Cisco 200-301 Exam Practice Questions Answers

Cisco Certified Network Associate Questions and Answers

Question 1

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

initiates a ping request to the URL

prompts the user to specify the desired IP address

continuously attempts to resolve the URL until the command is cancelled

sends a broadcast message in an attempt to resolve the URL

Question 2

What is a function of the Cisco DNA Center Overall Health Dashboard?

Options:

It provides a summary of the top 10 global issues.

It provides detailed activity logging for the 10 devices and users on the network.

It summarizes the operational status of each wireless devise on the network.

It summarizes daily and weekly CPU usage for servers and workstations in the network.

Question 3

When a switch receives a frame for a known destination MAC address, how is the frame handed?

Options:

sent to the port identified for the known MAC address

broadcast to all ports

forwarded to the first available port

flooded to all ports except the one from which it originated

Question 4

Which two outcomes are predictable behaviors for HSRP? (Choose two.)

Options:

The two routers synchronize configurations to provide consistent packet forwarding

The two routers negotiate one router as the active router and the other as the standby router

Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN

The two routers share the same interface IP address and default gateway traffic is load-balanced between them

Question 5

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

redundancy

console

distribution system

service

Question 6

In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)

Options:

It automatically provides a second authentication factor that is unknown to the original user.

It uses an internal firewall to protect the password repository from unauthorized access.

It protects against keystroke logging on a compromised device or web site.

It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality

It encourages users to create stronger passwords.

Question 7

How do TCP and UDP differ in the way they guarantee packet delivery?

Options:

TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.

TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only.

TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only.

TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only.

Question 8

In software defined architectures, which plane is distributed and responsible for traffic forwarding?

Options:

management plane

control plane

policy plane

data plane

Question 9

Which 802.11 frame type is association response?

Options:

management

protected frame

control

action

Question 10

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

switch(config)#spanning-tree portfast default

switch(config)#spanning-tree portfast bpduguard default

switch(config-if)#spanning-tree portfast trunk

switch(config-if)#no spanning-tree portfast

Question 11

Which function does the range of private IPv4 addresses perform?

Options:

allows multiple companies to each use the same addresses without conflicts

provides a direct connection for hosts from outside of the enterprise network

ensures that NAT is not required to reach the internet with private range addressing

enables secure communications to the internet for all external hosts

Question 12

Which two protocols are supported on service-port interfaces? (Choose two.)

Options:

RADIUS

TACACS+

SCP

Telnet

SSH

Question 13

Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?

Options:

TACACS server

wireless access point

RADIUS server

wireless LAN controller

Question 14

Refer to the exhibit.

An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement?

Options:

interface gi0/1

no cdp enable

interface gi0/1

clear cdp table

interface gi0/0

no cdp advertise-v2

interface gi0/0

no cdp run

Question 15

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

Options:

Add the switch in the VTP domain with a lower revision number

Add the switch with DTP set to dynamic desirable

Add the switch in the VTP domain with a higher revision number

Add the switch with DTP set to desirable

Question 16

Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?

Options:

ipv6 address dhcp

ipv6 address 2001:DB8:5:112::/64 eui-64

ipv6 address autoconfig

ipv6 address 2001:DB8:5:112::2/64 link-local

Question 17

Refer to the exhibit.

An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G/0/1. Which access list must be applied?

Options:

Option A

Option B

Option C

Option D

Question 18

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.

Options:

dual algorithm

metric

administrative distance

hop count

Question 19

Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

Options:

lldp timer

lldp holdtimt

lldp reinit

lldp tlv-select

Question 20

What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

Options:

Filter traffic based on destination IP addressing

Sends the default route to the hosts on a network

ensures a loop-free physical topology

forwards multicast hello messages between routers

Question 21

What is a characteristic of a SOHO network?

Options:

connects each switch to every other switch in the network

enables multiple users to share a single broadband connection

provides high throughput access for 1000 or more users

includes at least three tiers of devices to provide load balancing and redundancy

Question 22

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

Options:

infrastructure-as-a-service

platform-as-a-service

business process as service to support different types of service

software-as-a-service

Question 23

How are the switches in a spine-and-leaf topology interconnected?

Options:

Each leaf switch is connected to one of the spine switches.

Each leaf switch is connected to two spine switches, making a loop.

Each leaf switch is connected to each spine switch.

Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.

Question 24

What facilitates a Telnet connection between devices by entering the device name?

Options:

SNMP

DNS lookup

syslog

NTP

Question 25

On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

Options:

DHCP

STP

SNMP

DNS

Question 26

What is recommended for the wireless infrastructure design of an organization?

Options:

group access points together to increase throughput on a given channel

configure the first three access points are configured to use Channels 1, 6, and 11

include a least two access points on nonoverlapping channels to support load balancing

assign physically adjacent access points to the same Wi-Fi channel

Question 27

Where does the configuration reside when a helper address Is configured lo support DHCP?

Options:

on the router closest to the server

on the router closest to the client

on every router along the path

on the switch trunk interface

Question 28

What is a similarity between OM3 and OM4 fiber optic cable?

