CertsTopics Logo

Easter Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Cisco 200-301 Dumps Questions Answers

Page: 1 / 61
Total 1028 questions
Get 200-301 Full Access Download 200-301 PDF

Cisco Certified Network Associate Questions and Answers

Question 1

How does machine learning improve the detection of unauthorized network access?

Options:

A.

It monitors for outdated software.

B.

It dictates security policy updates.

C.

It identifies patterns indicating intrusions.

D.

It assigns security clearance levels.

Buy Now
Question 2

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

Options:

A.

Select the 802.1 x option for Auth Key Management.

B.

Select the WPA Policy option.

C.

Select the PSK option for Auth Key Management.

D.

Select the AES option for Auth Key Management.

E.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Question 3

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

Options:

A.

ip forward-protocol udp 137

B.

ip default-network 192.168.52.253

C.

ip helper-address 172.16.32.15

D.

ip default-gateway 192.168.52.253

Question 4

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Options:

Question 5

What is the main difference between traditional networks and controller-based networking?

Options:

A.

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.

Controller-based networks are open for application requests, and traditional networks operate manually.

D.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Question 6

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

Options:

A.

It is less expensive when purchasing patch cables.

B.

It has a greater sensitivity to changes in temperature and moisture.

C.

It provides greater throughput options.

D.

It carries signals for longer distances.

E.

It carries electrical current further distances for PoE devices.

Question 7

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

Options:

A.

Telnet

B.

console

C.

HTTPS

D.

SSH

Question 8

What is an Ansible inventory?

Options:

A.

file that defines the target devices upon which commands and tasks are executed

B.

unit of Python code to be executed within Ansible

C.

collection of actions to perform on target devices, expressed in YAML format

D.

device with Ansible installed that manages target devices

Question 9

Which two statements distinguish authentication from accounting? (Choose two.)

Options:

A.

Only authentication records the duration of a user's connection.

B.

Only authentication supports user-activity audits.

C.

Only authentication provides supporting information for billing users.

D.

Only authentication challenges users for their credentials and returns a response.

E.

Only authentication validates "who you are."

Question 10

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

Options:

A.

ntp master 172.24.54.8

B.

ntp client 172.24.54.8

C.

ntp peer 172.24.54.8

D.

ntp server 172.24.54.8

Question 11

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 12

Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the DNS service. Which configuration updates the ACL efficiently?

Options:

A.

ip access-list extended Services

35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

B.

no ip access-list extended Services

ip access-list extended Services

30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

C.

ip access-list extended Services

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

D.

no ip access-list extended Services

ip access-list extended Services

permit udp 10.0.0.0 0.255.255.255 any eq 53

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

deny ip any any log

Question 13

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Options:

Question 14

What does the term "spirt MAC” refer to in a wireless architecture?

Options:

A.

divides data link layer functions between the AP and WLC

B.

combines the management and control functions from the data-forwarding functions

C.

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

D.

leverages two APs to handle control and data traffic

Question 15

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

Options:

A.

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

B.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

C.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

D.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Question 16

What is the difference between controller-based networks and traditional networks as they relate to control-plane and/or data-plane functions?

Options:

A.

Controller-based networks centralize all important data-plane functions, and traditional networks distribute data-plane functions.

B.

Controller-based networks centralize all important control-plane functions, and traditional networks distribute control-plane functions.

C.

Traditional networks centralize all important control-plane functions, and controller-based networks distribute control-plane functions.

D.

Traditional networks centralize all important data-plane functions, and controller-based networks distribute data-plane functions.

Question 17

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

Options:

A.

username CCUser privies 10 password NA!2Scc

B.

username CCUser password NA!2Scc enable password level 5 NA!2$cc

C.

username CCUser secret NA!2Scc

D.

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Question 18

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Options:

Question 19

What is the RFC 4627 default encoding for JSON text?

Options:

A.

UCS-2

B.

UTF-8

C.

Hex

D.

GB18030

Question 20

Which plane is centralized in software-defined networking?

Options:

A.

application

B.

services

C.

control

D.

data

Question 21

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

Options:

A.

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

B.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

C.

ip route 0.0.0.0 0.0.0.0 10.200.0.2

D.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Question 22

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

Options:

A.

level

B.

message body

C.

process ID

D.

facility

Question 23

Which CRUD operation corresponds to me HTTP GET method?

Options:

A.

delete

B.

create

C.

update

D.

read

Question 24

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Options:

Question 25

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Options:

Question 26

Why is UDP more suitable than TCP tor applications that require low latency, such as VoIP?

Options:

A.

UDP reliably guarantees delivery of all packets and TCP drops packets under heavy load.

B.

TCP sends an acknowledgment for every packet that is received and UDP operates without acknowledgments.

C.

UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.

D.

TCP uses congestion control for efficient packet delivery and UDP uses flow control mechanisms for the delivery of packets.

Question 27

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 28

Drag and drop the common functions from the left onto the cofresponding network topology architecture layer on the right. Not all common functions are used.

Options:

Question 29

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Options:

Question 30

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

Options:

A.

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Question 31

Refer to the exhibit Routers R1 R2 and R3 use a protocol to identify their neighbors' IP addresses hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

Options:

A.

Configure the no cdp enable command on gO/2.

B.

Configure the no cdp run command globally.

C.

Configure the no lldp run command globally.

D.

Configure the no lldp receive command on gQV1.

Question 32

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Options:

Question 33

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

Options:

A.

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

B.

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

C.

