.0.0 0.255.255.255 any eq 53

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

deny ip any any log

Full Access
Question # 244

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Full Access