Options:

Both have a 50 micron core diameter

Both have a 9 micron core diameter

Both have a 62.5 micron core diameter

Both have a 100 micron core diameter

Question 29

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

Options:

Layer 2 switch

load balancer

firewall

LAN controller

Question 30

Refer to the exhibit.

R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement?

Options:

Option

Question 31

What occurs when overlapping Wi-Fi channels are implemented?

Options:

The wireless network becomes vulnerable to unauthorized access.

Wireless devices are unable to distinguish between different SSIDs

Users experience poor wireless network performance.

Network communications are open to eavesdropping.

Question 32

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Options:

Question 33

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 34

Refer to the exhibit.

How does the router manage traffic to 192.168.12.16?

Options:

It selects the RIP route because it has the longest prefix inclusive of the destination address.

It chooses the OSPF route because it has the longest prefix inclusive of the destination address.

it load-balances traffic between all three routes

It chooses the EIGRP route because it has the lowest administrative distance

Question 35

Which MAC address is recognized as a VRRP virtual address?

Options:

0000.5E00.010a

0005.3711.0975

0000.0C07.AC99

0007.C070/AB01

Question 36

What is a DNS lookup operation?

Options:

DNS server pings the destination to verify that it is available

serves requests over destination port 53

DNS server forwards the client to an alternate IP address when the primary IP is down

responds to a request for IP address to domain name resolution to the DNS server

Question 37

What are two functions of an SDN controller? (Choose two)

Options:

Layer 2 forwarding

coordinating VTNs

tracking hosts

managing the topology

protecting against DDoS attacks

Question 38

After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials?

Options:

Enable the allow AAA Override

Enable the Even: Driven RRM.

Disable the LAG Mode or Next Reboot.

Enable the Authorized MIC APs against auth-list or AAA.

Question 39

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

Options:

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

Question 40

Why was the RFC 1918 address space defined?

Options:

conserve public IPv4 addressing

preserve public IPv6 address space

reduce instances of overlapping IP addresses

support the NAT protocol

Question 41

What occurs to frames during the process of frame flooding?

Options:

Frames are sent to every port on the switch in the same VLAN except from the originating port

Frames are sent to every port on the switch that has a matching entry in the MAC address table.

Frames are sent to all ports, including those that are assigned to other VLANs.

Frames are sent to every port on the switch in the same VLAN.

Question 42

Refer to the exhibit.

After the election process what is the root bridge in the HQ LAN?

Options:

Switch 1

Switch 2

Switch 3

Switch 4

Question 43

A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

Options:

CDP

SNMP

SMTP

ARP

Question 44

Which statement identifies the functionality of virtual machines?

Options:

Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor

The hypervisor can virtualize physical components including CPU. memory, and storage

Each hypervisor can support a single virtual machine and a single software switch

The hypervisor communicates on Layer 3 without the need for additional resources

Question 45

Which implementation provides the strongest encryption combination for the wireless environment?

Options:

WPA2 + AES

WPA + AES

WEP

WPA + TKIP

Question 46

What is an appropriate use for private IPv4 addressing?

Options:

on the public-facing interface of a firewall

to allow hosts inside to communicate in both directions with hosts outside the organization

on internal hosts that stream data solely to external resources

on hosts that communicates only with other internal hosts

Question 47

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

Clock timezone

Clock summer-time-recurring

Clock summer-time date

Clock set

Question 48

Refer to the exhibit.

If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1?

Options:

DHCP client

access point

router

Question 49

What is the purpose of traffic shaping?

Options:

to mitigate delays over slow links

to provide fair queuing for buffered flows

to limit the bandwidth that a flow can use to

be a marking mechanism that identifies different flows

Question 50

Which network allows devices to communicate without the need to access the Internet?

Options:

1729.0.0/16

172.28.0.0/16

192.0.0.0/8

209.165.201.0/24

Question 51

Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)

Options:

It drops lower-priority packets before it drops higher-priority packets

It can identify different flows with a high level of granularity

It guarantees the delivery of high-priority packets

It can mitigate congestion by preventing the queue from filling up

it supports protocol discovery

Question 52

Refer to exhibit.

Which statement explains the configuration error message that is received?

Options:

It is a broadcast IP address

The router does not support /28 mask.

It belongs to a private IP address range.

IT is a network IP address.

Question 53

What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?

Options:

data plane

control plane

policy plane

management plane

Question 54

Which option about JSON is true?

Options:

uses predefined tags or angle brackets () to delimit markup text

used to describe structured data that includes arrays

used for storing information

similar to HTML, it is more verbose than XML

Question 55

An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

Options:

configure IEEE 802.1p

configure IEEE 802.1q

configure ISL

configure DSCP

Question 56

Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Options:

Question 57

What does physical access control regulate?

Options:

access to spec fie networks based on business function

access to servers to prevent malicious activity

access :o computer networks and file systems

access to networking equipment and facilities

Question 58

What is the difference regarding reliability and communication type between TCP and UDP?

Options:

TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol

TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol

TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol

TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol

Question 59

A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP.

Options:

Place the AP into manual containment.

Remove the AP from WLC management.

Manually remove the AP from Pending state.

Set the AP Class Type to Friendly.

Question 60

What is a function of MAC address learning?