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Question 34

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

Options:

A.

next-generation firewall to keep stateful packet inspection

B.

multifactor authentication using two separate authentication sources

C.

ACL to restrict incoming Telnet sessions "admin" accounts

D.

IPS with a block list of known attack vectors

Question 35

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Options:

Question 36

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Options:

Question 37

Refer to the exhibit. Which interface does a packet take to reach the destination address of 10.10.10.147?

Options:

A.

FastEthemet 0/0

B.

Senal0/0

C.

FastEthemet 0/1

Question 38

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

Options:

A.

interface port-channel 2

channel-group 2 mode desirable

B.

interface fasteinernet 1/1

channel-group 2 mode active

C.

interface fasteinernet 1/1

channel-group 2 mode on

D.

interface port-channel 2

channel-group 2 mode auto

Question 39

Which advantage does machine learning offer for network security?

Options:

A.

It improves real-time threat detection.

B.

It manages firewall rule sets.

C.

It enforces password complexity requirements.

D.

It controls VPN access permissions.

Question 40

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

Options:

A.

0

B.

1

C.

2

D.

32

Question 41

Which authentication method requires the user to provide a physical attribute to authenticate successfully?

Options:

A.

password

B.

muftifactor

C.

biometric

D.

certificate

Question 42

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

Options:

A.

magic links

B.

one-time passwords

C.

digital certificates

D.

90-day renewal policies

Question 43

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

Options:

A.

Select the WPA2 Policy, AES, and TKIP check boxes.

B.

Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank.

C.

Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.

D.

Select the WPA2 Policy and AES check boxes.

Question 44

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

Options:

A.

Is the internet reachable?

B.

Is the default gateway reachable?

C.

Is the DNS server reachable?

Question 45

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Options:

Question 46

Which AP feature provides a captive portal for users to authenticate register and accept terms before accessing the internet?

Options:

A.

One-Click

B.

Hotspot

C.

Enhanced Bluetooth

D.

Whole Home

Question 47

Refer to the exhibit. Which type of JSON data is shown?

Options:

A.

sequence

B.

string

C.

object

D.

Boolean

Question 48

Which goal is achieved by the implementation of private IPv4 addressing on a network?

Options:

A.

provides an added level of protection against Internet exposure

B.

provides a reduction in size of the forwarding table on network routers

C.

allows communication across the Internet to other private networks

D.

allows servers and workstations to communicate across public network boundaries

Question 49

What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

Options:

A.

OpenFlow

B.

Java

C.

REST

D.

XML

Question 50

Refer to the exhibit.

Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?

Options:

A.

longest prefix

B.

metric

C.

cost

D.

administrative distance

Question 51

An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?

Options:

A.

configure switchport nonegotiate

B.

configure switchport mode dynamic desirable

C.

configure switchport mode dynamic auto

D.

configure switchport trunk dynamic desirable

Question 52

What is a role of access points in an enterprise network?

Options:

A.

connect wireless devices to a wired network

B.

support secure user logins to devices or the network

C.

integrate with SNMP in preventing DDoS attacks

D.

serve as a first line of defense in an enterprise network

Question 53

What is the primary function of a Layer 3 device?

Options:

A.

to analyze traffic and drop unauthorized traffic from the Internet

B.

to transmit wireless traffic between hosts

C.

to pass traffic between different networks

D.

forward traffic within the same broadcast domain

Question 54

Which type of API allows SDN controllers to dynamically make changes to the network?

Options:

A.

northbound API

B.

REST API

C.

SOAP API

D.

southbound API

Question 55

Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?

Options:

A.

Ansible

B.

Python

C.

Puppet

D.

Chef

Question 56

When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?

Options:

A.

6

B.

8

C.

12

D.

18

Question 57

A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

Options:

A.

enable AAA override

B.

enable RX-SOP

C.

enable DTIM

D.

enable Band Select

Question 58

Refer to the exhibit.

A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet?

Options:

A.

209.165.200.254 via Serial0/0/1

B.

209.165.200.254 via Serial0/0/0

C.

209.165.200.246 via Serial0/1/0

D.

209.165.200.250 via Serial0/0/0

Question 59

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?

Options:

A.

enable dynamic MAC address learning

B.

implement static MAC addressing.

C.

enable sticky MAC addressing

D.

implement auto MAC address learning

Question 60

The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two)

Options:

A.

There is a duplex mismatch

B.

There is a speed mismatch

C.

There is a protocol mismatch

D.

The interface is shut down

E.

The interface is error-disabled

Question 61

Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?

Options:

A.

bridge

B.

route

C.

autonomous

D.

lightweight

Question 62

Which protocol does an IPv4 host use to obtain a dynamically assigned IP address?

Options:

A.

ARP

B.

DHCP

C.

CDP

D.

DNS

Question 63

Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?

Options:

A.

role-based access control

B.

biometrics

C.

multifactor authentication

D.

physical access control

Question 64

Refer to the exhibit.

Which command provides this output?

Options:

A.

show ip route

B.

show ip interface

C.

show interface

D.

show cdp neighbor

Question 65

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

Options:

A.

Both operate at a frequency of 500 MHz.

B.

Both support runs of up to 55 meters.

C.

Both support runs of up to 100 meters.

D.

Both support speeds of at least 1 Gigabit.

E.

Both support speeds up to 10 Gigabit.

Question 66

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

Options:

A.

initiates a ping request to the URL

B.

prompts the user to specify the desired IP address

C.

continuously attempts to resolve the URL until the command is cancelled

D.

sends a broadcast message in an attempt to resolve the URL

Question 67

Refer to the exhibit.