Options:

It is enabled by default on all VLANs and interfaces

It increases the potential for MAC address flooding.

It is disabled by default on all interfaces connected to trunks

lt increases security on the management VLAN

Question 61

Refer to the exhibit.

The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.

Options:

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 2012::1

ipv6 route 2000:3 123 s0/0/0

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::1/128 s0/0/1

Question 62

Refer to the exhibit. What is the cause of the issue?

Options:

STP

port security

wrong cable type

shutdown command

Question 63

Which two practices are recommended for an acceptable security posture in a network? (Choose two)

Options:

Backup device configurations to encrypted USB drives for secure retrieval

maintain network equipment in a secure location

Use a cryptographic keychain to authenticate to network devices

Place internal email and file servers in a designated DMZ

Disable unused or unnecessary ports, interfaces and services

Question 64

Refer to the exhibit. The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two.)

Options:

ip route 10.10.10.0 255.255.255.0 192.168.2.3

ip route 10.10.10.10 255.255.255.255 192.168.2.2

ip route 10.10.10.10 255.255.255.255 g0/1

ip route 10.10.10.8 255.255.255.248 g0/1

ip route 10.10.10.0 255.255.255.248 192.168.2.2

Question 65

Drag and drop the wireless architecture benefits from the left onto the architecture types on the right.

Options:

Question 66

Which device segregates a network into separate zones that have their own security policies?

Options:

IPS

firewall

access point

switch

Question 67

Which cipher is supported for wireless encryption only with the WPA2 standard?

Options:

AES256

AES

RC4

SHA

Question 68

Which group of channels in the 802.1ib/g/n/ac/ax 2.4 GHz frequency Bands are nonoverlapping channels?

Options:

channels 1, 5, and 10

channels 1,6, and 11

channels 1,5, and 11

channels 1,6, and 10

Question 69

Which 802.11 frame type is Association Response?

Options:

management

control

action

protected frame

Question 70

Refer to the exhibit.

An OSPF neighbor relationship must be configured using these guidelines:

• R1 is only permitted to establish a neighbor with R2

• R1 will never participate in DR elections

• R1 will use a router-id of 101.1.1.

Which configuration must be used?

Options:

Option

Question 71

Refer to the exhibit.

A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.)

Options:

Enable the Broadcast SSID option

Enable the Status option.

Set the Radio Policy option to 802 11g Only.

Set the Radio Policy option to 802.11a Only.

Set the Interface/Interface Group(G) to an interface other than guest

Question 72

Refer to the exhibit.

Rapid PVST+ mode is on the same VLAN on each switch. Which switch becomes the root bridge and why?

Options:

SW2, because its MAC address is the highest

SW3, because its priority is the highest

SW4, because its priority is highest and its MAC address is lower

SW1, because its priority is the lowest and its MAC address is higher

Question 73

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different?

Options:

The APs must be connected to the switch with multiple links in LAG mode

The switch port mode must be set to trunk

The native VLAN must match the management VLAN of the AP

IEEE 802.10 trunking must be disabled on the switch port.

Question 74

Refer to the exhibit.

A network engineer must update the configuring on switch2 so that it sends LLDP packets.

Options:

Option A

Option B

Option C

Option D

Question 75

Why implement VRRP?

Options:

to provide end users with a virtual gateway in a multivendor network

to leverage a weighting scheme to provide uninterrupted service

to detect link failures without the overhead of Bidirectional Forwarding Detection

to hand over to end users the autodiscovery of virtual gateways

Question 76

Refer to the exhibit.

The administrator must configure a floating sialic default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE?

Options:

ipv6 route ::/0 2001:db8:1234:2::1 3

ipv6 route ::/128 2001 :db8:1234:2::1 3

ipv6 route ::/0 2001:db8:1234:2::1 1

ipv6 route ::/0 2001:db8:1234:2::1 2

Question 77

Refer to the exhibit.

Which per-hop QoS behavior is R1 applying to incoming packets?

Options:

queuing

marking

shaping

policing

Question 78

A Cisco engineer notices thai two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?

Options:

ip ospf network broadcast

ip ospf dead-interval 40

ip ospf network point-to-point

ip ospf priority 0

Question 79

Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.

Options:

Question 80

Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?

Options:

virtual interface

management interface

console port

service port

Question 81

What is the primary purpose of a console port on a Cisco WLC?

Options:

In-band management via an asynchronous transport

out-of-band management via an IP transport

in-band management via an IP transport

out-of-band management via an asynchronous transport

Question 82

The address block 192 168 32 0/24 must be subnetted into smaller networks The engineer must meet these requirements

• Create 8 new subnets

• Each subnet must accommodate 30 hosts

• Interface VLAN 10 must use the last usable IP in the first new subnet

• A Layer 3 interface is used

Which configuration must be applied to the interface?

Options:

Option A

Option B

Option C

Option D

Question 83

A network engineer starts to implement a new wireless LAN by configuring the authentication server and creating the dynamic Interface. What must be performed next to complete the basic configuration?

Options:

Install the management interface and add the management IP.

Configure high availability and redundancy tor the access points.

Enable Telnet and RADIUS access on the management interface.

Create the new WLAN and bind the dynamic interface to It.

Question 84

Which enhancements were implemented as part of WPA3?

Options:

802.1x authentication and AES-128 encryption

TKIP encryption improving WEP and per-packet keying

AES-64 m personal mode and AES-128 in enterprise mode

forward secrecy and SAE in personal mode for secure initial key exchange

Question 85

What are two capabilities provided by VRRP within a LAN network? (Choose two.)

Options:

dynamic routing updates

bandwidth optimization

granular QoS

load sharing

redundancy

Question 86

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task?

Options:

Option A

Option B

Option C

Option D

Question 87

Drag and drop the statements about networking from me left onto the corresponding networking types on the right

Options:

Question 88

Which Windows command is used instead of the route print command to display the contents of the IP routing table?

Options:

netstat-n

ipconfig

ifconfig

netstat-r

Question 89

Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?

Options:

shaping

policing

CBWFQ

LLQ

Question 90

What are two reasons a switch experiences frame flooding? (Choose two.)

Options:

A defective patch cable is connected to the switch port

Topology changes are occurring within spanning-tree

An aged MAC (able entry is causing excessive updates

Port-security is configured globally

The forwarding table has overflowed

Question 91

Which device separates networks by security domains?

Options:

firewall

access point

intrusion protection system

wireless controller

Question 92

Refer to the exhibit.

PC1 regularly sends 1800 Mbps of traffic to the server. A network engineer needs to configure the EtherChannel to disable Port Channel 1 between SW1 and SW2 when the Ge0/0 and Ge0/1 ports on SW2 go down. Which configuration must the engineer apply to the switch?

Options:

Option A

Option B

Option C

Option D

Question 93

Which command do you enter so that a switch configured with Rapid PVST + listens and learns for a specific time period?

Options:

switch(config)#spanning-tree vlan 1 max-age 6

switch(config)#spanning-tree vlan 1 hello-time 10

switch(config)#spanning-tree vlan 1 priority 4096

switch(config)#spanning-tree vlan 1 forward-time 20

Question 94

Drag and drop the SNMP components from the left onto the description on the right.

Options:

Question 95

A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?

Options:

ARP

CDP

flooding

multicast

Question 96

What is a reason to implement LAG on a Cisco WLC?

Options:

Increase the available throughput on the link.

Increase security by encrypting management frames

Allow for stateful failover between WLCs

Enable the connected switch ports to use different Layer 2 configurations

Question 97

Drag and drop the HTTP methods used with REST-Based APIs from the left onto the descriptions on the right.

Options:

Question 98

Refer to the exhibit.

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

What does the switch do when it receives the frame from host D?

Options:

It creates a broadcast storm.

It drops the frame from the MAC table of the switch.

It shuts down the source port and places It In err-disable mode.

It floods the frame out of every port except the source port.

Question 99

Drag and drop the Ansible features from the left to the right Not all features are used.

Options:

Question 100

Drag and drop the statements about AAA from the left onto the corresponding AAA services on the right. Not all options are used.

Options:

Question 101

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?

Options:

crypto key Import rsa pem

crypto key pubkey-chain rsa

crypto key generate rsa

crypto key zeroize rsa

Question 102

Why would a network administrator choose to implement automation in a network environment?

Options:

To simplify the process of maintaining a consistent configuration state across all devices

To centralize device information storage

To implement centralized user account management

To deploy the management plane separately from the rest of the network Answer: A

Question 103

Refer to the exhibit.

What must be configured to enable 802.11w on the WLAN?

Options:

Set PMF to Required.

Enable MAC Filtering.

Enable WPA Policy.

Set Fast Transition to Enabled

Question 104

Drag and drop the REST API call method for HTTP from the left onto the action they perform on the right.

Options:

Question 105

Refer to the exhibit.

The network engineer is configuring router R2 as a replacement router on the network After the initial configuration is applied it is determined that R2 failed to show R1 as a neighbor Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1?

Options:

Option

Question 106

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 107

A network engineer is replacing the switches that belong to a managed-services client with new Cisco Catalyst switches. The new switches will be configured for updated security standards, including replacing Telnet services with encrypted connections and doubling the modulus size from 1024. Which two commands must the engineer configure on the new switches? (Choose two.)

Options:

crypto key generate rsa general-keys modulus 1024

transport input all

crypto key generate rsa usage-keys

crypto key generate rsa modulus 2048

transport Input ssh

Question 108

Refer to the exhibit.

What is the issue with the interface GigabitEthernet0/0/1?

Options:

Port security

High throughput

Cable disconnect

duplex mismatch

Question 109

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

Options:

authorizing potentially compromised wireless traffic

inspecting specific files and file types for malware

authenticating end users

URL filtering

Question 110

Refer to the exhibit.

A packet sourced from 10.10.10.1 is destined for 10.10.8.14. What is the subnet mask of the destination route?

Options:

255.255.254.0

255.255.255.240

255.255.255.248

255.255.255.252

Question 111

Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Options:

Question 112

What is the default port-security behavior on a trunk link?

Options:

It causes a network loop when a violation occurs.

It disables the native VLAN configuration as soon as port security is enabled.