Which switch in this configuration will be elected as the root bridge?

Options:

A.

SW1

B.

SW2

C.

SW3

D.

SW4

Question 68

An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?

Options:

A.

Physical access control

B.

Social engineering attack

C.

brute force attack

D.

user awareness

Question 69

What criteria is used first during the root port selection process?

Options:

A.

local port ID

B.

lowest path cost to the root bridge

C.

lowest neighbor's bridge ID

D.

lowest neighbor's port ID

Question 70

Drag and drop the functions from the left onto the correct network components on the right

Options:

Question 71

Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?

Options:

A.

intrusion detection

B.

user awareness

C.

physical access control

D.

network authorization

Question 72

Which type of address is the public IP address of a NAT device?

Options:

A.

outside global

B.

outsdwde local

C.

inside global

D.

insride local

E.

outside public

F.

inside public

Question 73

A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used?

Options:

A.

Clock timezone

B.

Clock summer-time-recurring

C.

Clock summer-time date

D.

Clock set

Question 74

A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two)

Options:

A.

runts

B.

giants

C.

frame

D.

CRC

E.

input errors

Question 75

Refer to the exhibit.

What is the metric of the route to the 192.168.10.33/28 subnet?

Options:

A.

84

B.

110

C.

128

D.

192

E.

193

Question 76

Which state does the switch port move to when PortFast is enabled?

Options:

A.

learning

B.

forwarding

C.

blocking

D.

listening

Question 77

Which global command encrypt all passwords in the running configuration?

Options:

A.

password-encrypt

B.

enable password-encryption

C.

enable secret

D.

service password-encryption

Question 78

What is an advantage of Cisco DNA Center versus traditional campus device management?

Options:

A.

It supports numerous extensibility options including cross-domain adapters and third-party SDKs.

B.

It supports high availability for management functions when operating in cluster mode.

C.

It enables easy autodiscovery of network elements m a brownfield deployment.

D.

It is designed primarily to provide network assurance.

Question 79

Which statement identifies the functionality of virtual machines?

Options:

A.

Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor

B.

The hypervisor can virtualize physical components including CPU. memory, and storage

C.

Each hypervisor can support a single virtual machine and a single software switch

D.

The hypervisor communicates on Layer 3 without the need for additional resources

Question 80

What is a role of wireless controllers in an enterprise network?

Options:

A.

centralize the management of access points in an enterprise network

B.

support standalone or controller-based architectures

C.

serve as the first line of defense in an enterprise network

D.

provide secure user logins to devices on the network.

Question 81

Refer to the exhibit.

Which type of route does R1 use to reach host 10.10.13.10/32?

Options:

A.

floating static route

B.

host route

C.

default route

D.

network route

Question 82

What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

Options:

A.

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

B.

The DHCP client can request up to four DNS server addresses

C.

The DHCP server assigns IP addresses without requiring the client to renew them

D.

The DHCP server leases client IP addresses dynamically.

E.

The DHCP client maintains a pool of IP addresses it can assign.

Question 83

What is a benefit of VRRP?

Options:

A.

It provides traffic load balancing to destinations that are more than two hops from the source.

B.

It provides the default gateway redundancy on a LAN using two or more routers.

C.

It allows neighbors to share routing table information between each other.

D.

It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision.

Question 84

When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed?

Options:

A.

default-router

B.

default-gateway

C.

ip helper-address

D.

dns-server

Question 85

What are two functions of an SDN controller? (Choose two)

Options:

A.

Layer 2 forwarding

B.

coordinating VTNs

C.

tracking hosts

D.

managing the topology

E.

protecting against DDoS attacks

Question 86

Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable

What is the result of this configuration?

Options:

A.

The link is in a down state.

B.

The link is in an error disables state

C.

The link is becomes an access port.

D.

The link becomes a trunk port.

Question 87

An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

Options:

A.

platform-as-a-service

B.

software-as-a-service

C.

network-as-a-service

D.

infrastructure-as-a-service

Question 88

Refer to the exhibit.

What is the next hop address for traffic that is destined to host 10.0.1.5?

Options:

A.

10.0.1.3

B.

10.0.1.50

C.

10.0.1.4

D.

Loopback D

Question 89

which purpose does a northbound API serve in a controller-based networking architecture?

Options:

A.

communicates between the controller and the physical network hardware

B.

reports device errors to a controller

C.

generates statistics for network hardware and traffic

D.

facilitates communication between the controller and the applications

Question 90

When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)

Options:

A.

2000::/3

B.

2002::5

C.

FC00::/7

D.

FF02::1

E.

FF02::2

Question 91

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

Options:

A.

IPsec tunnel mode with AH

B.

IPsec transport mode with AH

C.

IPsec tunnel mode with ESP

D.

IPsec transport mode with ESP

Question 92

What is the purpose of a southbound API in a control based networking architecture?

Options:

A.

Facilities communication between the controller and the applications

B.

Facilities communication between the controller and the networking hardware

C.

allows application developers to interact with the network

D.

integrates a controller with other automation and orchestration tools.

Question 93

In software-defined architecture, which place handles switching for traffic through a Cisco router?

Options:

A.

Control

B.

Management

C.

Data

D.

application

Question 94

Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 95

Refer to the exhibit.

If OSPF Is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

Options:

A.

It load-balances traffic out of Fa0/1 and Fa0/2.

B.

It is unreachable and discards the traffic.

C.

It sends packets out of interface FaO/2.

D.

It sends packets out of interface Fa0/1.

Question 96

How does HSRP provide first hop redundancy?

Options:

A.

It load-balances traffic by assigning the same metric value to more than one route to the same destination m the IP routing table.

B.

It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.

C.

It forwards multiple packets to the same destination over different routed links n the data path

D.

It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN

Question 97

Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.

Options:

Question 98

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

Options:

A.

switchport port-security violation access

B.

switchport port-security violation protect

C.

switchport port-security violation restrict

D.

switchport port-security violation shutdown

Question 99

What are network endpoints?

Options:

A.

act as routers to connect a user to the service prowler network

B.

a threat to the network if they are compromised

C.

support inter-VLAN connectivity

D.

enforce policies for campus-wide traffic going to the internet

Question 100

After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials?

Options:

A.

Enable the allow AAA Override

B.

Enable the Even: Driven RRM.

C.

Disable the LAG Mode or Next Reboot.

D.

Enable the Authorized MIC APs against auth-list or AAA.

Question 101

A network engineer is configuring an OSPFv2 neighbor adjacency Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used

Options:

Question 102

Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.

Options:

Question 103

Which two functions are performed by the core layer in a three-tier architecture? (Choose two)

Options:

A.

Provide uninterrupted forwarding service.

B.

Police traffic that is sent to the edge of the network.

C.

Provide direct connectivity for end user devices.

D.

Ensure timely data transfer between layers.

E.

Inspect packets for malicious activity.

Question 104

A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

Options:

A.

CDP

B.

SNMP

C.

SMTP

D.

ARP

Question 105

Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue?

Options:

A.

set the default network as 20.20.20.0/24

B.

set the default gateway as 20.20.20.2

C.

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

D.

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

Question 106

Refer to the exhibit.

which path is used by the router for internet traffic ?

Options:

A.

209.165.200.0/27

B.

10.10.10.0/28

C.

0.0.0.0/0

D.

10.10.13.0/24

Question 107

Which command on a port enters the forwarding state immediately when a PC is connected to it?

Options:

A.

switch(config)#spanning-tree portfast default

B.

switch(config)#spanning-tree portfast bpduguard default

C.

switch(config-if)#spanning-tree portfast trunk

D.

switch(config-if)#no spanning-tree portfast

Question 108

Refer to the exhibit.

An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the right.

Options:

Question 109

Which access layer threat-mitigation technique provides security based on identity?

Options:

A.

Dynamic ARP Inspection

B.

using a non-default native VLAN

C.

802.1x

D.

DHCP snooping

Question 110

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

Options:

A.

infrastructure-as-a-service

B.

platform-as-a-service

C.

business process as service to support different types of service

D.

software-as-a-service

Question 111

Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

Options:

A.

Bronze

B.

Platinum

C.

Silver

D.

Gold

Question 112

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

Options:

A.

a DHCP Relay Agent

B.

DHCP Binding

C.

a DHCP Pool

D.

DHCP Snooping

Question 113

Refer to the exhibit.

A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?

Options:

A.

Switch trunk allowed vlan 12

B.

Switchport trunk allowed vlan none

C.

Switchport trunk allowed vlan add 13

D.

Switchport trunk allowed vlan remove 10-11

Question 114

Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

Options:

A.

cookbook

B.

task

C.

playbook

D.

model

E.

recipe

Question 115

What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency?

Options:

A.

different nonoverlapping channels

B.

different overlapping channels

C.

one overlapping channel

D.

one nonoverlapping channel

Question 116

Why was the RFC 1918 address space defined?

Options:

A.

conserve public IPv4 addressing

B.

preserve public IPv6 address space

C.

reduce instances of overlapping IP addresses

D.

support the NAT protocol

Question 117

On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

Options:

A.

DHCP

B.

STP

C.

SNMP

D.

DNS

Question 118

Which WLC port connects to a switch to pass normal access-point traffic?

Options:

A.

redundancy

B.

console

C.

distribution system

D.

service

Question 119

Refer to the exhibit.

How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 120

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

Options:

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Question 121

What is the role of a firewall in an enterprise network?

Options:

A.

Forwards packets based on stateless packet inspection

B.

Processes unauthorized packets and allows passage to less secure segments of the network

C.

determines which packets are allowed to cross from unsecured to secured networks

D.

explicitly denies all packets from entering an administrative domain

Question 122

Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Options:

Question 123

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Options:

A.

F0/4

B.

F0/0

C.

F0/1

D.

F0/3

Question 124

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Options:

Question 125

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

Options:

A.

weighted random early detection

B.

traffic policing

C.

traffic shaping

D.

traffic prioritization

Question 126

Which action implements physical access control as part of the security program of an organization?

Options:

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Question 127

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Options:

Question 128

Drag and drop the characteristics of networking from the left onto the networking types on the right.

Options:

Question 129

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Options:

A.

F0/10

B.

F0/11

C.

F0/12

D.

F0/13

Question 130

Refer to the exhibit.

Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

A)

B)

C)

D)

E)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 131

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 132

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

Options:

A.

10.10.10.5

B.

10.10.11.2

C.

10.10.12.2

D.

10.10.10.9

Question 133

Refer to the exhibit.

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Options:

A.

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

B.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

C.

Remark traffic as it traverses R1 and trust all markings at the access layer.

D.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Question 134

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

Options:

A.

int range g0/0-1

channel-group 10 mode active

B.

int range g0/0-1 chanm.l-group 10 mode desirable

C.

int range g0/0-1

channel-group 10 mode passive

D.

int range g0/0-1 channel-group 10 mode auto

E.

int range g0/0-1 channel-group 10 mode on

Question 135

Which field within the access-request packet is encrypted by RADIUS?

Options:

A.

authorized services

B.

authenticator

C.

username

D.

password

Question 136

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

Options:

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Question 137

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 138

Refer to the exhibit.

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

Options:

A.

192.168.1.0/24 via 192.168.12.2

B.

192.168.1.128/25 via 192.168.13.3

C.

192.168.1.192/26 via 192.168.14.4

D.

192.168.1.224/27 via 192.168.15.5

Question 139

What is the purpose of the ip address dhcp command?

Options:

A.

to configure an Interface as a DHCP server

B.

to configure an interface as a DHCP helper

C.

to configure an interface as a DHCP relay

D.

to configure an interface as a DHCP client

Question 140

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

Options:

A.

global unicast address

B.

anycast address

C.

multicast address

D.

link-local address

Question 141

A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:

• The first subnet must support 24 hosts

• The second subnet must support 472 hosts

• Both subnets must use the longest subnet mask possible from the address block

Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two )

Options:

A.

interface vlan 1234

ip address 10.70.159.1 255.255.254.0

B.

interface vlan 1148

ip address 10.70.148.1 255.255.254.0

C.

interface vlan 4722

ip address 10.70.133.17 255.255.255.192

D.

interface vlan 3002

ip address 10.70.147.17 255.255.255.224

E.

interface vlan 155

ip address 10.70.155.65 255.255.255.224

Question 142

Refer to the exhibit.

The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server?

Options:

A.

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

B.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

C.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

D.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

Question 143

Refer to the exhibit.

A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 144

A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

Options:

A.

ipv6 address 21:EB8:C1:2200:1::331/64

B.

ipv6 address 2001:EB8:C1:22:1::331/64

C.

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

D.

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

Question 145

What are two benefits of FHRPs? (Choose two.)

Options:

A.

They enable automatic failover of the default gateway.

B.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

C.

They are able to bundle multiple ports to increase bandwidth.

D.

They prevent loops in the Layer 2 network.

E.

They allow encrypted traffic.

Question 146

Refer to the exhibit.

An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for now hosts. Which configuration script must be used?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 147

Which two network actions occur within the data plane? (Choose two.)

Options:

A.

Add or remove an 802.1Q trunking header.

B.

Make a configuration change from an incoming NETCONF RPC.

C.

Run routing protocols.

D.

Match the destination MAC address to the MAC address table.

E.

Reply to an incoming ICMP echo request.

Question 148

Which protocol is used for secure remote CLI access?

Options:

A.

HTTPS

B.

HTTP

C.

Telnet

D.

SSH

Question 149

Refer to the exhibit.

An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured Which command accomplishes this task?

Options:

A.

switchport trunk allowed vlan 100-104

B.

switchport trunk allowed vlan add 104

C.

switchport trunk allowed vlan all

D.

switchport trunk allowed vlan 104

Question 150

Drag and drop the statements about networking from the left onto the corresponding networking types on the right.

Options:

Question 151

Refer to the exhibit.

All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Options:

A.

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

B.

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

C.

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

D.

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Question 152

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 153

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 154

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

Options:

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Question 155

Refer to the exhibit.

Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 156

Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

Options:

A.

SYIM flood

B.

reflection

C.

teardrop

D.

amplification

Question 157

What is a function of a Next-Generation IPS?

Options:

A.

makes forwarding decisions based on learned MAC addresses

B.

serves as a controller within a controller-based network

C.

integrates with a RADIUS server to enforce Layer 2 device authentication rules

D.

correlates user activity with network events

Question 158

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

Options:

A.

SSH

B.

HTTPS

C.

Telnet

D.

console

Question 159

Which action is taken by the data plane within a network device?

Options:

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Question 160

Refer to the exhibit.

Host A sent a data frame destined for host D

What does the switch do when it receives the frame from host A?

Options:

A.

It drops the frame from the switch CAM table.

B.

It floods the frame out of all ports except port Fa0/1.

C.

It shuts down the port Fa0/1 and places it in err-disable mode.

D.

It experiences a broadcast storm.

Question 161

Refer to the exhibit.

Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)

Options:

A.

transport input telnet

B.

crypto key generate rsa

C.

ip ssh pubkey-chain

D.

login console

E.

username cisco password 0 Cisco

Question 162

An engineer must configure R1 for a new user account. The account must meet these requirements:

* It must be configured in the local database.

* The username is engineer.

* It must use the strongest password configurable. Which command must the engineer configure on the router?

Options:

A.

R1 (config)# username engineer2 algorithm-type scrypt secret test2021

B.

R1(config)# username engineer2 secret 5 .password S1$b1Ju$kZbBS1Pyh4QzwXyZ

C.

R1(config)# username engineer2 privilege 1 password 7 test2021

D.

R1(config)# username englneer2 secret 4 S1Sb1Ju$kZbBS1Pyh4QzwXyZ

Question 163

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

Options:

A.

192.168.0.7

B.

192.168.0.4

C.

192.168.0.40

D.

192.168.3.5

Question 164

What is an expected outcome when network management automation is deployed?

Options:

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Question 165

OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

Options:

A.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network broadcast

B.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf network point-to-point

C.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

interface e1/1

ip address 192.168.1.1 255.255.255.252

ip ospf cost 0

D.

router ospf 1

network 192.168.1.1 0.0.0.0 area 0

hello interval 15

interface e1/1

Ip address 192.168.1.1 255.255.255.252

Question 166

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

Options:

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Question 167

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Options:

Question 168

Refer to the exhibit.

Which command configures OSPF on the point-to-point link between routers R1 and R2?

Options:

A.

router-id 10.0.0.15

B.

neighbor 10.1.2.0 cost 180

C.

ipospf priority 100

D.

network 10.0.0.0 0.0.0.255 area 0

Question 169

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

Options:

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Question 170

Refer to the exhibit.

R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192 168.20.0/24 network via R3?

Options:

A.

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

B.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

C.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

D.

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

Question 171

Refer to the exhibit.

What is a reason for poor performance on the network interface?

Options:

A.

The interface is receiving excessive broadcast traffic.

B.

The cable connection between the two devices is faulty.

C.

The interface is operating at a different speed than the connected device.

D.

The bandwidth setting of the interface is misconfigured

Question 172

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 173

Which characteristic differentiates the concept of authentication from authorization and accounting?

Options:

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Question 174

What provides centralized control of authentication and roaming In an enterprise network?

Options:

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Question 175

What is a requirement for nonoverlapping Wi-Fi channels?

Options:

A.

different security settings

B.

discontinuous frequency ranges

C.

different transmission speeds

D.

unique SSIDs

Question 176

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

Options:

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Question 177

What causes a port to be placed in the err-disabled state?

Options:

A.

nothing plugged into the port

B.

link flapping

C.

shutdown command issued on the port

D.

latency

Question 178

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

Options:

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Question 179

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Options:

Question 180

Refer to the exhibit.

Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building What must be the configuration of the connection?

Options:

A.

Select the WPA Policy option with the CCKM option.

B.

Disable AES encryption.

C.

Enable Fast Transition and select the FT 802.1x option.

D.

Enable Fast Transition and select the FT PSK option.

Question 181

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 182

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

Options:

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Question 183

How does Rapid PVST+ create a fast loop-free network topology?

Options:

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Question 184

By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?

Options:

A.

200 seconds

B.

300 seconds

C.

600 seconds

D.

900 seconds

Question 185

Which two server types support dornas name to IP address resolution? (Choose two >

Options:

A.

ESX host

B.

resolver

C.

web

D.

file transfer

E.

authentication

Question 186

Drag and drop the Cisco IOS attack mitigation features from the left onto the types of network attack they mitigate on the right.

Options:

Question 187

Refer to the exhibit.

Router R14 is in the process of being configured. Which configuration must be used to establish a host route to PC 10?

Options:

A.

ip route 10.80.65.10 255.255.255.254 10.80.65.1

B.

ip route 10.8065.10 255.255.255.255 10.73.65.66

C.

ip route 1073.65.65 255.0.0.0 10.80.65.10

D.

ip route 10.73.65.66 0.0.0.255 10.80.65.10

Question 188

What determines the sequence in which materials are planned during the material requirements planning (MRP) run?

Options:

A.

The control parameters of the MRP run

B.

The creation date of the materials

C.

The low-level code of the materials

D.

The replenishment lead time of the materials

Question 189

Why is a first-hop redundancy protocol implemented?

Options:

A.

to protect against default gateway failures

B.

to prevent loops in a network

C.

to enable multiple switches to operate as a single unit

D.

to provide load-sharing for a multilink segment

Question 190

A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show Interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue?

Options:

A.

high bandwidth usage

B.

a physical cable fault

C.

a speed mismatch

D.

a cable that is too long

Question 191

Refer to the exhibit.

Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration?

Options:

A.

Uncheck the Guest User check box

B.

Check the Guest User Role check box

C.

Set the Lifetime (seconds) value to 0

D.

Clear the Lifetime (seconds) value

Question 192

What is the function of a controller in a software-defined network?

Options:

A.

multicast replication at the hardware level

B.

forwarding packets

C.

fragmenting and reassembling packets

D.

setting packet-handling policies

Question 193

Which 802.11 frame type is Association Response?

Options:

A.

management

B.

control

C.

action

D.

protected frame

Question 194

What should a network administrator consider when deciding to implement automation?

Options:

A.

Automated systems may have difficulty expanding network changes at scale.

B.

Network automation typically is limited to the configuration and management of virtual devices within a network.

C.

Network automation typically increases enterprise management operating costs.

D.

Manual changes frequently lead to configuration errors and inconsistencies.

Question 195

Refer to the exhibit.

An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured?

A)

B)

C)

D)

Options:

A.

Option

B.

Option

C.

Option

D.

Option

Question 196

Why implement VRRP?

Options:

A.

to provide end users with a virtual gateway in a multivendor network

B.

to leverage a weighting scheme to provide uninterrupted service

C.

to detect link failures without the overhead of Bidirectional Forwarding Detection

D.

to hand over to end users the autodiscovery of virtual gateways

Question 197

Refer to the exhibit.

Which two values does router R1 use to determine the best path to reach destinations in network 1,0.0.0/8? (Choose two.)

Options:

A.

longest prefix match

B.

highest administrative distance

C.

highest metric

D.

lowest metric

E.

lowest cost to reach the next hop

Question 198

Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.

Options:

Question 199

Refer to the exhibit.

The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken must be taken to complete the task?

Options:

A.

Configure the no lldp tlv-select-management-address command globally on Cat9K-2

B.

Configure the no lldp transmit command on interface G1/0/21 in Cat9K-1

C.

Configure the no lldp receive command on interface G1/0/21 on Cat9K-1

D.

Configure the no lldp mac-phy-cfg command globally on Cat9K-2

Question 200

What describes the functionality of southbound APIs?

Options:

A.

They use HTTP messages to communicate.

B.

They enable communication between the controller and the network device.

C.

They convey information from the controller to the SDN applications.

D.

They communicate with the management plane.

Question 201

Which (unction generally performed by a traditional network device is replaced by a software-defined controller?

Options:

A.

encryption and decryption for VPN link processing

B.

building route tables and updating the forwarding table

C.

changing the source or destination address during NAT operations

D.

encapsulation and decapsulation of packets in a data-link frame

Question 202

What is a function of an endpoint?

Options:

A.

It is used directly by an individual user to access network services

B.

It passes unicast communication between hosts in a network

C.

It transmits broadcast traffic between devices in the same VLAN

D.

It provides security between trusted and untrusted sections of the network.

Question 203

What is a benefit for external users who consume public cloud resources?

Options:

A.

implemented over a dedicated WAN

B.

located in the same data center as the users

C.

all hosted on physical servers

D.

accessed over the Internet

Question 204

What is the functionality of the Cisco DNA Center?

Options:

A.

data center network pokey con

B.

console server that permits secure access to all network devices

C.

IP address cool distribution scheduler

D.

software-defined controller for automaton of devices and services

Question 205

What is a specification for SSIDS?

Options:

A.

They are a Cisco proprietary security feature.

B.

They must include one number and one letter.

C.

They define the VLAN on a switch.

D.

They are case sensitive.

Question 206

Refer to the exhibit.

An engineer configures interface fa0/1 on SW1 and SW2 to pass traffic from two different VLANs. For security reasons, company policy requires the native VLAN to be set to a nondefault value. Which configuration meets this requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 207

What are two protocols within the IPsec suite? (Choose two)

Options:

A.

AH

B.

3DES

C.

ESP

D.

TLS

E.

AES

Question 208

An administrator must use the password complexity not manufacturer-name command to prevent users from adding “cisco” as a password. Which command must be issued before this command?

Options:

A.

Password complexity enable

B.

confreg 0x2142

C.

Login authentication my-auth-list

D.

service password-encryption

Question 209

Refer to the exhibit.

How many JSON objects are presented?

Options:

A.

1

B.

2

C.

3

D.

4

Question 210

Refer to the exhibit.

How many objects, Keys and JSON list values are present?

Options:

A.

three objects, two Keys, and three JSON list values

B.

three objects, three keys and two JSON Ml values

C.

one object, three keys, and three JSON list values

D.

one object, three keys and two JSON list values

Question 211

UESTION NO: 253

Refer to the exhibit.

Which command must be enable a floating default route on router A?

Options:

A.

ip route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

Question 212

What are two examples of multifactor authentication? (Choose two.)

Options:

A.

single sign-on

B.

unique user knowledge

C.

passwords that expire

D.

soft tokens

E.

shared password responsibility

Question 213

Refer to the exhibit.

Which interface is chosen to forward traffic to the host at 192.168.0.55?

Options:

A.

GigabitEthernet0

B.

GigabitEthernet0/1

C.

Null0

D.

GigabitEthernet0/3

Question 214

Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1 and the ISP must be configured with a manual assignment, and the LAN interface must be self-provisioned Both connections must use the applicable IPv6 networks Which two configurations must be applied to R1? (Choose two.)

Options:

A.

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127

B.

interface Gi0/0

ipv6 address 2001:db8:1:AFFF::/64 eui-64

C.

interface Gi0/1

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127

D.

interface Gi0/0

ipv6 address 2001:db8:0:AFFF::/64 eui-64

E.

interface Gi0/0

ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127

Question 215

A network engineer is implementing a corporate SSID for WPA3-Personal security with a PSK. Which encryption cipher must be configured?

Options:

A.

GCMP2S6

B.

GCMP128

C.

CCMP256

D.

CCMP128

Question 216

What is the difference between 1000BASE-LX/LH and 1000BASE-ZX interfaces?

Options:

A.

1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km.

B.

1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 10008ASE-ZX needs a conditioning patch cable with a multimode.

C.

1000BASE-LX/LH is supported on links up to 10km, and 1000BASE-ZX operates over links up to 70 km

D.

1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate.

Question 217

Refer to the exhibit.

Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.

What does the switch do when it receives the frame from host D?

Options:

A.

It creates a broadcast storm.

B.

It drops the frame from the MAC table of the switch.

C.

It shuts down the source port and places It In err-disable mode.

D.

It floods the frame out of every port except the source port.

Question 218

Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used.

Options:

Question 219

Which type of port is used to connect lo the wired network when an autonomous AP maps two VLANs to its WLANs?

Options:

A.

LAG

B.

EtherChannel

C.

trunk

D.

access

Question 220

ESTION NO: 268

To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security program is being deployed?

Options:

A.

user training

B.

user awareness

C.

vulnerability verification

D.

physical access control

Question 221

Refer to the exhibit.

The loopback1 interface of the Atlanta router must reach the lookback3 interface of the Washington router.

Options:

A.

ipv6 route 2000::1/128 2012::2

B.

ipv6 route 2000::1/128 2012::1

C.

ipv6 route 2000:3 123 s0/0/0

D.

ipv6 route 2000::3/128 2023::3

E.

ipv6 route 2000::1/128 s0/0/1

Question 222

Refer to the exhibit.

Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request?

Options:

A.

192.168.7.4

B.

192.168.7.7

C.

192.168.7.35

D.

192.168.7.40

Question 223

When the LAG configuration is updated on a Cisco WLC which additional task must be performed when changes are complete?

Options:

A.

Flush all MAC addresses from the WLC

B.

Re-associate the WLC with the access point.

C.

Re-enable the WLC interfaces

D.

Reboot the WLC

Question 224

Under which condition is TCP preferred over UDP?

Options:

A.

UDP is used when low latency is optimal, and TCP is used when latency is tolerable.

B.

TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out- of-order.

C.

TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable.

D.

UDP is used when data is highly interactive, and TCP is used when data is time-sensitive.

Question 225

An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer?

Options:

A.

client exclusion

B.

passive client

C.

DHCP address assignment

D.

static IP tunneling

Question 226

Which device separates networks by security domains?

Options:

A.

firewall

B.

access point

C.

intrusion protection system

D.

wireless controller

Question 227

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Options:

Question 228

Which cable type must be used to interconnect one switch using 1000 BASE-SX GBiC modules and another switch using 1000 BASE-SX SFP modules?

Options:

A.

LC to SC

B.

SC t ST

C.

SC to SC

D.

LC to LC

Question 229

Refer to the exhibit.

An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN Interface of R86. Which command must be executed on R14?

Options:

A.

ip route 10.80.65.0.255.255.248.0.10.73.65.66.1

B.

ip route 10.80.65.0.255.255.255..240 fa0/1 89

C.

ip route 10.80.65.0.255.255.248.0.10.73.65.66.171

D.

ip route 10.80.65.0.0.0.224.10.80.65.0. 255

Question 230

What is a characteristics of a collapsed-core network topology?

Options:

A.

It allows the core and distribution layers to run as a single combined layer.

B.

It enables the core and access layers to connect to one logical distribution device over an EtherChannel.

C.

It enables all workstations in a SOHO environment to connect on a single switch with internet access.

D.

It allows wireless devices to connect directly to the core layer, which enables faster data transmission.

Question 231

Refer to the exhibit.

What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?

Options:

A.

Select PSK under Authentication Key Management

B.

Select WPA+WPA2 on Layer 2 Security

C.

Select Static-WEP + 802.1X on Layer 2 Security

D.

Select WPA Policy with TKIP Encryption

E.

Select 802.1X from under Authentication Key Management

Question 232

Which REST method updates an object in the Cisco DNA Center Intent API?

Options:

A.

CHANGE

B.

UPDATE

C.

POST

D.

PUT

Question 233

Refer to the exhibit. An engineer must translate the PC1 IP address to 10.199.77.100 and permit PC1 to ping the loopback 0 on router R2. What command set must be used?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 234

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

Options:

A.

site-to-site VPN

B.

IDMVPN

C.

IGETVPN

D.

IPsec remote access

E.

clientless VPN

Question 235

Which benefit does Cisco ONA Center provide over traditional campus management?

Options:

A.

Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditional campus management uses SNMPv2.

B.

Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.

C.

Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.

D.

Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent from traditional campus management.

Question 236

Refer to the exhibit.

Which two values does router R1 use to identify valid routes for the R3 loopback address 1.1.1.3/32? (Choose two.)

Options:

A.

lowest cost to teach the next hop

B.

highest metric

C.

highest administrative distance

D.

lowest metric

E.

lowest administrative distance

Question 237

Refer to the exhibit.

Traffic from R1 to the 10.10.2.0/24 subnet uses 192.168.1.2 as its next hop. An network engineer wants to update the R1 configuration so that traffic with destination 10.10.2.1 passes through router R3, and all other traffic to the 10.10.20/24 subnet passes through r2. Which command must be used?

Options:

A.

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 115

B.

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 100

C.

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 115

D.

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 100

Question 238

Refer to the exhibit.

An architect is managing a wireless network with APs from several branch offices connecting to the WLC in the data center. There is a new requirement for a single WLAN to process the client data traffic without sending it to the WLC. Which action must be taken to complete the request?

Options:

A.

Enable local HTTP profiling.

B.

Enable Disassociation Imminent.

C.

Enable FlexConnect Local Switching.

D.

Enable local DHCP Profiling.

Question 239

Refer to the exhibit.

What is represented by "R1" and "SW1" within the JSON output?

Options:

A.

key

B.

array

C.

value

D.

object

Question 240

Refer to the exhibit.

When router R1 receives a packet with destination IP address 10.56.0 62. through which interface does it route the packet?

Options:

A.

Null0

B.

VIan58

C.

Vlan60

D.

VIan59

Question 241

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

Options:

A.

switchport port-security mac-address abcd.abcd.abcd

B.

switchport port-security mac-address abed.abed.abed vlan 4

C.

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.

switchport port-security mac-address abcd.abcd.abcd vlan voice

Question 242

Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?

Options:

A.

tunnel

B.

transport

C.

aggressive

D.

main

Question 243

Exhibit.

The switches are connected via a Cat5 Ethernet cable that was successfully tested. The Interfaces are configured as access ports and are both in a 'down" status. What is the cause of this issue?

Options:

A.

The switches are configured with incompatible duplex settings.

B.

The distance between the two switches is not supported by Cut5.

C.

The speed settings on the switches are mismatched.

D.

The portfast command is missing from the configuration.

Question 244

Refer to the exhibit.

Drag and drop the destination IPs from the left onto the paths to reach those destinations on the right.

Options:

Exam Detail
Vendor: Cisco
Certification: CCNA
Exam Code: 200-301
Exam Name: Cisco Certified Network Associate
Last Update: Apr 18, 2025
200-301 Question Answers
Page: 1 / 61
Total 1028 questions
Get 200-301 Full Access Download 200-301 PDF