It places the port in the err-disabled state if it learns more than one MAC address.

It places the port in the err-disabled slate after 10 MAC addresses are statically configured.

Question 113

Refer to the exhibit.

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

Options:

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Question 114

A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage Which access point mode must be selected?

Options:

Lightweight with local switching disabled

Local with AP fallback enabled

OfficeExtend with high availability disabled

FlexConnect with local switching enabled

Question 115

Drag and drop the Cisco IOS attack mitigation features from the left onto the types of network attack they mitigate on the right.

Options:

Question 116

It work security team noticed that an increasing number of employees are becoming victims of phishing attacks. Which security program should be implemented to mitigate the problem?

Options:

email system patches

physical access control

software firewall enabled on all PCs

user awareness training

Question 117

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 118

What are two benefits of FHRPs? (Choose two.)

Options:

They enable automatic failover of the default gateway.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

They are able to bundle multiple ports to increase bandwidth.

They prevent loops in the Layer 2 network.

They allow encrypted traffic.

Question 119

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 120

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

Options:

interface FastEthernet0/0

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1

ip helper-address 10.0.1.1

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0

ip helper-address 10.0.1.1

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1

ip helper-address 10.0.1.1

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Question 121

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Options:

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Question 122

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

Options:

It drops the frame from the switch CAM table.

It floods the frame out of all ports except port Fa0/1.

It shuts down the port Fa0/1 and places it in err-disable mode.

It experiences a broadcast storm.

Question 123

Refer to the exhibit.

An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel?

Options:

Change the channel-group mode on SW2 to auto

Change the channel-group mode on SW1 to desirable.

Configure the interface port-channel 1 command on both switches.

Change the channel-group mode on SW1 to active or passive.

Question 124

Refer to the exhibit.

Which command must be issued to enable a floating static default route on router A?

Options:

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Question 125

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

10.10.10.5

10.10.11.2

10.10.12.2

10.10.10.9

Question 126

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

Options:

ipv6 address 21:EB8:C1:2200:1::331/64

ipv6 address 2001:EB8:C1:22:1::331/64

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Question 127

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

user-activity logging

service limitations

consumption-based billing

identity verification

Question 128

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

global unicast address

anycast address

multicast address

link-local address

Question 129

What is the difference between IPv6 unicast and anycast addressing?

Options:

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Question 130

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 131

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

Options:

Option A

Option B

Option C

Option D

Question 132

Refer to the exhibit.

Which network prefix was learned via EIGRP?

Options:

172.16.0.0/16

192.168.2.0/24

207.165.200.0/24

192.168.1.0/24

Question 133

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 134

Which two components comprise part of a PKI? (Choose two.)

Options:

preshared key that authenticates connections

RSA token

CA that grants certificates

clear-text password that authenticates connections

one or more CRLs

Question 135

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 136

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

Options:

Option A

Option B

Option C

Option D

Question 137

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

Options:

Option A

Option B

Option C

Option D

Question 138

What is a function of an endpoint on a network?

Options:

forwards traffic between VLANs on a network

connects server and client devices to a network

allows users to record data and transmit to a tile server

provides wireless services to users in a building

Question 139

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

password password

crypto key generate rsa modulus 1024

ip domain-name domain

ip ssh authentication-retries 2

Question 140

Which protocol uses the SSL?

Options:

HTTP

SSH

HTTPS

Telnet

Question 141

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

Select the WPA Policy option with the CCKM option.

Disable AES encryption.

Enable Fast Transition and select the FT 802.1x option.

Enable Fast Transition and select the FT PSK option.

Question 142

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

Options:

Option A

Option B

Option C

Option D

Question 143

Refer to the exhibit.

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

Options:

Configure router A to use the same MTU size as router B.

Set the router B OSPF ID to a nonhost address.

Configure a point-to-point link between router A and router B.

Set the router B OSPF ID to the same value as its IP address

Question 144

What is the purpose of the ip address dhcp command?

Options:

to configure an Interface as a DHCP server

to configure an interface as a DHCP helper

to configure an interface as a DHCP relay

to configure an interface as a DHCP client

Question 145

A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply?

Options:

interface vlan 2000

ipv6 address ffc0:0000:aaaa::1234:2343/64

interface vlan 2000

Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64

interface vlan 2000

ipv6 address fe80;0000:aaaa::1234:2343/64

interface vlan 2000

ipv6 address fd00::1234:2343/64

Question 146

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

Options:

Option A

Option B

Option C

Option D

Question 147

What causes a port to be placed in the err-disabled state?

Options:

nothing plugged into the port

link flapping

shutdown command issued on the port

latency

Question 148

Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

Options:

shaping

classification

policing

marking

Question 149

Which PoE mode enables powered-device detection and guarantees power when the device is detected?

Options:

dynamic

static

active

auto

Question 150

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 151

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 152

What is an expected outcome when network management automation is deployed?

Options:

A distributed management plane must be used.

Software upgrades are performed from a central controller

Complexity increases when new device configurations are added

Custom applications are needed to configure network devices

Question 153

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

Options:

GigabitEthernet0/0

GigabltEthornet0/1

GigabitEthernet0/2

GigabitEthernet0/3

Question 154

What is one reason to implement LAG on a Cisco WLC?

Options:

to increase security and encrypt management frames

to provide link redundancy and load balancing

to allow for stateful and link-state failover

to enable connected switch ports to failover and use different VLANs

Question 155

Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Options:

disabled

listening

forwarding

learning

blocking

Question 156

Which two network actions occur within the data plane? (Choose two.)

Options:

Add or remove an 802.1Q trunking header.

Make a configuration change from an incoming NETCONF RPC.

Run routing protocols.

Match the destination MAC address to the MAC address table.

Reply to an incoming ICMP echo request.

Question 157

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 158

Refer to the exhibit.

An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server?

Options:

Configure the ip dhcp relay information command under interface Gi0/1.

Configure the ip dhcp smart-relay command globally on the router

Configure the ip helper-address 172.16.2.2 command under interface Gi0/0

Configure the ip address dhcp command under interface Gi0/0

Question 159

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

Options:

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Question 160

Refer to the exhibit.

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Options:

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

Remark traffic as it traverses R1 and trust all markings at the access layer.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Question 161

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Options:

Option A

Option B

Option C

Option D

Question 162

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

Question 163

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

SYIM flood

reflection

teardrop

amplification

Question 164

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

WLAN dynamic

management

trunk

access

Question 165

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

Question 166

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

Options:

Option A

Option B

Option C

Option D

Question 167

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

Options:

via next-hop 10.0.1.5

via next-hop 10 0 1.4

via next-hop 10.0 1.50

via next-hop 10.0 1 100

Question 168

What is a requirement when configuring or removing LAG on a WLC?

Options:

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

Question 169

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

F0/10

F0/11

F0/12

F0/13

Question 170

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

F0/4

F0/0

F0/1

F0/3

Question 171

What is the function of the controller in a software-defined network?

Options:

multicast replication at the hardware level

fragmenting and reassembling packets

making routing decisions

forwarding packets

Question 172

Refer to the exhibit.

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

Options:

switchport trunk allowed vlan 100-104

switchport trunk allowed vlan add 104

switchport trunk allowed vlan all

switchport trunk allowed vlan 104

Question 173

Which protocol is used for secure remote CLI access?

Options:

HTTPS

HTTP

Telnet

SSH

Question 174

Refer to the exhibit.

An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?

Options:

Switch 1 (config-if)#channel-group 1 mode on

Swrtch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode passive

Switch2(config-if)#channel-group 1 mode active

Switch1{config-if)£channel-group 1 mode active

Switch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode on

Switch2(config-if)#channel-group 1 mode active

Question 175

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the solution below in Explanation.

Explanation:

To configure static routing on R1 to ensure that it prefers the path through R2 to reach only PC1 on R4’s LAN, you need to create a static route for the host 10.0.0.100/8 with a next-hop address of 20.0.0.2, which is the IP address of R2’s interface connected to R1. You also need to assign a lower administrative distance (AD) to this route than the default AD of 1 for static routes, so that it has a higher preference over other possible routes. For example, you can use an AD of 10 for this route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 20.0.0.2 10 R1(config)#end

To configure static routing on R1 that ensures that traffic sourced from R1 will take an alternate path through R3 to PC1 in the event of an outage along the primary path, you need to create another static route for the host 10.0.0.100/8 with a next-hop address of 40.0.0.2, which is the IP address of R3’s interface connected to R1. You also need to assign a higher AD to this route than the AD of the primary route, so that it has a lower preference and acts as a backup route. For example, you can use an AD of 20 for this route. This type of static route is also known as a floating static route. To create this static route, you need to enter the following commands on R1’s console:

R1#configure terminal R1(config)#ip route 10.0.0.100 255.0.0.0 40.0.0.2 20 R1(config)#end

To configure default routes on R1 and R3 to the Internet using the least number of hops, you need to create a static route for the network 0.0.0.0/0 with a next-hop address of the ISP’s interface connected to each router respectively. A default route is a special type of static route that matches any destination address and is used when no other specific route is available. The ISP’s interface connected to R1 has an IP address of 10.0.0.4, and the ISP’s interface connected to R3 has an IP address of 50.0.0.4. To create these default routes, you need to enter the following commands on each router’s console:

On R1: R1#configure terminal R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.4 R1(config)#end

On R3: R3#configure terminal R3(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.4 R3(config)#end

Question 176

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

Solution is given below explanation.

Explanation:

To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the EtherChannel, you need to follow these steps:

On both SW1 and SW2, enter the global configuration mode by using the configure terminal command.
On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the interface range configuration mode.
On both SW1 and SW2, set the protocol to LACP by using the channel-protocol lacp command.
On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.
On both SW1 and SW2, exit the interface range configuration mode by using the exit command.
On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.
On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.
On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q command.
On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan MONITORING command.
On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.
On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.

Question 177

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 178

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 179

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 180

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 181

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 182

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Answer:

See the Explanation for the solution.

Explanation:

To subnet 172.25.0.0/16 to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the host portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new subnet mask will be /21 or 255.255.248.0. To find the second subnet, you need to add the value of the fifth bit (32) to the third octet of the network address (0), which gives you 172.25.32.0/21 as the second subnet. The first usable IP address in this subnet is 172.25.32.1, and the last usable IP address is 172.25.39.254.
To assign the first usable IP address to e0/0 on Sw101, you need to enter the following commands on the device console:

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ip address 172.25.32.1 255.255.248.0 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign the last usable IP address to e0/0 on Sw102, you need to enter the following commands on the device console:

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ip address 172.25.39.254 255.255.248.0 Sw102(config-if)#no shutdown Sw102(config-if)#end

To subnet an IPv6 GUA to meet the subnet requirements and maximize the number of hosts, you need to determine how many bits you need to borrow from the interface identifier portion of the address to create enough subnets for 32 sites. Since 32 is 2^5, you need to borrow 5 bits, which means your new prefix length will be /69 or ffff:ffff:ffff:fff8::/69 (assuming that your IPv6 GUA has a /64 prefix by default). To find the second subnet, you need to add the value of the fifth bit (32) to the fourth hextet of the network address (0000), which gives you xxxx:xxxx:xxxx:0020::/69 as the second subnet (where xxxx:xxxx:xxxx is your IPv6 GUA prefix). The first and last IPv6 addresses in this subnet are xxxx:xxxx:xxxx:0020::1 and xxxx:xxxx:xxxx:0027:ffff:ffff:ffff:fffe respectively.
To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw101, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw101#configure terminal Sw101(config)#interface e0/0 Sw101(config-if)#ipv6 address 2001:db8::20::1/69 Sw101(config-if)#no shutdown Sw101(config-if)#end

To assign an IPv6 GUA using a unique 64-bit interface identifier on e0/0 on Sw102, you need to enter the following commands on the device console (assuming that your IPv6 GUA prefix is 2001:db8::/64):

Sw102#configure terminal Sw102(config)#interface e0/0 Sw102(config-if)#ipv6 address 2001:db8::27::fffe/69 Sw102(config-if)#no shutdown Sw102(config-if)#end

Question 183

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 184

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 185

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 186

How do AAA operations compare regarding user identification, user services and access control?

Options:

Authorization provides access control and authentication tracks user services

Authentication identifies users and accounting tracks user services

Accounting tracks user services, and authentication provides access control

Authorization identifies users and authentication provides access control

Question 187

What prevents a workstation from receiving a DHCP address?

Options:

DTP

STP

VTP

802.10

Question 188

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

Options:

OpenFlow

Java

REST

XML

Question 189

Which two primary drivers support the need for network automation? (Choose two.)

Options:

Eliminating training needs

Increasing reliance on self-diagnostic and self-healing

Policy-derived provisioning of resources

Providing a ship entry point for resource provisioning

Reducing hardware footprint

Question 190

Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

Options:

sniffer

mesh

flexconnect

local

Question 191

An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request?

Options:

Enable Security Association Teardown Protection and set the SA Query timeout to 10

Enable MAC filtering and set the SA Query timeout to 10

Enable 802.1x Layer 2 security and set me Comeback timer to 10

Enable the Protected Management Frame service and set the Comeback timer to 10

Question 192

Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two )

Options:

Telnet

SSH

HTTP

HTTPS

TFTP

Question 193

Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

Options:

110

115

Question 194

A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

Options:

port-to-multipoint

broadcast

point-to-point

nonbroadcast

Question 195

Which IPv6 address type provides communication between subnets and is unable to route on the Internet?

Options:

global unicast

unique local

link-local

multicast

Question 196

A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch. What must be configured when using active mode on both sides of the connection?

Options:

802.1q trunks

Cisco vPC

LLDP

LACP

Question 197

Which two QoS tools provides congestion management? ( Choose two )

Options:

CAR

CBWFQ

PBR

FRTS

Question 198

A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?

Options:

It allows the traffic to pass through unchanged

It drops the traffic

It tags the traffic with the default VLAN

It tags the traffic with the native VLAN

Question 199

Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right

Options:

Question 200

Which result occurs when PortFast is enabled on an interface that is connected to another switch?

Options:

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

Question 201

An office has 8 floors with approximately 30-40 users per floor What command must be configured on the router Switched Virtual Interface to use address space efficiently?

Options:

ip address 192.168.0.0 255.255.0.0

ip address 192.168.0.0 255.255.254.0

ip address 192.168.0.0 255.255.255.128

ip address 192.168.0.0 255.255.255.224

Question 202

What are two benefits of FHRPs? (Choose two.)

Options:

They prevent (oops in the Layer 2 network.

They allow encrypted traffic.

They are able to bundle muftlple ports to increase bandwidth

They enable automatic failover of the default gateway.

They allow multiple devices lo serve as a single virtual gateway for clients in the network

Question 203

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

longest prefix

metric

cost

administrative distance

Question 204

What is a function of a Layer 3 switch?

Options:

move frames between endpoints limited to IP addresses

transmit broadcast traffic when operating in Layer 3 mode exclusively

forward Ethernet frames between VLANs using only MAC addresses

flood broadcast traffic within a VLAN

Question 205

Refer to the exhibit.

What is the effect of this configuration?

Options:

All ARP packets are dropped by the switch

Egress traffic is passed only if the destination is a DHCP server.

All ingress and egress traffic is dropped because the interface is untrusted

The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Question 206

Refer to Exhibit.

Which action do the switches take on the trunk link?

Options:

The trunk does not form and the ports go into an err-disabled status.

The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.

The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.

The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Question 207

What is the primary different between AAA authentication and authorization?

Options:

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Question 208

What are two descriptions of three-tier network topologies? (Choose two)

Options:

The core and distribution layers perform the same functions

The access layer manages routing between devices in different domains

The network core is designed to maintain continuous connectivity when devices fail.

The core layer maintains wired connections for each host

The distribution layer runs Layer 2 and Layer 3 technologies

Question 209

R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the routing table?

Options:

IS-IS

RIP

Internal EIGRP

OSPF

Question 210

Which communication interaction takes place when a southbound API Is used?

Options:

between the SDN controller and PCs on the network

between the SON controller and switches and routers on the network

between the SON controller and services and applications on the network

between network applications and switches and routers on the network

Question 211

What are two characteristics of an SSID? (Choose Two)

Options:

It can be hidden or broadcast in a WLAN

It uniquely identifies an access point in a WLAN

It uniquely identifies a client in a WLAN

It is at most 32 characters long.

IT provides secured access to a WLAN

Question 212

When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

Options:

IKEv2

IKEv1

IPsec

MD5

Question 213

An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)

Options:

configure the hello and dead timers to match on both sides

configure the same process ID for the router OSPF process

configure the same router ID on both routing processes

Configure the interfaces as OSPF active on both sides.

configure both interfaces with the same area ID

Question 214

Refer to the exhibit.

Which route does R1 select for traffic that is destined to 192 168.16.2?

Options:

192.168.16.0/21

192.168.16.0/24

192.168 26.0/26

192.168.16.0/27

Question 215

Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

Options:

DTP

FTP

SMTP

TFTP

Question 216

The service password-encryption command is entered on a router. What is the effect of this configuration?

Options:

restricts unauthorized users from viewing clear-text passwords in the running configuration

encrypts the password exchange when a VPN tunnel is established

prevents network administrators from configuring clear-text passwords

protects the VLAN database from unauthorized PC connections on the switch

Question 217

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

Options:

Unicode

base64

decimal

ASCII

Question 218

Which function is performed by DHCP snooping?

Options:

propagates VLAN information between switches

listens to multicast traffic for packet forwarding

provides DDoS mitigation

rate-limits certain traffic

Question 219

Refer to the exhibit.

Which prefix does Router 1 use for traffic to Host A?

Options:

10.10.10.0/28

10.10.13.0/25

10.10.13.144/28

10.10.13.208/29

Question 220

Refer to the exhibit.

Which route type does the routing protocol Code D represent in the output?

Options:

internal BGP route

/24 route of a locally configured IP

statically assigned route

route learned through EIGRP

Question 221

What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closer? (Choose two.)

Options:

enable the PortFast feature on ports

implement port-based authentication

configure static ARP entries

configure ports to a fixed speed

shut down unused ports

Question 222

When OSPF learns multiple paths to a network, how does it select a route?

Options:

It multiple the active K value by 256 to calculate the route with the lowest metric.

For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.

It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.

It count the number of hops between the source router and the destination to determine the router with the lowest metric

Question 223

R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

Options:

route with the lowest cost

route with the next hop that has the highest IP

route with the shortest prefix length

route with the lowest administrative distance

Question 224

What is a capability of FTP in network management operations?

Options:

encrypts data before sending between data resources

devices are directly connected and use UDP to pass file information

uses separate control and data connections to move files between server and client

offers proprietary support at the session layer when transferring data

Question 225

Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

Options:

TKiP encryption

AES encryption

scrambled encryption key

SAE encryption

Question 226

When deploying syslog, which severity level logs informational message?

Options:

Question 227

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

Options:

enable dynamic MAC address learning

implement static MAC addressing.

enable sticky MAC addressing

implement auto MAC address learning

Question 228

What are two differences between optical-fiber cabling and copper cabling? (Choose two)

Options:

Light is transmitted through the core of the fiber

A BNC connector is used for fiber connections

The glass core component is encased in a cladding

Fiber connects to physical interfaces using Rj-45 connections

The data can pass through the cladding

Question 229

Refer to the exhibit.

Router R1 Fa0/0 is unable ping router R3 Fa0/1.

Which action must be taken in router R1 to help resolve the configuration issue?

Options:

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 230

Refer to the exhibit.

The nip server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock?

Options:

Router2(config)#ntp passive

Router2(config)#ntp server 172.17.0.1

Router2(config)#ntp master 4

Router2(config)#ntp server 192.168.0.2

Question 231

Which type of organization should use a collapsed-core architecture?

Options:

large and requires a flexible, scalable network design

large and must minimize downtime when hardware fails

small and needs to reduce networking costs currently

small but is expected to grow dramatically in the near future

Question 232

Refer to the exhibit.

Drag and drop the networking parameters from the left onto the correct values on the right.

Weekend Sale Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Cisco 200-301 Dumps

Cisco Certified Network Associate Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer: