IT Exam Questions and Solutions Library
Refer to the exhibit. What is the cause of poor performance on router R19? A. excessive collisions B. excessive CRC errors C. port oversubscription D. speed and duplex mismatch Suggested Answer: C Community Answer: D
Why is UDP more suitable than TCP for applications that require low latency, such as VoIP? A. UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order. B. TCP uses congestion control for efficient packet delivery, and UDP uses flow control mechanisms for the delivery of packets C. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load. D. TCP sends an acknowledgment for every packet that is received, and UDP operates without acknowledgments. Suggested Answer: D
Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? SW1: 0С:0А:05:22:05:97 - SW2: 0C:0A:A8:1A:3C:9D - SW3: 0С:0А:18:81:ВЗ:19 - SW4: 0С:4А:82:56:35:78 A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: A Community Answer: C
Which alternative to password authentication is implemented to allow enterprise devices to log in to the corporate network? A. 90-day renewal policies B. magic links C. one-time passwords D. digital certificates Suggested Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices: • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary pre-configurations have been applied. • Do not remove any existing configurations from the devices, only those necessary to make the appropriate changes required to fulfill the listed tasks. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - Reference Topology Diagram and table. Configure IPv4 and IPv6 between the two routers. Task 1: • Configure R1 with the first usable host IP address in the IPv4 network. • Configure R2 with the last usable host IP address in the IPv4 network. • Verify connectivity using ping. Task 2: • Do not assign the subnet router anycast address to either router. • Configure R1 with the first usable host IP address in the IPv6 network. • Configure R2 with the last usable host IP address in the IPv6 network. • Verify connectivity using ping. Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary pre-configurations have been applied. • Do not remove any existing configurations from the devices, only those necessary to make the appropriate changes required to fulfill the listed tasks. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - Task 1 - • Configure a host route on R5 for the destination of 10.200.220.6. • Configure a static default route on R1 preferring the path through R3 towards R6. • From R5, use traceroute and ping to verify the path towards and reachability of R6. Task 2 - • Configure a floating static default route on R1, preferring the path through R2 towards R6 if the link to R3 should fail. • Configure the administrative distance for 225. • Configure a static route on R2 to forward the return traffic towards 10.100.110.0/25. • After shutting interface e0/1 on R1, use traceroute and ping from R5 to verify path towards and reachability of R6. Suggested Answer:
Which two statements distinguish authentication from accounting? (Choose two.) A. Only authentication supports user-activity audits. B. Only authentication challenges users for their credentials and returns a response. C. Only authentication validates "who you are." D. Only authentication records the duration of a user's connection. E. Only authentication provides supporting information for billing users. Suggested Answer: BC
Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? SW1: 0C:E4:82:33:62:23 - SW2: 0C:0E:16:11:05:97 - SW3: 0C:E0:16:1A:3C:9D - SW4: 0C:00:18:A1:B3:19 A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: B
Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? A. SW1: 0C:4A:82.:65:62:72 B. SW2: 0C:0A:A8:1A:3C:9D C. SW3: 0C:0A:18:81:B3:19 D. SW4: 0C:0A:05:22:05:97 Suggested Answer: D
Refer to the exhibit. All routers in the network are configured correctly, and the expected routes are being exchanged among the routers. Which set of routes are learned from neighbors and installed on router 2? A. 10.129.9.0/2310.139.2.0/3010.2.191.0/3010.129.9.0/25 B. 10.129.9.0/2310.40.1.0/3010.2.191.0/3010.129.9.0/25 C. 10.40.1.0/3010.139.2.0/3010.2.191.0/3010.129.9.0/25 D. 10.129.9.0/2310.139.2.0/3010.129.9.0/2510.22.1.0/24 Suggested Answer: A Community Answer: A
Refer to the exhibit. Router-WAN1 has a new connection via Gi0/0 to the ISP. Users running the web applications indicate that connectivity is unstable to the internet. What is causing the interface issue? A. The receive buffer is full due to a broadcast storm. B. Frames are discarded due to a half-duplex negotiation. C. Broadcast packets are rejected because ARP timeout is enabled. D. Small frames less than 64 bytes are rejected due to size. Suggested Answer: B
A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server? A. ntp server 172.24.54.8 B. ntp master 172.24.54.8 C. ntp peer 172.24.54.8 D. ntp client 172.24.54.8 Suggested Answer: A
Refer to the exhibit. Which type of JSON data is represented? A. number B. array C. object D. string Suggested Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary pre-configurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Configure local user account, configure a Named ACL (NACL), and Dynamic Arp Inspection. 1. Configure a local account on Sw3 with telnet access only on virtual ports 0-4. Use the following information: o Username: tech12 o Password: load1key o Algorithm type: md5 o Privilege level: Exec mode 2. Configure and apply a NACL on R1 to control network traffic towards ISP: o Name: ISP_ACL o Restrict RFC 1918 class A and B addresses o Allow all other addresses 3. A DHCP IP Pool is preconfigured on R1 for VLAN 5, and DHCP Snooping is configured on Sw2. Configure on Sw2: o Dynamic Arp Inspection for VLAN 5 o Enable validation of the ARP packet destination MAC address o Enable validation of the ARP packet source MAC address o Enable validation of the ARP Packet IP address Suggested Answer:
What is the RFC 4627 default encoding for JSON text? A. UCS-2 B. GB18030 C. UTF-8 D. Hex Suggested Answer: C
Refer to the exhibit. A network engineer is configuring a WLAN to use a WPA2 PSK and allow only specific clients to join. Which two actions must be taken to complete the process? (Choose two.) A. Enable the OSEN Policy option. B. Enable the 802.1X option for Authentication Key Management. C. Enable the WPA2 Policy option. D. Enable the MAC Filtering option. E. Enable the CCKM option for Authentication Key Management. Suggested Answer: CD
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary pre-configurations have been applied. • Do not remove any existing configurations from the devices, only those necessary to make the appropriate changes required to fulfill the listed tasks. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - Task 1 - Configure trunks between Sw1 and Sw2 on ports E0/0 and E0/1 using the IEEE standard frame tagging method. • Add VLAN 99 as untagged on the trunk ports. • Only extend VLAN 110 and the untagged VLAN across the trunk. • Verify that PC1 is capable of pinging PC2. Task 2 - On Sw1 and Sw2, use IEEE 802.3ad link aggregation. • Combine E0/0 and E0/1 into a single logical link while leaving the trunk configurations intact. • Assign number 20 to the link. • Both links must negotiate aggregation. Suggested Answer:
Refer to the exhibit. Which configuration parameter is preventing host С from reaching the internet? A. IP address assignment B. IP network mask C. default gateway D. automatic DNS Suggested Answer: C
Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? SW1 0С:0A:05:22:05:97 - SW2 0С:4A:82:07:57:58 - SW3 0C:0A:A8:1A:3C:9D - SW4 0С:0A:18:A1:B3:19 A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: A Community Answer: C
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Connectivity for the Switches on ports E0/1, E0/2, and E0/3 must be configured and available for voice and data capabilities. 1. Configure Sw1 and Sw2 with the VLAN naming as indicated. 2. Assign the VLANs to the appropriate interfaces and set a non-trunking, non-tagged, single-VLAN for each interface according to the topology. 3. Configure both switches to use the L2 vendor-neutral discovery protocol to broadcast device information, including the native VLAN across the e0/0 interfaces. Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Routers 2 and 3 are inaccessible. Configure OSPF routing for the network and ensure R1 has joined Area 0 without using network statements. Task 1 - • Configure OSPF on R1 with a process ID and router- ID only as follows: o use process ID 33 o use EO/1 IP as the router ID Task 2 - • Configure R1 to establish neighbor adjacencies with R2 and R3. The network statement under the OSPF process must not be used. • Configure R1 to always become the DR for Area 0 Suggested Answer:
Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.) A. Select the 802.1x option for Auth Key Management B. Select the AES (CCMP128) option for WPA2 WPA3 Encryption C. Select the AES option for Auth Key Management D. Select the PSK option for Auth Key Management E. Select the WPA Policy option. Suggested Answer: BD
Which Rapid PVST+ port state does a port operate in without receiving BPDUs from neighbors or updating the address database? A. listening B. forwarding C. disabled D. blocking Suggested Answer: C Community Answer: D
Which protocol should be used to transfer large files on a company intranet that allows TCP 20 and 21 through the firewall? A. SMTP B. REST API C. TFTP D. FTP Suggested Answer: D
Refer to the exhibit. PC1 tries to ping PC3 for the first time and sends out an ARP to S1. Which action is taken by S1? A. It is flooded out every port except G0/0. B. It drops the frame. C. It forwards it out G0/3 only. D. It forwards it out interface G0/2 only. Suggested Answer: A Community Answer: A
Which interface condition is occurring in this output?A. duplex mismatch B. high throughput C. bad NIC D. queueing Suggested Answer: A Community Answer: A
Refer to the exhibit. Which set of commands must be applied to the two switches to configure an LACP Layer 2 EtherChannel? A. SW1(config)#interface range f0/13 -14SW1(config-if-range)#channel-group 1 mode autoSW2(config)#interface range f0/13 -14SW2(config-if-range)#channel-group 1 mode passive B. SW1(config)#interface range f0/13 -14SW1(config-if-range)#channel-group 1 mode desirableSW2(config)#interface range f0/13 -14SW2(config-if-range)#channel-group 1 mode passive C. SW1(config)#interface range f0/13 -14SW1(config-if-range)#channel-group 1 mode onSW2(config)#interface range f0/13 -14SW2(config-if-range)#channel-group 1 mode passive D. SW1(config)#interface range f0/13 -14SW1(config-if-range)#channel-group 1 mode activeSW2(config)#interface range f0/13 -14SW2(config--range)#channel-group 1 mode passive Suggested Answer: D Community Answer: D
SIMULATION -R1 has been pre-configured with all the necessary commands. All physical cabling is in place and verified. Connectivity to the end devices must be configured. 1. Configure SW-1 switch port 0/1 to carry traffic for the Cisco IP phone and PC 2. Configure SW-2 E0/1 to carry traffic for PC2 3. Configure VLAN 10 with the name “Engineering” on SW-1 4. Configure the link between SW-1 and SW-2 to use the vendor neutral neighbor discovery protocol 5. Configure the link on SW-1 to R1 so that it does not allow the Cisco neighbor discovery protocol to pass Suggested Answer:
How is noise defined in Wi-Fi? A. measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal B. any interference that is not Wi-Fi traffic that degrades the desired signal C. signals from other Wi-Fi networks that interfere with the local signal D. ratio of signal-to-noise rating supplied by the wireless device Suggested Answer: B Community Answer: B
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:8bb8:8bb1:C081:B8FF:FF4B:1 B. 2001:db8:8bb8:8bb1:C001:8BFE:FF01:1 C. 2001:db8:8bb8:8bb4:6792:43FF:EF87:1 D. 2001:db8:8bb8:8bb1:C801:B8FF:FEB8:1 Suggested Answer: D Community Answer: D
What is a characteristics of frame switching? A. floods unknown destinations to all ports except the receiving port B. inspects and drops frames from unknown destinations C. forwards frames to a neighbor port using CDP D. protects against denial of service attacks Suggested Answer: A Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Connectivity for the Switches on ports E0/1, E0/2, and E0/3 must be configured and available for voice and data capabilities. 1. Configure Sw1 and Sw2 with both VLANS, naming them according to the VLAN Name provided in the topology. 2. Configure the E0/1, E0/2, and E0/3 ports on both switches for both VLANS and ensure that Cisco IP phones and PCs pass traffic. 3. Configure Sw1 and Sw2 to allow neighbor discovery via the vendor-neutral protocol on e0/0. Suggested Answer:
What are two reasons to implement DHCP in a network? (Choose two.) A. manually control and configure IP addresses on network devices B. control the length of time an IP address is used by a network device C. reduce administration time in managing IP address ranges for clients D. dynamic control over the best path to reach an IP address E. access a website by name instead of by IP address Suggested Answer: BC Community Answer: BC
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - SW-3 and SW-4 are preconfigured with all necessary commands. All physical cabling is in place and verified. All connectivity must be operational. 1. Configure both SW-1 and SW-2 switch ports e0/0 and e0/1 for 802.1q trunking with only VLANS 1, 12, and 22 permitted. 2. Configure SW-1 port e0/2 for 802.1q trunking and include only VLANS 12 and 22. 3. Configure both SW-1 and SW-2 switch ports e0/0 and e0/1 for link aggregation using the industry standard protocol. All ports must be configured so that they immediately negotiate the link. Suggested Answer:
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:9bb6:6bb9:C801:B6FF:FEB4:1 B. 2001:db8:9bb6:6bb9:C001:6BFE:FF01:1 C. 2001:db8:9bb6:6bb9:C081:B6FF:FF4B:1 D. 2001:db8:9bb6:6bb9:4736:931F:FE37:1 Suggested Answer: C Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Configure a local user account, a Named ACL (NACL) and security. 1. Configure a local account on Sw101 with telnet access only on virtual ports 0-4. Use the following information: o Username: netops o Password: ipsec4all o Algorithm: "Vigenere" o Privilege level: Exec mode 2. Configure and apply a single NACL on Sw103 using the following: o name: ENT_ACL o Restrict only PC1 on VLAN 10 from pinging PC2 o Allow only PC1 on VLAN 10 to telnet to R1 (172.16.30.2) o Prevent all other devices from telnetting from VLAN 10 o Allow all other network traffic from VLAN 10 3. Configure security on interface Ethernet 0/0 of Sw102: o Set the maximum number of secure MAC addresses to two o Ensure that the port discards the packet, counts the number of violations and sends a syslog message o Allow secure mac addresses to be learned dynamically Suggested Answer:
Refer to the exhibit. What is the metric for the route to the 192.168.10.33 host? A. 84 B. 110 C. 192 D. 193 Suggested Answer: D Community Answer: D
Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:8bb3:8bb1:C001:8BFE:FF31:1 B. 2001:db8:8bb3:8bb1:C081:B8FF:FF3B:1 C. 2001:db8:8bb3:8bb1:C801:B8FF:FEB3:1 D. 2001:db8:8bb3:8bb4:7397:79FF:EF41:1 Suggested Answer: A Community Answer: C
Refer to the exhibit. A secondary route is required on router R1 to pass traffic to the LAN network on R2 if the primary link fails. Which command must be entered to configure the router? A. ip route 10.0.2.0 255.255.255.240 10.0.0.7 92 B. ip route 10.0.2.0 255.255.255.240 10.0.0.6 91 C. ip route 10.0.2.0 255.255.255.248 null0 93 D. ip route 10.0.2.0 255.255.255.248 10.0.0.6 91 Suggested Answer: D Community Answer: D
Refer to the exhibit. The LACP EtherChannel is configured, and the last change is to modify the interfaces on SwitchA to respond to packets received, but not to initiate negotiation. The interface range gigabitethernet0/0/0-15 command is entered. What must be configured next? A. SwitchA(config-if-range)#channel-group 1 mode auto B. SwitchA(config-if-range)#channel-group 1 mode active C. SwitchA(config-if-range)#channel-group 1 mode desirable D. SwitchA(config-if-range)#channel-group 1 mode passive Suggested Answer: D Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Connectivity for PC1, PC2 and PC3 must be established to the switches. Each port connecting to the PCs must be configured as an end-user port and only allow the designated VLAN. 1. Configure VLAN 99 on all three switches and label it exactly as FINANCIAL 2. Configure the switch ports connecting to PC1, PC2 and PC3 3. Cisco's neighbor discovery protocol has been disabled on SW-1 and must be re-enabled 4. PC1 must not be able to discover SW-1 Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - IP connectivity between the three routers is established. IP Services must be configured in the order presented to complete the implementation. 1. Configure dynamic one-to-one address mapping on R2 using a standard list named XLATE, which allows all traffic to translate the source address of R3 to a pool named test_pool using the 10.10.10.0/24 network for traffic sent from R3 to R1. Avoid using an NVI configuration. Verify reachability by sending a ping to 192.168.100.1 from R3. 2. Configure R3 to dynamically receive an IP address on Ethernet0/2 from the DHCP server. 3. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address 10.1.2.1. 4. Configure SSH access from R1 to R3, while excluding access via other remote connection protocols using the user root and password s3cret on router R3 using RSA. Verify connectivity from router R1 to R3 using a destination address assigned to interface E0/2 on R3. Suggested Answer:
Refer to the exhibit. Network services must be enabled on interface Gi1/0/34. Which configuration meets the needs for this implementation? A. interface Gi1/0/34switchport mode trunkswitchporttrunk allowed native vlan 400switchportvoice vlan 4041 B. interface Gi1/0/34switchport mode trunkswitchporttrunk allowed vlan 400, 4041switchport voice vlan 4041 C. interface Gi1/0/34switchport mode accessswitchportaccess vlan 400switchport voice vlan 4041 D. interface Gi1/0/34switchport mode accessswitchportaccess vlan 4041switchport voice vlan 400 Suggested Answer: C
Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100? A. It will always prefer the static route over dynamic routes and choose the routeS 100.100.0.0/16 [1/0] via 192.168.4.1. B. It will choose the route with the lowest metric,R 100.0.0.0/8 [120/2] via 192.168.3.1, 00:00:13, Ethernet0/3. C. It will choose the route with the highest metric,D 100.100.100.0/24 [90/435200] via 192.168.2.1, 00:00:13, Ethernet0/2. D. It will choose the route with the longest match,O 100.100.100.100/32 [110/21] via 192.168.1.1, 00:05:57, Ethernet0/1. Suggested Answer: D Community Answer: D
What does a router do when it is configured with the default DNS lookup settings, and a URL is entered on the CLI? A. It continuously attempts to resolve the URL until the command is cancelled. B. It initiates a ping request to the URL. C. It prompts the user to specify the desired IP address. D. It attempts to query a DNS server on the network. Suggested Answer: D Community Answer: D
How does MAC learning function? A. overwrites the known source MAC address in the address table B. enabled by default on all VLANs and interfaces C. protects against denial of service attacks D. forwards frames to a neighbor port using CDP Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
How does MAC learning function? A. sends a retransmission request when a new frame is received B. enabled by default on all VLANs and interfaces C. populates the ARP table with the egress port D. protects against denial of service attacks Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What is a characteristic of frame switching? A. performs a lookup to learn the destination interface B. disabled by default on all interfaces and VLANs C. buffers and forwards frames with less than 5 CRCs D. protects against denial of service attacks Suggested Answer: D Community Answer: A
DRAG DROP - Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used.Suggested Answer:
What is a function of a Next-Generation IPS? A. It analyzes and mitigates observed vulnerabilities in a network. B. It serves as a controller within a controller-based network C. It integrates with a RADIUS server to enforce Layer 2 device authentication rules D. It makes forwarding decisions based on learned MAC addresses Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
What is a characteristic of encryption in wireless networks? A. prevents intercepted data from being easily read B. uses a unidirectional handshake for authentication C. intercepts data threats before they attack a network D. uses integrity checks to identify forgery attacks Suggested Answer: A Community Answer: A
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:9bb6:6bb9:C081:B6FF:FF4B:1 B. 2001:db8:9bb6:6bb9:C001:6BFE:FF01:1 C. 2001:db8:9bb6:6bb9:4679:824F:FE88:1 D. 2001:db8:9bb6:6bb9:C801:B6FF:FEB8:1 Suggested Answer: B Community Answer: D
What is a characteristic of a Layer 2 switch? A. tracks the number of active TCP connections B. maintains stateful transaction information C. filters based on a transport layer protocol D. supports segmentation using tagging protocols Suggested Answer: D Community Answer: D
Which interface is used to send traffic to the destination network?A. F0/2 B. F0/20 C. F0/12 D. F0/10 Suggested Answer: A Community Answer: A
Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active? A. portfast B. uplinkfast C. BPDU guard D. loop guard Suggested Answer: A Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Configure local users accounts, modify the Named ACL (NACL), and configure DHCP Snooping. The current contents of the NACL must remain intact. 1. Configure a local account on Sw103 with telnet access only on virtual ports 0-4. Use the following information: • Username: devnet • Password: access8cli • Algorithm type: SHA256 • Privilege level: Exec mode 2. Using the minimum number of ACEs, modify the existing NACL "INTERNET_ACL" to control network traffic destined for the Internet, and apply the ACL on R1: • Allow HTTPS from 172.16.0.0/16 • Allow Telnet only for VLAN 101 • Restrict all other traffic and log the ingress interface, source MAC address, the packet's source and destination IP addresses, and ports 3. Configure Sw101: • Enable DHCP Snooping for VLAN 101 • Disable DHCP Option-82 data insertion • Enable DHCP Snooping MAC address verification Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place. A company plans to deploy 64 new sites. The sites will utilize both IPv4 and IPv6 networks. 1. Subnet 10.30.64.0/19 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign the first usable IP address to e0/0 on Sw101 - Assign the last usable IP address to e0/0 on Sw102 2. Subnet 2001:db8::/56 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101 - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102 Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place. Configurations should ensure that connectivity is established end-to-end. 1. Configure a route on R1 to ensure that R1 prefers R2 to reach the 2001:db8:41::/64 network 2. Configure a floating route on R1, and ensure that R1 uses R3 to reach the 2001 :db8:41::/64 network if the connection between R1 and R2 is down 3. Ping and traceroute should be working Suggested Answer:
Refer to the exhibit. PC1 regularly sends 1800 Mbps of traffic to the server. A network engineer needs to configure the EtherChannel to disable Port Channel 1 between SW1 and SW2 when the Ge0/0 and Ge0/1 ports on SW2 go down. Which configuration must the engineer apply to the switch? A. SW2# configure terminal -SW2(config)# interface port-channel 4SW2(config-if)# port-channel min-links 2 B. SW2# configure terminal -SW2(config)# interface port-channel 4SW2(config-if)# lacp port-priority 32000 C. SW2# configure terminal -SW2(config)# interface port-channel 4SW2(config-if)# lacp max-bundle 2 D. SW2# configure terminal -SW2(config)# lacp system-priority 32000 Suggested Answer: A Community Answer: A
An administrator is configuring a Cisco Catalyst switch so that it will accept management connections only from hosts in the 203.0.113.0/24 network. Other traffic passing through the switch must transit without interruption. Which two configurations must the engineer apply to the router? (Choose two.) A. interface range vlan 1 - 4094ip access-group Management out B. line vty 0 15access-class Management in C. ip access-list standard Managementpermit 203.0.113.0 0.0.0.255 D. ip access-list standard Managementpermit 203.0.113.0 255.255.255.0 E. ip access-list extended Managementpermit tcp any range 22 23 203.0.113.0 0.0.0.255 Suggested Answer: BC Community Answer: BC
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What causes a port to be placed in the err-disabled state? A. shutdown command issued on the port B. port security violation C. nothing plugged into the port D. latency Suggested Answer: B Community Answer: B
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:d945:91:12A0:AB34:FFCC:1 B. 2001:db8:d945:91:11B0:ABFF:FECC:1 C. 2001:db8:d945:91:4661:59FF:FF53:5 D. 2001:db8:d945:91:1130:ABFF:FECC:1 Suggested Answer: B Community Answer: B
What is a characteristic of private IPv4 addressing? A. reduces the forwarding table on network routers B. allows communication across external internet boundaries C. assigned by an enterprise organization to internal hosts D. complies with Payment Card industry regulations Suggested Answer: C Community Answer: C
Refer to the exhibit. Which switch becomes the root bridge? A. SW 1 -Bridge Priority - 8192 -mac-address 00:10:a1:30:eb:38 B. SW 2 -Bridge Priority - 8192 -mac-address 00:10:a1:80:fb:29 C. SW 3 -Bridge Priority - 24576 -mac-address 00:10:a1:50:55:8f D. SW 4 -Bridge Priority - 24576 -mac-address 00:10:a1:90:7e:66 Suggested Answer: A Community Answer: A
What is a characteristic of a Layer 2 switch? A. responsible for sending data in a particular sequence B. maintains stateful transaction information C. makes forwarding decisions based on MAC addresses D. filters based on a transport layer protocol Suggested Answer: C Community Answer: C
What is represented by the word "switch" within this JSON schema?A. key B. object C. array D. value Suggested Answer: A Community Answer: A
How does encryption protect the wireless network? A. via integrity checks to identify wireless forgery attacks in the frame B. via an algorithm to change wireless data so that only the access point and client understand it C. via specific ciphers to detect and prevent zero-day network attacks D. via a policy to prevent unauthorized users from communicating on the wireless network Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:d955:1697:1130:ABFF:FECC:1 B. 2001:db8:d955:1697:4657:149F:FE65:1 C. 2001:db8:d955:1697:11D8:BFFF:FE69:1 D. 2001:db8:d955:1697:12D8:BAFE:FF01:1 Suggested Answer: C Community Answer: C
What is represented by the word "LB13" within this JSON schema?A. array B. value C. object D. key Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology lab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Router R1 is configured and passing traffic for VLANs 5 and 6. All relevant ports are pre-configured as 802.1q trunks. 1. Configure SW-1 port E0/0 to permit only VLANS 5 and 6 2. Configure both SW-1 and SW-2's E0/1 ports to send and receive untagged traffic over VLAN 77 3. Configure SW-2 E0/2 port to permit only VLAN 6 4. Configure both SW-3 and SW-4 ports e0/0 and e0/1 for link aggregation using the industry standard protocol with the following requirements: o SW-3 ports must immediately negotiate the aggregation protocol o SW-4 ports must not initiate the negotiation for the aggregation protocol o Use the designated number assignment Suggested Answer:
Refer to the exhibit. Which type of JSON data is shown? A. Boolean B. string C. object D. sequence Suggested Answer: C Community Answer: C
What is a characteristic of private IPv4 addressing? A. enables secure connectivity over the internet B. allows communication across external internet boundaries C. assigned by an enterprise organization to internal hosts D. used by ISP's when only one IP is needed to connect to the internet Suggested Answer: C Community Answer: C
A DHCP pool has been created with the name NOCC. The pool is using 192.168.20.0/24 and must use the next to last usable IP address as the default gateway for the DHCP clients. What is the next step in the process? A. next-server 192.168.20.254 B. network 192.168.20.254 255.255.255.0 secondary C. default-router 192.168.20.253 D. ip default-gateway 0.0.0.0 0.0.0.0 192.168.20.253 Suggested Answer: C Community Answer: C
Which Windows command is used instead of the route print command to display the contents of the IP routing table? A. ipconfig B. netstat -r C. netstat -n D. ifconfig Suggested Answer: B Community Answer: B
What is a characteristic of frame switching? A. rewrites the source and destination MAC address B. performs a lookup to learn the destination interface C. sends a retransmission request when a new frame is received D. inspects and drops frames from unknown destinations Suggested Answer: B Community Answer: B
Refer to the exhibit. The network engineer is confining router R2 as a replacement router on the network. After the initial configuration is applied, it is determined that R2 failed to show R1 as a neighbor. Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1? A. R2(config)#interface g0/0/0 -R2(config-if)#ip ospf hello-interval 10 B. R2(config)#router ospf 1 -R2(config-router)#router-id 192.168.1.1 C. R2(config)#router ospf 1 -R2(config-router)#network 192.168.1.0 255.255.255.0 area 2 D. R2(config)#interface g0/0/0 -R2(config-if)#ip ospf dead-interval 45 Suggested Answer: A Community Answer: A
What is a characteristic of an SSID in wireless networks? A. allows easy file sharing between endpoints B. identifies a wireless network C. eliminates network piggybacking D. requires the use of PoE for functionality Suggested Answer: B Community Answer: B
Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:1a44:41a4:C081:BFFF:FE4A:1 B. 2001:db8:1a44:41a4:C801:BEFF:FE4A:1 C. 2001:db8:1a44:41a4:4660:592F:FE65:1 D. 2001:db8:1a44:41a4:C800:BAFE:FF00:1 Suggested Answer: B Community Answer: B
Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:3bb8:3bb1:C810:B3FF:FF8B:1 B. 2001:db8:3bb8:3bb1:C001:3BFE:FF81:1 C. 2001:db8:3bb8:3bb4:6363:93FF:EF66:1 D. 2001:db8:3bb8:3bb1:C801:B3FF:FEB8:1 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
What is a characteristic of a Layer 2 switch? A. transfers all frames received to every connected device B. offers one collision domain for all connected devices C. transmits exclusively at half duplex D. supports segmentation using tagging protocols Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Which cable type must be used when connecting two like devices together using these criteria? • Pins 1 to 3 and 2 to 6 are required. • Auto detection MDI-X is unavailable. A. straight-through B. console C. crossover D. rollover Suggested Answer: C Community Answer: C
What is a characteristic of an SSID in wireless networks? A. allows easy file sharing between endpoints B. provides protection against spyware C. associates a name to a wireless network D. eliminates network piggybacking Suggested Answer: C Community Answer: C
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Switch SW-1 is pre-configured and inaccessible. SW-2 and SW-3 ports must be configured and operational to complete the configuration. 1. Configure SW-2 and SW-3 ports E0/0 to use the industry standard encapsulation method for trunking and only tag VLAN 10 2. Configure SW-2 and SW-3 ports E0/0 to send and receive untagged traffic over VLAN 11 3. Configure SW-2 and SW-3 ports E0/2 and E0/3 to use the industry standard encapsulation method for trunking and tag all VLANS 4. Configure SW-2 and SW-3 ports E0/2 and E0/3 for link aggregation using the industry standard protocol with the following requirements: o SW-2 ports must not initiate the negotiation for the aggregation protocol o SW-3 ports must immediately negotiate the aggregation protocol o Use the designated number assignment Suggested Answer:
Which selections must be used on the WLC when implementing a RADIUS server for wireless authentication? A. Client Exclusion and SSH B. Network Access Control State and SSH C. AAA Override and the IP address of the server D. 802.1x and the MAC address of the server Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
Which port-security violation mode drops traffic from unknown MAC addresses and forwards an SNMP trap? A. shutdown VLAN B. protect C. restrict D. shutdown Suggested Answer: C Community Answer: C
What is the purpose of an ESSID? A. It allows multiple access points to provide a common network for client connections. B. It supports fast roaming features such as 802.11 r, 802.11k, and 802.11v. C. It serves as the wireless MAC address of the access point. D. It provides greater security than a standard SSID. Suggested Answer: A Community Answer: A
DRAG DROP -Refer to the exhibit. Drag and drop the learned prefixes from the left onto the preferred route methods from which they were learned on the right. Not all prefixes are used.
Suggested Answer:
How does a hub handle a frame traveling to a known destination MAC address differently than a switch? A. The hub forwards the frame to all ports, and a switch forwards the frame to the known destination. B. The hub forwards the frame to all ports in the FIB table, and a switch forwards the frame the destination MAC is known. C. The hub forwards the frame using the information in the MAC table, and a switch uses data in its routing table. D. The hub forwards the frame only to the port connected to the known MAC address, and a switch forwards the frame to all ports. Suggested Answer: A Community Answer: A
Refer to the exhibit. Which switch becomes the root bridge? A. SW 1 -Bridge Priority - 20480 -mac-address 00:10:a1:71 :e3:35 B. SW 2 -Bridge Priority - 20480 -mac-address 00:10:a1:54:4e:50 C. SW 3 -Bridge Priority - 57344 -mac-address 00:10:a1:93:09:2d D. SW 4 -Bridge Priority - 57344 -mac-address 00:10:a1:57:61:80 Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - All physical cabling is in place. A company plans to deploy 16 new sites. The sites will utilize both IPv4 and IPv6 networks. 1. Subnet 10.20.0.0/16 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign the first usable IP address to e0/0 on Sw101 - Assign the last usable IP address to e0/0 on Sw102 2. Subnet 2001:db8::/52 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101 - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102 Suggested Answer:
Which interface condition is occurring in this output?A. bad NIC B. broadcast storm C. duplex mismatch D. high throughput Suggested Answer: D Community Answer: D
Which interface is used to send traffic to the destination network?A. F0/7 B. F0/6 C. F0/4 D. F0/5 Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Which physical component is distributed among multiple virtual machines running on the same hypervisor? A. external storage B. network interfaces C. backplane network D. hardware resources Suggested Answer: D Community Answer: D
What is a characteristic of private IPv4 addressing? A. used on the external interface of a firewall B. used by ISP's when only one IP is needed to connect to the internet C. reduces the forwarding table on network routers D. address space which is isolated from the internet Suggested Answer: D Community Answer: D
What is represented in line 3 within this JSON schema?A. object B. key C. value D. array Suggested Answer: A Community Answer: A
How does MAC learning function? A. restricts ports to a maximum of 10 dynamically-learned addresses B. increases security on the management VLAN C. drops received MAC addresses not listed in the address table D. associates the MAC address with the port on which it is received Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
How does MAC learning function? A. enabled by default on all VLANs and interfaces B. increases security on the management VLAN C. sends frames with unknown destinations to a multicast group D. inspects and drops frames from unknown destinations Suggested Answer: A Community Answer: A
What is a characteristic of a Layer 2 switch? A. provides a single broadcast domain for all connected devices B. tracks the number of active TCP connections C. offers one collision domain for all connected devices D. makes forwarding decisions based on MAC addresses Suggested Answer: D Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - VLANS 35 and 45 have been configured in all three switches. All physical connectivity has been installed and verified All inter-switch links must be operational. 1. Configure SW-1 and SW-2 switch ports e0/0 and e0/1 for 802.1q trunking allowing all VLANS 2. Configure the inter-switch links on SW-1 e0/2, SW-2 e0/2, and SW-3 e0/0 and e0/1 to use native VLAN 35 3. Configure SW-1 and SW-2 switch ports e0/0 and e0/1 for link aggregation SW-1 should immediately negotiate LACP and SW-2 must only respond to LACP requests
Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Which two tasks support the physical access control element of a security program? (Choose two.) A. Deploy a video surveillance system B. Run a workshop on corporate security policies C. Implement badge access to critical locations D. Develop slideshows about new security regulations E. Disperse information about how to protect the organization's confidential data Suggested Answer: AC Community Answer: AC
Refer to the exhibit The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:bd69:1469:12D8:BAFE:FF01:1 B. 2001:db8:bd69:1469:1130:ABFF:FECC:1 C. 2001:db8:bd69:1469:4628:255F:FE32:1 D. 2001:db8:bd69:1469:11BE:BFFF:FEB9:1 Suggested Answer: D Community Answer: D
What is a characteristic of encryption in wireless networks? A. used to ensure data integrity B. uses 802.1x as the standard encoding method C. uses protocols such as TKIP and CCMP to secure data D. only works with the 5Ghz frequency Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
Refer to the exhibit. Which switch becomes the root bridge? A. SW 1 -Bridge Priority - 61440 -mac-address 00:10:a1:69:c9:28 B. SW2 -Bndge Priority - 61440 -mac address 00:10:a1:27:81:6c C. SW 3 -Bridge Priority - 53248 -mac-address 00:10:a1:35:d9:86 D. SW 4 -Bridge Priority 53248 -mac-address 00:10:a1:22:11:63 Suggested Answer: D Community Answer: D
Refer to the exhibit. PC A is communicating with another device at IP address 10.225.34.225. Through which router does router Y route the traffic? A. router A B. router B C. router C D. router D Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the device type on the right Not all characteristics are used.Suggested Answer:
Which interface is used to send traffic to the destination network?A. G0/6 B. G0/3 C. G0/16 D. G0/23 Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Which is a fact related to FTP? A. It uses two separate connections for control and data traffic. B. It uses block numbers to identify and mitigate data-transfer errors. C. It always operates without user authentication. D. It relies on the well-known UDP port 69. Suggested Answer: A Community Answer: A
Refer to the exhibit. What is the cause of the issue? A. shutdown command B. wrong cable type C. STP D. port security Suggested Answer: B Community Answer: B
PC1 tries to send traffic to newly installed PC2. The PC2 MAC address is not listed in the MAC address table of the switch, so the switch sends the packet to all ports in the same VLAN. Which switching concept does this describe? A. frame flooding B. MAC address table C. spanning-tree protocol D. MAC address aging Suggested Answer: A Community Answer: A
Refer to the exhibit. A packet sourced from 172.18.33.2 is destined for 172.18.32.38. Where does the router forward the packet? A. 10.1.1.1 B. 10.1.1.3 C. Loopback0 D. GigabitEthernet0/0 Suggested Answer: D Community Answer: D
Refer to the exhibit. An administrator is configuring a new WLAN for a wireless network that has these requirements: • Dual-band clients that connect to the WLAN must be directed to the 5-GHz spectrum. • Wireless clients on this WLAN must be able to apply VLAN settings on the returned RADIUS attributes. Which two actions meet these requirements? (Choose two.) A. Enable the Client Band Select option. B. Enable the Coverage Hole Detection option. C. Enable the Allow AAA Override option. D. Set the MFP Client Protection option to Required. E. Enable the Aironet IE option Suggested Answer: AC Community Answer: AC
How does a network administrator securely manage an AP in lightweight mode? A. using the AP GUI via an in-band SSH connection B. using the CLI via an out-of-band connection C. using the CLI via a virtual interface with SSH D. using the WLC GUI via HTTPS Suggested Answer: D Community Answer: D
Which type of protocol is VRRP? A. allows two or more routers to act as a default gateway B. uses Cisco-proprietary First Hop Redundancy Protocol C. uses a destination IP address 224.0.0.102 for router-to-router communication D. uses dynamic IP address assignment Suggested Answer: A Community Answer: A
Refer to the exhibit. The switch cat9k-acc-1 connects users to the campus LAN. Printing services are inaccessible through the network. Which interface issue is causing the connectivity problems? A. A bad checksum is causing Ethernet frames to drop. B. Excessive collisions are causing dropped frames. C. A large number of broadcast packets are resulting in a port reset. D. The interface output queue cannot process the Ethernet frames. Suggested Answer: A Community Answer: C
Which standard is required when more than one distribution system port and only one IP address are configured for a Cisco WLC? A. 802.3ad B. 802.1q C. 802.1d D. 802.1af Suggested Answer: A Community Answer: A
Which capability does TFTP provide? A. loads configuration files on systems without data storage devices B. provides authentication for data communications over a private data network C. provides encryption mechanisms for file transfer across a WAN D. provides secure file access within the LAN Suggested Answer: A Community Answer: A
Which action protects a network from VLAN hopping attacks? A. Implement port security on internet-facing VLANs. B. Change the native VLAN to an unused VLAN ID. C. Enable dynamic ARP inspection. D. Configure an ACL to prevent traffic from changing VLANs. Suggested Answer: B Community Answer: B
What should a network administrator consider when deciding to implement automation? A. Automated systems may have difficulty expanding network changes at scale. B. Network automation typically is limited to the configuration and management of virtual devices within a network. C. Network automation typically increases enterprise management operating costs. D. Manual changes frequently lead to configuration errors and inconsistencies. Suggested Answer: D Community Answer: D
Company has decided to require multifactor authentication for all systems. Which set of parameters meets the requirement? A. personal 10-digit PIN and RSA certificate B. complex password and personal 10-digit PIN C. password of 8 to 15 characters and personal 12-digit PIN D. fingerprint scanning and facial recognition Suggested Answer: A Community Answer: A
How does IPsec provide secure networking for applications within an organization? A. It takes advantage of FTP to secure file transfers between nodes on the network. B. It provides GRE tunnels to transmit traffic securely between network nodes. C. It enables sets of security associations between peers. D. It leverages TFTP providing secure file transfers among peers on the network. Suggested Answer: C Community Answer: C
Network security team noticed that an increasing number of employees are becoming victims of phishing attacks. Which security program should be implemented to mitigate the problem? A. email system patches B. physical access control C. software firewall enabled on all PCs D. user awareness training Suggested Answer: D Community Answer: D
What is a characteristic of frame switching? A. populates the ARP table with the egress port B. drops received MAC addresses not listed in the address table C. stores and forwards frames in a buffer and uses error checking D. rewrites the source and destination MAC address Suggested Answer: A Community Answer: C
What is represented by the word "R20" within this JSON schema?A. value B. array C. object D. key Suggested Answer: A Community Answer: A
Refer to the exhibit. Which switch becomes the root bridge? A. SW3 -Bridge Priority - 28672 -mac-address 00:10:a1:51:57:51 B. SW2 -Bridge Priority - 28672 -mac-address 00:10:a1:82:03:94 C. SW1 -Bridge Priority - 12288 -mac-address 00:10:a1:95:2b:77 D. SW4 -Bridge Priority - 12288 -mac-address 00:10:a1:03:42:e8 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What is a characteristic of a Layer 2 switch? A. responsible for sending data in a particular sequence B. uses routers to create collision domains C. avoids MAC address storage for faster transmission D. uses the data link layer for communications Suggested Answer: D Community Answer: D
Which interface condition is occurring in this output?A. broadcast storm B. queueing C. bad NIC D. duplex mismatch Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - R1 and R2 are pre-configured with all the necessary commands. All physical cabling is in place and verified. Connectivity for PC1 and PC2 must be established to the switches; each port must only allow one VLAN and be operational. 1. Configure SW-1 with VLAN 15 and label it exactly as OPS 2. Configure SW-2 with VLAN 66 and label it exactly as ENGINEERING 3. Configure the switch port connecting to PC1 4. Configure the switch port connecting to PC2 5. Configure the E0/2 connections on SW-1 and SW-2 for neighbor discovery using the vendor-neutral standard protocol and ensure that E0/0 on both switches uses the Cisco proprietary protocol
Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - R1 has been pre-configured with all the necessary commands. All physical cabling is in place and verified. Connectivity for PC1 and PC2 must be established to the switches, and each port must only allow one VLAN. 1. Configure SW-1 with VLAN 35 and label it exactly as SALES 2. Configure SW-2 with VLAN 39 and label it exactly as MARKETING 3. Configure the switch port connecting to PC1 4. Configure the switch port connecting to PC2 5. Configure SW-1 and SW-2 for universal neighbor discovery using the industry standard protocol and disable it on the interface connecting to PC1
Suggested Answer:
Refer to the exhibit. PC A is communicating with another device at IP address 10.227.151.255. Through which router does router Y route the traffic? A. router A B. router B C. router C D. router D Suggested Answer: A Community Answer: D
Refer to the exhibit. VoIP is being implemented in the network using VLAN ID 73 and named "VoIP". Each user needs a Cisco IP phone at their desk. Switchport e0/0 has been configured as an access port in the data VLAN. Cisco Discovery Protocol is enabled globally. Which command sequence completed the configuration? A. vlan73name VoIPe0/0switchport voice vlan dot1p B. vlan 73name VoIPe0/0switchport trunk allowed vlan 72,73switchport voice vlan 73 C. vlan 73name VoIPe0/0switchport mode trunkchannel-group 73 mode active D. vlan 73name VoIPe0/0switchport voice vlan 73 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which IP route command created the best path for a packet destined for 10.10.10.3? A. ip route 10.10.0.0 255.255.252.0 g0/0 B. ip route 10.10.10.0 255.255.255.240 g0/0 C. ip route 10.0.0.0 255.0.0.0 g0/0 D. ip route 10.10.10.1 255.255.255.255 g0/0 Suggested Answer: B Community Answer: B
Which cable type must be used when connecting a router and switch together using these criteria? • Pins 1 and 2 are receivers and pins 3 and 6 are transmitters. • Auto detection MDI-X is unavailable. A. crossover B. rollover C. console D. straight-through Suggested Answer: A Community Answer: D
Which protocol does a REST API use to communicate? A. SSH B. STP C. SNMP D. HTTP Suggested Answer: D Community Answer: D
Which interface on the WLC is limited to one when LAG is in use? A. service B. virtual C. trunk D. AP-manager Suggested Answer: D Community Answer: D
Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be modified for the connection to work? A. Subnet Mask B. DNS Servers C. Default Gateway D. DHCP Servers Suggested Answer: A Community Answer: A
Which fact must the engineer consider when implementing syslog on a new network? A. Syslog defines the software or hardware component that triggered the message. B. There are 16 different logging levels (0-15). C. The logging level defines the severity of a particular message. D. By default, all message levels are sent to the syslog server. Suggested Answer: C Community Answer: C
In what way does a network supervisor reduce maintenance costs while maintaining network integrity on a traditionally managed network? A. They install an automated network-monitoring system to provide early warning of network issues. B. They employ additional network administrators to proactively manage the network. C. They use automation to centralize network-management tasks. D. They automate change-management processes that verify issue resolution. Suggested Answer: B Community Answer: C
Which type of wired port is required when an AP offers one unique SSID, passes client data and management traffic, and is in autonomous mode? A. trunk B. default C. access D. LAG Suggested Answer: C Community Answer: A
Refer to the exhibit. A network engineer must configure the WLC to allow only DHCP and DNS packets for User1 and User2. Which configuration must be used? A. Enable Web Authentication for 802.1X standard in the Layer 2 Security configuration B. Enable Fallback Policy with MAC filtering under the Layer 3 Security configuration C. Enable Web policy and Authentication in the Layer 3 Security configuration. D. Enable Web Authentication under the AAA Server configuration on the WLAN. Suggested Answer: C Community Answer: C
Which connection type is used when an engineer connects to an AP without a configured IP address or dial-up number to manage the device? A. AUX B. Ethernet C. VIY D. console Suggested Answer: D Community Answer: D
What is a function of a firewall on an enterprise network? A. It allows and denies ingress and egress traffic. B. It serves as a default gateway to hosts on the internet. C. It processes traffic based on stateless inspection. D. It acts as the intermediary device between the enterprise and its ISP. Suggested Answer: A Community Answer: A
Which protocol is implemented when an organization must verify network performance, troubleshoot issues, and use an agent to communicate between monitoring tools and end devices? A. FIP B. NIP C. NFS D. SNMP Suggested Answer: D Community Answer: D
What is a difference between an IPv6 multicast address and an IPv6 anycast address? A. An IPv6 multicast address uses the prefix 2002::/15 and forwards to one destination, and an IPv6 anycast address uses the prefix ff00:/8 and forwards to any destination in a group. B. A packet sent to an IPv6 multicast address is delivered to one or more destinations at once, but a packet sent to an IPv6 anycast address is routed to the closest interface with that address. C. IPV6 multicast addresses are used to transition from IPv4 to IPv6, and IPv6 anycast addresses are used for address aggregation in an IPv6-only environment. D. An IPV6 multicast address is assigned to numerous interfaces within a subnet, but an IPv6 anycast address is used for a predefined group of nodes in an all-IPv6 routers group. Suggested Answer: B Community Answer: B
Which syslog message logging level displays interface line protocol up/down events? A. informational B. alerts C. debugging D. notifications Suggested Answer: D Community Answer: D
Which device protects an internal network from the Internet? A. router B. firewall C. access point D. Layer 2 switch Suggested Answer: B Community Answer: B
Which encryption mode is used when a packet is sent from a site-to-site VPN connection where the source and destination IP address portion of a packet is unencrypted? A. PPTP B. Secure Shell C. Transport D. PPPoE Suggested Answer: C Community Answer: C
What is a reason why an administrator would choose to implement an automated network management approach? A. Enable "box by box" configuration and deployment. B. Decipher simple password policies. C. Reduce inconsistencies in the network configuration. D. Increase recurrent management costs. Suggested Answer: C Community Answer: C
Refer to the exhibit. The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two.) A. ip route 10.10.10.0 255.255.255.0 192.168.2.3ip route 10.10.10.10 255.255.255.255 192.168.2.2 B. ip route 10.10.10.0 255.255.255.0 192.168.2.2ip route 10.10.2.2 255.255.255.255 10.10.10.10 C. ip route 10.10.10.0 255.255.255.0 192.168.2.3ip route 10.10.10.8 255.255.255.252 g0/0 D. ip route 10.10.10.0 255.255.255.248 192.168.2.2ip route 10.10.2.8 255.255.255.252 g0/1 Suggested Answer: A Community Answer: A
What differentiates the Cisco OfficeExtend AP mode from the Cisco FlexConnect AP mode? A. FlexConnect allows a personal SSID to be configured on the AP, and personal SSIDs are not supported with OfficeExtend. B. OfficeExtend does not support DTLS tunneling of traffic to the WLC, and FlexConnect tunnels traffic to the WLC with DTLS. C. FlexConnect must be deployed behind a router that NATs the client traffic, and OfficeExtend uses public IP sources. D. OfficeExtend mode requires indoor APs with internal antennas, and indoor and outdoor APs use FlexConnect mode. Suggested Answer: B Community Answer: D
Refer to the exhibit. A network engineer is configuring a WLAN to connect with the 172.16.10.0/24 network on VLAN 20. The engineer wants to limit the number of devices that connect to the WLAN on the USERWL SSID to 125. Which configuration must the engineer perform on the WLC? A. In the Controller IPv6 configuration, set the Throttle value to 125. B. In the WLAN configuration, set the Maximum Allowed Clients value to 125. C. In the Management Software activation configuration, set the Clients value to 125. D. In the Advanced configuration, set the DTIM value to 125. Suggested Answer: A Community Answer: B
Refer to the exhibit. An LACP EtherChannel between two directly connected switches is in the configuration process. Which command must be configured on switch SW2s Gi0/1-2 interfaces to establish the channel to SW1? A. channel-group 1 mode on B. channel-group 1 mode desirable C. channel-group 1 mode active D. channel-group 1 mode auto Suggested Answer: C Community Answer: C
Refer to the exhibit. An administrator must connect SW_1 and the printer to the network. SW_2 requires DTP to be used for the connection to SW_1. The printer is configured as an access port with VLAN 5. Which set of commands completes the connectivity? A. switchport mode dynamic autoswitchport private-vlan association host 5 B. switchport mode trunkswitchport trunk pruning vlan add 5 C. switchport mode dynamic desirableswitchport trunk allowed vlan add 5 D. switchport mode dynamic autoswitchport trunk encapsulation negotiate Suggested Answer: C Community Answer: C
Refer to the exhibit. Which per-hop QoS behavior is R1 applying to incoming packets? A. marking B. shaping C. queuing D. policing Suggested Answer: C Community Answer: C
What is the role of the root port in a switched network? A. It replaces the designated port when the designated port fails. B. It replaces the designated port when the root port fails. C. It is the best path to the root from a nonroot switch. D. It is administratively disabled until a failover occurs. Suggested Answer: B Community Answer: C
What is the temporary state that switch ports always enter immediately after the boot process when Rapid PVST+ is used? A. forwarding B. listening C. learning D. discarding Suggested Answer: C Community Answer: D
What is used to identify spurious DHCP servers? A. DHCPACK B. DHCPREQUEST C. DHCPOFFER D. DHCPDISCOVER Suggested Answer: C Community Answer: D
Refer to the exhibit. A packet sourced from 10.10.10.1 is destined for 172.16.3.254. What is the subnet mask of the destination route? A. 0.0.0.0 B. 255.255.254.0 C. 255.255.255.0 D. 255.255.255.255 Suggested Answer: B Community Answer: B
Refer to the exhibit. IPv6 must be implemented on R1 to the ISP. The uplink between R1 and the ISP must be configured with a manual assignment, and the LAN interface must be self-provisioned. Both connections must use the applicable IPv6 networks. Which two configurations must be applied to R1? (Choose two.) A. interface Gi0/0ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03:/127 B. interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64 C. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127 D. interface Gi0/0ipv6 address 2001:db8:1:AFFF::/64 eui-64 E. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127 Suggested Answer: AD Community Answer: BE
Refer to the exhibit. What does the host do when using the IPv4 Preferred function? A. It forces the DNS server to provide the same IPv4 address at each renewal. B. It requests the same IPv4 address when it renews its lease with the DHCP server. C. It prefers a pool of addresses when renewing the IPv4 host IP address. D. It continues to use a statically assigned IPv4 address. Suggested Answer: B Community Answer: B
Refer to the exhibit. What is preventing host A from reaching the internet? A. LAN and WAN network segments are different. B. The domain name server is unreachable. C. The default gateway should be the first usable IP address. D. IP address assignment is incorrect. Suggested Answer: C Community Answer: B
What are two capabilities provided by VRRP within a LAN network? (Choose two.) A. redundancy B. granular QoS C. load sharing D. dynamic routing updates E. bandwidth optimization Suggested Answer: BD Community Answer: AC
Which AP mode is used for capturing wireless traffic and forwarding that traffic to a PC that is running a packet analyzer? A. bridge B. monitor C. rouge detector D. sniffer Suggested Answer: C Community Answer: D
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:d955:1008:12D8:BAFE:FF01:1 B. 2001:db8:d955:1008:4598:785F:FE25:1 C. 2001:db8:d955:1008:1030:ABFF:FECC:1 D. 2001:db8:d955:1008:10D8:BAFF:FEC2:1 Suggested Answer: B Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab doses and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Routers R3 and R4 are fully configured and inaccessible. Configure static routes for various connectivity to the ISP and the LAN, which resides on R4. 1. Configure a default route on R2 to the ISP 2. Configure a default route on R1 to the ISP 3. Configure R2 with a route to the Server at 10.0.41.10 4. Configure R1 with a route to the LAN that prefers R3 as the primary path to the LAN Suggested Answer:
Which components are contained within a virtual machine? A. physical resources, including the NIC, RAM, disk, and CPU B. configuration files backed by physical resources from the Hypervisor C. applications running on the Hypervisor D. processes running on the Hypervisor and a guest OS Suggested Answer: D Community Answer: B
Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP? A. service B. trunk C. AP-manager D. virtual AP connection Suggested Answer: C Community Answer: C
What does a switch search for in the CAM table when forwarding a frame? A. source MAC address and aging time B. destination MAC address and flush time C. source MAC address and source port D. destination MAC address and destination port Suggested Answer: D Community Answer: D
Which port type does a lightweight AP use to connect to the wired network when configured in FlexConnect mode with local switching and VLAN tagging? A. trunk B. LAG C. EtherChannel D. access Suggested Answer: A Community Answer: A
In which circumstance would a network architect decide to implement a global unicast subnet instead of a unique local unicast subnet? A. when the subnet must be available only within an organization B. when the subnet does not need to be routable C. when the addresses on the subnet must be equivalent to private IPv4 addresses D. when the subnet must be routable over the internet Suggested Answer: D Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - All physical cabling is in place. A company plans to deploy 16 new sites. The sites will utilize both IPv4 and IPv6 networks. 1. Subnet 172.16.0.0/16 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign the first usable IP address to e0/0 on Sw101 - Assign the last usable IP address to e0/0 on Sw102 2. Subnet 2001:DB8::/50 to meet the subnet requirements and maximize the number of hosts • Using the second subnet - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101 - Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102 Suggested Answer:
How does MAC learning function on a switch? A. associates the MAC address with the port on which it is received B. rewrites the source and destination MAC address C. broadcasts frames to all ports without queueing D. sends an ARP request to locate unknown destinations Suggested Answer: A Community Answer: A
Which interface is used to send traffic to the destination network?A. G0/21 B. G0/4 C. G0/5 D. G0/16 Suggested Answer: D Community Answer: D
What is a characteristic of an SSID in wireless networks? A. must include a combination of letters and numbers B. uses policies to prevent unauthorized users C. prompts a user for a login ID D. associates a name to a WLAN Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
Refer to the exhibit. Which switch becomes the root bridge? A. SW 4 -Bridge Priority - 49152 -mac-address 06:8e:bc:7e:5b:85 B. SW 3 -Bridge Priority - 49152 -mac-address 0d:e4:96:da:ee:95 C. SW 1 -Bridge Priority - 36864 -mac-address 05:a7:23:5b:52:25 D. SW 2 -Bridge Priority - 36864 -mac-address 04:1e:c4:bf:02:55 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
Which interface condition is occurring in this output?A. duplex mismatch B. high throughput C. bad NIC D. broadcast storm Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What is a characteristic of private IPv4 addressing? A. used when traffic on a subnet must traverse a site-to-site VPN to an outside organization B. supplies redundancy in the case of failure C. alleviates the shortage of IPv4 addresses D. reduces the forwarding table on network routers Suggested Answer: C Community Answer: C
What are two functions of DHCP servers? (Choose two.) A. issue DHCPDISCOVER messages when added to the network B. respond to client DHCPOFFER requests by Issuing an IP address C. support centralized IP management D. assign dynamic IP configurations to hosts in a network E. prevent users from assigning their own IP addresses to hosts Suggested Answer: CD Community Answer: CD
What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+? A. learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN B. blocking mode and provides an alternate path toward the designated bridge C. forwarding mode and provides the lowest-cost path to the root bridge for each VLAN D. listening mode and provides an alternate path toward the root bridge Suggested Answer: B Community Answer: B
A network architect is deciding whether to implement Cisco autonomous access points or lightweight access points. Which fact about firmware updates must the architect consider? A. Unlike lightweight access points, which require redundant WLCs to support firmware upgrades, autonomous access points require only one WLC. B. Unlike autonomous access points, lightweight access points require a WLC to implement remote firmware updates. C. Unlike lightweight access points, autonomous access points can recover automatically from a corrupt firmware update. D. Unlike autonomous access points, lightweight access points store a complete copy of the current firmware for backup. Suggested Answer: B Community Answer: B
What is the role of SNMP in the network? A. to monitor and manage network devices using a UDP underlay that operates on the application layer B. to collect data directly from network devices using an SSL underlay that operates on the transport layer C. to monitor network devices and functions using a TCP underlay that operates on the presentation layer D. to collect telemetry and critical information from network devices using an SSH underlay that operates on the network layer Suggested Answer: A Community Answer: A
Refer to the exhibit. Which configuration enables SW2 to establish an LACP EtherChannel? A.
B.
C.
D.
Suggested Answer: A Community Answer: A
Refer to the exhibit. What is the issue with the interface GigabitEthernet0/0/1? A. port security B. cable disconnect C. high throughput D. duplex mismatch Suggested Answer: D Community Answer: B
Refer to the exhibit. Router R1 receives static routing updates from routers A, B, C, and D. The network engineer wants R1 to advertise static routes in OSPF area 1. Which summary address must be advertised in OSPF? A. 10.1.41.0/25 B. 10.1.40.0/24 C. 10.1.40.0/25 D. 10.1.40.0/23 Suggested Answer: D Community Answer: D
An on-site service desk technician must verify the IP address and DNS server information on a user’s Windows computer. Which command must the technician enter at the command prompt on the user’s computer? A. show interface B. ipconfig /all C. netstat -r D. ifconfig -a Suggested Answer: B Community Answer: B
Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access? A. private B. public C. global unicast D. multicast Suggested Answer: B Community Answer: A
What is represented by the word "ge3/36" within this JSON schema?A. value B. array C. object D. key Suggested Answer: A Community Answer: A
Which SNMP message type is reliable and precedes an acknowledgment response from the SNMP manager? A. Get B. Inform C. Traps D. Set Suggested Answer: B Community Answer: B
What is a characteristic of private IPv4 addressing? A. provides unlimited address ranges B. is used when the network has multiple endpoint listeners C. reduces network complexity D. alleviates the shortage of IPv4 addresses Suggested Answer: D Community Answer: D
Which interface condition is occurring in this output?A. collisions B. bad NIC C. duplex mismatch D. broadcast storm Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
How does frame switching function on a switch? A. floods unknown destinations to all ports except the receiving port B. buffers and forwards frames with less than 5 CRCs C. forwards frames to a neighbor port using CDP D. sends frames with unknown destinations to a multicast group Suggested Answer: A Community Answer: A
Which interface is used to send traffic to the destination network?A. F0/9 B. F0/16 C. F0/7 D. F0/24 Suggested Answer: A Community Answer: A
What is a characteristic of encryption in wireless networks? A. intercepts data threats before they attack a network B. uses policies to prevent unauthorized users C. must include a combination of letters and numbers D. encodes and decodes data for authorized users Suggested Answer: D Community Answer: D
What is represented by the word "firewall" within this JSON schema?A. value B. key C. object D. array Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
What is a reason why a company would choose to use network automation in an enterprise? A. Provide data services faster. B. Enable network segmentation. C. Mitigate spanning-tree loop avoidance. D. Implement granular QoS. Suggested Answer: A Community Answer: A
Refer to the exhibit. A packet sourced from 172.16.32.254 is destined for 172.16.32.8. What is the subnet mask of the preferred destination route? A. 255.255.224.0 B. 255.255.255.0 C. 255.255.255.192 D. 255.255.255.252 Suggested Answer: C Community Answer: C
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - R1 has been pre-configured with all the necessary commands. All physical cabling is in place and verified. Connectivity from PC1, PC3, and the Server must be established to the switches, and each port must only allow one VLAN. 1. Configure the VLAN connecting to the switch port for PC3 with the name "SALES" 2. Configure the switch port connecting to Server1 3. Configure the switch port connecting to PC3 4. Ensure R1 discovers SW-1 via the Cisco proprietary neighbor discovery protocol and all other devices on the network are unable to discover SW-1 Suggested Answer:
Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which Ipv6 address Is produced by the router? A. 2001:db8:1006:1968:4564:877F:FE99:1 B. 2001:db8:1006:1968:1119:BEFF:FE67:1 C. 2001:db8:1006:1968:1130:ABFF:FECC:1 D. 2001:db8:1006:1968:12D8:BAFE:FF01:1 Suggested Answer: B Community Answer: B
Refer to the exhibit. Users at a branch office are experiencing application performance issues, poor VoIP audio quality, and slow downloads. What is the cause of the issues? A. QoS queuing B. interface configuration C. broadcast storm D. overutilization Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices: • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - All physical cabling is in place. Routers R3 and R4 are fully configured and inaccessible. Configure static routes for various connectivity to the ISP and the LAN that resides on R4. 1. Configure a route on R1 to ensure that R1 prefers R2 when traffic is destined to the server only. 2. Configure a default route on R2 to the ISP 3. Configure a route on R1 to ensure that R1 will use R2 for the R4 LAN if the link fails between R3 and R4 4. Configure a route on R1 to ensure that R1 prefers R3 when traffic is destined to the R4 LAN at 10.0.41.0/24 Suggested Answer:
An engineer needs to configure an access point to forward all client traffic through a wireless controller. Which mode must be enabled to accomplish this task? A. local B. monitor C. autonomous D. rogue detector Suggested Answer: A Community Answer: A
An Ethernet frame arrived at switch interface G0/1, but the destination MAC address is missing from the MAC address table. How does the switch process the frame? A. It sends an ARP request to attempt to locate the destination B. It updates the destination to FFFF.FFFF.FFFF. C. It drops the frame and notifies the sending host. D. It floods the frame out of the remaining switch interfaces. Suggested Answer: D Community Answer: D
A network administrator is evaluating network security in the aftermath of an attempted ARP spoofing attack. If Port-channel1 is the uplink interface of the access-layer switch toward the distribution-layer switch, which two configurations must the administrator configure on the access-layer switch to provide adequate protection? (Choose two.) A. ip dhcp snooping vlan 1-4094!interface Port-channel1switchport protectedswitchport port-security maximum 1 B. ip dhcp snooping vlan 1-4094ip dhcp snooping!interface Port-channel1ip dhcp snooping trust C. ip dhcp snooping!interface Port-channel1switchport port-security maximum 1switchport port-security D. ip arp inspection trust!interface Port-channel1switchport port-security maximum 4094switchport port-securityip verify source mac-check E. ip arp inspection vlan 1-4094!interface Port-channel1ip arp inspection trust Suggested Answer: DE Community Answer: BE
Which type of hypervisor operates without an underlying OS to host virtual machines? A. Type 1 B. Type 2 C. Type 3 D. Type 12 Suggested Answer: A Community Answer: A
What is a characteristic of an SSID in wireless networks? A. converts electrical current to radio waves B. associates a name to a WLAN C. uses a 4-way handshake for authentication D. provides increased protection against spyware Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
Which interface is used to send traffic to the destination network?A. G0/10 B. G0/24 C. G0/5 D. G0/1 Suggested Answer: B Community Answer: B
What is a characteristic of private IPv4 addressing? A. enables secure connectivity over the internet B. complies with PCI regulations C. provides an added level of protection against internet threats D. is used on internal hosts that stream data solely to external resources Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the traffic types from the left onto the QoS delivery mechanisms on the right.Suggested Answer:
What is a characteristic of private IPv4 addressing? A. is used when the ISP requires the new subnet to be advertised to the internet for web services B. provides unlimited address ranges C. is used when the network has multiple endpoint listeners D. is used on hosts that communicate only with other internal hosts Suggested Answer: D Community Answer: D
Refer to the exhibit. The engineer configured the VLANs on the new AccSw2 switch. A router-on-a-stick is connected to both switches. How must the ports be configured on AccSw2 to establish full connectivity between the two switches and for Server1? A. interface GigabitEthernet1/1switchport access vlan 11!interface GigabitEthernet1/24switchport mode trunkswitchport trunk allowed vlan 10,11 B. interface GigabitEthernet1/3switchport mode accessswitchport access vlan 10!interface GigabitEthernet1/24switchport mode trunkswitchport trunk allowed vlan 2,10 C. interface GigabitEthernet1/3switchport mode accessswitchport access vlan 10!interface GigabitEthernet1/24switchport mode trunk D. interface GigabitEthernet1/1switchport mode accessswitchport access vlan 11!interface GigabitEthernet1/24switchport mode trunk Suggested Answer: C Community Answer: C
How does frame switching function on a switch? A. floods unknown destinations to all ports except the receiving port B. modifies frames that contain a known source VLAN C. rewrites the source and destination MAC address D. buffers and forwards frames with less than 5 CRCs Suggested Answer: A Community Answer: A
Refer to the exhibit. Which address will the client contact to renew their IP address when the current lease expires? A. 192.168.25.103 B. 192.168.25.1 C. 192.168.25.100 D. 192.168.25.254 Suggested Answer: C Community Answer: C
Refer to the exhibit. Which switch becomes the root bridge? A. SW4 -Bridge Priority - 8192 -mac-address 05:0f:e8:ed:b2:98 B. SW2 -Bridge Priority - 8192 -mac-address 00:ac:f0:9b:dc:72 C. SW3 -Bridge Priority - 16384 -mac-address 0e:6c:e4:b1:8a:57 D. SW4 -Bridge Priority - 16384 -mac-address 0a:45:22:26:29:77 Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
How is a configuration change made to a wireless AP in lightweight mode? A. SSH connection to the management IP of the AP B. CAPWAP/LWAPP connection via the parent WLC C. EoIP connection via the parent WLC D. HTTPS connection directly to the out-of-band address of the AP Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the HTTP verbs from the left onto the API operations on the right.Suggested Answer:
Which plane is centralized in software-defined networking? A. application B. services C. data D. control Suggested Answer: D Community Answer: D
What is a service that is provided by a wireless controller? A. It mitigates threats from the internet. B. It manages interference in a dense network. C. It provides Layer 3 routing between wired and wireless devices. D. It issues IP addresses to wired devices. Suggested Answer: B Community Answer: B
When more than one AP-Manager interface is provisioned on a wireless LAN controller, how is the request handled by the AP? A. The discovery response from the AP to the AP-Manager interface disables the WLAN port. B. The AP join request fails and must be configured statically on the AP-Manager interface. C. The AP-Manager with the fewest number of APs is used by the AP to join. D. The first AP-Manager interface to respond is chosen by the AP. Suggested Answer: C Community Answer: C
What is represented in line 2 within this JSON schema?A. object B. value C. key D. array Suggested Answer: A Community Answer: A
How does MAC learning function on a switch? A. protects against denial of service attacks B. sends frames with unknown destinations to a multicast group C. adds unknown source MAC addresses to the address table D. sends a retransmission request when a new frame is received Suggested Answer: C Community Answer: C
Which interface is used to send traffic to the destination network?A. G0/9 B. G0/20 C. G0/16 D. G0/11 Suggested Answer: B Community Answer: B
What is represented by the word "fe5/42" within this JSON schema?A. array B. object C. value D. key Suggested Answer: C Community Answer: C
Refer to the exhibit. Which switch becomes the root bridge? A. SW 1 -Bridge Priority - 32768 -mac-address 0f:d7:9e:13:ab:82 B. SW 2 -Bridge Priority - 40960 -mac-address 05:d8:33:09:8f:89 C. SW 3 -Bridge Priority - 32768 -mac-address 01:1c:6c:66:b7:70 D. SW 4 -Bridge Priority - 40960 -mac-address 04:44:97:51:63:17 Suggested Answer: C Community Answer: C
Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be modified for the connection to work? A. Subnet Mask B. DNS Servers C. Default Gateway D. DHCP Servers Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
How does frame switching function on a switch? A. rewrites the source and destination MAC address B. forwards frames to a neighbor port using CDP C. forwards known destinations to the destination port D. is disabled by default on all interfaces and VLANs Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What is a characteristic of an SSID in wireless networks? A. uses policies to prevent unauthorized users B. identifies an access point on a WLAN C. prompts a user for a login ID D. associates a name to a WLAN Suggested Answer: D Community Answer: D
What is represented by the word "port" within this JSON schema?A. value B. array C. key D. object Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the statements about AAA services from the left to the corresponding AAA services on the right. Not all options are used.Suggested Answer:
Which interface condition is occurring in this output?A. collisions B. broadcast storm C. duplex mismatch D. queueing Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
Refer to the exhibit. An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows the PC to obtain its IP address from a DHCP server? A. Configure the ip helper-address 172.16.2.2 command under interface Gi0/0. B. Configure the ip dhcp relay information command under interface Gi0/1 C. Configure the ip address dhcp command under interface Gi0/0 D. Configure the ip dhcp smart-relay command globally on the router. Suggested Answer: A Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - IP connectivity between the three routers is configured. OSPF adjacencies must be established. 1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them. 2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process. 3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks. 4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.
Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
What is a characteristic of encryption in wireless networks? A. provides increased protection against spyware B. uses policies to prevent unauthorized users C. converts electrical current to radio waves D. prevents the interception of data as it transits a network Suggested Answer: D Community Answer: D
Which interface is used to send traffic to the destination network?A. G0/9 B. G0/12 C. G0/19 D. G0/1 Suggested Answer: B Community Answer: B
Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point? A. transport B. main C. aggressive D. tunnel Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
What is a characteristic of an SSID in wireless networks? A. identifies an access point on a WLAN B. uses the password to connect to an access point C. uses policies to prevent unauthorized users D. uses a case-sensitive text string Suggested Answer: D Community Answer: D
What is a characteristic of private IPv4 addressing? A. reduces network complexity B. is used on hosts that communicate only with other internal hosts C. simplifies the addressing in the network D. reduces network maintenance costs Suggested Answer: B Community Answer: B
What is a characteristic of encryption in wireless networks? A. identifies an access point on a WLAN B. uses the password to connect to an access point C. uses integrity checks to identify forgery attacks in the frame D. uses authentication protocols to secure a network Suggested Answer: D Community Answer: C
What is a characteristic of private IPv4 addressing? A. simplifies the addressing in the network B. complies with PCI regulations C. reduces the forwarding table on network routers D. is used on hosts that communicate only with other internal hosts Suggested Answer: D Community Answer: D
What is a characteristic of an SSID in wireless networks? A. eliminates network piggybacking B. prompts a user for a login ID C. broadcasts a beacon signal to announce its presence by default D. must include a combination of letters and numbers Suggested Answer: C Community Answer: C
What is a characteristic of encryption in wireless networks? A. provides increased protection against spyware B. prompts a user for a login ID C. uses ciphers to detect and prevent zero-day network attacks D. prevents the interception of data as it transits a network Suggested Answer: D Community Answer: D
What is a characteristic of an SSID in wireless networks? A. intercepts data threats before they attack a network B. encodes connections at the sending and receiving ends C. broadcasts a beacon signal to announce its presence by default D. identifies an access point on a WLAN Suggested Answer: C Community Answer: C
Refer to the exhibit. SW2 is replaced because of a hardware failure. A network engineer starts to configure SW2 by copying the fa0/1 interface configuration from SW1. Which command must be configured on the fa0/1 interface of SW2 to enable PC1 to connect to PC2? A. switchport mode trunk B. switchport trunk native vlan 10 C. switchport mode access D. switchport trunk allowed remove 10 Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.Suggested Answer:
What is a characteristic of private IPv4 addressing? A. composed of up to 65,536 available addresses B. issued by IANA in conjunction with an autonomous system number C. used without tracking or registration D. traverse the Internet when an outbound ACL is applied Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristic from the left onto the IPv6 address type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
How does MAC learning function on a switch? A. broadcasts frames to all ports without queueing B. sends an ARP request to locate unknown destinations C. adds unknown source MAC addresses to the address table D. sends a retransmission request when a new frame is received Suggested Answer: C Community Answer: C
Which interface condition is occurring in this output?A. broadcast storm B. collisions C. high throughput D. duplex mismatch Suggested Answer: C Community Answer: C
What is a characteristic of an SSID in wireless networks? A. converts electrical current to radio waves B. uses policies to prevent unauthorized users C. broadcasts a beacon signal to announce its presence by default D. prompts a user for a login ID Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
Refer to the exhibit. Which switch becomes the root bridge? A. SW3 -Bridge Priority - 57344 -mac-address 0b:bb:e0:96:a3:86 B. SW2 -Bridge Priority - 57344 -mac-address 00:b6:c5:17:8e:89 C. SW1 -Bridge Priority - 28672 -mac-address 0c:d4:e9:1d:3c:24 D. SW4 -Bridge Priority - 28672 -mac-address 0b:09:23:33:b8:91 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
What is represented by the word "VPN11" within this JSON schema?A. key B. array C. object D. value Suggested Answer: D Community Answer: D
Which port type supports the spanning-tree portfast command without additional configuration? A. Layer 3 main interfaces B. Layer 3 subinterfaces C. trunk ports D. access ports Suggested Answer: D Community Answer: D
What is represented by the word "R29" within this JSON schema?A. array B. key C. object D. value Suggested Answer: D Community Answer: D
What is represented in line 2 within this JSON schema?A. object B. value C. key D. array Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
DRAG DROP - Drag and drop the characteristic from the left onto the cable type on the right.Suggested Answer:
What is a characteristic of private IPv4 addressing? A. is used without allocation from a regional internet authority B. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization C. reduces the forwarding table on network routers D. provides unlimited address ranges Suggested Answer: A Community Answer: A
Which interface condition is occurring in this output?A. bad NIC B. high throughput C. queueing D. broadcast storm Suggested Answer: C Community Answer: A
What is a characteristic of private IPv4 addressing? A. is used when the ISP requires the new subnet to be advertised to the internet for web services B. provides unlimited address ranges C. is used when the network has multiple endpoint listeners D. alleviates the shortage of IPv4 addresses Suggested Answer: D Community Answer: D
What is a characteristic of private IPv4 addressing? A. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization B. allows endpoints to communicate across public network boundaries C. is used on hosts that communicate only with other internal hosts D. reduces network complexity Suggested Answer: C Community Answer: C
What is a characteristic of private IPv4 addressing? A. traverses the internet when an outbound ACL is applied B. alleviates the shortage of IPv4 addresses C. is used when the ISP requires the new subnet to be advertised to the internet for web services D. enables secure connectivity over the internet Suggested Answer: B Community Answer: B
Which interface condition is occurring in this output?A. broadcast storm B. duplex mismatch C. high throughput D. queueing Suggested Answer: D Community Answer: C
What is a characteristic of private IPv4 addressing? A. is used when the ISP requires the new subnet to be advertised to the internet for web services B. allows multiple companies to use the same addresses without conflict C. is used on the external interface of a firewall D. allows endpoints to communicate across public network boundaries Suggested Answer: B Community Answer: B
What is represented by the word "LB20" within this JSON schema?A. value B. array C. object D. key Suggested Answer: A Community Answer: A
What is represented beginning with line 1 and ending with line 5 within this JSON schema?A. key B. object C. array D. value Suggested Answer: D Community Answer: C
What is represented by the word "IDS" within this JSON schema?A. object B. value C. array D. key Suggested Answer: D Community Answer: D
What is represented in line 4 within this JSON schema?A. object B. array C. key D. value Suggested Answer: A Community Answer: A
What is represented by the word "port" within this JSON schema?A. key B. value C. array D. object Suggested Answer: A Community Answer: A
What provides connection redundancy, increased bandwidth, and load sharing between a wireless LAN controller and a Layer 2 switch? A. first hop redundancy B. VLAN trunking C. tunneling D. link aggregation Suggested Answer: D Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices: • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Configure local users accounts, modify the Named ACL (NACL), and configure DHCP Snooping. The current contents of the NACL must remain intact. Task 1 - Configure a local account on Gw1 with telnet access only on virtual ports 0-4. Use the following information: • Username: wheel • Password: lock3path • Algorithm type: Scrypt • Privilege level: Exec mode Task 2 - Configure and apply a NACL on Gw1 to control network traffic from VLAN 10: • Name: CORP_ACL • Allow BOOTP and HTTPS • Restrict all other traffic and log the ingress interface, source MAC address, the packet’s source and destination IP addresses, and ports Task 3 - Configure Sw1: • Enable DNCP Snooping for VLAN 10 • Disable DHCP Option-82 data insertion • Enable DHCP Snooping MAC address verification • Enable trusted interfaces
Suggested Answer:
DRAG DROP - Drag and drop the IPv6 address from the left onto the type on the right.Suggested Answer:
Which interface is used to send traffic to the destination network?A. F0/5 B. F0/6 C. F0/12 D. F0/9 Suggested Answer: C Community Answer: C
What is the purpose of an SSID? A. It identifies an individual access point on a WLAN. B. It differentiates traffic entering access points. C. It provides network security. D. It identifies a WLAN. Suggested Answer: D Community Answer: D
Which two types of attack are categorized as social engineering? (Choose two.) A. phoning B. malvertising C. probing D. pharming E. phishing Suggested Answer: DE Community Answer: DE
What describes the functionality of southbound APIs? A. They enable communication between the controller and the network device. B. They communicate with the management plane. C. They use HTTP messages to communicate. D. They convey information from the controller to the SDN applications. Suggested Answer: A Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1: 1. Configure reachability to the switch SW1 LAN subnet in router R2. 2. Configure default reachability to the Internet subnet in router R1. 3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2. 4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1, and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.
Suggested Answer:
Refer to the exhibit. A network engineer is verifying the settings on a new OSPF network. All OSPF configurations use the default values unless otherwise indicated. Which router does the engineer expect will be elected as the DR when all devices boot up simultaneously? A. R1 B. R2 C. R3 D. R4 Suggested Answer: D Community Answer: D
Which command must be entered so that the default gateway is automatically distributed when DHCP is configured on a router? A. dns-server B. default-router C. ip helper-address D. default-gateway Suggested Answer: B Community Answer: B
What are two functions of a firewall within an enterprise? (Choose two.) A. It enables traffic filtering based on URLs. B. It serves as an endpoint for a site-to-site VPN in standalone mode. C. It provides support as an endpoint for a remote access VPN in multiple context mode. D. It offers Layer 2 services between hosts. E. It enables wireless devices to connect to the network. Suggested Answer: BC Community Answer: AB
What is the maximum number of concurrent Telnet sessions that a Cisco WLC supports? A. 3 B. 5 C. 6 D. 15 Suggested Answer: B Community Answer: B
Which 802.11 management frame type is sent when a client roams between access points on the same SSID? A. Reassociation Request B. Authentication Request C. Association Request D. Probe Request Suggested Answer: A Community Answer: A
What is a functionality of the control plane in the network? A. It looks up an egress interface in the forwarding information base. B. It forwards traffic to the next hop. C. It exchanges topology information with other routers. D. It provides CLI access to the network device. Suggested Answer: C Community Answer: C
Refer to the exhibit. All switches are configured with the default STP priorities. During the STP elections, which switch becomes the root bridge if all interfaces are in the same VLAN? A. MDF-DC-1: 0d:E0:43:96:02:30 B. MDF-DC-2: 0d:0E:18:1B:05:97 C. MDF-DC-4: 0d:E0:19:A1:B3:19 D. MDF-DC-3: 0d:0E:18:2A:3C:9D Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked the lab closes and cannot be reopened Topology -Tasks - Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured. 1. Configure an LACP EtherChannel and number it as 44; configure it between switches SW1 and SW2 using interfaces Ethemet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends. 2. Configure the EtherChannel as a trunk link. 3. Configure the trunk link with 802.1q tags. 4. Configure VLAN 'MONITORING' as the untagged VLAN of the EtherChannel. Suggested Answer:
A network administrator wants the syslog server to filter incoming messages into different files based on their importance. Which filtering criteria must be used? A. message body B. level C. facility D. process ID Suggested Answer: B Community Answer: B
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window • All necessary preconfigurations have been applied • Do not change the enable password or hostname for any device • Save your configurations to NVRAM before moving to the next item • Click Next at the bottom of the screen to submit this lab and move to the next question • When Next is clicked, the lab closes and cannot be reopened Topology -Tasks - Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included. 1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230. 2. Configure an IPv4 default route on router R2 destined for router R4. 3. Configure an IPv6 default router on router R2 destined for router R4. Suggested Answer:
Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points? A. console port B. management interface C. virtual interface D. service port Suggested Answer: B Community Answer: B
Refer to the exhibit. A network administrator configures the CPE to provide internet access to the company headquarters. Traffic must be load-balanced via ISP1 and ISP2 to ensure redundancy. Which two command sets must be configured on the CPE router? (Choose two.) A. ip route 0.0.0.0 0.0.0.0 198.51.100.1 255ip route 0.0.0.0 0.0.0.0 203.0.113.1 255ip route 128.0.0.0 128.0.0.0 203.0.113.1 B. ip route 0.0.0.0 128.0.0.0 198.51.100.1ip route 128.0.0.0 128.0.0.0 203.0.113.1ip route 0.0.0.0 0.0.0.0 198.51.100.1ip route 0.0.0.0 0.0.0.0 203.0.113.1 C. ip route 0.0.0.0 0.0.0.0 198.51.100.1ip route 0.0.0.0 0.0.0.0 203.0.113.1 D. ip route 0.0.0.0 128.0.0.0 198.51.100.1ip route 128.0.0.0 128.0.0.0 203.0.113.1 E. ip route 0.0.0.0 0.0.0.0 198.51.100.1ip route 0.0.0.0 0.0.0.0 203.0.113.1 2 Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process? A. interface port-channel 2channel-group 2 mode desirable B. interface fastethernet 1/1channel-group 2 mode on C. interface fastethernet 1/1channel-group 2 mode active D. interface port-channel 2channel-group 2 mode auto Suggested Answer: A Community Answer: C
Which two characteristics are representative of virtual machines (VMs)? (Choose two.) A. multiple VMs operate on the same underlying hardware B. Each VMs operating system depends on its hypervisor C. A VM on a hypervisor is automatically interconnected to other VMs D. A VM on an individual hypervisor shares resources equally E. Each VM runs independently of any other VM in the same hypervisor Suggested Answer: AE Community Answer: AE
What is the recommended switch load-balancing mode for Cisco WLCs? A. source-destination IP address B. destination IP address C. destination MAC address D. source-destination MAC address Suggested Answer: A Community Answer: A
What must be considered when using 802.11a? A. It is chosen over 802.11b when a lower-cost solution is necessary B. It is susceptible to interference from 2.4 GHz devices such as microwave ovens C. It is compatible with 802.11b- and 802 11g-compliant wireless devices D. It is used in place of 802.11b/g when many nonoverlapping channels are required Suggested Answer: D Community Answer: D
Refer to the exhibit. An engineer configures interface fa0/1 on SW1 and SW2 to pass traffic from two different VLANs. For security reasons, company policy requires the native VLAN to be set to a nondefault value. Which configuration meets this requirement? A. Switch(config-if)#switchport mode trunkSwitch(config-if)#switchport trunk encapsulation dot1qSwitch(config-if)#switchport trunk allowed vlan 100,105Switch(config-if)#switchport trunk native vlan 3 B. Switch(config-if)#switchport mode trunkSwitch(config-if)#switchport trunk encapsulation islSwitch(config-if)#switchport trunk allowed vlan 100,105Switch(config-if)#switchport trunk native vlan 1 C. Switch(config-if)#switchport mode dynamicSwitch(config-if)#switchport access vlan 100,105Switch(config-if)#switchport trunk native vlan 1 D. Switch(config-if)#switchport mode accessSwitch(config-if)#switchport trunk encapsulation dot1qSwitch(config-if)#switchport access vlan 100,105Switch(config-if)#switchport trunk native vlan 3 Suggested Answer: A Community Answer: A
Refer to the exhibit A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements: • accommodates current configured VLANs • expands the range to include VLAN 20 • allows for IEEE standard support for virtual LANs Which configuration on the NewSwitch side of the link meets these requirements? A. switch port mode dynamicchannel group 1 mode activeswitchport trunk allowed vlan 5,10,15, 20 B. no switchport mode trunkswitchport trunk encapsulation islswitchport mode access vlan 20 C. switchport nonegotiateno switchport trunk allowed vlan 5,10switchport trunk allowed vlan 5,10,15,20 D. no switchport trunk encapsulation islswitchport trunk encapsulation dot1qswitchport trunk allowed vlan add 20 Suggested Answer: D Community Answer: D
Refer to the exhibit. A network engineer is adding another physical interface as a new member to the existing Port-Channel1 bundle. Which command set must be configured on the new interface to complete the process? A. no switchportchannel group 1 mode active B. no switchportchannel-group 1 mode on C. switchport mode trunkchannel-group 1 mode active D. switchportswitchport mode trunk Suggested Answer: A Community Answer: A
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces. 1. Configure VLAN 12 named Compute and VLAN 34 named Telephony where required for each task. 2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available. 3. Configure the connection between the switches using access ports. 4. Configure Ethernet0/1 on SW1 using data and voice VLANs. 5. Configure Ethernet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only. Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices. • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked, the lab closes and cannot be reopened. Topology -Tasks - Connectivity between three routers has been established, and IP services must be configured in the order presented to complete the implementation. Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services. 1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named PUBNET. To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration. 2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on May 1, 2018. 3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named NETPOOL. Using a single command, exclude addresses 1 - 10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP. 4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user netadmin and password N3t4ccess must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console. Suggested Answer:
Refer to the exhibit. What is occurring on this switch? A. Frames are dropped after 16 failed transmission attempts B. The internal transmit buffer is overloaded C. A high number of frames smaller than 64 bytes are received D. An excessive number of frames greater than 1518 bytes are received Suggested Answer: A Community Answer: A
Refer to the exhibit SW_1 and SW_12 represent two companies that are merging. They use separate network vendors. The VLANs on both sides have been migrated to share IP subnets. Which command sequence must be issued on both sides to join the two companies and pass all VLANs between the companies? A. switchport mode trunkswitchport trunk encapsulation dot1q B. switchport mode trunkswitchport trunk allowed vlan allswitchport dot1q ethertype 0800 C. switchport mode dynamic desirableswitchport trunk allowed vlan allswitchport trunk native vlan 7 D. switchport dynamic autoswitchport nonegotiate Suggested Answer: C Community Answer: A
An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abcd.abcd.abcd on voice VLAN 4? A. switchport port-security mac-address abcd.abcd.abcd vlan 4 B. switchport port-security mac-address abcd.abcd.abcd vlan voice C. switchport port-security mac-address abcd.abcd.abcd D. switchport port-security mac-address sticky abcd.abcd.abcd vlan 4 Suggested Answer: C Community Answer: C
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.180.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:acca::/48 subnet. 1. Using Ethernet0/1 on routers R1 and R2, configure the next usable /28 from the 192.168.180.0/24 range. The network 192.168.180.0/28 is unavailable. 2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address. 3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address. 4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology. 5. A ping must work between the routers on the IPv4 and IPv6 address ranges.
Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted across any links between switches for security purposes. Do not modify or delete VTP configurations. The network needs two user-defined VLANs configured: VLAN 202: MARKETING - VLAN 303: FINANCE - 1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs. 2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted. 3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.
Suggested Answer:
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - Refer to the topology. All physical cabling is in place. Configure a local user account, a Named ACL (NACL), and security. Task 1 - Configure a local account on Sw101 with telnet access only on virtual ports 0-4. Use the following information: • Username: support • Password: max2learn • Privilege level: Exec mode Task 2 - Configure and apply a single NACL on Sw101 using the following: • Name: ENT_ACL • Restrict only PC2 on VLAN 200 from pinging PC1 • Allow only PC2 on VLAN 200 to telnet to Sw101 • Prevent all other devices from telnetting from VLAN 200 • Allow all other network traffic from VLAN 200 Task 3 - Configure security on interface Ethernet 0/0 of Sw102: • Set the maximum number of secure MAC addresses to four. • Drop packets with unknown source addresses until the number of secure MAC addresses drops below the configured maximum value. No notification action is required. • Allow secure MAC addresses to be learned dynamically.
Suggested Answer:
DRAG DROP - Drag and drop the use cases of device-management technologies from the left onto the corresponding types on the right.Suggested Answer:
Under the CRUD model, which two HTTP methods support the UPDATE operation? (Choose two.) A. PATCH B. DELETE C. GET D. POST E. PUT Suggested Answer: AE Community Answer: AE
A network architect is considering whether to implement Cisco DNA Center to deploy devices on a new network. The organization is focused on reducing the time it currently takes to deploy devices in a traditional campus design. For which reason would Cisco DNA Center be more appropriate than traditional management options? A. Cisco DNA Center supports deployment with a single pane of glass. B. Cisco DNA Center provides zero-touch provisioning to third-party devices. C. Cisco DNA Center reduces the need for analytics on third-party access points and devices. D. Cisco DNA Center minimizes the level of syslog output when reporting on Cisco devices. Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the statements about device management from the left onto the corresponding device-management types on the right.Suggested Answer:
In a cloud-computing environment, what is rapid elasticity? A. control and monitoring or resource consumption by the tenant B. automatic adjustment of capacity based on need C. pooling resources in a multitenant model based on need D. self-service of computing resources by the tenant Suggested Answer: B Community Answer: B
Which interface enables communication between a program on the controller and a program on the networking device? A. software virtual interface B. tunnel interface C. northbound interface D. southbound interface Suggested Answer: D Community Answer: D
Refer to the exhibit. How many arrays are present in the JSON data? A. one B. three C. six D. nine Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.Suggested Answer:
Which interface type enables an application running on a client to send data over an IP network to a server? A. northbound interface B. application programming interface C. southbound interface D. Representational State Transfer application programming interface Suggested Answer: B Community Answer: B
Refer to the exhibit. The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:9aa6:6aa9:C801:A6FF:FEA4:1 B. 2001:db8:9aa6:6aa9:C081:A6FF:FF4A:1 C. 2001:db8:9aa6:6aa9:C001:6AFE:FF00:1 D. 2001:db8:9aa6:6aa9:4642:823F:FE47:1 Suggested Answer: A Community Answer: A
Which QoS feature drops traffic that exceeds the committed access rate? A. policing B. FIFO C. shaping D. weighted fair queuing Suggested Answer: A Community Answer: A
What does traffic shaping do? A. It queues excess traffic B. It sets QoS attributes within a packet C. It organizes traffic into classes D. It modifies the QoS attributes of a packet Suggested Answer: A Community Answer: A
Refer to the exhibit. A Cisco engineer is asked to update the configuration on switch 1 so that the EtherChannel stays up when one of the links fails. Which configuration meets this requirement? A. Switch1(config) # interface Fa0/0Switch1(config-if) # lacp port-priority 100Switch1(config) # interface Fa0/1Switch1(config-if) # lacp port-priority 200 B. Switch1(config) # interface port-channel 1Switch1(config-if) # port-channel min-links 1 C. Switch1(config) # interface Fa0/0Switch1(config-if) # lacp port-priority 200Switch1(config) # interface Fa0/1Switch1(config-if) # lacp port-priority 100 D. Switch1(config) # interface port-channel 1Switch1(config-if) # lacp max-bundle 1 Suggested Answer: B Community Answer: B
Which two protocols are supported on service-port interfaces? (Choose two.) A. Telnet B. SCP C. TACACS+ D. SSH E. RADIUS Suggested Answer: AD Community Answer: AD
What is the benefit of using private IPv4 addressing? A. to enable secure connectivity over the Internet B. to shield internal network devices from external access C. to provide reliable connectivity between like devices D. to be routable over an external network Suggested Answer: B Community Answer: B
Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two switches with these requirements: • using an industry-standard trunking protocol • permitting VLANs 1-10 and denying other VLANs How must the interconnecting ports be configured? A. switchport mode dynamicchannel-protocol lacpswitchport trunk allowed vlans 1-10 B. switchport mode trunkswitchport trunk allowed vlans 1-10switchport trunk native vlan 11 C. switchport mode trunkswitchport trunk encapsulation dot1qswitchport trunk allowed vlans 1-10 D. switchport mode dynamic desirablechannel-group 1 mode desirableswitchport trunk encapsulation islswitchport trunk allowed vlan except 11-4094 Suggested Answer: C Community Answer: C
Refer to the exhibit. Traffic that is flowing over interface TenGigabitEthemet0/0/0 experiences slow transfer speeds. What is the cause of this issue? A. speed conflict B. queuing drops C. duplex incompatibility D. heavy traffic congestion Suggested Answer: C Community Answer: C
Which two host addresses are reserved for private use within an enterprise network? (Choose two.) A. 10.172.76.200 B. 12.17.1.20 C. 172.15.2.250 D. 172.31.255.100 E. 192.169.32.10 Suggested Answer: AC Community Answer: AD
Refer to the exhibit. The iPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. Which address must be used? A. ipv6 address 2001:DB8:D8D2:1009:10A0:ABFF:FECC:1 eui-64 B. ipv6 address 2001:DB8:D8D2:1009:1230:ABFF:FECC:1 eui-64 C. ipv6 address 2001:DB8:D8D2:1009:4347:31FF:FF47:0 eui-64 D. ipv6 address 2001:DB8:D8D2:1009:12A0:AB34:FFCC:1 eui-64 Suggested Answer: A Community Answer: A
What are two reasons to configure PortFast on a switch port attached to an end host? (Choose two.) A. to block another switch or host from communicating through the port B. to enable the port to enter the forwarding state immediately when the host boots up C. to prevent the port from participating in Spanning Tree Protocol operations D. to protect the operation of the port from topology change processes E. to limit the number of MAC addresses learned on the port to 1 Suggested Answer: BD Community Answer: BD
DRAG DROP - Drag and drop the characteristics of northbound APIs from the left onto any position on the right. Not all characteristics are used.Suggested Answer:
Which benefit does Cisco DNA Center provide over traditional campus management? A. Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP. B. Cisco DNA Center leverages SNMPv3 for encrypted management, and traditional campus management uses SNMPv2. C. Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering. D. Cisco DNA Center automates SSH access for encrypted entry, and SSH is absent from traditional campus management. Suggested Answer: C Community Answer: C
How does Chef configuration management enforce a required device configuration? A. The Chef Infra Server uses its configured cookbook to push the required configuration to the remote device requesting updates. B. The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook. C. The Chef Infra Server uses its configured cookbook to alert each remote device when it is time for the device to pull a new configuration. D. The installed agent on the device queries the Chef Infra Server and the server responds by pushing the configuration from the cookbook. Suggested Answer: D Community Answer: B
What is the PUT method within HTTP? A. It replaces data at the destination. B. It is a nonidempotent operation. C. It is a read-only operation. D. It displays a web site. Suggested Answer: A Community Answer: A
Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management? A. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively. B. Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone. C. Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons. D. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis. Suggested Answer: A Community Answer: D
Refer to the exhibit. In which structure does the word “warning” directly reside? A. array B. object C. Boolean D. string Suggested Answer: B Community Answer: A
What is the purpose of a southbound API in a controller-based networking architecture? A. facilitates communication between the controller and the applications B. allows application developers to interact with the network C. integrates a controller with other automation and orchestration tools D. facilitates communication between the controller and the networking hardware Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the statements about device management from the left onto the corresponding types on the right.Suggested Answer:
Which two northbound APIs are found in a software-defined network? (Choose two.) A. REST B. OpenFlow C. SOAP D. NETCONF E. OpFlex Suggested Answer: AD Community Answer: AC
Which function generally performed by a traditional network device is replaced by a software-defined controller? A. building route tables and updating the forwarding table B. encapsulation and decapsulation of packets in a data-link frame C. changing the source or destination address during NAT operations D. encryption and decryption for VPN link processing Suggested Answer: D Community Answer: A
What describes a northbound REST API for SDN? A. network-element-facing interface for GET, POST, PUT, and DELETE methods B. application-facing interface for SNMP GET requests C. application-facing interface for GET, POST, PUT, and DELETE methods D. network-element-facing interface for the control and data planes Suggested Answer: C Community Answer: C
When is the PUT method used within HTTP? A. to update a DNS server B. when a nonidempotent operation is needed C. to display a web site D. when a read-only operation is required Suggested Answer: B Community Answer: A
Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.) A. REMOVE B. REDIRECT C. POST D. GET E. POP Suggested Answer: CD Community Answer: CD
What is the advantage of separating the control plane from the data plane within an SDN network? A. limits data queries to the control plane B. reduces cost C. decreases overall network complexity D. offloads the creation of virtual machines to the data plane Suggested Answer: D Community Answer: C
Refer to the exhibit. What is missing from this output for it to be executed? A. double quotes (" ") around the "Cisco Devices" string B. exclamation point (!) at the beginning of each line C. square bracket ( [ ) at the beginning D. curly braket ( } ) at the end Suggested Answer: D Community Answer: D
What is a function of a northbound API in an SDN environment? A. It relies on global provisioning and configuration. B. It upgrades software and restores files. C. It supports distributed processing for configuration. D. It provides orchestration and network automation services. Suggested Answer: D Community Answer: D
What is an Ansible inventory? A. unit of Python code to be executed within Ansible B. file that defines the target devices upon which commands and tasks are executed C. device with Ansible installed that manages target devices D. collection of actions to perform on target devices, expressed in YAML format Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the Ansible features from the left to the right. Not all features are used.Suggested Answer:
What is a function of a northbound API? A. It relies on global provisioning and configuration. B. It upgrades software and restores files. C. It supports distributed processing for configuration. D. It provides a path between an SDN controller and network applications. Suggested Answer: A Community Answer: D
Refer to the exhibit. What does apple represent within the JSON data? A. array B. object C. number D. string Suggested Answer: B Community Answer: D
Refer to the exhibit. A network engineer started to configure port security on a new switch. These requirements must be met: • MAC addresses must be learned dynamically. • Log messages must be generated without disabling the interface when unwanted traffic is seen. Which two commands must be configured to complete this task? (Choose two.) A. SW(config-if)#switchport port-security violation restrict B. SW(config-if)#switchport port-security mac-address 0010.7B84.45E6 C. SW(config-if)#switchport port-security maximum 2 D. SW(config-if)#switchport port-security violation shutdown E. SW(config-if)#switchport port-security mac-address sticky Suggested Answer: BC Community Answer: AE
Which type of security program is violated when a group of employees enters a building using the ID badge of only one person? A. intrusion detection B. network authorization C. physical access control D. user awareness Suggested Answer: C Community Answer: C
What are two protocols within the IPsec suite? (Choose two.) A. 3DES B. AES C. ESP D. TLS E. AH Suggested Answer: CE Community Answer: CE
Refer to the exhibit. Local access for R4 must be established and these requirements must be met: • Only Telnet access is allowed. • The enable password must be stored securely. • The enable password must be applied in plain text. • Full access to R4 must be permitted upon successful login. Which configuration script meets the requirements? A. !conf t!username test1 password testpass1enable secret level 15 0 Test123!line vty 0 15login localtransport input telnet B. !config t!username test1 password testpass1enable password level 15 0 Test123!line vty 0 15login localtransport input all C. !config t!username test1 password testpass1enable password level 1 7 Test123!line vty 0 15accounting exec defaulttransport input all D. !config t!username test1 password testpass1enable secret level 1 0 Test123!line vty 0 15login authenticationpassword Test123transport input telnet Suggested Answer: A Community Answer: A
What is a characteristic of RSA? A. It uses preshared keys for encryption. B. It is an asymmetric encryption algorithm. C. It is a symmetric decryption algorithm. D. It requires both sides to have identical keys for encryption. Suggested Answer: D Community Answer: B
What are two differences between WPA2 and WPA3 wireless security? (Choose two.) A. WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key encryption. B. WPA3 uses AES for stronger protection than WPA2, which uses SAE. C. WPA2 uses 128-bit key encryption, and WPA3 supports 128-bit and 192-bit key encryption. D. WPA3 uses SAE for stronger protection than WPA2, which uses AES. E. WPA3 uses AES for stronger protection than WPA2, which uses TKIP. Suggested Answer: CD Community Answer: CD
What is an enhancement implemented in WPA3? A. applies 802.1x authentication and AES-128 encryption B. employs PKI and RADIUS to identify access points C. uses TKIP and per-packet keying D. defends against deauthentication and disassociation attacks Suggested Answer: D Community Answer: D
Which action must be taken when password protection is implemented? A. Use less than eight characters in length when passwords are complex. B. Include special characters and make passwords as long as allowed. C. Share passwords with senior IT management to ensure proper oversight. D. Store passwords as contacts on a mobile device with single-factor authentication. Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the statements about AAA from the left onto the corresponding AAA services on the right. Not all options are used.Suggested Answer:
An engineer must configure R1 for a new user account. The account must meet these requirements: • It must be configured in the local database. • The username is engineer2. • It must use the strongest password configurable. Which command must the engineer configure on the router? A. R1(config)# username engineer2 privilege 1 password 7 test2021 B. R1(config)# username engineer2 secret 4 $1$b1Ju$kZbBS1Pyh4QzwXyZ C. R1(config)# username engineer2 algorithm-type scrypt secret test2021 D. R1(config)# username engineer2 secret 5 password $1$b1Ju$kZbBS1Pyh4QzwXyZ Suggested Answer: C Community Answer: C
Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.) A. GETVPN B. DMVPN C. site-to-site VPN D. clientless VPN E. IPsec remote access Suggested Answer: AB Community Answer: AB
DRAG DROP - Drag and drop the statements about AAA services from the left onto the corresponding AAA services on the right. Not all options are used.Suggested Answer:
What is a characteristic of RSA? A. It uses preshared keys for encryption. B. It is a public-key cryptosystem. C. It is a private-key encryption algorithm. D. It requires both sides to have identical keys. Suggested Answer: B Community Answer: B
What is used as a solution for protecting an individual network endpoint from attack? A. antivirus software B. wireless controller C. router D. Cisco DNA Center Suggested Answer: A
Which security method is used to prevent man-in-the-middle attacks? A. authentication B. anti-replay C. authorization D. accounting Suggested Answer: B Community Answer: A
Which cipher is supported for wireless encryption only with the WPA2 standard? A. RC4 B. AES C. SHA D. AES256 Suggested Answer: B Community Answer: B
Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the ONS service. Which configuration updates the ACL efficiently? A. no ip access-list extended Servicesip access-list extended Services30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain B. ip access-list extended Services35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain C. ip access-list extended Servicespermit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain D. no ip access-list extended Servicesip access-list extended Servicespermit udp 10.0.0.0 0.255.255.255 any eq 53permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain deny ip any any log Suggested Answer: D Community Answer: B
Which WPA mode uses PSK authenticaton? A. Local B. Personal C. Enterprise D. Client Suggested Answer: B Community Answer: B
An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router? A. interface FastEthernet0/0ip address 10.122.49.1 255.255.255.252ip access-group 110 inip access-list extended 110permit tcp 10.139.58.0 0.0.0.15 host 10.122.49.1 eq 22 B. interface FastEthernet0/0ip address 10.122.49.1 255.255.255.240access-group 120 inip access-list extended 120permit tcp 10.139.58.0 255.255.255.248 any eq 22 C. interface FastEthernet0/0ip address 10.122.49.1 255.255.255.252ip access-group 105 inip access-list standard 105permit tcp 10.139.58.0 0.0.0.7 eq 22 host 10.122.49.1 D. interface FastEthernet0/0ip address 10.122.49.1 255.255.255.248ip access-group 10 inip access-list standard 10permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22 Suggested Answer: A Community Answer: A
To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security program is being deployed? A. user awareness B. user training C. physical access control D. vulnerability verification Suggested Answer: C Community Answer: C
What is the purpose of configuring different levels of syslog for different devices on the network? A. to set the severity of syslog messages from each device B. to control the number of syslog messages from different devices that are stored locally C. to identify the source from which each syslog message originated D. to rate-limit messages for different severity levels from each device Suggested Answer: A Community Answer: A
Refer to the exhibit. The DHCP server is configured with a DHCP pool for each of the subnets represented. Which command must be configured on switch SW1 to allow DHCP clients on VLAN 10 to receive dynamic IP addresses from the DHCP server? A. SW1(config-if)#ip helper-address 192.168.10.1 B. SW1(config-if)#ip helper-address 192.168.20.1 C. SW1(config-if)#ip helper-address 192.168.20.2 D. SW1(config-if)#ip helper-address 192.168.10.2 Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the DNS lookup commands from the left onto the functions on the right.Suggested Answer:
Refer to the exhibit. Which minimum configuration items are needed to enable Secure Shell version 2 access to R15? A. Router(config)#hostname R15 -R15(config)#ip domain-name cisco.comR15(config)#crypto key generate rsa general-keys modulus 1024R15(config)#ip ssh version 2 -R15(config-line)#line vty 0 15 -R15(config-line)# transport input ssh B. Router(config)#crypto key generate rsa general-keys modulus 1024Router(config)#ip ssh version 2 -Router(config-line)#line vty 015Router(config-line)# transport input sshRouter(contig)#ip ssh logging eventsR15(config)#ip ssh stricthostkeycheck C. Router(config)#hostname R15 -R15(config)#crypto key generate rsa general-keys modulus 1024R15(config-line)#line vty 0 15 -R15(config-line)# transport input sshR15(config)#ip ssh source-interface Fa0/0R15(config)#ip ssh stricthostkeycheck D. Router(config)#ip domain-name cisco.comRouter(config)#crypto key generate rsa general-keys modulus 1024Router(contig)#ip ssh version 2 -Router(config-line)#line vty 0 15Router(config-line)# transport input allRouter(config)#ip ssh logging events Suggested Answer: A Community Answer: A
hostname CPE service password-encryption ip domain name ccna.cisco.com ip name-server 198.51.100.210 crypto key generate rsa modulus 1024 username admin privilege 15 secret s0m3s3cr3t line vty 0 4 transport input ssh login local Refer to the exhibit. An engineer executed the script and added commands that were not necessary for SSH and now must remove the commands. Which two commands must be executed to correct the configuration? (Choose two.) A. no ip name-serveer 198.51.100.210 B. no login local C. no service password-encryption D. no ip domain mame ccna.cisco.com E. no hostname CPE Suggested Answer: AB Community Answer: AC
Which two actions are taken as the result of traffic policing? (Choose two.) A. bursting B. dropping C. remarking D. fragmentation E. buffering Suggested Answer: AE Community Answer: BC
Which two server types support domain name to IP address resolution? (Choose two.) A. authoritative B. web C. file transfer D. resolver E. ESX host Suggested Answer: BD Community Answer: AD
What is a purpose of traffic shaping? A. It enables policy-based routing. B. It enables dynamic flow identification. C. It provides best-effort service. D. It limits bandwidth usage. Suggested Answer: D Community Answer: D
An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result? A. logging trap 5 B. logging trap 2 C. logging trap 3 D. logging trap 4 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right.Suggested Answer:
Which WLC management connection type is vulnerable to man-in-the-middle attacks? A. console B. Telnet C. SSH D. HTTPS Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to global configuration mode via Telnet using a local username and password? A. R1(config)#username admin -R1(config-if)#line vty 0 4 -R1(config-line)#password p@ss1234R1(config-line)#transport input telnet B. R1(config)#username admin privilege 15 secret p@ss1234R1(config-if)#line vty 0 4 -R1(config-line)#login local C. R1(config)#username admin secret p@ss1234R1(config-if)#line vty 0 4 -R1(config-line)#login local -R1(config)#enable secret p@ss1234 D. R1(config)#username admin -R1(config-if)#line vty 0 4 -R1(config-line)#password p@ss1234 Suggested Answer: B Community Answer: B
Which type of encryption does WPA1 use for data protection? A. PEAP B. TKIP C. AES D. EAP Suggested Answer: C Community Answer: B
Refer to the exhibit. A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interface Serial0. What is the effect of the configuration as the administrator applies the command? A. The router accepts all incoming traffic to Serial0 with the last octet of the source IP set to 0. B. The permit command fails and returns an error code. C. The router fails to apply the access list to the interface. D. The sourced traffic from IP range 10.0.0.0 - 10.0.0.255 is allowed on Serial0. Suggested Answer: B Community Answer: C
DRAG DROP - Drag and drop the statements about AAA services from the left to the corresponding AAA services on the right. Not all options are used.Suggested Answer:
A network engineer must configure an access list on a new Cisco IOS router. The access list must deny HTTP traffic to network 10.125.128.32/27 from the 192.168.240.0/20 network, but it must allow the 192.168.240.0/20 network to reach the rest of the 10.0.0.0/8 network. Which configuration must the engineer apply? A. ip access-list extended deny_outbound10 permit ip 192.168.240.0 255.255.240.0 10.0.0.0 255.0.0.020 deny tcp 192.168.240.0 255.255.240.0 10.125.128.32 255.255.255.224 eq 44330 permit ip any any B. ip access-list extended deny_outbound10 deny tcp 192.168.240.0 0.0.15.255 10.125.128.32 0.0.0.31 eq 8020 permit ip 192.168.240.0 0.0.15.255 10.0.0.0 0.255.255.25530 deny ip any any log C. ip access-list extended deny_outbound10 deny tcp 10.125.128.32 255.255.255.224 192.168.240.0 255.255.240.0 eq 44320 deny tcp 192.168.240.0 255.255.240.0 10.125.128.32 255.255.255.224 eq 44330 permit ip 192.168.240.0 255.255.240.0 10.0.0.0 255.0.0.0 D. ip access-list extended deny_outbound10 deny tcp 192.168.240.0 0.0.15.255 any eq 8020 deny tcp 192.168.240.0 0.0.15.255 10.125.128.32 0.0.0.31 eq 8030 permit ip 192.168.240.0 0.0.15.255 10.0.0.0 0.255.255.255 Suggested Answer: B Community Answer: B
What is the definition of backdoor malware? A. malicious code that is installed onto a computer to allow access by an unauthorized user B. malicious program that is used to launch other malicious programs C. malicious code that infects a user machine and then uses that machine to send spam D. malicious code with the main purpose of downloading other malicious code Suggested Answer: C Community Answer: A
What does WPA3 provide in wireless networking? A. backward compatibility with WPA and WPA2 B. safeguards against brute force attacks with SAE C. increased security and requirement of a complex configuration D. optional Protected Management Frame negotiation Suggested Answer: B Community Answer: B
Which global command encrypts all passwords in the running configuration? A. service password-encryption B. enable password-encryption C. enable secret D. password-encrypt Suggested Answer: A Community Answer: A
Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements: • Create the username as CCUser. • Create the password as NA!2$cc. • Encrypt the user password. What must be configured to meet the requirements? A. username CCUser privilege 10 password NA!2$cc B. username CCUser privilege 15 password NA!2$ccenable secret 0 NA!2$cc C. username CCUser secret NA!2Sce D. username CCUser password NA!2$ccenable password level 5 NA!2$cc Suggested Answer: C Community Answer: C
Refer to the exhibit. Packets are flowing from 192.168.10.1 to the destination at IP address 192.168.20.75. Which next hop will the router select for the packet? A. 10.10.10.1 B. 10.10.10.11 C. 10.10.10.12 D. 10.10.10.14 Suggested Answer: B Community Answer: B
A router received three destination prefixes: 10.0.0.0/8, 10.0.0.0/16, and 10.0.0.0/24. When the show ip route command is executed, which output does it return? A. Gateway of last resort is 172.16.1.1 to network 0.0.0.0o E2 10.0.0.0/8 [110/5] via 192.168.1.1, 0:01:00, Ethernet0o E2 10.0.0.0/16[110/5] via 192.168.2.1, 0:01:00, Ethernet1o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2 B. Gateway of last resort is 172.16.1.1 to network 0.0.0.0o E2 10.0.0.0/8 [110/5] via 192.168.1.1, 0:01:00, Ethernet0 C. Gateway of last resort is 172.16.1.1 to network 0.0.0.0o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2 D. Gateway of last resort is 172.16.1.1 to network 0.0.0.0o E2 10.0.0.0/16[110/5] via 192.168.2.1, 0:01:00, Ethernet1o E2 10.0.0.0/24[110/5] via 192.168.3.1, 0:01:00, Ethernet2 Suggested Answer: A Community Answer: A
Refer to the exhibit. User traffic originating within site B is failing to reach an application hosted on IP address 192.168.0.10, which is located within site A. What is determined by the routing table? A. The traffic is blocked by an implicit deny in an ACL on router2. B. The lack of a default route prevents delivery of the traffic. C. The traffic to 192.168.0.10 requires a static route to be configured in router1. D. The default gateway for site B is configured incorrectly. Suggested Answer: D Community Answer: B
Refer to the exhibit. Which two values does router R1 use to identify valid routes for the R3 loopback address 1.1.1.3/32? (Choose two.) A. lowest cost to reach the next hop B. highest administrative distance C. lowest metric D. highest metric E. lowest administrative distance Suggested Answer: CE Community Answer: CE
What is the role of community strings in SNMP operations? A. It translates alphanumeric MIB output values to numeric values. B. It passes the Active Directory username and password that are required for device access. C. It serves as a sequence tag on SNMP traffic messages. D. It serves as a password to protect access to MIB objects. Suggested Answer: D Community Answer: D
Which syslog severity level is considered the most severe and results in the system being considered unusable? A. Error B. Emergency C. Alert D. Critical Suggested Answer: B Community Answer: B
The clients and DHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1? A. ip route 192.168.10.1 B. ip dhcp address 192.168.10.1 C. ip default-gateway 192.168.10.1 D. ip helper-address 192.168.10.1 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which command set configures ROUTER-1 to allow Internet access for users on the 192.168.1.0/24 subnet while using 209.165.202.129 for Port Address Translation? A. ip nat pool CCNA 192.168.0.0 192.168.1.255 netmask 255.255.255.0access-list 10 permit 192.168.0.0 0.0.0.255ip nat inside source list 10 pool CCNA overload B. ip nat pool CCNA 209.165.202.129 209.165.202.129 netmask 255.255.255.255access-list 10 permit 192.168.1.0 255.255.255.0ip nat inside source list 10 pool CCNA overload C. ip nat pool CCNA 192.168.0.0 192.168.1.255 netmask 255.255.255.0access-list 10 permit 192.168.0.0 255.255.255.0ip nat inside source list 10 pool CCNA overload D. ip nat pool CCNA 209.165.202.129 209.165.202.129 netmask 255.255.255.255access-list 10 permit 192.168.1.0 0.0.0.255ip nat inside source list 10 pool CCNA overload Suggested Answer: A Community Answer: D
Which IP header field is changed by a Cisco device when QoS marking is enabled? A. ECN B. Header Checksum C. Type of Service D. DSCP Suggested Answer: B Community Answer: C
DRAG DROP - Drag and drop the SNMP components from the left onto the descriptions on the right.Suggested Answer:
Which DSCP per-hop forwarding behavior is divided into subclasses based on drop probability? A. expedited B. default C. assured D. class-selector Suggested Answer: A Community Answer: C
What are two features of the DHCP relay agent? (Choose two.) A. assigns DNS locally and then forwards request to DHCP server B. minimizes the necessary number of DHCP servers C. permits one IP helper command under an individual Layer 3 interface D. is configured under the Layer 3 interface of a router on the client subnet E. allows only MAC-to-IP reservations to determine the local subnet of a client Suggested Answer: AB Community Answer: BD
A DHCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16.32.15. What is the next step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server? A. ip helper-address 172.16.32.15 B. ip default-gateway 192.168.52.253 C. ip forward-protocol udp 137 D. ip detault-network 192.168.52.253 Suggested Answer: B Community Answer: A
Which two transport layer protocols carry syslog messages? (Choose two.) A. IP B. RTP C. TCP D. UDP E. ARP Suggested Answer: CD Community Answer: CD
What is the purpose of classifying network traffic in QoS? A. configures traffic-matching rules on network devices B. services traffic according to its class C. identifies the type of traffic that will receive a particular treatment D. writes the class identifier of a packet to a dedicated field in the packet header Suggested Answer: C
DRAG DROP - Drag and drop the Qos features from the left onto the corresponding statements on the right.Suggested Answer:
Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R3? A. interface FastEthernet0/1ip helper-address 10.0.1.1!access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1 B. interface FastEthernet0/1ip helper-address 10.0.1.1!access-list 100 permit udp host 10.0.1.1 eq 67 host 10.148.2.1 C. interface FastEthernet0/0ip helper-address 10.0.1.1!access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps D. interface FastEthernet0/1ip helper-address 10.0.1.1!access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1 Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the steps in a standard DNS lookup operation from the left into the order on the right.Suggested Answer:
Which two features introduced in SNMPv2 provide the ability to retrieve large amounts of data in one request and acknowledge a trap using PDUs? (Choose two.) A. Get B. GetNext C. Set D. GetBulk E. Inform Suggested Answer: DE Community Answer: DE
DRAG DROP - Drag and drop the DNS commands from the left onto their effects on the right.Suggested Answer:
An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface? A. ipv6 address 2001:db8::700:3:400F:572B B. ipv6 address 2001:db8:0::700:3:4F:572B C. ipv6 address 2001::db8:0000::700:3:400F:572B D. ipv6 address 2001:0db8::7:3:4F:572B Suggested Answer: A
Refer to the exhibit. A packet that is sourced from 172.16.3.254 is destined for the IP address of GigabitEthernet0/0/0. What is the subnet mask of the destination route? A. 0.0.0.0 B. 255.255.254.0 C. 255.255.255.0 D. 255.255.255.255 Suggested Answer: C Community Answer: D
Refer to the exhibit. The iPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. Which address must be used? A. ipv6 address 2001:DB8:D8D2:1009:10A0:ABFF:FECC:1 eui-64 B. ipv6 address 2001:DB8:D8D2:1009:1230:ABFF:FECC:1 eui-64 C. ipv6 address 2001:DB8:D8D2:1009:4331:89FF:FF23:9 eui-64 D. ipv6 address 2001:DB8:D8D2:1009:12A0:AB34:FFCC:1 eui-64 Suggested Answer: B Community Answer: A
Refer to the exhibit. According to the output, which parameter set is validated using the routing table of R7? A. R7 is missing a gateway of last resort.R7 is receiving routes that were redistributed in EIGRP.R7 will forward traffic destined to 10.90.8.0/24. B. R7 has a gateway of last resort available.R7 is receiving routes that were redistributed from BGP.R7 will drop traffic destined to 10.90.8.0/24. C. R7 is missing a gateway of last resort.R7 is receiving routes that were redistributed from BGP.R7 will forward traffic destined to 10.90.8.0/24. D. R7 has a gateway of last resort available.R7 is receiving routes that were redistributed in EIGRP.R7 will drop traffic destined to 10.90.8.0/24. Suggested Answer: B Community Answer: D
Which type of IPv4 address type helps to conserve the globally unique address classes? A. loopback B. multicast C. private D. public Suggested Answer: C
What are two purposes of HSRP? (Choose two.) A. It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot. B. It improves network availability by providing redundant gateways. C. It groups two or more routers to operate as one virtual router. D. It passes configuration information to hosts in a TCP/IP network. E. It helps hosts on the network to reach remote subnets without a default gateway. Suggested Answer: BC Community Answer: BC
What are two benefits for using private IPv4 addressing? (Choose two.) A. They allow for Internet access from IoT devices. B. They alleviate the shortage of public IPv4 addresses. C. They provide a layer of security from internet threats. D. They supply redundancy in the case of failure. E. They offer Internet connectivity to endpoints on private networks. Suggested Answer: BC Community Answer: BC
DRAG DROP -Refer to the exhibit. OSPF is running between site A and site B. Drag and drop the destination IPs from the left onto the network segments used to reach the destination on the right.
Suggested Answer:
Refer to the exhibit. Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A network engineer must configure R1 with a floating static route to service as a backup route to network 192.168.23. which command must the engineer configure on R1? A. ip route 192.168.23.0 255.255.255.0 192.168,13.3 100 B. ip route 192.168.23.0 255.255.255.255 192.168.13.3 121 C. ip route 192.168.23.0 255.255.255.0 192.168.13.3 121 D. ip route 192.168.23.0 255.255.255.0 192.168.13.3 Suggested Answer: C Community Answer: C
When deploying a new network that includes both Cisco and third-party network devices, which redundancy protocol avoids the interruption of network traffic if the default gateway router fails? A. VRRP B. FHRP C. GLBP D. HSRP Suggested Answer: A Community Answer: A
What are two benefits of private IPv4 addressing? (Choose two.) A. propagates routing information to WAN links B. provides unlimited address ranges C. reuses addresses at multiple sites D. conserves globally unique address space E. provides external internet network connectivity Suggested Answer: CD Community Answer: CD
Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge devices or access circuits fail? A. FHRP B. VRRP C. HSRP D. SLB Suggested Answer: C Community Answer: C
Refer to the exhibit. Which entry is the longest prefix match for host IP address 192.168.10.5? A. 1 B. 2 C. 3 D. 4 Suggested Answer: B
Refer to the exhibit. How does router R1 handle traffic to 172.16.1.4 /30 subnet? A. It sends all traffic over the path via 172.16.9.5 using 172.16.4.4 as a backup. B. It sends all traffic over the path via 10.0.1.100. C. It sends all traffic over the path via 172.16.4.4. D. It load-balances traffic over 172.16.9.5 and 172.16.4.4 Suggested Answer: D Community Answer: D
Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two.) A. FF02::0001:FF00:0000/104 B. ff06:bb43:cc13:dd16:1bb:ff14:7545:234d C. 2002::512:1204b:1111::1/64 D. 2001:701:104b:1111::1/64 E. ::ffff:10.14.101.1/96 Suggested Answer: CD Community Answer: DE
DRAG DROP -Refer to the exhibit. Drag and drop the learned prefixes from the left onto the subnet masks on the right.
Suggested Answer:
Refer to the exhibit. Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16? A. It floods packets to all learned next hops. B. It uses a route that is similar to the destination address. C. It queues the packets waiting for the route to be learned. D. It discards the packets. Suggested Answer: D Community Answer: D
DRAG DROP -Refer to the exhibit. The Router1 routing table has multiple methods to reach 10.10.10.0/24 as shown. The default Administrative Distance is used. Drag and drop the network conditions from the left onto the routing methods that Router1 uses on the right.
Suggested Answer:
An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements? A. ip route 0.0.0.0 0.0.0.0 10.200.0.2 1 B. ip route 0.0.0.0 0.0.0.0 10.200.0.2 10 C. ip route 0.0.0.0 0.0.0.0 10.200.0.2 D. ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating Suggested Answer: B Community Answer: B
Refer to the exhibit. After configuring a new static route on the CPE, the engineer entered this series of commands to verify that the new configuration is operating normally. When is the static default route installed into the routing table? A. when a route to 203.0.113.1 is learned via BGP B. when 203.0.113.1 is no longer reachable as a next hop C. when the default route learned over external BGP becomes invalid D. when the default route learned over external BGP changes its next hop Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer must configure router R1 with a host route to the server. Which command must the engineer configure? A. R1(config)#ip route 10.10.10.10 255.255.255.255 192.168.0.2 B. R1(config)#ip route 10.10.10.0 255.255.255.0 192.168.0.2 C. R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.2 D. R1(config)#ip route 192.168.0.2 255.255.255.255 10.10.10.10 Suggested Answer: A Community Answer: A
Refer to the exhibit. IPv6 is being implemented within the enterprise. The command ipv6 unicast-routing is configured. Interface Gig0/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block. Which command accomplishes this task? A. ipv6 address 2001:DB8:FFFF:FCF3::64 link-local B. ipv6 address 2001:DB8:FFFF:FCF3::1/64 C. ipv6 address 2001:DB8:FFFF:FCF3::64 eui-64 D. ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64 Suggested Answer: C Community Answer: C
Refer to the exhibit. With which metric does router R1 learn the route to host 172.16.0.202? A. 90 B. 110 C. 32445 D. 3184439 Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer must configure the link with these requirements: • Consume as few IP addresses as possible. • Leave at least two additional useable IP addresses for future growth. Which set of configurations must be applied? A. R1(config-if)#ip address 10.10.10.1 255.255.255.252R2(config-if)#ip address 10.10.10.2 255.255.255.252 B. R1(config-if)#ip address 10.10.10.1 255.255.255.240R2(config-if)#ip address 10.10.10.12 255.255.255.240 C. R1(config-if)#ip address 10.10.10.1 255.255.255.248R2(config-if)#ip address 10.10.10.4 255.255.255.248 D. R1(config-if)#ip address 10.10.10.1 255.255.255.0R2(config-if)#ip address 10.10.10.5 255.255.255.0 Suggested Answer: A Community Answer: C
DRAG DROP - Drag and drop the device behaviors from the left onto the matching HSRP state on the right.Suggested Answer:
Refer to the exhibit. A static route must be configured on R86 to forward traffic for the 172.16.34.0/29 network, which resides on R14. Which command must be used to fulfill the request? A. ip route 10.73.65.65 255.255.255.248 172.16.34.0 B. ip route 172.16.34.0 255.255.255.248 10.73.65.65 C. ip route 172.16.34.0 0.0.0.7 10.73.65.64 D. ip route 172.16.34.0 255.255.224.0 10.73.65.66 Suggested Answer: D Community Answer: B
Refer to the exhibit. An engineer must configure a floating static route on an external EIGRP network. The destination subnet is the /29 on the LAN interface of R86. Which command must be executed on R14? A. ip route 10.80.65.0 255.255.248.0 10.73.65.66 1 B. ip route 10.80.65.0 255.255.255.240 fa0/1 89 C. ip route 10.80.65.0 255.255.255.248 10.73.65.66 171 D. ip route 10.73.65.66 0.0.0.224 10.80.65.0 255 Suggested Answer: C Community Answer: C
Refer to the exhibit. What is the next-hop IP address for R2 so that PC2 reaches the application server via EIGRP? A. 192.168.30.1 B. 10.10.10.6 C. 10.10.10.5 D. 192.168.20.1 Suggested Answer: B Community Answer: B
DRAG DROP -
Suggested Answer:
Refer to the exhibit. An IPv6 address must be obtained automatically on the LAN interface on R1. Which command must be implemented to accomplish the task? A. ipv6 address autocontig B. ipv6 address dhcp C. ipv6 address fe80::/10 D. ipv6 address 2001:db8:d8d2:1008:4332:45:0570::/64 Suggested Answer: C Community Answer: B
Refer to the exhibit. A network engineer is updating the configuration on router R1 to connect a new branch office to the company network. R2 has been configured correctly. Which command must the engineer configure so that devices at the new site communicate with the main office? A. ip route 172.25.25.1 255.255.255.255 g0/2 B. ip route 172.25.25.0 255.255.255.0 192.168.2.2 C. ip route 172.25.25.0 255.255.255.0 192.168.2.1 D. ip route 172.25.25.1 255.255.255.255 g0/1 Suggested Answer: B Community Answer: B
A network engineer must migrate a router loopback interface to the IPv6 address space. If the current IPv4 address of the interface is 10.54.73.1/32, and the engineer configures IPv6 address 0:0:0:0:0:ffff:a36:4901, which prefix length must be used? A. /64 B. /96 C. /124 D. /128 Suggested Answer: B Community Answer: D
A Cisco engineer notices that two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state? A. ip ospf dead-interval 40 B. ip ospf network broadcast C. ip ospf priority 0 D. ip ospf network point-to-point Suggested Answer: D Community Answer: D
Refer to the exhibit. PC A is communicating with another device at IP address 10.227.225.255. Through which router does router Y route the traffic? A. router A B. router B C. router C D. router D Suggested Answer: A Community Answer: D
Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route? A. 0 B. 1 C. 2 D. 32 Suggested Answer: B Community Answer: B
Refer to the exhibit. Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64? A. 2001:db8::5000:00ff:fe04:0000/64 B. 2001:db8::4332:5800:41ff:fe06:/64 C. 2001:db8::5000:0004:5678:0090/64 D. 2001:db8::5200:00ff:fe04:0000/64 Suggested Answer: C Community Answer: D
What is the benefit of using FHRP? A. reduced ARP traffic on the network B. balancing traffic across multiple gateways in proportion to their loads C. higher degree of availability D. reduced management overhead on network routers Suggested Answer: C Community Answer: C
Why is a first-hop redundancy protocol implemented? A. to enable multiple switches to operate as a single unit B. to provide load-sharing for a multilink segment C. to prevent loops in a network D. to protect against default gateway failures Suggested Answer: C Community Answer: D
Refer to the exhibit. A network engineer executes the show ip route command on router D. What is the next hop to network 192.168.1.0/24 and why? A. The next hop is 10.0.2.1 because it uses distance vector routing. B. The next hop is 10.0.0.1 because it has a higher metric. C. The next hop is 10.0.2.1 because it is a link-state routing protocol. D. The next hop is 10.0.0.1 because it has a better administrative distance. Suggested Answer: D Community Answer: D
What is a similarity between global and unique local IPv6 addresses? A. They use the same process for subnetting. B. They are part of the multicast IPv6 group type. C. They are routable on the global internet. D. They are allocated by the same organization. Suggested Answer: A Community Answer: A
What is the primary purpose of a console port on a Cisco WLC? A. in-band management via an asynchronous transport B. in-band management via an IP transport C. out-of-band management via an asynchronous transport D. out-of-band management via an IP transport Suggested Answer: D Community Answer: C
Which port type does a lightweight AP use to connect to the wired network when it is configured in local mode? A. EtherChannel B. access C. LAG D. trunk Suggested Answer: A Community Answer: B
Which step immediately follows receipt of the EAP success message when session resumption is disabled for an EAP-TLS connection? A. PMKID caching B. four-way handshake C. 802.1X authentication D. EAPOL-key frame Suggested Answer: C Community Answer: D
Refer to the exhibit. All interfaces are in the same VLAN. All switches are configured with the default STP priorities. During the STP elections, which switch becomes the root bridge? A. MDF-DC-1: 08:E0:43:42:70:13 B. MDF-DC-2: 08:0E:18:22:05:97 C. MDF-DC-4: 08:E0:19:A1:B3:19 D. MDF-DC-3: 08:0E:18:1A:3C:9D Suggested Answer: D Community Answer: D
What are two port types used by a Cisco WLC for out-of-band management? (Choose two.) A. service B. console C. management D. distribution system E. redundant Suggested Answer: AB Community Answer: AB
What is a reason to implement LAG on a Cisco WLC? A. Allow for stateful failover between WLCs. B. Increase security by encrypting management frames. C. Increase the available throughput on the link. D. Enable the connected switch ports to use different Layer 2 configurations. Suggested Answer: A Community Answer: C
A wireless access point is needed and must meet these requirements: • “zero-touch” deployed and managed by a WLC • process only real-time MAC functionality • used in a split-MAC architecture Which access point type must be used? A. mesh B. autonomous C. lightweight D. cloud-based Suggested Answer: C Community Answer: C
Which interface is used for out-of-band management on a WLC? A. management B. virtual C. dynamic D. service port Suggested Answer: D Community Answer: D
Refer to the exhibit. How does SW2 interact with other switches in this VTP domain? A. It transmits and processes VTP updates from any VTP clients on the network on its trunk ports. B. It processes VTP updates from any VTP clients on the network on its access ports. C. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports. D. It forwards only the VTP advertisements that it receives on its trunk ports. Suggested Answer: D Community Answer: D
A network engineer is upgrading a small data center to host several new applications, including server backups that are expected to account for up to 90% of the bandwidth during peak times. The data center connects to the MPLS network provider via a primary circuit and a secondary circuit. How does the engineer inexpensively update the data center to avoid saturation of the primary circuit by traffic associated with the backups? A. Assign traffic from the backup servers to a dedicated switch. B. Place the backup servers in a dedicated VLAN. C. Advertise a more specific route for the backup traffic via the secondary circuit. D. Configure a dedicated circuit for the backup traffic. Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer started to configure two directly-connected routers as shown. Which command sequence must the engineer configure on R2 so that the two routers become OSPF neighbors? A. interface GigabitEthernet0/1ip ospf 1 area 1 B. router ospf 1network 192.168.12.1 0.0.0.0 area 1 C. interface GigabitEthernet0/1ip ospf 1 area 0 D. router ospf 1network 192.168.12.0 0.0.0.127 area 0 Suggested Answer: D Community Answer: A
Refer to the exhibit. What does route 10.0.1.3/32 represent in the routing table? A. all hosts in the 10.0.1.0 subnet B. a single destination address C. the source 10.0.1.100 D. the 10.0.0.0 network Suggested Answer: B Community Answer: B
Refer to the exhibit. Router R14 is in the process of being configured. Which configuration must be used to establish a host route to a PC 10? A. ip route 10.80.65.10 255.255.255.254 10.80.65.1 B. ip route 10.80.65.10 255.255.255.255 10.73.65.66 C. ip route 10.73.65.66 0.0.0.255 10.80.65.10 D. ip route 10.73.65.66 255.0.0.0 10.80.65.10 Suggested Answer: D Community Answer: B
Refer to the exhibit. Which next-hop IP address has the least desirable metric when sourced from R1? A. 10.10.10.4 B. 10.10.10.5 C. 10.10.10.3 D. 10.10.10.2 Suggested Answer: B Community Answer: C
Refer to the exhibit. The New York router must be configured so that traffic to 2000::1 is sent primarily via the Atlanta site, with a secondary path via Washington that has an administrative distance of 2. Which two commands must be configured on the New York router? (Choose two.) A. ipv6 route 2000::1/128 2012::1 B. ipv6 route 2000::1/128 2012::1 5 C. ipv6 route 2000::1/128 2012::2 D. ipv6 route 2000::1/128 2023::2 5 E. ipv6 route 2000::1/128 2023::3 2 Suggested Answer: AE Community Answer: AE
Refer to the exhibit. The primary route across Gi0/0 is configured on both routers. A secondary route must be configured to establish connectivity between the workstation networks. Which command set must be configured to complete this task? A. R1 -ip route 172.16.2.0 255.255.255.248 172.16.0.5 110R2 -ip route 172.16.1.0 255.255.255.0 172.16.0.6 110 B. R1 -ip route 172.16.2.0 255.255.255.240 172.16.0.2 113R2 -ip route 172.16.1.0 255.255.255.0 172.16.0.1 114 C. R1 -ip route 172.16.2.0 255.255.255.224 172.16.0.6 111R2 -ip route 172.16.1.0 255.255.255.0 172.16.0.5 112 D. R1 -ip route 172.16.2.0 255.255.255.240 172.16.0.5 89R2 -ip route 172.16.1.0 255.255.255.0 172.16.0.6 89 Suggested Answer: C Community Answer: C
DRAG DROP -Refer to the exhibit. Drag and drop the destination IPs from the left pnto the paths to reach those destinations on the right.
Suggested Answer:
Refer to the exhibit. Which two values does router R1 use to determine the best path to reach destinations in network 1.0.0.0/8? (Choose two.) A. lowest cost to reach the next hop B. highest administrative distance C. lowest metric D. highest metric E. longest prefix match Suggested Answer: BC Community Answer: CE
Refer to the exhibit. A public IPv6 address must be configured for internet access. Which command must be configured on the R2 WAN interface to the service provider? A. ipv6 address fe80::/10 B. ipv6 address 2001:db8:433:37:7710:ffff:ffff:ffff/64 anycast C. ipv6 address 2001:db8:123:45::4/64 D. ipv6 address fe80::260:3EFF:FE11:6770 link-local Suggested Answer: C Community Answer: C
DRAG DROP -Refer to the exhibit. Drag and drop the subnet masks from the left onto the corresponding subnets on the right. Not all subnet masks are used.
Suggested Answer:
A network engineer starts to implement a new wireless LAN by configuring the authentication server and creating the dynamic interface. What must be performed next to complete the basic configuration? A. Create the new WLAN and bind the dynamic interface to it. B. Configure high availability and redundancy for the access points. C. Enable Telnet and RADIUS access on the managoment interface. D. Install the management interface and add the management IP. Suggested Answer: D Community Answer: A
Refer to the exhibit. An architect is managing a wireless network with APs from several branch offices connecting to the WLC in the data center. There is a new requirement for a single WLAN to process the client data traffic without sending it to the WLC. Which action must be taken to complete the request? A. Enable local HTTP profiling. B. Enable FlexConnect Local Switching. C. Enable local DHCP Profiling. D. Enable Disassociation Imminent. Suggested Answer: B Community Answer: B
What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different? A. The APs must be connected to the switch with multiple links in LAG mode. B. The native VLAN must match the management VLAN of the AP. C. The switch port mode must be set to trunk. D. IEEE 802.1Q trunking must be disabled on the switch port. Suggested Answer: C Community Answer: C
Which command configures the Cisco WLC to prevent a serial session with the WLC CLI from being automatically logged out? A. config sessions maxsessions 0 B. config serial timeout 9600 C. config serial timeout 0 D. config sessions timeout 0 Suggested Answer: D Community Answer: C
A Cisco engineer at a new branch office is configuring a wireless network with access points that connect to a controller that is based at corporate headquarters. Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage. Which access point mode must be selected? A. Lightweight with local switching disabled B. FlexConnect with local switching enabled C. OfficeExtend with high availability disabled D. Local with AP fallback enabled Suggested Answer: B Community Answer: B
What is an advantage of using auto mode versus static mode for power allocation when an access point is connected to a PoE switch port? A. Power policing is enabled at the same time. B. The default level is used for the access point. C. All four pairs of the cable are used. D. It detects the device is a powered device. Suggested Answer: D Community Answer: B
Refer to the exhibit. Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration? A. Check the Guest User Role check box. B. Uncheck the Guest User check box. C. Set the Lifetime (seconds) value to 0. D. Clear the Lifetime (seconds) value. Suggested Answer: C Community Answer: B
DRAG DROP - Drag and drop the wireless architecture benefits from the left onto the architecture types on the right.Suggested Answer:
What is a specification for SSIDs? A. They must include one number and one letter. B. They are a Cisco proprietary security feature. C. They are case sensitive. D. They define the VLAN on a switch. Suggested Answer: C Community Answer: C
What is a reason to configure a trunk port that connects to a WLC distribution port? A. Provide redundancy if there is a link failure for out-of-band management. B. Allow multiple VLANs to be used in the data path. C. Permit multiple VLANs to provide out-of-band management. D. Eliminate redundancy with a link failure in the data path. Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the WLAN components from the left onto the correct descriptions on the right.Suggested Answer:
Refer to the exhibit. A Cisco WLC administrator is creating a new wireless network with enhanced SSID security. The new network must operate at 2.4 Ghz with 54 Mbps of throughput. Which set of tasks must the administrator perform to complete the configuration? A. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11a/g only. B. Check the Broadcast SSID check box and set the Radio Policy to 802.11g only. C. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only. D. Check the Broadcast SSID check box and set the Radio Policy to 802.11a only. Suggested Answer: A Community Answer: C
Which switching feature removes unused MAC addresses from the MAC address table, which allows new MAC addresses to be added? A. MAC address aging B. MAC move C. MAC address auto purge D. dynamic MAC address learning Suggested Answer: A Community Answer: A
Refer to the exhibit. A network engineer configures the CCNA WLAN so that clients must reauthenticate hourly and to limit the number of simultaneous connections to the WLAN to 10. Which two actions complete this configuration? (Choose two.) A. Enable the Wi-Fi Direct Clients Policy option B. Enable the Enable Session Timeout option and set the value to 3600. C. Enable the Client Exclusion option and set the value to 3600. D. Set the Maximum Allowed Clients value to 10. E. Set the Maximum Allowed Clients Per AP Radio value to 10. Suggested Answer: BD Community Answer: BD
Refer to the exhibit. How must router A be configured so that it only sends Cisco Discovery Protocol information to router C? A. #config tRouter A (config)#no cdp run -Router A (config)#interface gi0/0/1Router A (config-if)#cdp enable - B. #config tRouter A (config)#cdp run -Router A (config)#interface gi0/0/0Router A (config-if)#no cdp enableC.#config t -Router A (config)#cdp run -Router A (config)#interface gi0/0/1Router A (config-if)#cdp enable - D. #config tRouter A (config)#cdp run -Router A (config)#interface gi0/0/0Router A (config-if)#cdp enable Suggested Answer: A Community Answer: B
Refer to the exhibit. The SW1 and SW2 Gi0/0 ports have been preconfigured. An engineer is given these requirements: • Allow all PCs to communicate with each other at Layer 3. • Configure untagged traffic to use VLAN 5. • Disable VLAN 1 from being used. Which configuration set meets these requirements? A. SW1#interface Gi0/1switchport mode trunkswitchport trunk allowed vlan 5,7,9,108switchport trunk native vlan 5interface Gi0/2switchport mode trunkswitchport trunk allowed vlan 5,7,9,108SW2#interface Gi0/1switchport mode accessswitchport access vlan 7interface Gi0/7switchport mode trunkswitchport trunk allowed vlan 7,9,108 B. SW1#interface Gi0/1switchport mode trunkswitchport trunk allowed vlan 5,7,9,108switchport trunk native vlan 5interface Gi0/2switchport mode accessswitchport trunk allowed vlan 7,9,108SW2#interface Gi0/1switchport mode accessno switchport access vlan 1switchport access vlan 7interface Gi0/7switchport mode trunkswitchport trunk allowed vlan 7,9,108switchport trunk native vlan 5 C. SW#1 -interface Gi0/1switchport mode trunkswitchport trunk allowed vlan 5,7,9,108switchport trunk native vlan 5interface Gi0/2switchport mode trunkswitchport trunk allowed vlan 5,7,9,108SW2#interface Gi0/1switchport mode accessswitchport access vlan 7interface Gi0/7switchport mode trunkswitchport trunk allowed vlan 5,7,9,108switchport trunk native vlan 5 D. SW1#interface Gi0/1switchport mode trunkswitchport trunk allowed vian 5,7,9,108interface Gi0/2switchport mode trunkswitchport trunk allowed vlan 7,9,108SW2#interface Gi0/1switchport mode trunkswitchport trunk allowed vlan 7interface Gi0/7switchport mode trunkswitchport trunk allowed vlan 5,7,9,108 Suggested Answer: C Community Answer: C
Refer to the exhibit. An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement? A. interface gi0/1no cdp enable B. interface gi0/0no cdp run C. interface gi0/0no cdp advertise-v2 D. interface gi0/1clear cdp table Suggested Answer: B Community Answer: A
Which WLC port connects to a switch to pass normal access-point traffic? A. redundancy B. service C. console D. distribution system Suggested Answer: D Community Answer: D
Which default condition must be considered when an encrypted mobility tunnel is used between two Cisco WLCs? A. The tunnel uses the IPses protocol for encapsulation. B. Control and data traffic encryption are enabled. C. The tunnel uses the EoIP protocol to transmit data traffic. D. TCP port 443 and UDP 21 are used. Suggested Answer: D Community Answer: B
Refer to the exhibit. After a recent internal security audit, the network administrator decided to block all P2P-capable devices from the selected SSID. Which configuration setting must the administrator apply? A. Set the Wi-Fi Direct Client Policy to Not-Allow. B. Select a correctly configured Layer 2 ACL. C. Set the MFP Client Protection to Required. D. Set the P2P Block Action to Drop. Suggested Answer: A Community Answer: D
A network administrator plans an update to the WI-FI networks in multiple branch offices. Each location is configured with an SSID called “Office”. The administrator wants every user who connects to the SSID at any location to have the same access level. What must be set the same on each network to meet the requirement? A. radio policy B. profile name C. NAS-ID configuration D. security policies Suggested Answer: C Community Answer: D
Refer to the exhibit. The P2P Blocking Action option is disabled on the WLC. The security team has a new requirement for each client to retain their assigned IP addressing as the clients move between locations in the campus network. Which action completes this configuration? A. Enable the Static IP Tunneling option. B. Disable the Coverage Hole Detection option. C. Set the P2P Blocking Action option to Forward-UpStream. D. Check the DHCP Addr. Assignment check box. Suggested Answer: C Community Answer: A
Refer to the exhibit. A multivendor network exists and the company is implementing VoIP over the network for the first time. Which configuration is needed to implement the neighbor discovery protocol on the interface and allow it to remain off for the remaining interfaces? A. SW1(config)#lldp run -SW1(config)#interface gigabitethernet1/0/1SW1(config-if)#lldp enable B. SW1(config)#no cdp run -SW1(config)#interface gigabitethernet1/0/1SW1(config-if)#lldp transmit -SW1(config-if)#lldp receive C. SW1(contig)#lldp enable -SW1(config)#interface gigabitethernet1/0/1SW1(config-if)#lldp run D. SW1(config)#no cdp enable -SW1(config)#interface gigabitethernet1/0/1SW1(config-if)#cdp run Suggested Answer: B Community Answer: B
Refer to the exhibit. Routers R1, R2, and R3 use a protocol to identify the neighbors’ IP addresses, hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement? A. Configure the no lldp receive command on g0/1. B. Configure the no cdp run command globally. C. Configure the no cdp enable command on g0/2. D. Configure the no lldp run command globally. Suggested Answer: D Community Answer: C
SIP-based Call Admission Control must be configured in the Cisco WLC GUI. SIP call-snooping ports are configured. Which two actions must be completed next? (Choose two.) A. Set the QoS level to silver or greater for voice traffic. B. Configure two different QoS roles for data and voice traffic. C. Enable Media Session Snooping on the WLAN. D. Set the QoS level to platinum for voice traffic. E. Enable traffic shaping for the LAN interface of the WLC. Suggested Answer: BD Community Answer: CD
Refer to the exhibit. A network administrator configures an interface on a new switch so that it connects to interface Gi1/0/1 on switch Cat9300-1. Which configuration must be applied to the new interface? A. switchport mode trunkswitchport trunk native vlan 321switchport trunk allowed vlan 100,200,300 B. switchport mode dynamic desirableswitchport trunk native vlan 321switchport trunk allowed vian 100,200,300 C. switchport trunk encapsulation dot1qswitchport trunk native vlan 321switchport trunk allowed vlan 100-300 D. switchport nonegotiateswitchport access vlan 321switchport trunk allowed vlan except 2-1001 Suggested Answer: B Community Answer: A
Which command enables HTTP access to the Cisco WLC? A. config network telnet enable B. config network secureweb enable C. config certificate generate webadmin D. config network webmode enable Suggested Answer: D Community Answer: D
Which port state processes BPDUs, but does not forward packets or update the address database in Rapid PVST+? A. blocking B. learning C. listening D. disabled Suggested Answer: A Community Answer: A
A switch is forwarding a frame out of all interfaces except the interface that received the frame. What is the technical term for this process? A. ARP B. CDP C. flooding D. multicast Suggested Answer: C Community Answer: C
Refer to the exhibit. Rapid PVST+ mode is on the same VLAN on each switch. Which switch becomes the root bridge and why? A. SW4, because its priority is highest and its MAC address is lower B. SW1, because its priority is the lowest and its MAC address is higher C. SW2, because its MAC address is the highest D. SW3, because its priority is the highest Suggested Answer: C Community Answer: A
Which EtherChannel mode must be configured when using LAG on a WLC? A. on B. passive C. active D. auto Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the VLAN port modes from the left onto the descriptions on the right.Suggested Answer:
Which switch concept is used to create separate broadcast domains? A. STP B. VTP C. VLAN D. CSMA/CD Suggested Answer: C Community Answer: C
How must a switch interface be configured when an AP is in FlexConnect mode? A. access port B. EtherChannel C. PoE port D. trunk port Suggested Answer: A Community Answer: D
What are two features of PortFast? (Choose two.) A. Convergence is fast after a link failure. B. STP loops are mitigated for uplinks to other switches. C. Ports transition directly from the blocking state to the forwarding state. D. Ports operate normally without receiving BPDUs. E. Ports that connect to the backbone automatically detect indirect link failures. Suggested Answer: BC Community Answer: CD
What is the root port in STP? A. It is the port with the highest priority toward the root bridge. B. It is the port on the root switch that leads to the designated port on another switch. C. It is the port that is elected only when the root bridge has precisely one port on a single LAN segment. D. It is the port on a switch with the lowest cost to reach the root bridge. Suggested Answer: D Community Answer: D
When a switch receives a frame from an unknown source MAC address, which action does the switch take with the frame? A. It sends the frame to ports within the CAM table identified with an unknown source MAC address. B. It floods the frame out all interfaces, including the interface it was received on. C. It associates the source MAC address with the LAN port on which it was received and saves it to the MAC address table. D. It attempts to send the frame back to the source to ensure that the source MAC address is still available for transmissions. Suggested Answer: C Community Answer: C
When the LAG configuration is updated on a Cisco WLC, which additional task must be performed when changes are complete? A. Reboot the WLC. B. Flush all MAC addresses from the WLC. C. Re-enable the WLC interfaces. D. Re-associate the WLC with the access point. Suggested Answer: A Community Answer: A
Refer to the exhibit. An engineer ts building a new Layer 2 LACP EtherChannel between SW1 and SW2, and they executed the given show commands to verify the work. Which additional task must be performed so that the switches successfully bundle the second member in the LACP port-channel? A. Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1. B. Configure the switchport trunk allowed vlan add 300 command on interface Fa0/2 on SW2. C. Configure the switchport trunk allowed vlan add 300 command on SW1 port-channel 1. D. Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1. Suggested Answer: D Community Answer: C
Refer to the exhibit. VLAN 23 is being implemented between SW1 and SW2. The command show interface ethernet0/0 switchport has been issued on SW1. Ethernet0/0 on SW1 is the uplink to SW2. Which command when entered on the uplink interface allows PC 1 and PC 2 to communicate without impact to the communication between PC 11 and PC 12? A. switchport trunk allowed vlan 2-1001 B. switchport trunk allowed vlan 23 C. switchport trunk allowed vian add 23 D. switchport trunk allowed vian 22-23 Suggested Answer: A Community Answer: C
What is a function of spine-and-leaf architecture? A. offers predictable latency of the traffic path between end devices B. mitigates oversubscription by adding a layer of leaf switches C. exclusively sends multicast traffic between servers that are directly connected to the spineD.limits payload size of traffic within the leaf layer Suggested Answer: A Community Answer: A
What is a function of an endpoint? A. It passes unicast communication between hosts in a network. B. It transmits broadcast traffic between devices in the same VLAN. C. It provides security between trusted and untrusted sections of the network. D. It is used directly by an individual user to access network services. Suggested Answer: D Community Answer: D
What is a function of MAC address learning? A. It is disabled by default on all interfaces connected to trunks. B. It increases security on the management VLAN. C. It is enabled by default on all VLANs and interfaces. D. It increases the potential for MAC address flooding. Suggested Answer: C Community Answer: C
Which IPv6 address range is suitable for anycast addresses for distributed services such as DHCP or DNS? A. FF00:1/12 B. 2001:db8:0234:ca3e::1/128 C. FE80::1/10 D. 2002:db84:3f30:ca84:be76:2/64 Suggested Answer: B Community Answer: B
What is a similarity between OM3 and OM4 fiber optic cable? A. Both have a 62.5 micron core diameter. B. Both have a 100 micron core diameter. C. Both have a 50 micron core diameter. D. Both have a 9 micron core diameter. Suggested Answer: C Community Answer: C
Which device segregates a network into separate zones that have their own security policies? A. IPS B. switch C. access point D. firewall Suggested Answer: D Community Answer: D
What is the primary purpose of private address space? A. limit the number of nodes reachable via the Internet B. simplify the addressing in the network C. conserve globally unique address space D. reduce network complexity Suggested Answer: C Community Answer: C
What is a characteristic of a collapsed-core network topology? A. It enables all workstations in a SOHO environment to connect on a single switch with internet access. B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel. C. It allows wireless devices to connect directly to the core layer, which enables faster data transmission. D. It allows the core and distribution layers to run as a single combined layer. Suggested Answer: D Community Answer: D
A technician receives a report of network slowness and the issue has been isolated to the interface FastEthemet0/13. What is the root cause of the issue? FastEthernet0/13 is up, line protocol is up Hardware is Fast Ethernet, address is 0001.4d27.66cd (bia 0001.4d27.66cd) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 250/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not set - Auto-duplex (Full) Auto Speed (100), 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 18:52:43, output 00:00:01, output hang never Last clearing of “show interface” counters never Queueing strategy: fifo - Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 12000 bits/sec, 6 packets/sec 5 minute output rate 24000 bits/sec, 6 packets/sec 14488019 packets input, 2434163609 bytes Received 345348 broadcasts, 0 runts, 0 giants, 0 throttles 261028 input errors, 259429 CRC, 1599 frame, 0 overrun, 0 ignored 0 watchdog, 84207 multicast 0 input packets with dribble condition detected 19658279 packets output, 3529106068 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out A. local buffer overload B. err-disabled port on the far end C. physical errors D. duplicate IP addressing Suggested Answer: C Community Answer: C
What occurs when overlapping Wi-Fi channels are implemented? A. Users experience poor wireless network performance. B. Wireless devices are unable to distinguish between different SSIDs. C. The wireless network becomes vulnerable to unauthorized access. D. Network communications are open to eavesdropping. Suggested Answer: A Community Answer: A
Refer to the exhibit. An administrator received a call from a branch office regarding poor application performance hosted at the headquarters. Ethernet 1 is connected between Router1 and the LAN switch. What identifies the issue? A. The MTU is not set to the default value. B. There is a duplex mismatch. C. The QoS policy is dropping traffic. D. The link is over utilized. Suggested Answer: C Community Answer: B
DRAG DROP - Drag and drop the cloud-computing components from the left onto the correct descriptions on the right.Suggested Answer:
What is the functionality of the Cisco DNA Center? A. IP address pool distribution scheduler B. data center network policy controller C. console server that permits secure access to all network devices D. software-defined controller for automation of devices and services Suggested Answer: D Community Answer: D
Refer to the exhibit. Which configuration enables an EtherChannel to form dynamically between SW1 and SW2 by using an industry-standard protocol, and to support full IP connectivity between all PCs? A. SW1#interface Gi0/1switchportswitchport mode accesschannel-group 1 mode active!interface Gi0/2switchportswitchport mode accesschannel-group 1 mode activeSW2#interface Gi0/1switchportswitchport mode accesschannel-group 1 mode desirable!interface Gi0/2switchportswitchport mode accesschannel-group 1 mode desirable B. SW1#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode on!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode autoSW2#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode auto!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode oninterface port-channel 1switchportswitchport mode trunk C. SW1#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode active!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode activeSW2#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode passive!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode passive D. SW1#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode auto!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode autoSW2#interface Gi0/1switchportswitchport mode trunkchannel-group 1 mode desirable!interface Gi0/2switchportswitchport mode trunkchannel-group 1 mode desirable Suggested Answer: C Community Answer: C
Which functionality is provided by the console connection on a Cisco WLC? A. HTTP-based GUI connectivity B. secure in-band connectivity for device administration C. out-of-band management D. unencrypted in-band connectivity for file transfers Suggested Answer: C Community Answer: C
Refer to the exhibit. Host A switch interface is configured in VLAN 2. Host D sends a unicast packet destined for the IP address of host A.
What does the switch do when it receives the frame from host D? A. It floods the frame out of every ports except the source port. B. It creates a broadcast storm. C. It shuts down the source port and places it in err-disable mode. D. It drops the frame from the MAC table of the switch. Suggested Answer: A Community Answer: A
Refer to the exhibit. A Cisco engineer creates a new WLAN called lantest. Which two actions must be performed so that only high-speed 2.4-Ghz clients connect? (Choose two.) A. Enable the Status option. B. Set the Radio Policy option to 802.11g Only. C. Set the Radio Policy option to 802.11a Only. D. Set the Interface/Interface Group(G) to an interface other than guest. E. Enable the Broadcast SSID option. Suggested Answer: AE Community Answer: AB
How does Rapid PVST+ create a fast loop-free network topology? A. It uses multiple active paths between end stations. B. It requires multiple links between core switches. C. It maps multiple VLANs into the same spanning-tree instance. D. It generates one spanning-tree instance for each VLAN. Suggested Answer: D Community Answer: D
Which two functions does a WLC perform in the lightweight access-point architecture that an AP performs independently in an autonomous architecture? (Choose two.) A. managing RF channels, including transmission power B. handling the association, authentication, and roaming of wireless clients C. sending and processing beacon frames D. encrypting and decrypting traffic that uses the WAP protocol family E. preventing collisions between wireless clients on the same RF channel Suggested Answer: AB Community Answer: AB
Refer to the exhibit. A network engineer is configuring a wireless LAN with Web Passthrough Layer 3 Web Policy. Which action must the engineer take to complete the configuration? A. Set the Layer 2 Security to 802.1X. B. Enable TKIP and CCMP256 WPA2 Encryption. C. Enable the WPA Policy. D. Set the Layer 2 Security to None. Suggested Answer: C Community Answer: D
DRAG DROP - Drag and drop the virtualization concepts from the left onto the matching statements on the right.Suggested Answer:
What is a benefit of a point-to-point leased line? A. low cost B. full-mesh capability C. simplicity of configuration D. flexibility of design Suggested Answer: C Community Answer: C
Why is TCP desired over UDP for applications that require extensive error checking, such as HTTPS? A. UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order. B. UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery. C. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load. D. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received. Suggested Answer: A Community Answer: D
Which component controls and distributes physical resources for each virtual machine? A. hypervisor B. OS C. CPU D. physical enclosure Suggested Answer: A Community Answer: A
What is the role of nonoverlapping channels in a wireless environment? A. to increase bandwidth B. to stabilize the RF environment C. to allow for channel bonding D. to reduce interference Suggested Answer: B Community Answer: D
What are two advantages of implementing a controller-based architecture instead of traditional network architecture? (Choose two.) A. It allows for seamless connectivity to virtual machines. B. It increases security against denial-of-service attacks. C. It supports complex and high-scale IP addressing schemes. D. It enables configuration task automation. E. It provides increased scalability and management options. Suggested Answer: DE Community Answer: DE
What is the purpose of the service-set identifier? A. It identifies the wireless network to which an application must connect. B. It identifies the wired network to which a network device is connected. C. It identifies the wired network to which a user device is connected. D. It identifies a wireless network for a mobile device to connect. Suggested Answer: B Community Answer: D
SIMULATION - Guidelines - This is a lab item in which tasks will be performed on virtual devices • Refer to the Tasks tab to view the tasks for this lab item. • Refer to the Topology tab to access the device console(s) and perform the tasks. • Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window. • All necessary preconfigurations have been applied. • Do not change the enable password or hostname for any device. • Save your configurations to NVRAM before moving to the next item. • Click Next at the bottom of the screen to submit this lab and move to the next question. • When Next is clicked the lab closes and cannot be reopened. Topology -Tasks - All physical cabling is in place and verified. Connectivity between all four switches must be established and operational. All ports are pre-configured as 802.1q trunks. 1. Configure both SW-1 and SW-2 ports e0/1 and e0/2 to permit only the allowed VLANs 2. Configure both SW-3 and SW-4 ports e0/2 to permit only the allowed VLANs 3. Configure both SW-1 and SW-2 e0/1 ports to send and receive untagged traffic over VLAN 99 4. Configure both SW-3 and SW-4 ports e0/0 and e0/1 for link aggregation using the industry standard protocol. All ports must immediately negotiate the link aggregation 5. Permit only the allowed VLANs on the new link Suggested Answer:
How do UTP and STP cables compare? A. UTP cables provide faster and more reliable data transfer rates and STP cables are slower and less reliable. B. STP cables are shielded and protect against electromagnetic interference and UTP lacks the same protection against electromagnetic interference. C. STP cables are cheaper to procure and easier to install and UTP cables are more expensive and harder to install. D. UTP cables are less prone to crosstalk and interference and STP cables are more prone to crosstalk and interference. Suggested Answer: B Community Answer: B
What are two disadvantages of a full-mesh topology? (Choose two.) A. It requires complex configuration. B. It needs a high MTU between sites. C. It works only with BGP between sites. D. It has a high implementation cost. E. It must have point-to-point communication. Suggested Answer: AD Community Answer: AD
DRAG DROP - Drag and drop the wireless standards from the left onto the number of nonoverlapping channels they support on the right.Suggested Answer:
Which technology allows for multiple operating systems to be run on a single host computer? A. virtual routing and forwarding B. virtual device contexts C. network port ID virtualization D. server virtualization Suggested Answer: D Community Answer: D
Why would an administrator choose to implement an automated network management solution? A. to reduce operational costs B. to support simpler password policies C. to enable “box by box” configuration and deployment D. to limit recurrent management costs Suggested Answer: A Community Answer: A
What is a function of the core and distribution layers in a collapsed-core architecture? A. The router can support HSRP for Layer 2 redundancy in an IPv6 network. B. The core and distribution layers are deployed on two different devices to enable failover. C. The router operates on a single device or a redundant pair. D. The router must use IPv4 and IPv6 addresses at Layer 3. Suggested Answer: C Community Answer: C
What must be considered before deploying virtual machines? A. resource limitations, such as the number of CPU cores and the amount of memory B. support for physical peripherals, such as monitors, keyboards, and mice C. whether to leverage VSM to map multiple virtual processors to two or more virtual machines D. location of the virtual machines within the data center environment Suggested Answer: A Community Answer: A
What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.) A. It is less expensive when purchasing patch cables. B. It carries electrical current further distances for PoE devices. C. It provides greater throughput options. D. It has a greater sensitivity to changes in temperature and moisture. E. It carries signals for longer distances. Suggested Answer: CE Community Answer: CE
What are two behaviors of a point-to-point WAN topology? (Choose two.) A. It leverages a dedicated connection. B. It provides direct connections betwaen each router in the topology. C. It delivers redundancy between the central office and branch offices. D. It uses a single router to route traffic between sites. E. It connects remote networks through a single line. Suggested Answer: BD Community Answer: AE
What is a link-local all-nodes IPv6 multicast address? A. ff02:0:0:0:0:0:0:1 B. 2004:33c:94d9:431e:255:: C. fffe:034:0dd:45d6:789e:: D. fe80:4433:034:0dd::2 Suggested Answer: A Community Answer: A
Which is a reason to implement IPv4 private addressing? A. Comply with PCI regulations. B. Reduce the size of the forwarding table on network routers. C. Reduce the risk of a network security breach. D. Comply with local law. Suggested Answer: C Community Answer: C
Which signal frequency appears 60 times per minute? A. 1 Hz signal B. 1 GHz signal C. 60 Hz signal D. 60 GHz signal Suggested Answer: A Community Answer: A
Which two primary drivers support the need for network automation? (Choose two.) A. Increasing reliance on self-diagnostic and self-healing B. Eliminating training needs C. Policy-driven provisioning of resources D. Reducing hardware footprint E. Providing a single entry point for resource provisioning Suggested Answer: CE Community Answer: AC
What is an expected outcome when network management automation is deployed? A. A distributed management plane must be used. B. Complexity increases when new device configurations are added. C. Custom applications are needed to configure network devices. D. Software upgrades are performed from a central controller. Suggested Answer: D Community Answer: D
Refer to the exhibit. What is represented by `R1` and `SW1` within the JSON output? A. object B. value C. key D. array Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the statements about networking from the left onto the corresponding networking types on the right. Select and Place:Suggested Answer:
Which HTTP status code is returned after a successful REST API request? A. 200 B. 301 C. 404 D. 500 Suggested Answer: A Community Answer: A
With REST API, which standard HTTP header tells a server which media type is expected by the client? A. Accept-Encoding: gzip. deflate B. Accept-Patch: text/example; charset=utf-8 C. Content-Type: application/json; charset=utf-8 D. Accept: application/json Suggested Answer: D Community Answer: D
Refer to the exhibit. How many objects are present in the given JSON-encoded data? A. One B. Four C. Seven D. Nine Suggested Answer: C Community Answer: D
What is the purpose of the Cisco DNA Center controller? A. to securely manage and deploy network devices B. to scan a network and generate a Layer 2 network diagram C. to secure physical access to a data center D. to provide Layer 3 services to autonomous access points Suggested Answer: A Community Answer: A Cisco DNA Center is a powerful network controller and management dashboard for secure access to networks and applications. It lets you take charge of your network, optimize your Cisco investment, and lower your IT spending. Reference: https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-center-so-cte-en.html
What is the function of the controller in a software-defined network? A. forwarding packets B. multicast replication at the hardware level C. setting packet-handling policies D. fragmenting and reassembling packets Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line but not from show running-config. Which command completes the configuration? A. Device(config)# netconf lock-time 500 B. Device(config)# netconf max-message 1000 C. Device(config)# no netconf ssh acl 1 D. Device(config)# netconf max-sessions 100 Suggested Answer: B Community Answer: B
Which statement identifies the functionality of virtual machines? A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor B. The hypervisor can virtualize physical components including CPU, memory, and storage C. Each hypervisor can support a single virtual machine and a single software switch D. The hypervisor communicates on Layer 3 without the need for additional resources Suggested Answer: B Community Answer: B
Which network plane is centralized and manages routing decisions? A. management plane B. data plane C. policy plane D. control plane Suggested Answer: D Community Answer: D
What is a benefit of using private IPv4 addressing? A. Multiple companies can use the same addresses without conflicts. B. Direct connectivity is provided to internal hosts from outside an enterprise network. C. Communication to the internet is reachable without the use of NAT. D. All external hosts are provided with secure communication to the internet. Suggested Answer: A Community Answer: A
Refer to the exhibit. A network engineer must provide configured IP addressing details to investigate a firewall rule issue. Which subnet and mask identify what is configured on the en0 interface? A. 10.8.0.0/16 B. 10.8.64.0/18 C. 10.8.128.0/19 D. 10.8.138.0/24 Suggested Answer: C Community Answer: C
What are two characteristics of a small office / home office connection environment? (Choose two.) A. It requires 10Gb ports on all uplinks. B. It supports between 1 and 50 users. C. It supports between 50 and 100 users. D. A router port connects to a broadband connection. E. It requires a core, distribution, and access layer architecture. Suggested Answer: BD Community Answer: BD
Which element of a virtualization solution manages virtualized services and enables connections between virtualized services and external interfaces? A. software B. network functionality C. virtual machine D. hardware Suggested Answer: C Community Answer: A
Which group of channels in the 802.11b/gin/ac/ax 2.4 GHz frequency bands are nonoverlapping channels? A. channels 1, 5, and 10 B. channels 1, 6, and 11 C. channels 1, 5, and 11 D. channels 1, 6, and 10 Suggested Answer: B Community Answer: B
What is a function of Layer 3 switches? A. They route traffic between devices in different VLANs. B. They transmit broadcast traffic when operating in Layer 3 mode exclusively. C. They move frames between endpoints limited to IP addresses. D. They forward Ethernet frames between VLANs using only MAC addresses, Suggested Answer: C Community Answer: A
DRAG DROP - Drag and drop the RF terms from the left onto the corresponding statements on the right.Suggested Answer:
Which cable type must be used to interconnect one switch using 1000 BASE-SX GBIC modules and another switch using 1000 BASE-SX SFP modules? A. LC to SC B. SC to SC C. LC to LC D. SC to ST Suggested Answer: D Community Answer: A
DRAG DROP - Drag and drop the HTTP methods used with REST-based APIs from the left onto the descriptions on the right. Select and Place:Suggested Answer:
What is a function of a southbound API? A. Use orchestration to provision a virtual server configuration from a web server B. Automate configuration changes between a server and a switching fabric C. Manage flow control between an SDN controller and a switching fabric D. Facilitate the information exchange between an SDN controller and application Suggested Answer: C Community Answer: C
Which script paradigm does Puppet use? A. recipes and cookbooks B. playbooks and roles C. strings and marionettes D. manifests and modules Suggested Answer: D Community Answer: D
Which set of methods is supported with the REST API? A. GET, PUT, ERASE, CHANGE B. GET, POST, MOD, ERASE C. GET, PUT, POST, DELETE D. GET, POST, ERASE, CHANGE Suggested Answer: C Community Answer: C
Which technology is appropriate for communication between an SDN controller end applications running over the network? A. Southbound API B. REST API C. NETCONF D. OpenFlow Suggested Answer: D Community Answer: B
DRAG DROP - Drag and drop each characteristic of device-management technologies from the left onto the deployment type on the right. Select and Place:Suggested Answer:
What is the function of `off-the-shelf` switches in a controller-based network? A. setting packet-handling policies B. forwarding packets C. providing a central view of the deployed network D. making routing decisions Suggested Answer: B Community Answer: B
Which REST method updates an object in the Cisco DNA Center Intent API? A. CHANGE B. UPDATE C. POST D. PUT Suggested Answer: D Community Answer: D
Refer to the exhibit. How many JSON objects are represented? A. 1 B. 2 C. 3 D. 4 Suggested Answer: D Community Answer: A
Which definition describes JWT in regard to REST API security? A. an encrypted JSON token that is used for authentication B. an encrypted JSON token that is used for authorization C. an encoded JSON token that is used to securely exchange information D. an encoded JSON token that is used for authentication Suggested Answer: C Community Answer: D
Refer to the exhibit. What is identified by the word `switch` within line 2 of the JSON Schema? A. array B. value C. object D. key Suggested Answer: D Community Answer: D
Refer to the exhibit. Which type of JSON data is shown? A. boolean B. array C. key D. object Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the characteristics from the left onto the technology types on the right. Select and Place:Suggested Answer:
Which communication interaction takes place when a southbound API is used? A. between the SDN controller and PCs on the network B. between the SDN controller and switches and routers on the network C. between the SDN controller and services and applications on the network D. between network applications and switches and routers on the network Suggested Answer: B Community Answer: B
What are two characteristics of a public cloud implementation? (Choose two.) A. It is owned and maintained by one party, but it is shared among multiple organizations B. It enables an organization to fully customize how it deploys network resources C. It provides services that are accessed over the Internet D. It is a data center on the public Internet that maintains cloud services for only one company E. It supports network resources from a centralized third-party provider and privately-owned virtual resources Suggested Answer: AC Community Answer: AC
DRAG DROP - Drag and drop the descriptions from the left on to the correct configuration-management technologies on the right. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the REST API call methods for HTTP from the left onto the actions they perform on the right. Not all methods are used. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the REST principles from the left onto their definitions on the right. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the Ansible terms from the left onto the right. Select and Place:Suggested Answer:
Refer to the exhibit. How many objects keys, and JSON list values are present? A. Three objects, two keys, and three JSON list values B. Three objects, three keys, and two JSON list values C. One object, three keys, and three JSON list values D. One object, three keys, and two JSON list values Suggested Answer: B Community Answer: C
What uses HTTP messages to transfer data to applications residing on different hosts? A. OpenStack B. OpFlex C. REST D. OpenFlow Suggested Answer: C Community Answer: C
Which JSON data type is an unordered set of attribute-value pairs? A. string B. array C. Boolean D. object Suggested Answer: D Community Answer: D
Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics? A. Generic Router Encapsulation (GRE) B. Virtual Local Area Network (VLAN) C. Virtual Extensible LAN (VXLAN) D. Point-to-Point Protocol (PPP) Suggested Answer: C Community Answer: C
Which plane is centralized by an SDN controller? A. management-plane B. data-plane C. services-plane D. control-plane Suggested Answer: D Community Answer: D
Where is the interface between the control plane and data plane within the software-defined architecture? A. application layer and the management layer B. application layer and the infrastructure layer C. control layer and the application layer D. control layer and the infrastructure layer Suggested Answer: D Community Answer: D
Why would a network administrator choose to implement automation in a network environment? A. To simplify the process of maintaining a consistent configuration state across all devices B. To centralize device information storage C. To implement centralized user account management D. To deploy the management plane separately from the rest of the network Suggested Answer: A Community Answer: A
Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two.) A. The device is placed into the Managed state. B. The device is placed into the Unmanaged state. C. The device is assigned to the Local site. D. The device is assigned to the Global site. E. The device is placed into the Provisioned state. Suggested Answer: AD Community Answer: AD
Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.) A. playbook B. recipe C. model D. cookbook E. task Suggested Answer: AE Community Answer: AE
In software-defined architecture, which plane handles switching for traffic through a Cisco router? A. control B. data C. management D. application Suggested Answer: B Community Answer: B
What are two southbound APIs? (Choose two.) A. Thrift B. DSC C. CORBA D. NETCONF E. OpenFlow Suggested Answer: DE Community Answer: DE OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices. Other southbound APIs are: ג€¢ onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades. ג€¢ OpFlex: an open-standard, distributed control system. It send ג€summary policyג€ to network elements.
What makes Cisco DNA Center different from traditional network management applications and their management of networks? A. Its modular design allows the implementation of different versions to meet the specific needs of an organization. B. It only supports auto-discovery of network elements in a greenfield deployment. C. It omits support high availability of management functions when operating in cluster mode. D. It abstracts policy from the actual device configuration. Suggested Answer: D Community Answer: D
Which API is used in controller-based architectures to interact with edge devices? A. southbound B. overlay C. northbound D. underlay Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the statements about networking from the left onto the corresponding networking types on the right. Select and Place:Suggested Answer:
Refer to the exhibit. What is represented beginning with line 1 and ending with line 5? A. object B. value C. key D. array Suggested Answer: A Community Answer: D
Which CRUD operation corresponds to the HTTP GET method? A. create B. read C. delete D. update Suggested Answer: B Community Answer: B Reference: https://hub.packtpub.com/crud-operations-rest/
What differentiates device management enabled by Cisco DNA Center from traditional campus device management? A. CLI-oriented device B. centralized C. device-by-device hands-on D. per-device Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the statements about networking from the left onto the corresponding networking types on the right. Select and Place:Suggested Answer:
Which two REST API status-code classes represent errors? (Choose two.) A. 1XX B. 2XX C. 3XX D. 4XX E. 5XX Suggested Answer: DE Community Answer: DE
How do servers connect to the network in a virtual environment? A. a cable connected to a physical switch on the network B. wireless to an access point that is physically connected to the network C. a virtual switch that links to an access point that is physically connected to the network D. a software switch on a hypervisor that is physically connected to the network Suggested Answer: D Community Answer: D
What is the function of the controller in a software-defined network? A. forwarding packets B. multicast replication at the hardware level C. making routing decisions D. fragmenting and reassembling packets Suggested Answer: C Community Answer: C
What are two characteristics of a controller-based network? (Choose two.) A. It uses Telnet to report system issues. B. The administrator can make configuration updates from the CLI. C. It uses northbound and southbound APIs to communicate between architectural layers. D. It decentralizes the control plane, which allows each device to make its own forwarding decisions. E. It moves the control plane to a central point. Suggested Answer: CE Community Answer: CE
Which output displays a JSON data representation? A.B.
C.
D.
Suggested Answer: C JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value: ג€nameג€:ג€Markג€ JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example: { ג€nameג€:ג€Johnג€, ג€ageג€:30, ג€carsג€:[ ג€Fordג€, ג€BMWג€, ג€Fiatג€ ] } JSON can have empty object like ג€taskIdג€:{}
DRAG DROP - Drag and drop the descriptions from the left onto the configuration-management technologies on the right. Select and Place:Suggested Answer:
The focus of Ansible is to be streamlined and fast, and to require no node agent installation. Thus, Ansible performs all functions over SSH. Ansible is built on Python, in contrast to the Ruby foundation of Puppet and Chef. TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file . This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server. Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach. A Puppet piece of code is called a manifest, and is a file with .pp extension.
Which two capabilities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two.) A. REST APIs that allow for external applications to interact natively B. adapters that support all families of Cisco IOS software C. SDKs that support interaction with third-party network equipment D. modular design that is upgradable as needed E. customized versions for small, medium, and large enterprises Suggested Answer: AC Community Answer: AC Cisco DNA Center offers 360-degree extensibility through four distinct types of platform capabilities: ✑ Intent-based APIs leverage the controller and enable business and IT applications to deliver intent to the network and to reap network analytics and insights for IT and business innovation. ✑ Process adapters, built on integration APIs, allow integration with other IT and network systems to streamline IT operations and processes. ✑ Domain adapters, built on integration APIs, allow integration with other infrastructure domains such as data center, WAN, and security to deliver a consistent intent-based infrastructure across the entire IT environment. ✑ SDKs allow management to be extended to third-party vendor's network devices to offer support for diverse environments. Reference: https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-cent-platf-aag-cte-en.html
DRAG DROP - Drag and drop the descriptions of device management from the left onto the types of device management on the right. Select and Place:Suggested Answer:
What software-defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information? A. management plane B. control plane C. data plane D. policy plane Suggested Answer: B Community Answer: B
What are two benefits of controller-based networking compared to traditional networking? (Choose two.) A. controller-based increases network bandwidth usage, while traditional lightens the load on the network B. controller-based reduces network configuration complexity, while traditional increases the potential for errors C. controller-based allows for fewer network failures, while traditional increases failure rates D. controller-based provides centralization of key IT functions, while traditional requires distributed management functions E. controller-based inflates software costs, while traditional decreases individual licensing costs Suggested Answer: BD Community Answer: BD
Which type of API allows SDN controllers to dynamically make changes to the network? A. northbound API B. REST API C. SOAP API D. southbound API Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the AAA terms from the left onto the descriptions on the right. Select and Place:Suggested Answer:
Which option about JSON is true -
A. uses predefined tags or angle brackets () to delimit markup text
B. used to describe structured data that includes arrays
C. used for storing information
D. similar to HTML, it is more verbose than XML
Suggested Answer: B
Community Answer: B
JSON data is written as name/value pairs.
A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value:
ג€nameג€:ג€Markג€
JSON can use arrays. Array values must be of type string, number, object, array, boolean or null..
For example:
{
ג€nameג€:ג€Johnג€,
ג€ageג€:30,
ג€carsג€:[ ג€Fordג€, ג€BMWג€, ג€Fiatג€ ]
}
Which option best describes an API? A. a contract that describes how various components communicate and exchange data with each other B. an architectural style (versus a protocol) for designing applications C. a stateless client-server model D. request a certain type of data by specifying the URL path that models the data Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the characteristics of a cloud environment from the left onto the correct examples on the right. Select and Place:Suggested Answer:
Which of the following is the JSON encoding of a dictionary or hash?
A. {ג€keyג€: ג€valueג€}
B. [ג€keyג€, ג€valueג€]
C. {ג€keyג€, ג€valueג€}
D. (ג€keyג€: ג€valueג€)
Suggested Answer: A
Community Answer: A
Which role does a hypervisor provide for each virtual machine in server virtualization? A. infrastructure-as-a-service B. Software-as-a-service C. control and distribution of physical resources D. services as a hardware controller Suggested Answer: C Community Answer: C
What is the function of a server? A. It transmits packets between hosts in the same broadcast domain. B. It provides shared applications to end users. C. It routes traffic between Layer 3 devices. D. It ׁreates security zones between trusted and untrusted networks. Suggested Answer: B Community Answer: B
Which CRUD operation modifies an existing table or view? A. read B. update C. replace D. create Suggested Answer: B Community Answer: B
In software-defined architectures, which plane is distributed and responsible for traffic forwarding? A. management plane B. policy plane C. data plane D. control plane Suggested Answer: C Community Answer: C
Refer to the exhibit. Which type of configuration is represented in the output?A. Ansible B. JSON C. Chef D. Puppet Suggested Answer: D Community Answer: D Reference: https://forge.puppet.com/modules/puppetlabs/ciscopuppet/1.0.0
Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes? A. Ansible B. Python C. Puppet D. Chef Suggested Answer: A Community Answer: A
What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API? A. Java B. REST C. OpenFlow D. XML Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the Cisco IOS attack mitigation features from the left onto the types of network attack they mitigate on the right. Select and Place:Suggested Answer:
SW1 supports connectivity for a lobby conference room and must be secured. The engineer must limit the connectivity from PC1 to the SW1 and SW2 network. The MAC addresses allowed must be limited to two. Which configuration secures the conference room connectivity? A. interface gi1/0/15 switchport port-security switchport port-security maximum 2 B. interface gi1/0/15 switchport port-security switchport port-security mac-address 0000.abcd.0004vlan 100 C. interface gi1/0/15 switchport port-security mac-address 0000.abcd.0004 vlan 100 D. interface gi1/0/15 switchport port-security mac-address 0000.abcd.0004 vlan 100 interface switchport secure-mac limit 2 Suggested Answer: A Community Answer: A
Refer to the exhibit. An engineer is updating the management access configuration of switch SW1 to allow secured, encrypted remote configuration. Which two commands or command sequences must the engineer apply to the switch? (Choose two.) A. SW1(config)#enable secret ccnaTest123 B. SW1(config)#username NEW secret R3mote123 C. SW1(config)#line vty 0 15 SW1(config-line)#transport input ssh D. SW1(config)# crypto key generate rsa E. SW1(config)# interface f0/1 SW1(confif-if)# switchport mode trunk Suggested Answer: CD Community Answer: AC
Which port security violation mode allows from valid MAC addresses to pass but blocks traffic from invalid MAC addresses? A. restrict B. shutdown C. protect D. shutdown VLAN Suggested Answer: C Community Answer: C
A customer wants to provide wireless access to contractors using a guest portal on Cisco ISE. The portal is also used by employees. A solution is implemented, but contractors receive a certificate error when they attempt to access the portal. Employees can access the portal without any errors. Which change must be implemented to allow the contractors and employees to access the portal? A. Install an Internal CA signed certificate on the Cisco ISE. B. Install a trusted third-party certificate on the Cisco ISE. C. Install an internal CA signed certificate on the contractor devices. D. Install a trusted third-party certificate on the contractor devices. Suggested Answer: B Community Answer: B Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/200295-Install-a-3rd-party-CA-certificate-in-IS.html
Which two wireless security standards use counter mode cipher block chaining Message Authentication Code Protocol for encryption and data integrity? (Choose two.) A. Wi-Fi 6 B. WPA3 C. WEP D. WPA2 E. WPA Suggested Answer: BC Community Answer: BD
A network engineer is implementing a corporate SSID for WPA3-Personal security with a PSK. Which encryption cipher must be configured? A. CCMP128 B. GCMP256 C. CCMP256 D. GCMP128 Suggested Answer: A Community Answer: A
What is a practice that protects a network from VLAN hopping attacks? A. Implement port security on internet-facing VLANs B. Enable dynamic ARP inspection C. Assign all access ports to VLANs other than the native VLAN D. Configure an ACL to prevent traffic from changing VLANs Suggested Answer: C Community Answer: C
An administrator must use the password complexity not manufacturer-name command to prevent users from adding `Cisco` as a password. Which command must be issued before this command? A. login authentication my-auth-list B. service password-encryption C. password complexity enable D. confreg 0x2142 Suggested Answer: C Community Answer: C
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. network-as-a-service C. software-as-a-service D. infrastructure-as-a-service Suggested Answer: D Community Answer: D Below are the 3 cloud supporting services cloud providers provide to customer: ✑ SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. ✑ PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. ✑ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In general, IaaS provides hardware so that an organization can install their own operating system.
How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment? A. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management. B. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management. C. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options. D. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management. Suggested Answer: B Community Answer: B
Which purpose does a northbound API serve in a controller-based networking architecture? A. facilitates communication between the controller and the applications B. reports device errors to a controller C. generates statistics for network hardware and traffic D. communicates between the controller and the physical network hardware Suggested Answer: A Community Answer: A
What benefit does controller-based networking provide versus traditional networking? A. allows configuration and monitoring of the network from one centralized point B. provides an added layer of security to protect from DDoS attacks C. combines control and data plane functionality on a single device to minimize latency D. moves from a two-tier to a three-tier network architecture to provide maximum redundancy Suggested Answer: A Community Answer: A
What is an advantage of Cisco DNA Center versus traditional campus device management? A. It is designed primarily to provide network assurance. B. It supports numerous extensibility options, including cross-domain adapters and third-party SDKs. C. It supports high availability for management functions when operating in cluster mode. D. It enables easy autodiscovery of network elements in a brownfield deployment. Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the characteristics of networking from the left onto the correct networking types on the right. Select and Place:Suggested Answer:
What are two fundamentals of virtualization? (Choose two.) A. It allows logical network devices to move traffic between virtual machines and the rest of the physical network. B. It allows multiple operating systems and applications to run independently on one physical server. C. It allows a physical router to directly connect NICs from each virtual machine into the network. D. It requires that some servers, virtual machines, and network gear reside on the Internet. E. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic. Suggested Answer: AB Community Answer: AB
How does Cisco DNA Center gather data from the network? A. Devices use the call-home protocol to periodically send data to the controller B. Devices establish an IPsec tunnel to exchange data with the controller C. The Cisco CLI Analyzer tool gathers data from each licensed network device and streams it to the controller D. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller Suggested Answer: D Community Answer: D
Which statement compares traditional networks and controller-based networks? A. Only controller-based networks decouple the control plane and the data plane. B. Traditional and controller-based networks abstract policies from device configurations. C. Only traditional networks natively support centralized management. D. Only traditional networks offer a centralized control plane. Suggested Answer: A Community Answer: A Most traditional devices use a distributed architecture, in which each control plane is resided in a networking device. Therefore, they need to communicate with each other via messages to work correctly. In contrast to distributed architecture, centralized (or controller-based) architectures centralizes the control of networking devices into one device, called SDN controller.
What are two benefits of network automation? (Choose two.) A. reduced hardware footprint B. reduced operational costs C. faster changes with more reliable results D. fewer network failures E. increased network security Suggested Answer: BC Community Answer: BC
Which two encoding methods are supported by REST APIs? (Choose two.) A. SGML B. YAML C. XML D. JSON E. EBCDIC Suggested Answer: CD Community Answer: CD The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents. Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/ b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html
What are two examples of multifactor authentication? (Choose two.) A. single sign-on B. soft tokens C. passwords that expire D. shared password repository E. unique user knowledge Suggested Answer: BC Community Answer: BE
Which characteristic differentiates the concept of authentication from authorization and accounting? A. consumption-based billing B. identity verification C. user-activity logging D. service limitations Suggested Answer: B Community Answer: B
What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS? A. inspecting specific files and file types for malware B. authorizing potentially compromised wireless traffic C. authenticating end users D. URL filtering Suggested Answer: A Community Answer: A
What is a feature of WPA? A. TKIP/MIC encryption B. small Wi-Fi application C. preshared key D. 802.1x authentication Suggested Answer: A Community Answer: A
Which two practices are recommended for an acceptable security posture in a network? (Choose two.) A. Use a cryptographic keychain to authenticate to network devices. B. Place internal email and file servers in a designated DMZ. C. Back up device configurations to encrypted USB drives for secure retrieval. D. Disable unused or unnecessary ports, interfaces, and services. E. Maintain network equipment in a secure location. Suggested Answer: DE Community Answer: DE
How does WPA3 improve security? A. It uses SAE for authentication. B. It uses RC4 for encryption. C. It uses TKIP for encryption. D. It uses a 4-way handshake for authentication. Suggested Answer: A Community Answer: A
What is a function of a Next-Generation IPS? A. correlates user activity with network events B. serves as a controller within a controller-based network C. integrates with a RADIUS server to enforce Layer 2 device authentication rules D. makes forwarding decisions based on learned MAC addresses Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the statements about AAA from the left onto the corresponding AAA services on the right. Not all options are used. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the elements of a security program from the left onto the corresponding descriptions on the right. Select and Place:Suggested Answer:
Which IPsec transport mode encrypts the IP header and the payload? A. pipe B. transport C. control D. tunnel Suggested Answer: D Community Answer: D
What is the default port-security behavior on a trunk link? A. It places the port in the err-disabled state if it learns more than one MAC address. B. It causes a network loop when a violation occurs. C. It disables the native VLAN configuration as soon as port security is enabled. D. It places the port in the err-disabled state after 10 MAC addresses are statically configured. Suggested Answer: A Community Answer: A
Which device separates networks by security domains? A. intrusion protection system B. firewall C. wireless controller D. access point Suggested Answer: B Community Answer: B
How are VLAN hopping attacks mitigated? A. manually implement trunk ports and disable DTP B. configure extended VLANs C. activate all ports and place in the default VLAN D. enable dynamic ARP inspection Suggested Answer: A Community Answer: A
Which enhancements were implemented as part of WPA3? A. Forward secrecy and SAE in personal mode for secure initial key exchange B. 802.1x authentication and AES-128 encryption C. AES-64 in personal mode and AES-128 in enterprise mode D. TKIP encryption improving WEP and per-packet keying Suggested Answer: A Community Answer: A
When a site-to-site VPN is configured which IPsec mode provides encapsulation and encryption of the entire original IP packet? A. IPsec transport mode with AH B. IPsec tunnel mode with AH C. IPsec transport mode with ESP D. IPsec tunnel mode with ESP Suggested Answer: D Community Answer: D
An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router? A. line vty 0 15 access-class 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22 B. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 10 in ! ip access-list standard 10 permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22 C. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 110 in ! ip access-list standard 110 permit tcp 10.139.58.0 0.0.0.15 eq 22 host 10.122.49.1 D. line vty 0 15 access-group 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22 Suggested Answer: A Community Answer: A
In an SDN architecture, which function of a network node is centralized on a controller? A. Creates the IP routing table B. Discards a message due filtering C. Makes a routing decision D. Provides protocol access for remote access devices Suggested Answer: C Community Answer: A A controller, or SDN controller, centralizes the control of the networking devices. The degree of control, and the type of control, varies widely. For instance, the controller can perform all control plane functions (such as making routing decisions) replacing the devices' distributed control plane. Reference: https://www.ciscopress.com/articles/article.asp?p=2995354&seqNum=2#:~:text=A%20controller%2C%20or%20SDN%20controller,the%20devices'% 20distributed%20control%20plane
Which management security process is invoked when a user logs in to a network device using their username and password? A. authentication B. auditing C. accounting D. authorization Suggested Answer: A Community Answer: A
Refer to the exhibit. What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP? (Choose two.) A. Select PSK under Authentication Key Management. B. Select Static-WEP + 802.1X on Layer 2 Security. C. Select WPA+WPA2 on Layer 2 Security. D. Select 802.1X from under Authentication Key Management. E. Select WPA Policy with TKIP Encryption. Suggested Answer: CD Community Answer: CD
Which enhancement is implemented in WPA3? A. employs PKI to identify access points B. applies 802.1x authentication C. uses TKIP D. protects against brute force attacks Suggested Answer: D Community Answer: D
Which action implements physical access control as part of the security program of an organization? A. setting up IP cameras to monitor key infrastructure B. configuring a password for the console port C. backing up syslogs at a remote location D. configuring enable passwords on network devices Suggested Answer: B Community Answer: A
Which field within the access-request packet is encrypted by RADIUS? A. authorized services B. password C. authenticator D. username Suggested Answer: B Community Answer: B Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/12433-32.html
A Cisco engineer is configuring a factory-default router with these three passwords: ✑ The user EXEC password for console access is p4ssw0rd1. ✑ The user EXEC password for Telnet access is s3cr3t2. ✑ The password for privileged EXEC mode is priv4t3p4ss. Which command sequence must the engineer configure? A. enable secret priv4t3p4ss ! line con 0 password p4ssw0rd1 ! line vty 0 15 password s3cr3t2 B. enable secret priv4t3p4ss ! line con 0 password p4ssw0rd1 login ! line vty 0 15 password s3cr3t2 login C. enable secret priv4t3p4ss ! line con 0 password login p4ssw0rd1 ! line vty 0 15 password login s3cr3t2 login D. enable secret privilege 15 priv4t3p4ss ! line con 0 password p4ssw0rd1 login ! line vty 0 15 password s3cr3t2 login Suggested Answer: D Community Answer: B
How does MAC learning function? A. sends the frame back to the source to verify availably B. rewrites the source and destination MAC address C. drops received MAC addresses not listed in the address table D. adds unknown source MAC addresses to the CAM table Suggested Answer: D Community Answer: D
DRAG DROP - An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts, multicasts, and broadcasts are unable to flood the port. The port must be configured to permit only two random MAC addresses at a time. Drag and drop the required configuration commands from the left onto the sequence on the right. Not all commands are used. Select and Place:Suggested Answer:
What is a function of Opportunistic Wireless Encryption in an environment? A. provide authentication B. protect traffic on open networks C. offer compression D. increase security by using a WEP connection Suggested Answer: B Community Answer: B Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/16-12/config-guide/b_wl_16_12_cg/wpa3.html
DRAG DROP - Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used. Select and Place:Suggested Answer:
Refer to the exhibit. Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement? A. Under Protected Management Frames, set the PMF option to Required. B. Enable CCKM under Authentication Key Management. C. Set the Fast Transition option and the WPA gtk-randomize State to disable. D. Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management. Suggested Answer: D Community Answer: D
Refer to the exhibit. What must be configured to enable 802.11w on the WLAN? A. Set Fast Transition to Enabled. B. Enable WPA Policy. C. Set PMF to Required. D. Enable MAC Filtering. Suggested Answer: B Community Answer: C Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/5700/software/release/3se/wlan/configuration_guide/b_wlan_3se_5700_cg/ b_wlan_3se_5700_cg_chapter_01000.pdf
Which encryption method is used by WPA3? A. TKIP B. AES C. SAE D. PSK Suggested Answer: C Community Answer: B
Which type of traffic is sent with pure IPsec? A. multicast traffic from a server at one site to hosts at another location B. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites C. unicast messages from a host at a remote site to a server at headquarters D. spanning-tree updates between switches that are at two different sites Suggested Answer: C Community Answer: C
How does authentication differ from authorization? A. Authentication is used to record what resource a user accesses, and authorization is used to determine what resources a user can access. B. Authentication verifies the identity of a person accessing a network, and authorization determines what resource a user can access. C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network. D. Authentication is used to verify a person's identity, and authorization is used to create syslog messages for logins. Suggested Answer: B Community Answer: B
An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration for a Secure Shell access RSA key? A. crypto key import rsa pem B. crypto key generate rsa C. crypto key zeroize rsa D. crypto key pubkey-chain rsa Suggested Answer: B Community Answer: B
Which type if network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted? A. SYN flood B. reflection C. teardrop D. amplification Suggested Answer: A Community Answer: A
Which two components comprise part of a PKI? (Choose two.) A. preshared key that authenticates connections B. one or more CRLs C. RSA token D. CA that grants certificates E. clear-text password that authenticates connections Suggested Answer: CD Community Answer: BD
DRAG DROP - Drag and drop the descriptions of AAA services from the left onto the corresponding services on the right. Select and Place:Suggested Answer:
After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task? A. aaa new-model line con 0 password plaintextpassword privilege level 15 B. aaa new-model aaa authorization exec default local aaa authentication login default radius username localuser privilege 15 secret plaintextpassword C. username localuser secret plaintextpassword line con 0 no login local privilege level 15 D. username localuser secret plaintextpassword line con 0 login authentication default privilege level 15 Suggested Answer: A Community Answer: D
Which wireless security protocol relies on Perfect Forward Secrecy? A. WEP B. WPA2 C. WPA D. WPA3 Suggested Answer: A Community Answer: D
What is a zero-day exploit? A. It is when the network is saturated with malicious traffic that overloads resources and bandwidth. B. It is when an attacker inserts malicious code into a SQL server. C. It is when a new network vulnerability is discovered before a fix is available. D. It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data. Suggested Answer: C Community Answer: C
A network engineer is replacing the switches that belong to a managed-services client with new Cisco Catalyst switches. The new switches will be configured for updated security standards including replacing. Telnet services with encrypted connections and doubling the modulus size from 1024. Which two commands must the engineer configure on the new switches? (Choose two.) A. transport input ssh B. transport input all C. crypto key generate rsa modulus 2048 D. crypto key generate rsa general-keys modulus 1024 E. crypto key generate rsa usage-keys Suggested Answer: AC Community Answer: AC
Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task? A. access-list 2699 permit udp 10.20.1.0 0.0.0.255 B. no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22 C. access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22 D. no access-list 2699 deny ip any 10.20.1.0 0.0.0.255 Suggested Answer: D Community Answer: D Already a statement is there in last to allow SSH Traffic for network 10.20.1.0 0.0.0.127, but Second statement says deny ip any 10.20.1.0 0.0.0.255, so how it will work once it is denied. So the right answer is remove the --- no access-list 2699 deny ip any 10.20.1.0 0.0.0.255.
A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap? A. switchport port-security violation access B. switchport port-security violation protect C. switchport port-security violation restrict D. switchport port-security violation shutdown Suggested Answer: C Community Answer: C Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.html
What is a practice that protects a network from VLAN hopping attacks? A. Enable dynamic ARP inspection B. Configure an ACL to prevent traffic from changing VLANs C. Change native VLAN to an unused VLAN ID D. Implement port security on internet-facing VLANs Suggested Answer: C Community Answer: C
Where does a switch maintain DHCP snooping information? A. In the CAM table B. In the frame forwarding database C. In the MAC address table D. In the binding database Suggested Answer: D Community Answer: D
A network administrator must configure SSH for remote access to router R1. The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client. Which configuration, when applied, meets the requirements? A. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate ec keysize 1024 B. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate ec keysize 2048 C. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key encrypt rsa name myKey D. R1#enable R1#configure terminal R1(config)#ip domain-name cisco.com R1(config)#crypto key generate rsa modulus 1024 Suggested Answer: D Community Answer: D
When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI, which format is supported? A. decimal B. ASCII C. unicode D. base64 Suggested Answer: B Community Answer: B
Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task? A. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet B. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq scp C. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq https D. access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq ssh Suggested Answer: D Community Answer: A
Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two.) A. HTTPS B. SSH C. HTTP D. Telnet E. TFTP Suggested Answer: CD Community Answer: CD
Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles? A. physical access control B. biometrics C. role-based access control D. multifactor authentication Suggested Answer: A Community Answer: A
Which function is performed by DHCP snooping? A. listens to multicast traffic for packet forwarding B. rate-limits certain traffic C. propagates VLAN information between switches D. provides DDoS mitigation Suggested Answer: B Community Answer: B
DRAG DROP - An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured. Drag and drop the configuration commands from the left into the correct sequence on the right. Not all commands are used. Select and Place:Suggested Answer:
Which protocol is used for secure remote CLI access? A. Telnet B. HTTP C. HTTPS D. SSH Suggested Answer: D Community Answer: D
Which implementation provides the strongest encryption combination for the wireless environment? A. WEP B. WPA + TKIP C. WPA + AES D. WPA2 + AES Suggested Answer: D Community Answer: D
What does physical access control regulate? A. access to networking equipment and facilities B. access to servers to prevent malicious activity C. access to specific networks based on business function D. access to computer networks and file systems Suggested Answer: A Community Answer: A
A network engineer is asked to configure VLANS 2, 3, and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused ports remaining. Which action should be taken for the unused ports? A. configure in a nondefault native VLAN B. configure ports in the native VLAN C. configure ports in a black hole VLAN D. configure ports as access ports Suggested Answer: C Community Answer: C
When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format? A. 6 B. 8 C. 12 D. 18 Suggested Answer: B Community Answer: B
What mechanism carries multicast traffic between remote sites and supports encryption? A. ISATAP B. IPsec over ISATAP C. GRE D. GRE over IPsec Suggested Answer: D Community Answer: D
Refer to the exhibit. An access-list is required to permit traffic from any host on interface Gi0/0 and deny traffic from interface Gi0/1. Which access list must be applied? A. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255 B. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255 C. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255 D. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255 Suggested Answer: A Community Answer: A
Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two.) A. ip ssh pubkey-chain B. username cisco password 0 cisco C. crypto key generate rsa D. transport input telnet E. login console Suggested Answer: BC Community Answer: AC
Which service is missing when RADIUS is selected to provide management access to the WLC? A. authorization B. authentication C. accounting D. confidentiality Suggested Answer: D Community Answer: D Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. With RADIUS only the password is encrypted while the other information such as username, accounting information, etc are not encrypted. Encryption is "the process of converting information or data into a code, especially to prevent unauthorized access". So since RADIUS only encrypts the passwords, there is no confidentiality.
Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.) A. Add a ג€permit ip any anyג€ statement at the end of ACL 101 for allowed traffic. B. Add a ג€permit ip any anyג€ statement to the beginning of ACL 101 for allowed traffic. C. The ACL must be moved to the Gi0/1 interface outbound on R2. D. The source and destination IPs must be swapped in ACL 101. E. The ACL must be configured the Gi0/2 interface inbound on R1. Suggested Answer: AD Community Answer: AD
An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills the configuration requirement? A. WEP B. AES C. RC4 D. TKIP Suggested Answer: B Community Answer: B Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES), and WPA2-PSK (TKIP/AES) as options. TKIP is actually an older encryption protocol introduced with WPA to replace the very-insecure WEP encryption at the time. TKIP is actually quite similar to WEP encryption. TKIP is no longer considered secure, and is now deprecated. In other words, you shouldn't be using it. AES is a more secure encryption protocol introduced with WPA2 and it is currently the strongest encryption type for WPA2-PSK/.
DRAG DROP - Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right. Select and Place:Suggested Answer:
Refer to the exhibit. Which configuration for RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allows all other traffic?A.
B.
C.
D.
Suggested Answer: B
While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this behavior? (Choose two.) A. The ACL is empty B. A matching permit statement is too broadly defined C. The packets fail to match any permit statement D. A matching deny statement is too high in the access list E. A matching permit statement is too high in the access list Suggested Answer: BE Community Answer: BE Traffic might be permitted if the permit statement is too braid, meaning that you are allowing more traffic than what is specifically needed, or if the matching permit statement is placed ahead of the deny traffic. Routers will look at traffic and compare it to the ACL and once a match is found, the router acts accordingly to that rule.
The service password-encryption command is entered on a router. What is the effect of this configuration? A. restricts unauthorized users from viewing clear-text passwords in the running configuration B. prevents network administrators from configuring clear-text passwords C. protects the VLAN database from unauthorized PC connections on the switch D. encrypts the password exchange when a VPN tunnel is established Suggested Answer: A Community Answer: A
Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network? A. SAE encryption B. TKIP encryption C. scrambled encryption key D. AES encryption Suggested Answer: A Community Answer: A
Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface fastethernet 0/1?A. DHCP client B. access point C. router D. PC Suggested Answer: C Community Answer: C
Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are stored as a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements?A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: C Community Answer: C
Refer to the exhibit. What is the effect of this configuration? A. The switch discards all ingress ARP traffic with invalid MAC-to-IP address bindings. B. All ARP packets are dropped by the switch. C. Egress traffic is passed only if the destination is a DHCP server. D. All ingress and egress traffic is dropped because the interface is untrusted. Suggested Answer: A Community Answer: A Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking.
When a site-to-site VPN is used, which protocol is responsible for the transport of user data? A. IPsec B. IKEv1 C. MD5 D. IKEv2 Suggested Answer: A Community Answer: A A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet. A site-to-site VPN means that two sites create a VPN tunnel by encrypting and sending data between two devices. One set of rules for creating a site-to-site VPN is defined by IPsec.
Which type of wireless encryption is used for WPA2 in preshared key mode? A. AES-128 B. TKIP with RC4 C. AES-256 D. RC4 Suggested Answer: C Community Answer: A We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES- 128.Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2-config.html
What is the difference between an IPv6 link-local address and a unique local address? A. The scope of an IPv6 link-local address is limited to a directly attached interface, but an IPv6 unique local address is used throughout a company site or network. B. The scope of an IPv6 link-local address is global, but the scope of an IPv6 unique local address is limited to a loopback address. C. The scope of an IPv6 link-local address can be used throughout a company site or network, but an IPv6 unique local address is limited to a loopback address. D. The scope of an IPv6 link-local address is limited to a loopback address, and an IPv6 unique local address is limited to a directly attached interface. Suggested Answer: A Community Answer: A
Which command prevents passwords from being stored in the configuration as plain text on a router or switch? A. enable secret B. enable password C. service password-encryption D. username cisco password encrypt Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computers must be able to access the web server. Which configuration when applied to switch A accomplishes the task? A.
B.
C.
D.
Suggested Answer: D
In which two ways does a password manager reduce the chance of a hacker stealing a user's password? (Choose two.) A. It encourages users to create stronger passwords B. It uses an internal firewall to protect the password repository from unauthorized access C. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality D. It automatically provides a second authentication factor that is unknown to the original user E. It protects against keystroke logging on a compromised device or web site Suggested Answer: AE Community Answer: AE
Which goal is achieved by the implementation of private IPv4 addressing on a network? A. provides an added level of protection against Internet exposure B. provides a reduction in size of the forwarding table on network routers C. allows communication across the Internet to other private networks D. allows servers and workstations to communicate across public network boundaries Suggested Answer: A Community Answer: A
Which type of attack is mitigated by dynamic ARP inspection? A. DDoS B. malware C. man-in-the-middle D. worm Suggested Answer: C Community Answer: C
What is a function of a remote access VPN? A. establishes a secure tunnel between two branch sites B. uses cryptographic tunneling to protect the privacy of data for multiple users simultaneously C. used exclusively when a user is connected to a company's internal network D. allows the users to access company internal network resources through a secure tunnel Suggested Answer: D Community Answer: D
What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closet? (Choose two.) A. enable the PortFast feature on ports B. configure static ARP entries C. configure ports to a fixed speed D. implement port-based authentication E. shut down unused ports Suggested Answer: DE Community Answer: DE
Refer to the exhibit. Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200? A. Define a NAT pool on the router. B. Configure the ip nat outside command on another interface for VLAN 200 C. Configure static NAT translations for VLAN 200. D. Update the NAT_INSIDE_RANGES ACL. Suggested Answer: D Community Answer: D
An organization secures its network with multi-factor authentication using an authenticator app on employee smartphones. How is the application secured in the case of a user's smartphone being lost or stolen? A. The application requires the user to enter a PIN before it provides the second factor B. The application requires an administrator password to reactivate after a configured interval C. The application verifies that the user is in a specific location before it provides the second factor D. The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted Suggested Answer: A Community Answer: A
Which device performs stateful inspection of traffic? A. switch B. firewall C. access point D. wireless controller Suggested Answer: B Community Answer: B
A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically? A. enable dynamic MAC address learning B. implement static MAC addressing C. enable sticky MAC addressing D. implement auto MAC address learning Suggested Answer: C Community Answer: C
Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password? A. R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234 R1(config-line)#transport input telnet B. R1(config)#username admin privilege 15 secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local C. R1(config)#username admin secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local R1(config)#enable secret p@ss1234 D. R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234 Suggested Answer: B Community Answer: B
Which effect does the aaa new-model configuration command have? A. It enables AAA services on the device. B. It configures the device to connect to a RADIUS server for AAA. C. It associates a RADIUS server to the group. D. It configures a local user on the device. Suggested Answer: A Community Answer: A
Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address? (Choose two.)A. The security violation counter dose not increment B. The port LED turns off C. The interface is error-disabled D. A syslog message is generated E. The interface drops traffic from unknown MAC address Suggested Answer: AE Community Answer: AE
Which technology must be implemented to configure network device monitoring with the highest security? A. IP SLA B. syslog C. NetFlow D. SNMPv3 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose two.)A. learned MAC addresses are deleted after five minutes of inactivity B. the interface is error-disabled if packets arrive from a new unknown source address C. it has dynamically learned two secure MAC addresses D. it has dynamically learned three secure MAC addresses E. the security violation counter increments if packets arrive from a new unknown source address Suggested Answer: AC Community Answer: AC
Refer to the exhibit. Which statement about the interface that generated the output is true?A. A syslog message is generated when a violation occurs. B. One secure MAC address is manually configured on the interface. C. One secure MAC address is dynamically learned on the interface. D. Five secure MAC addresses are dynamically learned on the interface. Suggested Answer: B Community Answer: B
Refer to the exhibit. What is the effect of this configuration? A. The switch port remains administratively down until the interface is connected to another switch. B. Dynamic ARP Inspection is disabled because the ARP ACL is missing. C. The switch port interface trust state becomes untrusted. D. The switch port remains down until it is configured to trust or untrust incoming packets. Suggested Answer: C Community Answer: C Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks. After enabling DAI, all ports become untrusted ports.
What is the difference between AAA authentication and authorization? A. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user performs. B. Authentication controls the system processes a user accesses, and authorization logs the activities the user initiates. C. Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database. D. Authentication identifies a user who is attempting to access a system, and authorization validates the user's password. Suggested Answer: A Community Answer: A AAA stands for Authentication, Authorization and Accounting. ✑ Authentication: Specify who you are (usually via login username & password) ✑ Authorization: Specify what actions you can do, what resource you can access ✑ Accounting: Monitor what you do, how long you do it (can be used for billing and auditing) An example of AAA is shown below: ✑ Authentication: ג€I am a normal user. My username/password is user_tom/learnforeverג€ ✑ Authorization: ג€user_tom can access LearnCCNA server via HTTP and FTPג€ ✑ Accounting: ג€user_tom accessed LearnCCNA server for 2 hoursג€. This user only uses ג€showג€ commands.
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two.) A. decimal B. ASCII C. hexadecimal D. binary E. base64 Suggested Answer: BC Community Answer: BC Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/multi-preshared-key.pdf
DRAG DROP - Drag and drop the AAA functions from the left onto the correct AAA services on the right. Select and Place:Suggested Answer:
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two.) A. Configure the ports as trunk ports. B. Enable the Cisco Discovery Protocol. C. Configure the port type as access and place in VLAN 99. D. Administratively shut down the ports. E. Configure the ports in an EtherChannel. Suggested Answer: CD Community Answer: CD
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe, but the link may have contained malicious code. Which type of security program is in place? A. user awareness B. brute force attack C. physical access control D. social engineering attack Suggested Answer: A Community Answer: A This is a training program which simulates an attack, not a real attack (as it says ג€The webpage that opens reports that it was safeג€) so we believed it should be called a ג€user awarenessג€ program. Therefore the best answer here should be ג€user awarenessג€. This is the definition of ג€User awarenessג€ from CCNA 200-301 Offical Cert Guide Book: ג€User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. ג€ Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.
DRAG DROP - Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right. Select and Place:Suggested Answer:
Layer 2 Security Mechanism includes WPA+WPA2, 802.1X, Static WEP, CKIP while Layer 3 Security Mechanisms (for WLAN) includes IPSec, VPN Pass- Through, Web Passthrough ג€¦ Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106082-wlc-compatibility-matrix.html
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks? A. TACACS B. CPU ACL C. Flex ACL D. RADIUS Suggested Answer: B Community Answer: B Whenever you want to control which devices can talk to the main CPU, a CPU ACL is used. Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting or generated by the CPU. Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109669-secure-wlc.html
Which set of actions satisfy the requirement for multifactor authentication? A. The user enters a user name and password, and then re-enters the credentials on a second screen. B. The user swipes a key fob, then clicks through an email link. C. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device. D. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen. Suggested Answer: C Community Answer: C This is an example of how two-factor authentication (2FA) works: 1. The user logs in to the website or service with their username and password. 2. The password is validated by an authentication server and, if correct, the user becomes eligible for the second factor. 3. The authentication server sends a unique code to the user's second-factor method (such as a smartphone app). 4. The user confirms their identity by providing the additional authentication for their second-factor method.
Which configuration is needed to generate an RSA key for SSH on a router? A. Configure VTY access. B. Configure the version of SSH. C. Assign a DNS domain name. D. Create a user with a password. Suggested Answer: C Community Answer: C
What is the purpose of the ip address dhcp command? A. to configure an interface as a DHCP relay B. to configure an interface as a DHCP client C. to configure an interface as a DHCP helper D. to configure an interface as a DHCP server Suggested Answer: B Community Answer: B
Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4? A. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1 B. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1 C. interface FastEthernet0/0 ip helper-address 10.0.1.1 ! access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps D. interface FastEthernet0/1 ip helper-address 10.0.1.1 ! access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1 Suggested Answer: A Community Answer: D
DRAG DROP - Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right. Select and Place:Suggested Answer:
An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using the cryptographic protocol? A. hostname R1 service password-encryption crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local B. hostname R1 ip domain name cisco crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local C. hostname R1 crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input ssh login local D. hostname R1 ip domain name cisco crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123 ip ssh version 2 line vty 0 15 transport input all login local Suggested Answer: B Community Answer: B
Which per-hop traffic-control feature does an ISP implement to mitigate the potential negative effects of a customer exceeding its committed bandwidth? A. policing B. queuing C. marking D. shaping Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the QoS terms from the left onto the descriptions on the right. Select and Place:Suggested Answer:
Which remote access protocol provides unsecured remote CLI access? A. console B. Telnet C. SSH D. Bash Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the functions of SNMP fault-management from the left onto the definitions on the right. Select and Place:Suggested Answer:
Refer to the exhibit. Which router or router group are NTP clients? A. R1 B. R2 and R3 C. R1, R3, and R4 D. R1, R2, and R3 Suggested Answer: D Community Answer: D
Refer to the exhibit. What is the next step to complete the implementation for the partial NAT configuration shown? A. Modify the access list for the internal network on e0/1. B. Reconfigure the static NAT entries that overlap the NAT pool. C. Apply the ACL to the pool configuration. D. Configure the NAT outside interface. Suggested Answer: B Community Answer: D
What is a syslog facility? A. host that is configured for the system to send log messages B. password that authenticates a Network Management System to receive log messages C. group of log messages associated with the configured severity level D. set of values that represent the processes that can generate a log message Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the functions of DHCP from the left onto any of the positions on the right. Not all functions are used. Select and Place:Suggested Answer:
Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be modified for the connection to work? A. Subnet Mask B. DNS Servers C. Default Gateway D. DHCP Servers Suggested Answer: B Community Answer: B
Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow? A. CBWFQ B. policing C. LLQ D. shaping Suggested Answer: B Community Answer: B Use the police command to mark a packet with different quality of service (QoS) values based on conformance to the service-level agreement. Traffic policing allows you to control the maximum rate of traffic transmitted or received on an interface. Reference: https://www.cisco.com/c/en/us/td/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book/traffic_policing.html
Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header? A. Shaping B. Policing C. Classification D. Marking Suggested Answer: D Community Answer: D
What is the function of FTP? A. Always operated without user connection validation B. Uses block number to identify and mitigate data-transfer errors C. Relies on the well-known UDO port 69 for data transfer D. Uses two separate connections for control and data traffic Suggested Answer: D Community Answer: D
How does TFTP operate in a network? A. Provides secure data transfer B. Relies on the well-known TCP port 20 to transmit data C. Uses block numbers to identify and mitigate data-transfer errors D. Requires two separate connections for control and data traffic Suggested Answer: C Community Answer: C
Refer to the exhibit. Which plan must be implemented to ensure optimal QoS marking practices on this network? A. Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2 B. As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer C. Remark traffic as it traverses R1 and trust all markings at the access layer. D. As traffic enters from the access layer on SW1 and SW2, trust all traffic markings. Suggested Answer: A Community Answer: A Tell the switch to trust CoS markings from a Cisco IP phone on the access port. Cisco IP phones use 802.1q tags, these .1q tags contain the CoS value, to mark voice traffic at layer 2. When it's forwarded upstream, the DSCP value is trusted (on the uplink port) and unchanged, but the .1q tag (and with it the CoS value) is stripped off by the upstream switch when received over the trunk.
How does QoS optimize voice traffic? A. by reducing bandwidth usage B. by reducing packet loss C. by differentiating voice and video traffic D. by increasing jitter Suggested Answer: C Community Answer: B
Which QoS tool can you use to optimize voice traffic on a network that is primarily intended for data traffic? A. WRED B. FIFO C. PQ D. WFQ Suggested Answer: C Community Answer: C
A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server? A. DHCP Binding B. a DHCP Relay Agent C. DHCP Snooping D. a DHCP Pool Suggested Answer: B Community Answer: B
Which level of severity must be set to get informational syslogs? A. alert B. critical C. notice D. debug Suggested Answer: D Community Answer: D
On workstations running Microsoft Windows, which protocol provides the default gateway for the device? A. STP B. DHCP C. SNMP D. DNS Suggested Answer: B Community Answer: B
Which two statements about NTP operations are true? (Choose two.) A. NTP uses UDP over IP. B. Cisco routers can act as both NTP authoritative servers and NTP clients. C. Cisco routers can act only as NTP servers. D. Cisco routers can act only as NTP clients. E. NTP uses TCP over IP. Suggested Answer: AB Community Answer: AB
Refer to the exhibit. Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses? A. Router1(config)#access-list 99 permit 192.168.100.32 0.0.0.31 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside B. Router1(config)#access-list 99 permit 192.168.100.0 0.0.0.255 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside C. Router1(config)#access-list 99 permit 209.165.201.2 255.255.255.255 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside D. Router1(config)#access- list 99 permit 209.165.201.2 0.0.0.0 Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload Router1(config)#interface gi2/0/1.200 Router1(config)#ip nat inside Router1(config)#interface gi1/0/0 Router1(config)#ip nat outside Suggested Answer: A Community Answer: A
Refer to the exhibit. Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two.) A. transport input ssh B. username CNAC secret R!41!3705926@ C. crypto key generate rsa 1024 D. line vty 0 4 E. ip ssh version 2 Suggested Answer: CE Community Answer: AC
Which command implies the use of SNMPv3? A. snmp-server user B. snmp-server host C. snmp-server enable traps D. snmp-server community Suggested Answer: A Community Answer: A Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/15-e/snmp-15-e-book.pdf
R1 as an NTP server must have: ✑ NTP authentication enabled ✑ NTP packets sourced from Interface loopback 0 ✑ NTP stratum 2 ✑ NTP packets only permitted to client IP 209.165.200.225 How should R1 be configured? A. ntp authenticate ntp authentication-key 2 sha1 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp master 2 ! access-list 10 permit udp host 209.165.200.225 any eq 123 B. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp interface Loopback0 ntp access-group server-only 10 ntp stratum 2 ! access-list 10 permit 209.165.200.225 C. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp master 2 ! access-list 10 permit 209.165.200.225 D. ntp authenticate ntp authentication-key 2 md5 CISCO123 ntp source Loopback0 ntp access-group server-only 10 ntp stratum 2 ! access-list 10 permit udp host 209.165.200.225 any eq 123 Suggested Answer: D Community Answer: C
What is a capability of FTP in network management operations? A. offers proprietary support at the session layer when transferring data B. uses separate control and data connections to move files between server and client C. encrypts data before sending between data resources D. devices are directly connected and use UDP to pass file information Suggested Answer: B Community Answer: B Reference: https://en.wikipedia.org/wiki/File_Transfer_Protocol#:~:text=The%20File%20Transfer%20Protocol%20(FTP,the%20client%20and%20the%20server
A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key? A. password password B. ip ssh authentication-retries 2 C. ip domain-name domain D. crypto key generate rsa modulus 1024 Suggested Answer: C Community Answer: C Reference: https://www.letsconfig.com/how-to-configure-ssh-on-cisco-ios-devices/
Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed? A. traffic policing B. weighted random early detection C. traffic prioritization D. traffic shaping Suggested Answer: D Community Answer: D Reference: https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html
Which command must be entered to configure a DHCP relay? A. ip dhcp relay B. ip dhcp pool C. ip address dhcp D. ip helper-address Suggested Answer: D Community Answer: D Reference: https://www.cisco.com/en/US/docs/ios/12_4t/ip_addr/configuration/guide/htdhcpre.html#:~:text=ip%20helper%2Daddress%20address,-Example% 3A&text=Forwards%20UPD%20broadcasts%2C%20including%20BOOTP%20and%20DHCP.&text=The%20address%20argument%20can%20be,to%20respond %20to%20DHCP%20requests
Refer to the exhibit. The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server? A. Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP client. B. Configure ip dhcp relay information option command on the interface that is connected to the DHCP server. C. Configure ip dhcp snooping trust command on the interface that is connected to the DHCP server. D. Configure the ip dhcp information option command on the interface that is connected to the DHCP client. Suggested Answer: C Community Answer: C
A network analyst is tasked with configuring the date and time on a router using EXEC mode. The date must be set to January 1, 2020 and the time must be set to 12:00 am. Which command should be used? A. clock timezone B. clock summer-time date C. clock summer-time recurring D. clock set Suggested Answer: D Community Answer: D
Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28 subnet? A. 84 B. 110 C. 192 D. 193 Suggested Answer: B Community Answer: D
Which command creates a static NAT binding for a PC address of 10.1.1.1 to the public routable address 209.165.200.225 assigned to the PC? A. R1(config)#ip nat inside source static 10.1.1.1 209.165.200.225 B. R1(config)#ip nat outside source static 209.165.200.225 10.1.1.1 C. R1(config)#ip nat inside source static 209.165.200.225 10.1.1.1 D. R1(config)#ip nat outside source static 10.1.1.1 209.165.200.225 Suggested Answer: A Community Answer: A
What prevents a workstation from receiving a DHCP address? A. STP B. VTP C. 802.1Q D. DTP Suggested Answer: C Community Answer: A
What is a feature of TFTP? A. offers anonymous user login ability B. uses two separate connections for control and data traffic C. relies on the well-known TCP port 20 to transmit data D. provides secure data transfer Suggested Answer: A Community Answer: A
Which QoS forwarding per-hop behavior changes a specific value in a packet header to set the class of service for the packet? A. shaping B. classification C. policing D. marking Suggested Answer: D Community Answer: D
Refer to the exhibit. How should the configuration be updated to allow PC1 and PC2 access to the Internet? A. Modify the configured number of the second access list B. Change the ip nat inside source command to use interface GigabitEthernet0/0 C. Remove the overload keyword from the ip nat inside source command D. Add either the ip nat {inside|outside} command under both interfaces Suggested Answer: D Community Answer: D
Which two pieces of information can you determine from the output of the show ntp status command? (Choose two.) A. whether the NTP peer is statically configured B. the IP address of the peer to which the clock is synchronized C. the configured NTP servers D. whether the clock is synchronized E. the NTP version number of the peer Suggested Answer: BD Community Answer: BD Below is the output of the ג€show ntp statusג€ command. From this output we learn that R1 has a stratum of 10 and it is getting clock from 10.1.2.1. <img src="https://www.examtopics.com/assets/media/exam-media/04300/0044400005.jpg" alt="Reference Image" />
Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts? A. source B. static C. pool D. overload Suggested Answer: D Community Answer: D By adding the keyword ג€overloadג€ at the end of a NAT statement, NAT becomes PAT (Port Address Translation). This is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT. An example of using ג€overloadג€ keyword is shown below: R1(config)# ip nat inside source list 1 interface ethernet1 overload
Which feature or protocol determines whether the QOS on the network is sufficient to support IP services? A. LLDP B. CDP C. IP SLA D. EEM Suggested Answer: C Community Answer: C IP SLA allows an IT professional to collect information about network performance in real time. Therefore it helps determine whether the QoS on the network is sufficient for IP services or not. Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible subsystem that provides real-time network event detection and onboard automation. It gives you the ability to adapt the behavior of your network devices to align with your business needs.
In QoS, which prioritization method is appropriate for interactive voice and video? A. traffic policing B. round-robin scheduling C. low-latency queuing D. expedited forwarding Suggested Answer: C Community Answer: C Low Latency Queuing (LLQ) is the preferred queuing policy for VoIP audio. Given the stringent delay/jitter sensitive requirements of voice and video and the need to synchronize audio and video for CUVA, priority (LLQ) queuing is the recommended for all video traffic as well. Note that, for video, priority bandwidth is generally fudged up by 20% to account for the overhead.
DRAG DROP - Drag and drop the SNMP components from the left onto the descriptions on the right. Select and Place:Suggested Answer:
What is the purpose of traffic shaping? A. to be a marking mechanism that identifies different flows B. to provide fair queuing for buffered flows C. to mitigate delays over slow links D. to limit the bandwidth that a flow can use Suggested Answer: D Community Answer: D The primary reasons you would use traffic shaping are to control access to available bandwidth, to ensure that traffic conforms to the policies established for it, and to regulate the flow of traffic in order to avoid congestion that can occur when the sent traffic exceeds the access speed of its remote, target interface.
What is a function of TFTP in network operations? A. transfers IOS images from a server to a router for firmware upgrades B. transfers a backup configuration file from a server to a switch using a username and password C. transfers configuration files from a server to a router on a congested link D. transfers files between file systems on a router Suggested Answer: A Community Answer: A
What is a DHCP client? A. a workstation that requests a domain name associated with its IP address B. a host that is configured to request an IP address automatically C. a server that dynamically assigns IP addresses to hosts. D. a router that statically assigns IP addresses to hosts. Suggested Answer: B Community Answer: B
Where does the configuration reside when a helper address is configured lo support DHCP? A. on the router closest to the server B. on the router closest to the client C. on every router along the path D. on the switch trunk interface Suggested Answer: B Community Answer: B
What facilitates a Telnet connection between devices by entering the device name? A. SNMP B. DNS lookup C. syslog D. NTP Suggested Answer: B Community Answer: B
When deploying syslog, which severity level logs informational messages? A. 0 B. 2 C. 4 D. 6 Suggested Answer: D Community Answer: D Reference: https://en.wikipedia.org/wiki/Syslog
DRAG DROP -Refer to the exhibit. An engineer is configuring the router to provide static NAT for the webserver. Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the fight. Select and Place:
Suggested Answer:
Which two QoS tools provide congestion management? (Choose two.) A. CBWFQ B. FRTS C. CAR D. PBR E. PQ Suggested Answer: AE Community Answer: AE
Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic? A. WRED B. FIFO C. WFQ D. PQ Suggested Answer: D Community Answer: D
An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to prevent connection issues with the printer? A. client exclusion B. DHCP address assignment C. passive client D. static IP tunneling Suggested Answer: C Community Answer: C Passive clients are wireless devices, such as scales and printers that are configured with a static IP address. These clients do not transmit any IP information such as IP address, subnet mask, and gateway information when they associate with an access point. As a result, when passive clients are used, the controller never knows the IP address unless they use the DHCP. Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ m_configuring_passive_clients.html
When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP? A. DHCPOFFER B. DHCP relay agent C. DHCP server D. DHCPDISCOVER Suggested Answer: B Community Answer: B
Refer to the exhibit. The ntp server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock? A. Router2(config)#ntp server 172.17.0.1 B. Router2(config)#ntp server 192.168.0.2 C. Router2(config)#ntp passive D. Router2(config)#ntp master 4 Suggested Answer: D Community Answer: D
Which protocol requires authentication to transfer a backup configuration file from a router to a remote server? A. FTP B. SMTP C. TFTP D. DTP Suggested Answer: A Community Answer: A
Which condition must be met before an NMS handles an SNMP trap from an agent? A. The NMS must receive the same trap from two different SNMP agents to verify that it is reliable. B. The NMS must receive a trap and an inform message from the SNMP agent within a configured interval. C. The NMS software must be loaded with the MIB associated with the trap. D. The NMS must be configured on the same router as the SNMP agent. Suggested Answer: C Community Answer: C
An engineer is configuring switch SW1 to act as an NTP server when all upstream NTP server connectivity fails. Which configuration must be used? A. SW1# config t SW1(config)#ntp peer 192.168.1.1 SW1(config)#ntp access-group peer accesslist1 B. SW1# config t SW1(config)#ntp master SW1(config)#ntp server192.168.1.1 C. SW1# config t SW1(config)#ntp backup SW1(config)#ntp server192.168.1.1 D. SW1# config t SW1(config)#ntp server192.168.1.1 SW1(config)#ntp access-group peer accesslist1 Suggested Answer: B Community Answer: B ntp server192.168.1.1 makes the SW1 a client to the primary server reachable with an IP address of 192.168.1.1 NTP server makes SW1 a server and uses its own internal clock to provide the time when the connectivity to the primary server 192.168.1.1 fails.
What will happen if you configure the logging trap debug command on a router? A. It causes the router to send messages with lower severity levels to the syslog server B. It causes the router to send all messages with the severity levels Warning, Error, Critical, and Emergency to the syslog server C. It causes the router to send all messages to the syslog server D. It causes the router to stop sending all messages to the syslog server Suggested Answer: C Community Answer: C
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.) A. informational B. emergency C. warning D. critical E. debug F. error Suggested Answer: BDF Community Answer: BDF
DRAG DROP - Drag and drop the network protocols from the left onto the correct transport services on the right. Select and Place:Suggested Answer:
A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB? A. ARP B. SNMP C. SMTP D. CDP Suggested Answer: B Community Answer: B SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. The SNMP framework has three parts: ג€¢ An SNMP manager ג€¢ An SNMP agent ג€¢ A Management Information Base (MIB) The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects. With SNMP, the network administrator can send commands to multiple routers to do the backup.
Which command enables a router to become a DHCP client? A. ip address dhcp B. ip dhcp client C. ip helper-address D. ip dhcp pool Suggested Answer: A Community Answer: A If we want to get an IP address from the DHCP server on a Cisco device, we can use the command ג€ip address dhcpג€. Note: The command ג€ip helper-addressג€ enables a router to become a DHCP Relay Agent.
Which function does an SNMP agent perform? A. It sends information about MIB variables in response to requests from the NMS B. It manages routing between Layer 3 devices in a network C. It coordinates user authentication between a network device and a TACACS+ or RADIUS server D. It requests information from remote network nodes about catastrophic system events Suggested Answer: A Community Answer: A
What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two.) A. The DHCP server assigns IP addresses without requiring the client to renew them. B. The DHCP server leases client IP addresses dynamically. C. The DHCP client is able to request up to four DNS server addresses. D. The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses. E. The DHCP client maintains a pool of IP addresses it is able to assign. Suggested Answer: BD Community Answer: BD
Which command must be entered when a device is configured as an NTP server? A. ntp peer B. ntp master C. ntp authenticate D. ntp server Suggested Answer: B Community Answer: B
What event has occurred if a router sends a notice level message to a syslog server? A. A certificate has expired B. An interface line has changed status C. A TCP connection has been torn down D. An ICMP connection has been built Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server configurations are complete and correct, which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two.) A. R1(config)# interface fa0/0 R1(config-if)# ip helper-address 198.51.100.100 B. R2(config)# interface gi0/0 R2(config-if)# ip helper-address 198.51.100.100 C. R1(config)# interface fa0/0 R1(config-if)# ip address dhcp R1(config-if)# no shutdown D. R2(config)# interface gi0/0 R2(config-if)# ip address dhcp E. R1(config)# interface fa0/0 R1(config-if)# ip helper-address 192.0.2.2 Suggested Answer: BC Community Answer: BC
Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP after the NAT has taken place? A. 10.4.4.4 B. 10.4.4.5 C. 172.23.103.10 D. 172.23.104.4 Suggested Answer: C Community Answer: D
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two.) A. It supports protocol discovery. B. It guarantees the delivery of high-priority packets. C. It can identify different flows with a high level of granularity. D. It can mitigate congestion by preventing the queue from filling up. E. It drops lower-priority packets before it drops higher-priority packets. Suggested Answer: DE Community Answer: DE Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur: 1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic. 4. If the average queue size is greater than the maximum threshold, the packet is dropped. WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times. WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered. Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-cfg-wred.html
If a notice-level message is sent to a syslog server, which event has occurred? A. A network device has restarted. B. A debug operation is running. C. A routing instance has flapped. D. An ARP inspection has failed. Suggested Answer: C Community Answer: C Usually no action is required when a route flaps so it generates the notification syslog level message (level 5).
DRAG DROP - Drag and drop the functions from the left onto the correct network components on the right. Select and Place:Suggested Answer:
Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two.) A. Enable NTP authentication. B. Verify the time zone. C. Specify the IP address of the NTP server. D. Set the NTP server private key. E. Disable NTP broadcasts. Suggested Answer: AC Community Answer: AC To configure authentication, perform this task in privileged mode: Step 1: Configure an authentication key pair for NTP and specify whether the key will be trusted or untrusted. Step 2: Set the IP address of the NTP server and the public key. Step 3: Enable NTP client mode. Step 4: Enable NTP authentication. Step 5: Verify the NTP configuration. Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/ntp.html
What is the primary purpose of a First Hop Redundancy Protocol? A. It allows directly connected neighbors to share configuration information B. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric C. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination D. It reduces routing failures by allowing more than one router to represent itself as the default gateway of a network Suggested Answer: D Community Answer: D
An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any one of three addresses: 192.168.3.1, 192.168.3.2, or 192.168.3.3. Which configuration should be used? A. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside B. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.254 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside C. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 route map permit 10.10.0.0 255.255.255.0 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside D. enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside Suggested Answer: D Community Answer: D
When the active router in an HSRP group fails, which router assumes the role and forwards packets? A. forwarding B. listening C. standby D. backup Suggested Answer: C Community Answer: C
What protocol allows an engineer to back up 20 network router configurations globally while using the copy function? A. TCP B. SMTP C. FTP D. SNMP Suggested Answer: D Community Answer: C
Which type of address is the public IP address of a NAT device? A. outside global B. outside local C. inside global D. inside local E. outside public F. inside public Suggested Answer: C Community Answer: C NAT use four types of addresses: ✑ Inside local address - The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address. ✑ Inside global address - A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world. ✑ Outside local address - The IP address of an outside host as it is known to the hosts on the inside network. ✑ Outside global address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.
What is the MAC address used with VRRP as a virtual address? A. 00-05-42-38-53-31 B. 00-00-5E-00-01-0a C. 00-00-0C-07-AD-89 D. 00-07-C0-70-AB-01 Suggested Answer: B Community Answer: B
Why would VRRP be implemented when configuring a new subnet in a multivendor environment? A. when a gateway protocol is required that supports more than two Cisco devices for redundancy B. to interoperate normally with all vendors and provide additional security features for Cisco devices C. to ensure that the spanning-tree forwarding path to the gateway is loop-free D. to enable normal operations to continue after a member failure without requiring a change in a host ARP cache Suggested Answer: B Community Answer: D VRRP is the industry standards based FHRP similar to Cisco's HSRP but is supported by multiple vendors.
Why implement VRRP? A. To hand over to end users the autodiscovery of virtual gateways B. To provide end users with a virtual gateway in a multivendor network C. To leverage a weighting scheme to provide uninterrupted service D. To detect link failures without the overhead of Bidirectional Forwarding Detection Suggested Answer: B Community Answer: B
Which type of address is shared by routers in a HSRP implementation and used by hosts on the subnet as their default gateway address? A. multicast address B. virtual IP address C. loopback IP address D. broadcast address Suggested Answer: B Community Answer: B
By default, which virtual MAC address does HSRP group 14 use? A. 00:05:5e:19:0c:14 B. 00:05:0c:07:ac:14 C. 04:15:26:73:3c:0e D. 00:00:0c:07:ac:0e Suggested Answer: D Community Answer: D
Refer to the exhibit. Router R1 is added to the network and configured with the 10.0.0.64/26 and 10.0.20.0/26 subnets. However, traffic destined for the LAN on R3 is not accessible. Which command when executed on R1 defines a static route to reach the R3 LAN? A. ip route 10.0.0.64 255.255.255.192 10.0.20.3 B. ip route 10.0.15.0 255.255.255.0 10.0.20.1 C. ip route 10.0.15.0 255.255.255.192 10.0.20.1 D. ip route 10.0.15.0 255.255.255.0 10.0.20.3 Suggested Answer: D Community Answer: D We need to specify the destination network (10.0.15.0/24) and the next hop IP of the router to get to that network (10.0.20.3).
A router has two static routes to the same destination network under the same OSPF process. How does the router forward packets to the destination if the net- hop devices are different? A. The router chooses the route with the oldest age. B. The router chooses the next hop with the lowest IP address. C. The router chooses the next hop with the lowest MAC address. D. The router load-balances traffic over all routes to the destination. Suggested Answer: D Community Answer: D Load balancing is a standard functionality of Cisco IOS Software that is available across all router platforms. It is inherent to the forwarding process in the router, and it enables a router to use multiple paths to a destination when it forwards packets. The number of paths used is limited by the number of entries that the routing protocol puts in the routing table. Four entries is the default in Cisco IOS Software for IP routing protocols except for BGP. BGP has a default of one entry.
What does the implementation of a first-hop redundancy protocol protect against on a network? A. default gateway failure B. BGP neighbor flapping C. spanning-tree loops D. root-bridge loss Suggested Answer: A Community Answer: A
Which feature or protocol is required for an IP SLA to measure UDP jitter? A. LLDP B. EEM C. CDP D. NTP Suggested Answer: D Community Answer: D
Refer to the exhibit. Which feature is enabled by this configuration?A. static NAT translation B. a DHCP pool C. a dynamic NAT address pool D. PAT Suggested Answer: C Community Answer: C
Which NAT term is defined as a group of addresses available for NAT use? A. NAT pool B. dynamic NAT C. static NAT D. one-way NAT Suggested Answer: A Community Answer: A
Which command can you enter to allow Telnet to be supported in addition to SSH? A. transport input telnet ssh B. transport input telnet C. no transport input telnet D. privilege level 15 Suggested Answer: A Community Answer: A
Refer to the exhibit. After you apply the given configuration to a router, the DHCP clients behind the device cannot communicate with hosts outside of their subnet. Which action is most likely to correct the problem?A. Configure the dns server on the same subnet as the clients B. Activate the dhcp pool C. Correct the subnet mask D. Configure the default gateway Suggested Answer: D Community Answer: D
Refer to the exhibit. Which rule does the DHCP server use when there is an IP address conflict?A. The address is removed from the pool until the conflict is resolved. B. The address remains in the pool until the conflict is resolved. C. Only the IP detected by Gratuitous ARP is removed from the pool. D. Only the IP detected by Ping is removed from the pool. E. The IP will be shown, even after the conflict is resolved. Suggested Answer: A Community Answer: A An address conflict occurs when two hosts use the same IP address. During address assignment, DHCP checks for conflicts using ping and gratuitous ARP. If a conflict is detected, the address is removed from the pool. The address will not be assigned until the administrator resolves the conflict.
Which command can you enter to determine the addresses that have been assigned on a DHCP Server? A. Show ip DHCP database. B. Show ip DHCP pool. C. Show ip DHCP binding. D. Show ip DHCP server statistic. Suggested Answer: C Community Answer: C
What is the authoritative source for an address lookup? A. a recursive DNS search B. the operating system cache C. the ISP local cache D. the browser cache Suggested Answer: A Community Answer: A
Which command is used to verify the DHCP relay agent address that has been set up on your Cisco IOS router? A. show ip interface brief B. show ip dhcp bindings C. show ip route D. show ip interface E. show interface F. show ip dhcp pool Suggested Answer: D Community Answer: D
Which type of information resides on a DHCP server? A. a list of the available IP addresses in a pool B. a list of public IP addresses and their corresponding names C. usernames and passwords for the end users in a domain D. a list of statically assigned MAC addresses Suggested Answer: A Community Answer: A
What are two roles of Domain Name Services (DNS)? (Choose two.) A. builds a flat structure of DNS names for more efficient IP operations B. encrypts network Traffic as it travels across a WAN by default C. improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs) D. enables applications to identify resources by name instead of IP address E. allows a single host name to be shared across more than one IP address Suggested Answer: DE Community Answer: DE
Which Cisco IOS command will indicate that interface GigabitEthernet 0/0 is configured via DHCP? A. show ip interface GigabitEthernet 0/0 dhcp B. show interface GigabitEthernet 0/0 C. show ip interface dhcp D. show ip interface GigabitEthernet 0/0 E. show ip interface GigabitEthernet 0/0 brief Suggested Answer: D Community Answer: D
Refer to the exhibit. What is the subnet mask for route 172.16.4.0? A. 255.255.255.192 B. 255.255.254.0 C. 255.255.248.0 D. 255.255.240.0 Suggested Answer: C Community Answer: C
Refer to the exhibit. A static route must be configured on R14 to forward traffic for the 172.21.34.0/25 network that resides on R86. Which command must be used to fulfill the request? A. ip route 172.21.34.0 255.255.255.192 10.73.65.65 B. ip route 172.21.34.0 255.255.255.128 10.73.65.66 C. ip route 172.21.34.0 255.255.255.0 10.73.65.65 D. ip route 172.21.34.0 255.255.128.0 10.73.65.64 Suggested Answer: B Community Answer: B
Refer to the exhibit. The network engineer is configuring router R2 as a replacement router on the network. After the initial configuration is applied, it is determined that R2 failed to show R1 as a neighbor. Which configuration must be applied to R2 to complete the OSPF configuration and enable it to establish the neighbor relationship with R1? A. R2(config)#router ospf 1 R2(config-router)#network 192.168.1.0 255.255.255.0 area 2 B. R2(config)#interface g0/0/0 R2(config-if)#ip ospf hello-interval 10 C. R2(config)#interface g0/0/0 R2(config-if)#ip ospf dead-interval 40 D. R2(config)#router ospf 1 R2(config-router)#router-id 192.168.1.2 Suggested Answer: C Community Answer: C For OSPF the hello and dead timers must match to become neighbors. R1 is configured with a dead time of 40 seconds, while R2 is set to 45 seconds.
A packet from a company's branch office is destined to host 172.31.0.1 at headquarters. The sending router has three possible matches in its routing table for the packet: prefixes 172.31.0.0/16, 172.31.0.0/24, and 172.31.0.0/25. How does the router handle the packet? A. It sends the traffic via prefix 172.31.0.0/24. B. It sends the traffic via prefix 172.31.0.0/16. C. It sends the traffic via prefix 172.31.0.0/25. D. It sends the traffic via the default gateway 0.0.0.0/0. Suggested Answer: C
Refer to the exhibit. An engineer is asked to configure router R1 so that it forms an OSPF single-area neighbor relationship with R2. Which command sequence must be implemented to configure the router? A. router ospf 100 network 10.0.0.0 0.0.0.252 area0 network 10.0.1.0 0.0.0.255 area0 B. router ospf 100 network 10.0.0.0 0.0.0.3 area0 network 10.0.2.0 255.255.255.0 area0 C. router ospf 10 network 10.0.0.0 0.0.0.3 area0 network 10.0.1.0 0.0.0.255 area0 D. router ospf 10 network 10.0.0.0 0.0.0.3 area0 network 10.0.2.0 0.0.0.255 area0 Suggested Answer: C Community Answer: C
Refer to the exhibit. All interfaces are configured with duplex auto and ip ospf network broadcast. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency and act as a central point for exchanging OSPF information between routers? A. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip mtu 1400 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 B. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 ip ospf priority 255 router-id 10.10.1.14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86 C. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 0 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 D. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf priority 255 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86 Suggested Answer: A Community Answer: D
Refer to the exhibit. All routers in the network are configured. R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configured on R2 to be elected as the DR in the network? A. R2(config)#intergface gi0/0 R2(config-if)#ip ospf priority 100 B. R2(config)#router ospf 1 R2(config-router)#router-id 192.168.2.7 C. R2(config)#router ospf 1 R2(config-router)#router-id 10.100.100.100 D. R2(config)#intergface gi0/0 R2(config-if)#ip ospf priority 1 Suggested Answer: A Community Answer: A
Refer to the exhibit. The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two.) A. ip route 10.10.10.0 255.255.255.0 192.168.2.3 B. ip route 10.10.10.10 255.255.255.255 192.168.2.2 C. ip route 10.10.10.10 255.255.255.255 g0/1 D. ip route 10.10.10.8 255.255.255.248 g0/1 E. ip route 10.10.10.0 255.255.255.248 192.168.2.2 Suggested Answer: AE Community Answer: AB
Refer to the exhibit. What is the subnet mask of the route to the 10.10.13.160 prefix? A. 255.255.255.240 B. 255.255.255.128 C. 255.255.248.0 D. 255.255.255.248 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which two commands, when configured on router R1, fulfill these requirements? (Choose two.) ✑ Packets toward the entire network 2001:db8:23::/64 must be forwarded through router R2. Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.
A. ipv6 route 2001:db8:23::/128 fd00:12::2 B. ipv6 route 2001:db8:23::14/128 fd00:13::3 C. ipv6 route 2001:db8:23::/64 fd00:12::2 D. ipv6 route 2001:db8:23::14/64 fd00:12::2 200 E. ipv6 route 2001:db8:23::14/64 fd00:12::2 Suggested Answer: BC Community Answer: BC
Refer to the exhibit. Traffic from R1 to the 10.10.2.0/24 subnet uses 192.168.1.2 as its next hop. A network engineer wants to update the R1 configuration so that traffic with destination 10.10 2.1 passes through router R3, and all other traffic to the 10.10.2.0/24 subnet passes through R2. Which command must be used? A. ip route 10.10.2.1 255.255.255.255 192.168.1.4115 B. ip route 10.10.2.0 255.255.255.0 192.168.1.4115 C. ip route 10.10.2.0 255.255.255.0 192.168.1.4100 D. ip route 10.10.2.1 255.255.255.255192.168.1.4100 Suggested Answer: D Community Answer: D Here we need to add a host route for the specific 10.10.2.1 host, which means using a subnet mask of 255.255.255.255. We also need to configure an Administrative Distance that is less than the default OSPF AD of 115.
Refer to the exhibit. The image server and client A are running an application that transfers an extremely high volume of data between the two. An engineer is configuring a dedicated circuit between R1 and R2. Which set of commands must the engineer apply to the routers so that only traffic between the image server and client A is forces to use the new circuit? A. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5 B. R1(config)#ip route 10.10.13.10 255.255.255.128 10.10.10.6 R2(config)#lp route 192.168.0.100 255.255.255.0 10.10.10.5 C. R1(config)#ip route 10.10.13.10 255.255.255.252 10.10.10.6 R2(config)#tp route 192.168.0.100 255.255.255.252 10.10.10.5 D. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1 Suggested Answer: D Community Answer: A
Refer to the exhibit. An engineer is checking the routing table in the main router to identify the path to a server on the network. Which route does the router use to reach the server at 192.168.2.2? A. S 192.168.0.0/20 [1/0] via 10.1.1.1 B. S 192.168.2.0/29 [1/0] via 10.1.1.1 C. S 192.168.2.0/28 [1/0] via 10.1.1.1 D. S 192.168.1.0/30 [1/0] via 10.1.1.1 Suggested Answer: B Community Answer: B
Refer to the exhibit. An OSPF neighbor relationship must be configured using these guidelines: ✑ R1 is only permitted to establish a neighbor with R2. ✑ R1 will never participate in DR elections. ✑ R1 will use a router-id of 10.1.1.1. Which configuration must be used? A.B.
C.
D.
Suggested Answer: A
Refer to the exhibit. What is the prefix length for the route that router1 will use to reach host A? A. /25 B. /27 C. /28 D. /29 Suggested Answer: D Community Answer: D
Refer to the exhibit. After applying this configuration to router R1, a network engineer is verifying the implementation. If all links are operating normally, and the engineer sends a series of packets from PC1 to PC3, how are the packets routed? A. They are distributed sent round robin to interfaces S0/0/0 and S0/0/1 B. They are routed to 10.0.0.2 C. They are routed to 192.168.100.2 D. They are routed to 172.16.20.2 Suggested Answer: D Community Answer: D
Refer to the exhibit. When router R1 receives a packet with destination IP address 10.56.0.62, through which interface does it route the packet? A. Vlan58 B. Null0 C. Vlan59 D. Vlan60 Suggested Answer: A Community Answer: A
Refer to the exhibit. How much OSPF be configured on the GigabitEthernet0/0 interface of the neighbor device to achieve the destined neighbor relationship? A. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf cost 5 B. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf priority 1 C. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf area 2 D. Router(config)#interface GigabitEthernet 0/0 Router(config-if)#ip ospf network point-to-point Suggested Answer: D Community Answer: D
An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table? A. Router ospf 100 Network 10.120.10.0 0.0.0.255 area 0 B. Router ospf 120 Network 10.120.10.0 255.255.255.0 area 0 Ip route 10.120.10.0 255.255.255.0 fa0/1 C. Router ospf 100 area 0 Network 10.120.10.0 0.0.0.255 D. Router ospf 100 Network 10.120.10.0 255.255.255.0 area 0 Suggested Answer: A Community Answer: A
What are two benefits of FHRPs? (Choose two.) A. They allow encrypted traffic B. They prevent loops in the Layer 2 network. C. They are able to bundle multiple ports to increase bandwidth D. They enable automatic failover of the default gateway E. They allow multiple devices to serve as a single virtual gateway for clients in the network Suggested Answer: DE Community Answer: DE
OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR'BDR election? A. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf cost 0 B. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 hello interval 15 interface e1/1 ip address 192.168.1.1 255.255.255.252 C. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf network broadcast D. router ospf 1 network 192.168.1.1 0.0.0.0 area 0 interface e1/1 ip address 192.168.1.1 255.255.255.252 ip ospf network point-to-point Suggested Answer: D Community Answer: D
Refer to the exhibit. An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task? A. R1(config)#ip route 172.16.2.0.255.255.255.0 192.168.1.15 B. R1(config)#ip route 172.16.2.2 255.255.255.248 gi0/1 C. R1(config)#ip route 172.16.2.2 255.255.255.255 gi0/0 D. R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.1.5 Suggested Answer: C Community Answer: C By specifying the outgoing interface and not the next hop IP address, the Management devices will be able to ping the new server, but not the default gateway of the server.
Refer to the exhibit. Router R1 currently is configured to use R3 as the primary route to the internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3? A. ip route 0.0.0.0 0.0.0.0 209.165.201.5.10 B. ip route 0.0.0.0 0.0.0.0 g0/1 1 C. ip route 0.0.0.0 0.0.0.0 209.165.200.226 1 D. ip route 0.0.0.0 0.0.0.0 g0/1 6 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which action must be taken to ensure that router A is elected as the DR for OSPF area 0? A. Configure the router A interfaces with the highest OSPF priority value within the area B. Configure router B and router C as OSPF neighbors of router A C. Configure the OSPF priority on router A with the lowest value between the three routers. D. Configure router A with a fixed OSPF router ID Suggested Answer: A Community Answer: A
Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10 10 24? A. F0/10 B. F0/11 C. F0/12 D. F0/1 Suggested Answer: B Community Answer: B
Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A? A. It sends packets out of interface Fa0/1. B. It sends packets out of interface Fa0/2. C. It load-balances traffic out of Fa0/1 and Fa0/2. D. It is unreachable and discards the traffic. Suggested Answer: D Community Answer: D
Refer to the exhibit. Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10 10.0.0/16. Which interface will R1 choose to send traffic to reach the route? A. GigabitEthernet0/0 B. GigabitEthernet0/1 C. GigabitEthernet0/2 D. GigabitEthernet0/3 Suggested Answer: B Community Answer: B
Refer to the exhibit. Which network prefix was learned via EIGRP? A. 172.160.0/16 B. 207.165.200.0/24 C. 192.168.1.0/24 D. 192.168.2.0/24 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which command must be issued to enable a floating static default route on router A? A. ip route 0.0.0.0 0.0.0.0 192.168.1.2 10 B. ip route 0.0.0.0 0.0.0.0 192.168.1.2 C. ip default-gateway 192.168.2.1 D. ip route 0.0.0.0 0.0.0.0 192.168.2.1 10 Suggested Answer: A Community Answer: A
Refer to the exhibit. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers? A. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 0 ip mtu 1400 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface Loopback0 ip address 10.10.1.86 255.255.255.255 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 B. R14# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf 10 area 0 ip mtu 1500 router ospf 10 ip ospf priority 255 router-id 10.10.1 14 R86# interface Loopback0 ip ospf 10 area 0 interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip ospf 10 area 0 ip mtu 1500 router ospf 10 router-id 10.10.1.86 C. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1500 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 D. R14# interface FastEthernet0/0 ip address 10.73.65.65 255.255.255.252 ip ospf network broadcast ip ospf priority 255 ip mtu 1500 router ospf 10 router-id 10.10.1.14 network 10.10.1.14 0.0.0.0 area0 network 10.73.65.64 0.0.0.3 area0 R86# interface FastEthernet0/0 ip address 10.73.65.66 255.255.255.252 ip ospf network broadcast ip mtu 1400 router ospf 10 router-id 10.10.1.86 network 10.10.1.86 0.0.0.0 area 0 network 10.73.65.64 0.0.0.3 area 0 Suggested Answer: C Community Answer: C
Refer to the exhibit. When an administrator executes the show ip route command on router D to view its routing table, which value is displayed for the administrative distance for the route to network 192.168 1.0? A. 110 B. 120 C. 170 D. 90 Suggested Answer: A Community Answer: A
Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces. The two circuits are operational and reachable across WAN. Which command set establishes failover redundancy if the primary circuit goes down? A. R1(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.6 R2(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.5 B. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1 C. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6 R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5 D. R1(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.6 2 R2(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.5 2 Suggested Answer: D Community Answer: D
Refer to the exhibit. R1 learns all routes via OSPF. Which command configures a backup static route on R1 to reach the 192.168.20 0/24 network via R3? A. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111 B. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90 C. R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2 D. R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 Suggested Answer: A Community Answer: A
Refer to the exhibit. R1 has taken the DROTHER role in the OSPF DR/BDR election process. Which configuration must an engineer implement so that R1 is elected as the DR? A. R1(config)#interface FastEthernet 0/0 R1(config-if)#ip ospf priority 1 R1#clear ip ospf process B. R3(config)#interface FastEthernet 0/1 R3(config-if)#ip ospf priority 200 R3#clear ip ospf process C. R2(config)#interface FastEthernet 0/2 R2(config-if)#ip ospf priority 1 R2#clear ip ospf process D. R1(config)#interface FastEthernet 0/0 R1(config-if)#ip ospf priority 200 R1#clear ip ospf process Suggested Answer: D Community Answer: D
Which SDN plane forwards user-generated traffic? A. Management plane B. Control plane C. Policy plane D. Data plane Suggested Answer: D Community Answer: D
An application in the network is being scaled up from 300 servers to 600. Each server requires 3 network connections to support production, backup, and management traffic. Each connection resides on a different subnet. The router configuration for the production network must be configured first using a subnet in the 10.0.0.0/8 network. Which command must be configured on the interface of the router to accommodate the requirements and limit wasted IP address space? A. ip address 10.10.10.1 255.255.254.0 B. ip address 10.10.10.1 255.255.252.0 C. ip address 10.10.10.1 255.255.240.0 D. ip address 10.10.10.1 255.255.255.240 Suggested Answer: A Community Answer: B
Refer to the exhibit. Which interface is chosen to forward traffic to the host at 192.168.0.55? A. GigabitEthernet0/3 B. Null0 C. GigabitEthernet0/1 D. GigabitEthernet0/2 Suggested Answer: C Community Answer: C
Refer to the exhibit. The administrator must configure a floating static default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE? A. ipv6 route ::/0 2001:db8:1234:2::1 3 B. ipv6 route ::/128 2001:db8:1234:2::1 3 C. ipv6 route ::/0 2001:db8:1234:2::1 1 D. ipv6 route ::/0 2001:db8:1234:2::1 2 Suggested Answer: A Community Answer: A
Refer to the exhibit. Router OldR is replacing another router on the network with the intention of having OldR and R2 exchange routes. After the engineer applied the initial OSPF configuration, the routes were still missing on both devices. Which command sequence must be issued before the clear IP ospf process command is entered to enable the neighbor relationship? A. OldR(config)#interface g0/0/0 OldR(config-if)#ip ospf hello-interval 15 B. OldR(config)#router ospf 1 OldR(config-router)#network 192.168.1.0 255.255.255.0 area 2 C. OldR(config)#interface g0/0/0 OldR(config-if)#ip ospf dead-interval 15 D. OldR(config)#router ospf 1 OldR(config-router)#no router-id 192.168.1.1 Suggested Answer: D Community Answer: D With OSPF each router must have a unique router ID. Here we see that both routers have a router ID of 192.168.1.1. Removing the router-id command on the OldR will force it to use one of its actual interface IP addresses as the router ID.
DRAG DROP -Refer to the exhibit. Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right. Not all prefixes are used. Select and Place:
Suggested Answer:
What is a benefit of VRRP? A. It provides the default gateway redundancy on a LAN using two or more routers. B. It provides traffic load balancing to destinations that are more than two hops from the source. C. It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision. D. It allows neighbors to share routing table information between each other. Suggested Answer: A Community Answer: A Reference: https://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-0/addr_serv/configuration/guide/ic40crs1book_chapter10.html
Refer to the exhibit. Routers R1 and R3 have the default configuration. The router R2 priority is set to 99. Which commands on R3 configure it as the DR in the 10.0.4.0/24 network? A. R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100 B. R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 1 C. R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0 D. R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100 Suggested Answer: D Community Answer: D In the case of OSPF, 0 means you will never be elected as DR or BDR. Default priority is 1. Highest priority will be elected as the DR.
Refer to the exhibit. A network engineer must configure R1 so that it sends all packets destined to the 10.0.0.0/24 network to R3, and all packets destined to PC1 to R2. Which configuration must the engineer implement? A. R1(config)#ip route 10.0.0.0 255.255.255.0 172.16.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 192.168.0.2 B. R1(config)#ip route 10.0.0.0 255.255.0.0 172.16.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 192.168.0.2 C. R1(config)#ip route 10.0.0.0 255.255.255.0 192.168.0.2 R1(config)#ip route 10.0.0.5 255.255.255.255 172.16.0.2 D. R1(config)#ip route 10.0.0.0 255.255.0.0 192.168.0.2 R1(config)#ip route 10.0.0.5 255.255.255.0 172.16.0.2 Suggested Answer: C Community Answer: C
Refer to the exhibit. All traffic enters the CPE router from interface Serial0/3 with an IP address of 192.168.50.1. Web traffic from the WAN is destined for a LAN network where servers are load-balanced. An IP packet with a destination address of the HTTP virtual IP of 192.168.1.250 must be forwarded. Which routing table entry does the router use? A. 192.168.1.0/24 via 192.168.12.2 B. 192.168.1.128/25 via 192.168.13.3 C. 192.168.1.192/26 via 192.168.14.4 D. 192.168.1.224/27 via 192.168.15.5 Suggested Answer: D Community Answer: D
Refer to the exhibit. An engineer assumes a configuration task from a peer. Router A must establish an OSPF neighbor relationship with neighbor 172.1.1.1. The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency? A. Configure router A to use the same MTU size as router B. B. Configure a point-to-point link between router A and router B. C. Set the router B OSPF ID to the same value as its IP address. D. Set the router B OSPF ID to a nonhost address. Suggested Answer: A Community Answer: A Reference: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-12.html#neighbors
Refer to the exhibit. Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.) A. R3(config)#interface fastethernet 0/0 R3(config-if)#ip ospf priority 0 B. R1(config)#router ospf 1 R1(config-router)#router-id 192.168.100.1 C. R1(config)#interface fastethernet 0/0 R1(config-if)#ip ospf priority 200 D. R1(config)#interface fastethernet 0/0 R1(config-if)#ip ospf priority 0 E. R3(config)#interface fastethernet 0/0 R3(config-if)#ip ospf priority 200 Suggested Answer: AC Community Answer: AC
Refer to the exhibit. Which command configures OSPF on the point-to-point link between routers R1 and R2? A. router-id 10.0.0.15 B. neighbor 10.1.2.0 cost 180 C. network 10.0.0.0 0.0.0.255 area 0 D. ip ospf priority 100 Suggested Answer: C Community Answer: C
Refer to the exhibit. A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site? A. R1 ip route 192.168.1.1 255.255.255.0 GigabitEthernet0/1 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/1 B. R1 ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/0 C. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.225 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.226 D. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.226 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.225 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which next-hop IP address does Router1 use for packets destined to host 10.10.13.158? A. 10.10.10.9 B. 10.10.10.5 C. 10.10.11.2 D. 10.10.12.2 Suggested Answer: A Community Answer: A
Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.1. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.1.1.19? A. F0/0 B. F0/1 C. F0/4 D. F0/3 Suggested Answer: A Community Answer: A
Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up, but the server is still reachable when OSPF goes down? A. ip route 10.1.1.10 255.255.255.255 gi0/0 125 B. ip route 10.1.1.0 255.255.255.0 172.16.2.2 100 C. ip route 10.1.1.0 255.255.255.0 gi0/1 125 D. ip route 10.1.1.10 255.255.255.255 172.16.2.2 100 Suggested Answer: A Community Answer: A This is an example of a floating static route when the Administrative Distance must be greater than the primary route. Currently the OSPF AD for the route is 110, so if that route was to go away then this route with an AD of 125 would be used.
Refer to the exhibit. What is the next hop for traffic entering R1 with a destination of 10.1.2.126? A. 10.165.20.126 B. 10.165.20.146 C. 10.165.20.166 D. 10.165.20.226 Suggested Answer: A Community Answer: A
Refer to the exhibit. Which prefix did router R1 learn from internal EIGRP? A. 192.168.3.0/24 B. 192.168.1.0/24 C. 172.16.1.0/24 D. 192.168.2.0/24 Suggested Answer: D Community Answer: D
Refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement? A. R4(config)#interface gi0/0 R4(config-if)#ip ospf priority 20 R5(config)#interface gi0/0 R5(config-if)#ip ospf priority 10 B. R5(config)#interface gi0/0 R5(config-if)#ip ospf priority 120 R4(config)#interface gi0/0 R4(config-if)#ip ospf priority 110 C. R3(config)#interface gi0/0 R3(config-if)#ip ospf priority 255 R2(config)#interface gi0/0 R2(config-if)#ip ospf priority 240 D. R2(config)#interface gi0/0 R2(config-if)#ip ospf priority 259 R3(config)#interface gi0/0 R3(config-if)#ip ospf priority 256 Suggested Answer: C Community Answer: C
Refer to the exhibit. Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10.0.10.0/24? A. via next-hop 10.0.1.5 B. via next-hop 10.0.1.4 C. via next-hop 10.0.1.50 D. via next-hop 10.0.1.100 Suggested Answer: A Community Answer: A
Refer to the exhibit. A packet sourced from 10.10.10.1 is destined for 10.10.8.14. What is the subnet mask of the destination route? A. 255.255.254.0 B. 255.255.255.240 C. 255.255.255.248 D. 255.255.255.252 Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured? A. interface gigabitethernet0/0 ip address 10.0.0.34 255.255.255.248 ip ospf priority 0 B. interface gigabitethernet0/0 ip address 10.0.0.34 255.255.255.224 ip ospf priority 100 C. interface gigabitethernet0/0 ip address 10.0.1.1 255.255.255.0 ip ospf priority 255 D. interface gigabitethernet0/0 ip address 10.0.1.1 255.255.255.224 ip ospf priority 98 Suggested Answer: B Community Answer: B
An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be 2019:C15C:0CAF:E002::1. The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route? A. R1(config-if)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet 0/0 B. R1(config)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet 0/0 C. R1(config-if)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1 D. R1(config)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1 Suggested Answer: D Community Answer: D
Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18? A. R17# ! no ip domain lookup ip cef ipv6 cef ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:4::302 B. R17# ! no ip domain lookup ip cef ipv6 unicast-routing ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:3::301 C. R17# ! no ip domain lookup ip cef ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:5::101 D. R17# ! no ip domain lookup ip cef ipv6 unicast-routing ! interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:2::201/64 ! Interface FastEthernet1/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:3::201/64 ! no cdp log mismatch duplex ipv6 route 2001:DB8:4::/64 2001:DB8:2::201 Suggested Answer: B Community Answer: B
Refer to the exhibit. A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used? A. ip route 0.0.0.0 0.0.0.0 192.168.0.2 B. ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernet1/0 C. ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating D. ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked Suggested Answer: A Community Answer: A The primary route should use the default administrative distance, since the AD for static routes is 1.
Which MAC address is recognized as a VRRP virtual address? A. 0000.5E00.010a B. 0005.3709.8968 C. 0000.0C07.AC99 D. 0007.C070.AB01 Suggested Answer: A Community Answer: A
Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Se0/0/0 interfaces on the Atlanta and Washington routers reach one another? (Choose two.) A. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. B. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router. C. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router. D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router. E. Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router. Suggested Answer: BD Community Answer: BD
A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path? A. as-path B. administrative distance C. metric D. cost Suggested Answer: D Community Answer: C If a router learns two different paths for the same network from the same routing protocol, it has to decide which route is better and will be placed in the routing table. Metric is the measure used to decide which route is better (lower number is better). Each routing protocol uses its own metric. For example, RIP uses hop counts as a metric, while OSPF uses cost. Reference: https://study-ccna.com/administrative-distance-metric/
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode? A. Init B. 2-way C. Exchange D. Full Suggested Answer: D Community Answer: D
Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2? A. 192.168.16.0/21 B. 192.168.16.0/24 C. 192.168.16.0/26 D. 192.168.16.0/27 Suggested Answer: D Community Answer: D The destination IP addresses match all four entries in the routing table but the 192.168.16.0/27 has the longest prefix so it will be chosen. This is called the ג€longest prefix matchג€ rule.
Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond? A. It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1. B. It immediately replaces the existing OSPF route in the routing table with the newly configured static route. C. It starts load-balancing traffic between the two default routes. D. It ignores the new static route until the existing OSPF default route is removed. Suggested Answer: D Community Answer: D Our new static default route has the Administrative Distance (AD) of 120, which is bigger than the AD of OSPF External route (O*E2) so it will not be pushed into the routing table until the current OSPF External route is removed. For your information, if you don't type the AD of 120 (using the command ג€ip route 0.0.0.0 0.0.0.0 10.13.0.1ג€) then the new static default route would replace the OSPF default route as the default AD of static route is 1. You will see such line in the routing table: S* 0.0.0.0/0 [1/0] via 10.13.0.1
Refer to the graphic. R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.)A. All of the routers need to be configured for backbone Area 1. B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3. C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established. D. The hello and dead interval timers are not set to the same values on R1 and R3. E. EIGRP is also configured on these routers with a lower administrative distance. F. R1 and R3 are configured in different areas. Suggested Answer: DF Community Answer: DF This question is to examine the conditions for OSPF to create neighborhood. So as to make the two routers become neighbors, each router must be matched with the following items: 1. The area ID and its types 2. Hello and failure time interval timer 3. OSPF Password (Optional)
Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link? A. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254 B. ip route 209.165.201.0 255.255.255.224 209.165.202.130 C. ip route 0.0.0.0 0.0.0.0 209.165.200.224 D. ip route 0.0.0.0 0.0.0.0 209.165.202.131 Suggested Answer: A Community Answer: A
Refer to the exhibit. An engineer configured the New York router with static routes that point to the Atlanta and Washington sites. Which command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router? A. ipv6 route::/0 Serial 0/0/0 B. ipv6 route::/0 Serial 0/0/1 C. ipv6 route:0/0 Serial 0/0/0 D. ip route 0.0.0.0 0.0.0.0 Serial 0/0/0 E. ipv6 route::/0 2000::2 Suggested Answer: A Community Answer: A Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/ip6-route-static-xe.html#GUID-85796C3A-3143-4DF7-B9D0- 8EC87D0DB08B
What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration? A. The lowest IP address is incremented by 1 and selected as the router ID. B. The router ID 0.0.0.0 is selected and placed in the OSPF process. C. No router ID is set, and the OSPF protocol does not run. D. The highest up/up physical interface IP address is selected as the router ID. Suggested Answer: D Community Answer: D
Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28 subnet? A. 84 B. 110 C. 128 D. 192 E. 193 Suggested Answer: E Community Answer: E
Refer to the exhibit. Traffic sourced from the loopback0 interface is trying to connect via ssh to the host at 10.0.1.15. What is the next hop to the destination address? A. 192.168.0.7 B. 192.168.0.4 C. 192.168.0.40 D. 192.168.3.5 Suggested Answer: A Community Answer: B The router will choose the route will the longest matching prefix, in this case that is 10.0.1.0.28.
When the active router in a VRRP group fails, which router assumes the role and forwards packets? A. forwarding B. standby C. backup D. listening Suggested Answer: C Community Answer: C
Which action does the router take as it forwards a packet through the network? A. The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmits it transparently to the destination. B. The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination. C. The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination. D. The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination. Suggested Answer: C Community Answer: C Reference: https://www.freeccnastudyguide.com/study-guides/ccna/ch4/ip-routing/
Refer to the exhibit. Which two prefixes are included in this routing table entry? (Choose two.) A. 192.168.1.17 B. 192.168.1.61 C. 192.168.1.64 D. 192.168.1.127 E. 192.168.1.254 Suggested Answer: AB Community Answer: AB
Which virtual MAC address is used by VRRP group 1? A. 0504.0367.4921 B. 0007.c061.bc01 C. 0050.0c05.ad81 D. 0000.5E00.0101 Suggested Answer: D Community Answer: D
What is the purpose of using First Hop Redundancy Protocol on a specific subnet? A. forwards multicast hello messages between routers B. sends the default route to the hosts on a network C. ensures a loop-free physical topology D. filters traffic based on destination IP addressing Suggested Answer: B Community Answer: A The routers in the FHRP group share a virtual MAC and Virtual IP and that acts as the Default Gateway for the HOSTS. It provides redundancy is case a router fails, no need to change the default gateway information.
Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?A. R1 has an incorrect network command for interface Gi1/0. B. R2 should have its network command in area 1. C. R1 interface Gi1/0 has a larger MTU size. D. R2 is using the passive-interface default command. Suggested Answer: C Community Answer: C
Refer to the exhibit. When router R1 is sending traffic to IP address 10.56.192.1, which interface or next hop address does it use to route the packet? A. 10.56.0.1 B. 0.0.0.0/0 C. Vlan57 D. 10.56.128.19 Suggested Answer: A Community Answer: A
Refer to the exhibit. Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request? A. 192.168.7.4 B. 192.168.7.7 C. 192.168.7.35 D. 192.168.7.40 Suggested Answer: C Community Answer: C
Refer to the exhibit. Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router?A. 10.1.1.2 B. 10.154.154.1 C. 172.16.5.1 D. 192.168.5.3 Suggested Answer: C Community Answer: C The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the router ID.
Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with RouterC?A. AS numbers must be changed to match on all the routers B. Loopback interfaces must be configured so a DR is elected C. The no auto-summary command is needed on Router A and Router C D. Router B needs to have two network statements, one for each connected network Suggested Answer: A Community Answer: A This question is to examine the understanding of the interaction between EIGRP routers. The following information must be matched so as to create neighborhood. EIGRP routers to establish, must match the following information: 1. AS Number; 2. K value.
A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link.The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem? A. The OSPF area is not configured properly. B. The priority on R1 should be set higher. C. The cost on R1 should be set higher. D. The hello and dead timers are not configured properly. E. A backup designated router needs to be added to the network. F. The OSPF process ID numbers must match. Suggested Answer: D Community Answer: D In OSPF, the hello and dead intervals must match and here we can see the hello interval is set to 5 on R1 and 10 on R2. The dead interval is also set to 20 on R1 but it is 40 on R2.
Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB? (Choose two.)A. It ensures that data will be forwarded by RouterB. B. It provides stability for the OSPF process on RouterB. C. It specifies that the router ID for RouterB should be 10.0.0.1. D. It decreases the metric for routes that are advertised from RouterB. E. It indicates that RouterB should be elected the DR for the LAN. Suggested Answer: BC Community Answer: BC
If all OSPF routers in a single area are configured with the same priority value, what value does a router use for the OSPF router ID in the absence of a loopback interface? A. the IP address of the first Fast Ethernet interface B. the IP address of the console management interface C. the highest IP address among its active interfaces D. the lowest IP address among its active interfaces E. the priority value until a loopback interface is configured Suggested Answer: C Community Answer: C
The OSPF Hello protocol performs which of the following tasks? (Choose two.) A. It provides dynamic neighbor discovery. B. It detects unreachable neighbors in 90 second intervals. C. It maintains neighbor relationships. D. It negotiates correctness parameters between neighboring interfaces. E. It uses timers to elect the router with the fastest links as the designated router. F. It broadcasts hello packets throughout the internetwork to discover all routers that are running OSPF. Suggested Answer: AC Community Answer: AC
What are two requirements for an HSRP group? (Choose two.) A. exactly one active router B. one or more standby routers C. one or more backup virtual routers D. exactly one standby active router E. exactly one backup virtual router Suggested Answer: AB Community Answer: AB Exactly one active router: Only one Active Router per HSRP group will be elected based on highest priority. In case of equal priority, Highest IP address will be elected as Active Router. One or more standby routers: There can be one or more Standby Routers.
Which two pieces of information can you learn by viewing the routing table? (Choose two.) A. whether an ACL was applied inbound or outbound to an interface B. the EIGRP or BGP autonomous system C. whether the administrative distance was manually or dynamically configured D. which neighbor adjacencies are established E. the length of time that a route has been known Suggested Answer: CE Community Answer: CE
Refer to the exhibit. Which route type does the routing protocol Code D represent in the output? A. statically assigned route B. route learned through EIGRP C. 724 route of a locally configured IP D. internal BGP route Suggested Answer: B Community Answer: B
An engineer must configure an OSPF neighbor relationship between router R1 and R3. The authentication configuration has been configured and the connecting interfaces are in the same 192.168.1.0/30 subnet. What are the next two steps to complete the configuration? (Choose two.) A. configure the interfaces as OSPF active on both sides B. configure both interfaces with the same area ID C. configure the hello and dead timers to match on both sides D. configure the same process ID for the router OSPF process E. configure the same router ID on both routing processes Suggested Answer: BC Community Answer: AB
Refer to the exhibit. A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet? A. 209.165.200.250 via Serial0/0/0 B. 209.165.200.254 via Serial0/0/0 C. 209.165.200.254 via Serial0/0/1 D. 209.165.200.246 via Serial0/1/0 Suggested Answer: D Community Answer: D The router will use the default route since there is no entry for the destination address/subnet entry in the routine table.
Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14. To which destination does the router send the packet? A. 207.165.200.246 via Serial0/1/0 B. 207.165.200.254 via Serial0/0/0 C. 207.165.200.250 via Serial0/0/0 D. 207.165.200.254 via Serial0/0/1 Suggested Answer: D Community Answer: D The longest matching route to 172.16.3.14 is the 182.16.3.0/28 route, using Serial 0/0/1 with a next hop of 207.165.200.254.
Refer to the exhibit. Router R2 is configured with multiple routes to reach network 10.1.1.0/24 from router R1. Which path is chosen by router R2 to reach the destination network 10.1.1.0/24? A. static B. EIGRP C. eBGP D. OSPF Suggested Answer: A Community Answer: A
Refer to the exhibit. What is the next hop address for traffic that is destined to host 10.0.1.5? A. Loopback 0 B. 10.0.1.4 C. 10.0.1.3 D. 10.0.1.50 Suggested Answer: D Community Answer: D
Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and the File Server. Switch A and Switch B have been partially configured with VLANs 10, 11, 12, and 13. What is the next step in the configuration? A. Add PC A to VLAN 10 and the File Server to VLAN 11 for VLAN segmentation B. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation C. Add a router on a stick between Switch A and Switch B allowing for Inter-VLAN routing D. Add PC A to the same subnet as the File Server allowing for intra-VLAN communication Suggested Answer: B Community Answer: B
DRAG DROP - A network engineer is configuring an OSPFv2 neighbor adjacency. Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used. Select and Place:Suggested Answer:
R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP, and Internal EIGRP. Under normal operating conditions, which routing protocol is installed in the routing table? A. IS-IS B. Internal EIGRP C. RIP D. OSPF Suggested Answer: B Community Answer: B With the same route (prefix), the router will choose the routing protocol with lowest Administrative Distance (AD) to install into the routing table. The AD of Internal EIGRP (90) is lowest so it would be chosen. The table below lists the ADs of popular routing protocols. <img src="https://www.examtopics.com/assets/media/exam-media/04300/0033300001.png" alt="Reference Image" /> Note: The AD of IS-IS is 115. The ג€EIGRPג€ in the table above is ג€Internal EIGRPג€. The AD of ג€External EIGRPג€ is 170. An EIGRP external route is a route that was redistributed into EIGRP.
Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet. Which action corrects the configuration issue? A. Add the default-information originate command on R2. B. Add the always keyword to the default-information originate command on R1. C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. D. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2. Suggested Answer: C Community Answer: C
Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned? A. 0 B. 110 C. 38443 D. 3184439 Suggested Answer: C Community Answer: C Both the line ג€O 172.16.0.128/25ג€ and ג€S 172.16.0.0/24ג€ cover the host 172.16.0.202 but with the ג€longest (prefix) matchג€ rule the router will choose the first route.
A user configured OSPF in a single area between two routers. A serial interface connecting R1 and R2 is running encapsulation PPP. By default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2? A. nonbroadcast B. point-to-point C. point-to-multipoint D. broadcast Suggested Answer: B Community Answer: B
Which two statements about exterior routing protocols are true? (Choose two.) A. They determine the optimal within an autonomous system. B. They determine the optimal path between autonomous systems. C. BGP is the current standard exterior routing protocol. D. Most modern networking supports both EGP and BGP for external routing. E. Most modern network routers support both EGP and EIGRP for external routing. Suggested Answer: BC Community Answer: BC
You have two paths for the 10.10.10.0 network - one that has a feasible distance of 3072 and the other of 6144. What do you need to do to load balance your EIGRP routes? A. Change the maximum paths to 2 B. Change the configuration so they both have the same feasible distance C. Change the variance for the path that has a feasible distance of 3072 to 2 D. Change the IP addresses so both paths have the same source IP address Suggested Answer: BC Community Answer: C Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. Use the variance n command in order to instruct the router to include routes with a metric of less than n times the minimum metric route for that destination. The variable n can take a value between 1 and 128. The default is 1, which means equal cost load balancing. Traffic is also distributed among the links with unequal costs, proportionately, with respect to the metric. Reference: https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13677-19.html#topic1
DRAG DROP - Drag each route source from the left to the numbers on the right. Beginning with the lowest and ending with the highest administrative distance. Select and Place:Suggested Answer:
Which two circumstances can prevent two routers from establishing an OSPF neighbor adjacency? (Choose two.) A. mismatched autonomous system numbers B. an ACL blocking traffic from multicast address 224.0.0.10 C. mismatched process IDs D. mismatched hello timers and dead timers E. use of the same router ID on both devices Suggested Answer: DE Community Answer: DE
Which three describe the reasons large OSPF networks use a hierarchical design? (Choose three.) A. to speed up convergence B. to reduce routing overhead C. to lower costs by replacing routers with distribution layer switches D. to decrease latency by increasing bandwidth E. to confine network instability to single areas of the network F. to reduce the complexity of router configuration Suggested Answer: ABE Community Answer: ABE
Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet?A. 192.168.14.4 B. 192.168.12.2 C. 192.168.13.3 D. 192.168.15.5 Suggested Answer: A Community Answer: A
Refer to the exhibit. On R1 which routing protocol is in use on the route to 192.168.10.1?A. RIP B. OSPF C. IGRP D. EIGRP Suggested Answer: D Community Answer: D
Refer to the exhibit. Which Command do you enter so that R1 advertises the loopback0 interface to the BGP Peers?A. Network 172.16.1.32 mask 255.255.255.224 B. Network 172.16.1.0 0.0.0.255 C. Network 172.16.1.32 255.255.255.224 D. Network 172.16.1.33 mask 255.255.255.224 E. Network 172.16.1.32 mask 0.0.0.31 F. Network 172.16.1.32 0.0.0.31 Suggested Answer: A Community Answer: A
Refer to exhibit. What Administrative distance has route to 192.168.10.1?A. 1 B. 90 C. 110 D. 120 Suggested Answer: B Community Answer: B
Which value is used to determine the active router in an HSRP default configuration? A. Router loopback address B. Router IP address C. Router priority D. Router tracking number Suggested Answer: B Community Answer: B Q. If there is no priority configured for a standby group, what determines which router is active? A. The priority field is used to elect the active router and the standby router for the specific group. In the case of an equal priority, the router with the highest IP address for the respective group is elected as active. Furthermore, if there are more than two routers in the group, the second highest IP address determines the standby router and the other router/routers are in the listen state.
Refer to the exhibit. If RTR01 is configured as shown, which three addresses will be received by other routers that are running EIGRP on the network? (Choose three.)A. 192.168.2.0 B. 10.4.3.0 C. 10.0.0.0 D. 172.16.0.0 E. 172.16.4.0 F. 192.168.0.0 Suggested Answer: ACD Community Answer: ACD
Which configuration command can you apply to a HSRP router so that its local interface becomes active if all other routers in the group fail? A. no additional config is required B. standby 1 track ethernet C. standby 1 preempt D. standby 1 priority 250 Suggested Answer: A Community Answer: A Simply because that will be the default behavior routers would follow in the event all other routers in the HSRP group fail, then it would not keep attributes such as priority or preemption. What preemption does in summary is to make sure that the configured Priority on all routers within the same HSRP group is always respected. That is, if R1 is configured on the HSRP group with a priority of 150 but he stands as active since all other routers currently subscribed to that group have a priority 150, then will router will preempt the current active router and will take over hence becoming the new active router. With preemption disabled, the new router does not preempt the current active router, unless routers in the group have to renegotiate their roles based on each router's priority at the time of negotiation.
Which two statements about eBGP neighbor relationships are true? (Choose two.) A. The two devices must reside in different autonomous systems B. Neighbors must be specifically declared in the configuration of each device C. They can be created dynamically after the network statement is configured D. The two devices must reside in the same autonomous system E. The two devices must have matching timer settings Suggested Answer: AB Community Answer: AB
Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?A. The router will forward the packet via either Serial0 or Serial1. B. The router will return the packet to its source. C. The router will forward the packet via Serial2. D. The router will drop the packet. Suggested Answer: C Community Answer: C
Which statements describe the routing protocol OSPF? (Choose three.) A. It supports VLSM. B. It is used to route between autonomous systems. C. It confines network instability to one area of the network. D. It increases routing overhead on the network. E. It allows extensive control of routing updates. F. It is simpler to configure than RIP v2. Suggested Answer: ACE Community Answer: ACE The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford vector based algorithms used in traditional Internet routing protocols such as RIP. OSPF has introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, and so forth. OSPF uses flooding to exchange link-state updates between routers. Any change in routing information is flooded to all routers in the network. Areas are introduced to put a boundary on the explosion of link-state updates. Flooding and calculation of the Dijkstra algorithm on a router is limited to changes within an area.
Refer to the exhibit. After you apply the given configurations to R1 and R2 you notice that OSPFv3 fails to start.A. The area numbers on R1 and R2 are mismatched B. The IPv6 network addresses on R1 and R2 are mismatched C. The autonomous system numbers on R1 and R2 are mismatched D. The router ids on R1 and R2 are mismatched Suggested Answer: A Community Answer: A
Which command is used to display the collection of OSPF link states? A. show ip ospf link-state B. show ip ospf lsa database C. show ip ospf neighbors D. show ip ospf database Suggested Answer: D Community Answer: D The "show ip ospf database" command displays the link states. Here is an example: Here is the lsa database on R2. R2#show ip ospf database - OSPF Router with ID (2.2.2.2) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count2.2.2.2 2.2.2.2 793 0x80000003 0x004F85 210.4.4.4 10.4.4.4 776 0x80000004 0x005643 1111.111.111.111 111.111.111.111 755 0x80000005 0x0059CA 2133.133.133.133 133.133.133.133 775 0x80000005 0x00B5B1 2 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B10.2.2.3 133.133.133.133 812 0x80000001 0x004BA910.4.4.1 111.111.111.111 755 0x80000001 0x007F1610.4.4.3 133.133.133.133 775 0x80000001 0x00C31F
Refer to the exhibit. A network associate has configured OSPF with the command: City(config-router)# network 192.168.12.64 0.0.0.63 area 0 After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF. Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration statement? (Choose three.)A. FastEthernet0 /0 B. FastEthernet0 /1 C. Serial0/0 D. Serial0/1.102 E. Serial0/1.103 F. Serial0/1.104 Suggested Answer: BCD Community Answer: BCD The "network 192.168.12.64 0.0.0.63 equals to network 192.168.12.64/26. This network has: ✑ Increment: 64 (/26= 1111 1111.1111 1111.1111 1111.1100 0000) + Network address: 192.168.12.64 ✑ Broadcast address: 192.168.12.127 Therefore all interface in the range of this network will join OSPF.
Refer to the exhibit. C-router is to be used as a "router-on-a-stick" to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration?A. These commands need to be added to the configuration: C-router(config)# router eigrp 123 C-router(config-router)# network 172.19.0.0 B. These commands need to be added to the configuration: C-router(config)# router ospf 1 C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0 C. These commands need to be added to the configuration: C-router(config)# router rip C-router(config-router)# network 172.19.0.0 D. No further routing configuration is required. Suggested Answer: D Community Answer: D Since all the same router (C-router) is the default gateway for all three VLANs, all traffic destined to a different VLA will be sent to the C-router. The C-router will have knowledge of all three networks since they will appear as directly connected in the routing table. Since the C-router already knows how to get to all three networks, no routing protocols need to be configured.
Refer to the exhibit. Which address and mask combination represents a summary of the routes learned by EIGRP?A. 192.168.25.0 255.255.255.240 B. 192.168.25.0 255.255.255.252 C. 192.168.25.16 255.255.255.240 D. 192.168.25.16 255.255.255.252 E. 192.168.25.28 255.255.255.240 F. 192.168.25.28 255.255.255.252 Suggested Answer: C Community Answer: C The binary version of 20 is 10100. The binary version of 16 is 10000. The binary version of 24 is 11000. The binary version of 28 is 11100. The subnet mask is /28. The mask is 255.255.255.240. Note: From the output above, EIGRP learned 4 routes and we need to find out the summary of them: ✑ 192.168.25.16 192.168.25.20 <img src="https://www.examtopics.com/assets/media/exam-media/04300/0031800003.png" alt="Reference Image" /> ✑ 192.168.25.24 ✑ 192.168.25.28 -> The increment should be 28 ?16 = 12 but 12 is not an exponentiation of 2; so we must choose 16 (24). Therefore the subnet mask is /28 (=1111 1111.1111 1111.1111 1111.11110000) = 255.255.255.240. So the best answer should be 192.168.25.16 255.255.255.240.
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails? A. The administrative distance must be higher on the primary route so that the backup route becomes secondary. B. The default-information originate command must be configured for the route to be installed into the routing table. C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup. D. The floating static route must have a higher administrative distance than the primary route so it is used as a backup Suggested Answer: D Community Answer: D
Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured? A. A point-to-point network type is configured. B. The interface is not participating in OSPF. C. The default Hello and Dead timers are in use. D. There are six OSPF neighbors on this interface. Suggested Answer: C Community Answer: C From the output we can see there are Designated Router & Backup Designated Router for this OSPF domain so this is a broadcast network (point-to-point and point-to-multipoint networks do not elect DR & BDR). By default, the timers on a broadcast network (Ethernet, point-to-point and point-to-multipoint) are 10 seconds hello and 40 seconds dead. The timers on a non- broadcast network are 30 seconds hello 120 seconds dead. From the line ג€Neighbor Count is 3ג€, we learn there are four OSPF routers in this OSPF domain. Reference: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13689-17.html
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, to which type of OSPF network does this interface belong? A. point-to-multipoint B. point-to-point C. broadcast D. nonbroadcast Suggested Answer: C Community Answer: C The Broadcast network type is the default for an OSPF enabled ethernet interface (while Point-to-Point is the default OSPF network type for Serial interface with HDLC and PPP encapsulation). Reference: https://www.oreilly.com/library/view/cisco-ios-cookbook/0596527225/ch08s15.html
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols? A. dual algorithm B. metric C. administrative distance D. hop count Suggested Answer: C Community Answer: C Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines the reliability of a routing protocol.
Router A learns the same route from two different neighbors; one of the neighbor routers is an OSPF neighbor, and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table? A. 20 B. 90 C. 110 D. 115 Suggested Answer: B Community Answer: B The Administrative distance (AD) of EIGRP is 90 while the AD of OSPF is 110 so EIGRP route will be chosen to install into the routing table.
Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25? A. Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces. B. Traffic to 10.10.13.0/25 is asymmetrical. C. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1. D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table. Suggested Answer: D Community Answer: C The AD of eBGP (20) is smaller than that of OSPF (110) so the route to 10.10.13.0/25 will be updated as being learned from the new BGP path.
Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A? A. It sends packets out of interface Fa0/1 only. B. It sends packets out of interface Fa0/2 only. C. It load-balances traffic out of Fa0/1 and Fa0/2. D. It cannot send packets to 10.10.13.128/25. Suggested Answer: D Community Answer: D Router2 does not have an entry for the subnet 10.10.13.128/25. It only has an entry for 10.10.13.0/25, which ranges from 10.10.13.0 to 10.10.13.127.
Which two actions influence the EIGRP route selection process? (Choose two.) A. The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link. B. The router calculates the feasible distance of all paths to the destination route. C. The router must use the advertised distance as the metric for any given route. D. The router calculates the best backup path to the destination route and assigns it as the feasible successor. E. The router calculates the reported distance by multiplying the delay on the exiting interface by 256. Suggested Answer: BD Community Answer: BD The reported distance (or advertised distance) is the cost from the neighbor to the destination. It is calculated from the router advertising the route to the network. For example in the topology below, suppose router A & B are exchanging their routing tables for the first time. Router B says ג€Hey, the best metric (cost) from me to IOWA is 50 and the metric from you to IOWA is 90ג€ and advertises it to router A. Router A considers the first metric (50) as the Advertised distance. The second metric (90), which is from NEVADA to IOWA (through IDAHO), is called the Feasible distance. <img src="https://www.examtopics.com/assets/media/exam-media/04300/0028900001.jpg" alt="Reference Image" /> The reported distance is calculated in the same way of calculating the metric. By default (K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0), the metric is calculated as follows: <img src="https://www.examtopics.com/assets/media/exam-media/04300/0029000001.png" alt="Reference Image" /> Feasible successor is the backup route. To be a feasible successor, the route must have an Advertised distance (AD) less than the Feasible distance (FD) of the current successor route. Feasible distance (FD): The sum of the AD plus the cost between the local router and the next-hop router. The router must calculate the FD of all paths to choose the best path to put into the routing table. Note: Although the new CCNA exam does not have EIGRP topic but you should learn the basic knowledge of this routing protocol.
Which two outcomes are predictable behaviors for HSRP? (Choose two.) A. The two routers negotiate one router as the active router and the other as the standby router. B. The two routers share the same interface IP address, and default gateway traffic is load-balanced between them. C. The two routers synchronize configurations to provide consistent packet forwarding. D. Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them. E. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN. Suggested Answer: AE Community Answer: AE
Refer to the exhibit. An engineer is configuring the New York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it reaches the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two.) A. Ipv6 route 2000::1/128 2012::1 B. Ipv6 route 2000::1/128 2012::1 5 C. Ipv6 route 2000::1/128 2012::2 D. Ipv6 route 2000::1/128 2023::2 5 E. Ipv6 route 2000::1/128 2023::3 5 Suggested Answer: AE Community Answer: AE Floating static routes are static routes that have an administrative distance greater than the administrative distance (AD) of another static route or dynamic routes. By default a static route has an AD of 1 then floating static route must have the AD greater than 1. Floating static route has a manually configured administrative distance greater than that of the primary route and therefore would not be in the routing table until the primary route fails.
How does HSRP provide first hop redundancy? A. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN. B. It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN. C. It forwards multiple packets to the same destination over different routed links in the data path. D. It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table. Suggested Answer: B Community Answer: B Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16-book/fhp-hsrp-mgo.html
Refer to the exhibit. Which action establishes the OSPF neighbor relationship without forming an adjacency?A. modify hello interval B. modify process ID C. modify priority D. modify network type Suggested Answer: A Community Answer: A
Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP primary router after it is reloaded? A. standby 10 preempt B. standby 10 version 1 C. standby 10 priority 150 D. standby 10 version 2 Suggested Answer: A Community Answer: A The ג€preemptג€ command enables the HSRP router with the highest priority to immediately become the active router.
Which command should you enter to verify the priority of a router in an HSRP group? A. show hsrp B. show sessions C. show interfaces D. show standby Suggested Answer: D Community Answer: D The following is sample output from the show standby command: <img src="https://www.examtopics.com/assets/media/exam-media/04300/0029600001.jpg" alt="Reference Image" />
Refer to the exhibit. Which command would you use to configure a static route on Router1 to network 192.168.202.0/24 with a nondefault administrative distance?A. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1 B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5 C. router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2 D. router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2 Suggested Answer: B Community Answer: B The default AD of static route is 1 so we need to configure another number for the static route.
Which of the following dynamic routing protocols are Distance Vector routing protocols? A. IS-IS B. EIGRP C. OSPF D. BGP E. RIP Suggested Answer: BE Community Answer: BE
You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface. Which action can you take to correct the problem in the least disruptive way? A. Reload the OSPF process B. Specify a loopback address C. Reboot the router D. Save the router configuration Suggested Answer: A Community Answer: A Once an OSPF Router ID selection is done, it remains there even if you remove it or configure another OSPF Router ID. So the least disruptive way is to correct it using the command ג€clear ip ospf processג€.
Which command should you enter to view the error log in an EIGRP for IPv6 environment? A. show ipv6 eigrp neighbors B. show ipv6 eigrp topology C. show ipv6 eigrp traffic D. show ipv6 eigrp events Suggested Answer: D Community Answer: D
Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.)Refer to the exhibit. Router R1 must be configured to reach the 10.0.3.0/24 network from the 10.0.1.0/24 segment. Which command must be used to configure the route? A. route add 10.0.3.0 0.255.255.255 10.0.4.2 B. ip route 10.0.3.0 0.255.255.255 10.0.4.2 C. route add 10.0.3.0 mask 255.255.255.0 10.0.4.3 D. ip route 10.0.3.0 255.255.255.0 10.0.4.3 Suggested Answer: D Community Answer: D
A. The EIGRP administrative distance was manually changed from 90 to 170. B. There are 20 different network masks within the 10.0.0.0/8 network. C. Ten routes are equally load-balanced between Te0/1/0.100 and Te0/2/0.100. D. The 10.0.0.0/8 network was learned via external EIGRP. E. A static default route to 10.85.33.14 was defined. Suggested Answer: BC Community Answer: BC
After installing a new Cisco ISE server which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials? A. Disable the LAG Mode on Next Reboot. B. Enable the Event Driven RRM. C. Enable the Allow AAA Override. D. Enable the Authorize MIC APs against auth-list or AAA Suggested Answer: C Community Answer: C
Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1?A. longest prefix B. administrative distance C. cost D. metric Suggested Answer: A Community Answer: A
Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to help resolve the configuration issue?A. set the default gateway as 20.20.20.2 B. configure a static route with Fa0/1 as the egress interface to reach the 20.20.2.0/24 network C. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network D. set the default network as 20.20.20.0/24 Suggested Answer: C Community Answer: C
By default, how does EIGRP determine the metric of a route for the routing table? A. It uses the bandwidth and delay values of the path to calculate the route metric. B. It uses a default metric of 10 for all routes that are learned by the router. C. It counts the number of hops between the receiving and destination routers and uses that value as the metric. D. It uses a reference bandwidth and the actual bandwidth of the connected link to calculate the route metric. Suggested Answer: A Community Answer: A
Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration accomplishes this task? A. R1#config t R1(config)#ip routing R1(config)#ip route default-route 192.168.1.1 B. R1#config t R1(config)#ip routing R1(config)#ip route 192.168.1.1 0.0.0.0 0.0.0.0 C. R1#config t R1(config)#ip routing R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1 D. R1#config t R1(config)#ip routing R1(config)#ip default-gateway 192.168.1.1 Suggested Answer: C Community Answer: C
A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet? A. ip route 10.10.1.0 255.255.255.240 10.10.255.1 B. ip route 10.10.1.20 255.255.255.252 10.10.255.1 C. ip route 10.10.1.16 255.255.255.252 10.10.255.1 D. ip route 10.10.1.20 255.255.255.254 10.10.255.1 Suggested Answer: B Community Answer: B
Refer to the exhibit. How does the router manage traffic to 192.168.12.16? A. It chooses the EIGRP route because it has the lowest administrative distance. B. It load-balances traffic between all three routes. C. It chooses the OSPF route because it has the longest prefix inclusive of the destination address. D. It selects the RIP route because it has the longest prefix inclusive of the destination address. Suggested Answer: D Community Answer: D
What are two reasons for an engineer to configure a floating static route? (Choose two.) A. to enable fallback static routing when the dynamic routing protocol fails B. to route traffic differently based on the source IP of the packet C. to automatically route traffic on a secondary path when the primary path goes down D. to support load balancing via static routing E. to control the return path of traffic that is sent from the router Suggested Answer: AC Community Answer: AC
Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16? A. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address B. It selects the RIP route because it has the longest prefix inclusive of the destination address C. It selects the OSPF route because it has the lowest cost D. It selects the EIGRP route because it has the lowest administrative distance Suggested Answer: B Community Answer: B
Refer to the exhibit. A router received these five routes from different routing information sources. Which two routes does the router install in its routing table? (Choose two.) A. OSPF route 10.0.0.0/30 B. IBGP route 10.0.0.0/30 C. OSPF route 10.0.0.0/16 D. EIGRP route 10.0.0.1/32 E. RIP route 10.0.0.0/30 Suggested Answer: AD Community Answer: AD
Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165? A. Router2 B. Router3 C. Router4 D. Router5 Suggested Answer: B Community Answer: B
R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed? A. route with the next hop that has the highest IP B. route with the lowest cost C. route with the lowest administrative distance D. route with the shortest prefix length Suggested Answer: C Community Answer: C
Which two minimum parameters must be configured on an active interface to enable OSPFV2 to operate? (Choose two.) A. OSPF process ID B. OSPF MD5 authentication key C. OSPF stub flag D. IPv6 address E. OSPF area Suggested Answer: AE Community Answer: AE
Refer to the exhibit. What commands are needed to add a sub-interface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?A. R1(config)#interface ethernet0/0 R1(config-if)#encapsulation dot1q 20 R1(config-if)#ip address 10.20.20.1 255.255.255.0 B. R1(config)#interface ethernet0/0.20 R1(config-if)#encapsulation dot1q 20 R1(config-if)#ip address 10.20.20.1 255.255.255.0 C. R1(config)#interface ethernet0/0.20 R1(config-if)#ip address 10.20.20.1 255.255.255.0 D. R1(config)#interface ethernet0/0 R1(config-if)#ip address 10.20.20.1 255.255.255.0 Suggested Answer: B Community Answer: B
Refer to the exhibit. What does router R1 use as its OSPF router-ID? A. 10.10.1.10 B. 10.10.10.20 C. 172.16.15.10 D. 192.168.0.1 Suggested Answer: C Community Answer: C OSPF uses the following criteria to select the router ID: 1. Manual configuration of the router ID (via the ג€router-id x.x.x.xג€ command under OSPF router configuration mode). 2. Highest IP address on a loopback interface. 3. Highest IP address on a non-loopback and active (no shutdown) interface.
Refer to the exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the New York router? (Choose two.) A. ipv6 route 2000::3/128 s0/0/0 B. ipv6 route 2000::1/128 s0/0/1 C. ipv6 route 2000::1/128 2012::1 D. ipv6 route 2000::1/128 2012::2 E. ipv6 route 2000::3/128 2023::3 Suggested Answer: CE Community Answer: CE
Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. What is the reason for the problem? A. The OSPF process IDs are mismatched B. The network statement on Router1 is misconfigured C. Router2 is using the default hello timer D. The OSPF router IDs are mismatched Suggested Answer: C Community Answer: C
Refer to the exhibit. Which route type is configured to reach the Internet? A. floating static route B. host route C. network route D. default route Suggested Answer: D Community Answer: D
Refer to the exhibit. Which path is used by the router for Internet traffic? A. 209.165.200.0/27 B. 0.0.0.0/0 C. 10.10.13.0/24 D. 10.10.10.0/28 Suggested Answer: B Community Answer: B
When OSPF learns multiple paths to a network, how does it select a route? A. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth. B. It counts the number of hops between the source router and the destination to determine the route with the lowest metric. C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the exiting interface to calculate the route with the lowest cost. D. It multiplies the active K values by 256 to calculate the route with the lowest metric. Suggested Answer: C Community Answer: C
Refer to the exhibit. All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration? A.
B.
C.
D.
Suggested Answer: A
Refer to the exhibit. Which switch becomes the root of a spanning tree for VLAN 10 if the primary switch fails and all links are of equal speed? A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: C Community Answer: C
Refer to the exhibit. Host A sent a data frame destined for host D.
What does the switch do when it receives the frame from host A? A. It floods the frame out of all ports except port Fa0/1 B. It experiences a broadcast storm C. It shuts down the port Fa0/1 and places it in err-disable mode D. It drops the frame from the switch CAM table Suggested Answer: A Community Answer: A
Refer to the exhibit. Which switch becomes the root of the spanning tree? A. Switch 1 B. Switch 2 C. Switch 3 D. Switch 4 Suggested Answer: B Community Answer: B The root bridge is the bridge with the lowest Bridge ID. All the decisions like which ports are the root ports (the port with the best path to the root bridge) are made from the perspective of the root bridge. In case of a tie (not the case in this example) then the root bridge will be the switch with the lowest MAC address.
Which channel-group mode must be configured when multiple distribution interfaces connected to a WLC are bundled? A. Channel-group mode passive. B. Channel-group mode on. C. Channel-group mode desirable. D. Channel-group mode active. Suggested Answer: B Community Answer: B
Refer to the exhibit. Which switch become the root of a spanning tree for VLAN 20 if all links are of equal speed? A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: A Community Answer: A
Which Layer 2 switch function encapsulates packets for different VLANs so that the packets transverse the same port and maintain traffic separation between the VLANs? A. VLAN marking B. VLAN numbering C. VLAN DSCP D. VLAN tagging Suggested Answer: D Community Answer: D
Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices? A. VLAN ID B. SSID C. RFID D. WLAN ID Suggested Answer: B Community Answer: B
An engineer must configure neighbor discovery between the company router and an ISP.What is the next step to complete the configuration if the ISP uses a third-party router? A. Enable LLDP globally. B. Disable CDP on gi0/0. C. Enable LLDP TLVs on the ISP router. D. Disable auto-negotiation. Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used. Select and Place:Suggested Answer:
What is a function of MAC learning on a switch? A. MAC address learning is disabled by default on all VLANs. B. Frames received for a destination MAC address not listed in the address table are dropped. C. The MAC address table is used to populate the ARP table. D. A static MAC address is manually added to the MAC table. Suggested Answer: D Community Answer: D
What does a switch do when it receives a frame whose destination MAC address is missing from the MAC address table? A. It changes the checksum of the frame to a value that indicates an invalid frame. B. It updates the CAM table with the destination MAC address of the frame. C. It appends the table with a static entry for the MAC and shuts down the port. D. It floods the frame unchanged across all remaining ports in the incoming VLAN. Suggested Answer: D Community Answer: D
By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic? A. 200 seconds B. 300 seconds C. 600 seconds D. 900 seconds Suggested Answer: B Community Answer: B
A project objective is to minimize the association time to the different access points as mobile devices move around the office. The ideal solution must cover numerous devices and device types, including laptops, mobile phones, tablets and wireless printers. What must be configured? A. 802.11v BSS Max Idle Service B. 802.11v Disassociation Imminent C. 802.11ax BSS configure D. 802.11k neighbor List Dual Band Suggested Answer: B Community Answer: B
Which two protocols are used by an administrator for authentication and configuration on access points? (Choose two.) A. 802.1Q B. RADIUS C. Kerberos D. TACACS+ E. 802.1x Suggested Answer: BD Community Answer: BD
DRAG DROP - Drag and drop the statements about access-point modes from the left onto the corresponding modes on the right. Select and Place:Suggested Answer:
A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP. How must the alarms be stopped for the MAC address of the AP? A. Remove the AP from WLC management B. Place the AP into manual containment. C. Manually remove the AP from Pending state. D. Set the AP Class Type to Friendly. Suggested Answer: B Community Answer: D
What is one reason to implement LAG on a Cisco WLC? A. to increase security and encrypt management frames B. to enable connected switch ports to failover and use different VLANs C. to provide link redundancy and load balancing D. to allow for stateful and link-state failover Suggested Answer: C Community Answer: C
When an access point is seeking to join wireless LAN controller, which message is sent to the AP-Manager interface? A. Discovery response B. DHCP request C. DHCP discover D. Discovery request Suggested Answer: C Community Answer: D The LAPs always connect to the management interface address of the controller first with a discovery request. The controller then tells the LAP the Layer 3 AP- manager interface (which can also be the management by default) IP address so the LAP can send a join request to the AP-manager interface next. Reference: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html
Refer to the exhibit. A network engineer configures the Cisco WLC to authenticate local wireless clients against a RADIUS server. Which task must be performed to complete the process? A. Change the Support for CoA to Enabled B. Select Enable next to Management C. Select Enable next to Network User D. Change the Server Status to Disabled Suggested Answer: C Community Answer: C
What must a network administrator consider when deciding whether to configure a new wireless network with APs in autonomous mode or APs running in cloud- based mode? A. Autonomous mode APs are less dependent on an underlay but more complex to maintain than APs in cloud-based mode. B. Cloud-based mode APs relay on underlays and are more complex to maintain than APs in autonomous mode. C. Cloud-based mode APs are easy to deploy but harder to automate than APs in autonomous mode. D. Autonomous mode APs are easy to deploy and automate than APs in cloud-based mode. Suggested Answer: A Community Answer: A
When a switch receives a frame for an unknown destination MAC address, how is the frame handled? A. flooded to all ports except the origination port B. forwarded to the first available port C. broadcast to all ports on the switch D. inspected and dropped by the switch Suggested Answer: A Community Answer: A
Which state is bypassed in Rapid PVST+ when PortFast is enabled on a port? A. blocking B. forwarding C. learning D. discarding Suggested Answer: C Community Answer: C
What happens when a switch receives a frame with a destination MAC address that recently aged out? A. The switch floods the frame to all ports in all VLANs except the port that received the frame. B. The switch floods the frame to all ports in the VLAN except the port that received the frame. C. The switch references the MAC address aging table for historical addresses on the port that received the frame. D. The switch drops the frame and learns the destination MAC address again from the port that received the frame. Suggested Answer: B Community Answer: B
What is a function of store-and forward switching? A. It reduces latency by eliminating error checking within the frame B. It produces an effective level of error-free network traffic using CRCs. C. It buffers frames and forwards regardless of errors within the frames. D. It forwards a frame by checking only the destination MAC address Suggested Answer: B Community Answer: B
Refer to the exhibit. Switch AccSw1 has just been added to the network along with PC2. All VLANs have been implemented on AccSw2. How must the ports on AccSw2 be configured to establish Layer 2 connectivity between PC1 and PC2? A. interface GigabitEthernet1/2 switchport mode access switchport access vlan 2 ! interface GigabitEthernet1/24 switchport mode trunk B. interface GigabitEthernet1/1 switchport mode access switchport access vlan 11 ! interface GigabitEthernet1/24 switchport mode trunk C. interface GigabitEthernet1/24 switchport mode trunk switchport trunk allowed vlan 11, 12 ! interface GigabitEthernet1/1 switchport access vlan 11 D. interface GigabitEthernet1/2 switchport mode access switchport access vlan 12 ! interface GigabitEthernet1/24 switchport mode trunk switchport trunk allowed vlan 11, 12 Suggested Answer: B Community Answer: B
Refer to the exhibit. A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes. Which configuration must the engineer apply? A. Switch2(config)#lldp timer 60 Switch2(config)#lldp tlv-select 180 B. Switch2(config)#lldp timer 60 Switch2(config)#lldp holdtime 180 C. Switch2(config)#lldp timer 1 Switch2(config)#lldp holdtime 3 D. Switch2(config)#lldp timer 1 Switch2(config)#lldp tlv-select 3 Suggested Answer: B Community Answer: B
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/system_management/configuration/guide/ b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide/sm_lldp.pdf
Refer to the exhibit. Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement? A. SwitchA(config-if)#switchport mode access SwitchA(config-if)#switchport access vlan 50 SwitchA(config-if)#switchport voice vlan 51 B. SwitchA(config-if)#switchport mode trunk SwitchA(config-if)#switchport trunk allowed vlan add 50, 51 SwitchA(config-if)#switchport voice vlan dot1p C. SwitchA(config-if)#switchport mode trunk SwitchA(config-if)#switchport trunk allowed vlan 50, 51 SwitchA(config-if)#mis qos trust cos D. SwitchA(config-if)#switchport mode access SwitchA(config-if)#switchport access vlan 50 SwitchA(config-if)#switchport voice vlan untagged Suggested Answer: A Community Answer: A
Refer to the exhibit. Two new switches are being installed. The remote monitoring team uses the support network to monitor both switches. Which configuration is the next step to establish a Layer 2 connection between the two PCs? A. SwitchA(config)#interface GigabitEthernet0/1 SwitchA(config-if)#switchport access vlan 500 SwitchB(config)#interface GigabitEthernet0/1 SwitchB(config-if)#switchport access vlan 500 B. SwitchA(config)#interface GigabitEthernet0/1 SwitchA(config-if)#switchport mode trunk SwitchB(config)#interface GigabitEthernet0/1 SwitchB(config-if)#switchport mode trunk C. SwitchA(config)#interface GigabitEthernet0/0 SwitchA(config-if)#switchport trunk allowed vlan 500, 550 SwitchB(config)#interface GigabitEthernet0/0 SwitchB(config-if)#switchport trunk allowed vlan 500, 550 D. SwitchA(config)#interface GigabitEthernet0/0 SwitchA(config-if)#spanning-tree portfast SwitchA(config-if)#spanning-tree bpduguard enable SwitchB(config)#interface GigabitEthernet0/0 SwitchB(config-if)#spanning-tree portfast SwitchB(config-if)#spanning-tree bpduguard enable Suggested Answer: A Community Answer: A
Refer to the exhibit. An engineer is configuring a new Cisco switch, NewSW, to replace SW2. The details have been provided: ✑ Switches SW1 and SW2 are third-party devices without support for trunk ports. ✑ The existing connections must be maintained between PC1, PC2, and PC3. ✑ Allow the switch to pass traffic from future VLAN 10. Which configuration must be applied? A. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode trunk NewSW(config-if)#switchport trunk native vlan 10 NewSW(config-if)#switchport trunk native vlan 10 B. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode access NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 2 C. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode access NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 10 D. NewSW(config)#interface f0/0 NewSW(config-if)#switchport mode trunk NewSW(config-if)#switchport trunk allowed vlan 2, 10 NewSW(config-if)#switchport trunk native vlan 2 Suggested Answer: D Community Answer: D
Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture? A. AP-Manager B. service port C. dynamic D. virtual Suggested Answer: B Community Answer: B
Refer to the exhibit. The network engineer is configuring a new WLAN and is told to use a setup password for authentication instead of the RADIUS servers. Which additional set of tasks must the engineer perform to complete the configuration? A. Disable PMF Enable PSK Enable 802.1x B. Select WPA Policy Enable CCKM Enable PSK C. Select WPA Policy Select WPA2 Policy Enable FT PSK D. Select WPA2 Policy Disable PMF Enable PSK Suggested Answer: D Community Answer: D
Which mode must be set for Aps to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol? A. route B. bridge C. lightweight D. autonomous Suggested Answer: C Community Answer: C
Which switch technology establishes a network connection immediately when it is plugged in? A. PortFast B. BPDU guard C. UplinkFast D. BackboneFast Suggested Answer: A Community Answer: A
Which command on a port enters the forwarding state immediately when a PC is connected to it? A. switch(config)#spanning-tree portfast default B. switch(config)#spanning-tree portfast bpduguard default C. switch(config-if)#spanning-tree portfast trunk D. switch(config-if)#no spanning-tree portfast Suggested Answer: A Community Answer: A
If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames? A. The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent B. The previous frame is delivered, the new frame is dropped, and a retransmission request is sent C. The new frame is placed in a queue for transmission after the previous frame D. The two frames are processed and delivered at the same time Suggested Answer: C Community Answer: C
Refer to the exhibit. The entire MAC address table for SW1 is shown here:
What does SW1 do when Br-4 sends a frame for Br-2 A. It performs a lookup in the MAC address table for Br-4 and discards toe frame due to a missing entry. B. It floods the frame out or all ports except on the port where Br-2 is connected. C. It Inserts the source MAC address and port into the forwarding table and forwards the frame to Br-2. D. It maps the Layer 2 MAC address for Fa0/3 to the Layer 3 IP address and towards the frame. Suggested Answer: C Community Answer: C
How does MAC learning function? A. adds unknown source MAC addresses to the CAM table B. protects against denial of service attacks C. populates the ARP table with the egress port D. sends an ARP request to locate unknown destinations Suggested Answer: B Community Answer: A
Refer to the exhibit. An engineer is configuring an EtherChannel using LACP between Switches 1 and 2. Which configuration must be applied so that only Switch 1 sends LACP initiation packets? A.
B.
C.
D.
Suggested Answer: B
Refer to the exhibit. The entire Marketing-SW1 MAC address table is shown here: What does the switch do when PC-4 sends a frame to PC-1? A. It performs a lookup in the MAC address table and discards the frame due to a missing entry. B. It maps the Layer 2 MAC address to the Layer 3 IP address and forwards the frame. C. It inserts the source MAC address and port into the table and forwards the frame to PC-1. D. It floods the frame out of all ports except on the port where PC-1 is connected. Suggested Answer: C Community Answer: C
Which switching concept is used to create separate broadcast domains? A. STP B. VTP C. VLAN D. CSMA/CD Suggested Answer: C Community Answer: C
Refer to the exhibit. Which action must be taken so that neighboring devices rapidly discover switch Cat9300? A. Enable portfast on the ports that connect to neighboring devices. B. Configure the cdp timer 10 command on switch Cat9300. C. Configure the cdp holdtime 10 command on switch Cat9300 D. Configure the cdp timer 10 command on the neighbors of switch Cat9300 Suggested Answer: B Community Answer: B
What is a requirement when configuring or removing LAG on a WLC? A. The incoming and outgoing ports for traffic flow must be specified if LAG is enabled. B. The management interface must be reassigned if LAG is disabled C. The controller must be rebooted after enabling or reconfiguring LAG D. Multiple untagged interfaces on the same port must be supported Suggested Answer: B Community Answer: C
DRAG DROP - Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right. Select and Place:Suggested Answer:
Which type of port is used to connect the wired network when an autonomous AP maps two VLANs to its WLANs? A. access B. LAG C. trunk D. EtherChannel Suggested Answer: C Community Answer: C
A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch. What must be configured when using active mode on both sides of the connection? A. LLDP B. LACP C. Cisco vPC D. 802 1q trunks Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work establish an LACP port channel? A. Change the channel-group mode on SW1 to desirable B. Change the channel-group mode on SW1 to active or passive C. Change the channel-group mode on SW2 to auto D. Configure the interface port-channel 1 command on both swtiches Suggested Answer: B Community Answer: B
Refer to the exhibit. For security reasons, automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed: ✑ Disable all neighbor discovery methods on R5 interface Gi0/1 ✑ Permit neighbor discovery on R5 interface Gi0/2. ✑ Verify there are no dynamically learned neighbors on R5 interface Gi0/1. ✑ Display the IP address of R6's interface Gi0/2 Which configuration must be used? A. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#lldp run R5(config)#no cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor B. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#no lldp run R5(config)#cdp run R5#sh cdp neighbor R5#sh lldp neighbor C. R5(config)#int Gi0/1 R5(config-if)#no cdp run R5(config-if)#exit R5(config)#lldp run R5(config)#cdp enable R5#sh cdp neighbor R5#sh lldp neighbor D. R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(config)#no lldp run R5(config)#cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor Suggested Answer: D Community Answer: D
Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.) A. disabled B. listening C. learning D. blocking E. forwarding Suggested Answer: BC Community Answer: BC
DRAG DROP - Drag and drop the management connection types from the left onto the definitions on the right. Select and Place:Suggested Answer:
An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used? A. interface fastethernet0/1 switchport voice vlan dot1p B. interface fastethernet0/1 switchport priority extend cos 7 C. interface fastethernet0/1 switchport voice vlan untagged D. interface fastethernet0/1 switchport priority extend trust Suggested Answer: D Community Answer: D
Refer to the exhibit. Which change to the configuration on Switch2 allows the two switches to establish an EtherChannel? A. Change the LACP mode to desirable B. Change the protocol to PAgP and use auto mode C. Change the LACP mode to active D. Change the protocol to EtherChannel mode on Suggested Answer: C Community Answer: C
Refer to the exhibit. An engineer must configure the interface that connects to PC1 and secure it in a way that only PC1 is allowed to use the port. No VLAN tagging can be used except for a voice VLAN. Which command sequence must be entered to configure the switch? A. SW1(config-if)#switchport mode dynamic auto SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security violation restrict B. SW1(config-if)#switchport mode nonegotiate SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security maximum 1 C. SW1(config-if)#switchport mode access SW1(config-if)#switchport port-security SW1(config-if)#switchport port-security mac-address 0050.7966.6800 D. SW1(config-if)#switchport mode dynamic desirable SW1(config-if)#switchport port-security mac-address 0050.7966.6800 SW1(config-if)#switchport port-security mac-address sticky Suggested Answer: C Community Answer: C
Which protocol must be implemented to support separate authorization and authentication solutions for wireless APs? A. RADIUS B. TACACS+ C. 802.1X D. Kerberos Suggested Answer: A Community Answer: B
Which port type supports the spanning-tree portfast command without additional configuration? A. trunk ports B. Layer 3 sub interfaces C. Layer 3 main interfaces D. access ports Suggested Answer: D Community Answer: D
Refer to the exhibit. What are two conclusions about this configuration? (Choose two.) A. The spanning-tree mode is Rapid PVST+ B. This tea root bridge C. The spanning-tree mode is PVST+ D. The designated port is FastEthernet 2/1 E. The root port is FastEthernet 2/1 Suggested Answer: AE Community Answer: AE
A Cisco engineer must configure a single switch interface to meet these requirements: ✑ Accept untagged frames and place them in VLAN 20 Accept tagged frames in VLAN 30 when CDP detects a Cisco IP phoneWhich command set must the engineer apply? A. switchport mode dynamic desirable switchport access vlan 20 switchport trunk allowed vlan 30 switchport voice vlan 30 B. switchport mode access switchport access vlan 20 switchport voice vlan 30 C. switchport mode dynamic auto switchport trunk native vlan 20 switchport trunk allowed vlan 30 switchport voice vlan 30 D. switchport mode trunk switchport access vlan 20 switchport voice vlan 30 Suggested Answer: D Community Answer: B
What does a switch use to build its MAC address table? A. VTP B. DTP C. ingress traffic D. egress traffic Suggested Answer: C Community Answer: C
Refer to the exhibit. The EtherChannel is configured with a speed of 1000 and duplex as full on both ends of channel group 1. What is the next step to configure the channel on switch A to respond to but not initiate LACP communication? A. interface range gigabitethernet0/0/0-15 channel-group 1 mode on B. interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable C. interface port-channel 1 channel-group 1 mode auto D. interface port-channel 1 channel-group 1 mode passive Suggested Answer: D Community Answer: D
Which command entered on a switch configured with Rapid PVST+ listens and learns for a specific time period? A. switch(config)#spanning-tree vlan 1 priority 4096 B. switch(config)#spanning-tree vlan 1 hello-time 10 C. switch(config)#spanning-tree vlan 1 max-age 6 D. switch(config)#spanning-tree vlan 1 forward-time 20 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the Rapid PVST+ forwarding state actions from the left to the right. Not all actions are used. Select and Place:Suggested Answer:
Which access point mode relies on a centralized controller for management, roaming, and SSID configuration? A. lightweight mode B. autonomous mode C. bridge mode D. repeater mode Suggested Answer: A Community Answer: A
Refer to the exhibit. A network engineer must configure communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured? A. switchport truck allowed vlan 12 B. switchport truck allowed vlan none C. switchport truck allowed vlan add 13 D. switchport truck allowed vlan remove 10-11 Suggested Answer: C Community Answer: C
Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU? A. The port transitions to STP blocking. B. The port immediately transitions to STP forwarding. C. The port goes into error-disable state. D. The port transitions to the root port. Suggested Answer: C Community Answer: C
Which access layer threat-mitigation technique provides security based on identity? A. Dynamic ARP Inspection B. DHCP snooping C. 802.1x D. using a non-default native VLAN Suggested Answer: C Community Answer: C
Refer to the exhibit. Which action do the switches take on the trunk link? A. The trunk does not form, and the ports go into an err-disabled status. B. The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain. C. The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state. D. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link. Suggested Answer: B Community Answer: B The trunk still forms with mismatched native VLANs and the traffic can actually flow between mismatched switches. But it is absolutely necessary that the native VLANs on both ends of a trunk link match; otherwise a native VLAN mismatch occurs, causing the two VLANs to effectively merge. For example, with the above configuration, SW1 would send untagged frames for VLAN 999. SW2 receives them but would think they are for VLAN 99 so we can say these two VLANs are merged.
A network engineer must configure two new subnets using the address block 10.70.128.0/19 to meet these requirements: ✑ The first subnet must support 24 hosts. ✑ The second subnet must support 472 hosts. ✑ Both subnets must use the longest subnet mask possible from the address block. Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnet for the router interfaces? (Choose two.) A. interface vlan 1148 ip address 10.70.148.1 255.255.254.0 B. interface vlan 3002 ip address 10.70.147.17 255.255.255.224 C. interface vlan 4722 ip address 10.70.133.17 255.255.255.192 D. interface vlan 1234 ip address 10.70.159.1 255.255.254.0 E. interface vlan 155 ip address 10.70.155.65 255.255.255.224 Suggested Answer: DE Community Answer: AE
Refer to the exhibit. An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11. PC-1 and PC-2 must be placed in the Data VLAN, and Phone-1 must be placed in the Voice VLAN. Which configuration meets these requirements? A. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport access vlan 8 switchport voice vlan 9 B. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport voice vlan 9 C. interface gigabitethernet1/1 switchport mode access switchport access vlan 9 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport trunk vlan 9 D. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport voice vlan 8 switchport access vlan 9 Suggested Answer: A Community Answer: A
Refer to the exhibit. Users need to connect to the wireless network with IEEE 802.11r-compatible devices. The connection must be maintained as users travel between floors or to other areas in the building. What must be the configuration of the connection? A. Disable AES encryption. B. Enable Fast Transition and select the FT 802.1x option. C. Enable Fast Transition and select the FT PSK option. D. Select the WPA Policy option with the CCKM option. Suggested Answer: C Community Answer: C Reference: https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html
Refer to the exhibit. An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured. Which command accomplishes this task? A. switchport trunk allowed vlan 100-104 B. switchport trunk allowed vlan 104 C. switchport trunk allowed vlan all D. switchport trunk allowed vlan add 104 Suggested Answer: D Community Answer: D
Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two.) A. blocking B. speaking C. listening D. learning E. forwarding Suggested Answer: DE Community Answer: DE Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html
DRAG DROP - Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used. Select and Place:Suggested Answer:
Which interface mode must be configured to connect the lightweight APs in a centralized architecture? A. WLAN dynamic B. trunk C. access D. management Suggested Answer: C Community Answer: C While the Cisco WLCs always connect to 802.1Q trunks, Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch. This is an example switch port configuration from the Catalyst 3750: interface GigabitEthernet1/0/22 description Access Port Connection to Cisco Lightweight AP switchport access vlan 5 switchport mode access no shutdown Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/69719-wlc-lwap-config.html
Refer to the exhibit. The network administrator must prevent the switch Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken to complete the task? A. Configure the no lldp mac-phy-cfg command globally on Cat9K-2. B. Configure the no lldp receive command on interface G1/0/21 on Cat9K-1. C. Configure the no lldp transmit command on interface G1/0/21 on Cat9K-1. D. Configure the no lldp tlv-select management-address command globally on Cat9K-2. Suggested Answer: C Community Answer: D
Refer to the exhibit. The following must be considered: ✑ SW1 is fully configured for all traffic. ✑ The SW4 and SW9 links to SW1 have been configured. ✑ The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured. ✑ The remaining switches have had all VLANs added to their VLAN database. Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs? A. SW4 interface Gi0/7 switchport mode trunk switchport trunk allowed vlan 108 ! interface Gi/0/2 switchport mode access switchport access vlan 14 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 ! interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14,108 SW9# interface Gi0/2 switchport mode access switchport access vlan 14 B. SW4 interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14,108 !! interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14,108 SW9# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14 C. SW4 interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14 SW11# interface Gi0/1 switchport mode trunk switchport trunk allowed vlan 14 SW9# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 108 D. SW4 interface Gi/0/2 switchport mode access switchport access vlan 14 SW11# interface Gi0/2 switchport mode trunk switchport trunk allowed vlan 14 ! interface Gi0/0 switchport mode access switchport access vlan 14 ! interface Gi0/1 switchport mode trunk SW9# interface Gi0/2 switchport mode access switchport access vlan 14 Suggested Answer: C Community Answer: B
Refer to the exhibit. An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally? A. SW1(config)#interface fa0/2 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#no switchport trunk allowed vlan 3 SW1(config-if)#switchport trunk allowed vlan 2 B. SW1(config)#interface fa0/2 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#switchport trunk native vlan 2 SW1(config-if)#switchport trunk allowed vlan 3 C. SW1(config)#interface fa0/2 SW1(config-if)#no switchport mode trunk SW1(config-if)#no switchport trunk allowed vlan 3 SW1(config-if)#switchport mode access D. SW1(config)#interface fa0/1 SW1(config-if)#no switchport access vlan 2 SW1(config-if)#switchport access vlan 3 SW1(config-if)#switchport trunk allowed vlan 2 Suggested Answer: C Community Answer: C
Refer to the exhibit. Which switch becomes the root of the spanning tree?Switch 1 - BID: 32778 0018.184e.3c00 - Switch 2 - BID: 24586 001a.e3ff.a680 - Switch 3 - BID: 28682 0022.55cf.cc00 - Switch 4 - BID: 64000 4e15.8403.08f - A. Switch 1 B. Switch 2 C. Switch 3 D. Switch 4 Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used. Select and Place:Suggested Answer:
Refer to the exhibit. An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without negotiating the channel? A. Configure the IP address of the neighboring device. B. Bring up the neighboring interfaces using the no shutdown command. C. Change the EtherChannel mode on the neighboring interfaces to auto. D. Modify the static EtherChannel configuration of the device to passive mode. Suggested Answer: D Community Answer: D
Refer to the exhibit. Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches? A. Interface range G1/1 ג€" 1/3 switchport mode trunk channel-group 1 mode active no shutdown B. Interface range G1/1 ג€" 1/3 switchport mode access channel-group 1 mode passive no shutdown C. Interface range G1/1 ג€" 1/3 switchport mode trunk channel-group 1 mode desirable no shutdown D. Interface range G1/1 ג€" 1/3 switchport mode access channel-group 1 mode on no shutdown Suggested Answer: A Community Answer: A
An engineer requires a switch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured? A. switchport mode trunk B. switchport mode dynamic desirable C. switchport nonegotiate D. switchport mode dynamic auto Suggested Answer: B Community Answer: B Reference: https://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=8#:~:text=switchport%20mode%20dynamic%20auto%3A%20Makes,to%20trunk%20or% . 20desirable%20mode.&text=switchport%20mode%20dynamic%20desirable%3A%20Makes,link%20to%20a%20trunk%20link
Refer to the exhibit. After the election process, what is the root bridge in the HQ LAN? Switch 1: 0C:E0:38:81:32:58 - Switch 2: 0C:0E:15:22:1A:61 - Switch 3: 0C:0E:15:1D:3C:9A - Switch 4: 0C:E0:19:A1:4D:16 -A. Switch 1 B. Switch 2 C. Switch 3 D. Switch 4 Suggested Answer: C Community Answer: C
An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken? A. configure switchport nonegotiate B. configure switchport mode dynamic desirable C. configure switchport mode dynamic auto D. configure switchport trunk dynamic desirable Suggested Answer: C Community Answer: B
Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state? A. BPDUfilter B. PortFast C. Backbonefast D. BPDUguard Suggested Answer: B Community Answer: B
How does the dynamically-learned MAC address feature function? A. The CAM table is empty until ingress traffic arrives at each port B. Switches dynamically learn MAC addresses of each connecting CAM table. C. The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses D. It requires a minimum number of secure MAC addresses to be filled dynamically Suggested Answer: A Community Answer: A
When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200? A. spanning-tree vlan 200 priority 614440 B. spanning-tree vlan 200 priority 0 C. spanning-tree vlan 200 root primary D. spanning-tree vlan 200 priority 38813258 Suggested Answer: B Community Answer: B
Refer to the exhibit. Which command must be executed for Gi1/1 on SW1 to passively become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode? A. switchport mode dynamic auto B. switchport mode dot1-tunnel C. switchport mode dynamic desirable D. switchport mode trunk Suggested Answer: A Community Answer: A
Refer to the exhibit. The entire contents or the MAC address table are shown. Sales-4 sends a data frame to Sales-1.
What does the switch do as it receives the frame from Sales-4? A. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame. B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1. C. Perform a lookup in the MAC address table and discard the frame due to a missing entry. D. Flood the frame out of all ports except on the port where Sales-1 is connected. Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic. Which configuration accomplishes this task? A. interface gigabitethernet1/1 switchport mode access switchport access vlan 300 switchport voice vlan 400 B. interface gigabitethernet1/1 switchport mode trunk switchport trunk vlan 300 switchport trunk vlan 400 C. interface gigabitethernet1/1 switchport mode access switchport voice vlan 300 switchport access vlan 400 D. interface gigabitethernet1/1 switchport mode trunk switchport trunk vlan 300 switchport voice vlan 400 Suggested Answer: A Community Answer: A
An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database, with action must be taken? A. Add the switch in the VTP domain with a lower revision number. B. Add the switch in the VTP domain with a higher revision number. C. Add the switch with DTP set to dynamic desirable. D. Add the switch with DTP set to desirable. Suggested Answer: A Community Answer: A
Which technology prevents client devices from arbitrarily connecting to the network without state remediation? A. 802.11n B. 802.1x C. MAC Authentication Bypass D. IP Source Guard Suggested Answer: B Community Answer: B
Which protocol does an access point use to draw power from a connected switch? A. Internet Group Management Protocol B. Cisco Discovery Protocol C. Adaptive Wireless Path Protocol D. Neighbor Discovery Protocol Suggested Answer: B Community Answer: B
An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request? A. Enable MAC filtering and set the SA Query timeout to 10. B. Enable 802.1x Layer 2 security and set the Comeback timer to 10. C. Enable Security Association Teardown Protection and set the SA Query timeout to 10. D. Enable the Protected Management Frame service and set the Comeback timer to 10. Suggested Answer: C Community Answer: D
Refer to the exhibit. Only four switches are participating in the VLAN spanning-tree process. Branch-1: priority 614440 - Branch-2: priority 39391170 - Branch-3: priority 0 - Branch-4: root primary - Which switch becomes the permanent root bridge for VLAN 5? A. Branch-1 B. Branch-2 C. Branch-3 D. Branch-4 Suggested Answer: C Community Answer: C
An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which command should be used? A. switchport trunk encapsulation dot1q B. switchport trunk allowed vlan 10 C. switchport mode trunk D. switchport trunk native vlan 10 Suggested Answer: D Community Answer: D
What are two benefits of using the PortFast feature? (Choose two.) A. Enabled interfaces are automatically placed in listening state. B. Enabled interfaces wait 50 seconds before they move to the forwarding state. C. Enabled interfaces never generate topology change notifications. D. Enabled interfaces come up and move to the forwarding state immediately. E. Enabled interfaces that move to the learning state generate switch topology change notifications. Suggested Answer: AD Community Answer: CD
What is the benefit of configuring PortFast on an interface? A. The frames entering the interface are marked with the higher priority and then processed faster by a switch. B. After the cable is connected, the interface is available faster to send and receive user data. C. Real-time voice and video frames entering the interface are processed faster. D. After the cable is connected, the interface uses the fastest speed setting available for that cable type. Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the functions of AAA supporting protocols from the left onto the protocols on the right. Select and Place:Suggested Answer:
Why does a switch flood a frame to all ports? A. The frame has zero destination MAC addresses. B. The destination MAC address of the frame is unknown. C. The source MAC address of the frame is unknown D. The source and destination MAC addresses of the frame are the same. Suggested Answer: B Community Answer: B
An engineer configures interface Gi1/0 on the company PE router to connect to an ISP. Neighbor discovery is disabled.Which action is necessary to complete the configuration if the ISP uses third-party network devices? A. Disable autonegotiation. B. Enable LLDP globally. C. Enable LLDP-MED on the ISP device. D. Disable Cisco Discovery Protocol on the interface. Suggested Answer: B Community Answer: B
What are two benefits of using VTP in a switching environment? (Choose two.) A. It allows switches to read frame tags. B. It allows ports to be assigned to VLANs automatically. C. It maintains VLAN consistency across a switched network. D. It allows frames from multiple VLANs to use a single interface. E. It allows VLAN information to be automatically propagated throughout the switching environment. Suggested Answer: CE Community Answer: CE
Which three statements are typical characteristics of VLAN arrangements? (Choose three.) A. A new switch has no VLANs configured. B. Connectivity between VLANs requires a Layer 3 device. C. VLANs typically decrease the number of collision domains. D. Each VLAN uses a separate address space. E. A switch maintains a separate bridging table for each VLAN. F. VLANs cannot span multiple switches. Suggested Answer: BDE Community Answer: BDE
On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs? A. a router with subinterfaces configured on the physical interface that is connected to the switch B. a router with an IP address on the physical interface connected to the switch C. a switch with an access link that is configured between the switches D. a switch with a trunk link that is configured between the switches Suggested Answer: A Community Answer: A Different VLANs can't communicate with each other, they can communicate with the help of Layer3 router. Hence, it is needed to connect a router to a switch, then make the sub-interface on the router to connect to the switch, establishing Trunking links to achieve communications of devices which belong to different VLANs.
Which statement about LLDP is true? A. It is a Cisco proprietary protocol. B. It is configured in global configuration mode. C. The LLDP update frequency is a fixed value. D. It runs over the transport layer. Suggested Answer: B Community Answer: B
What is a function of Wireless LAN Controller? A. register with a single access point that controls traffic between wired and wireless endpoints B. use SSIDs to distinguish between wireless clients C. send LWAPP packets to access points D. monitor activity on wireless and wired LANs Suggested Answer: C Community Answer: C Lightweight APs (LAPs) is devices require no initial configuration. LAPs use the Lightweight Access Point Protocol (LWAPP) to communicate with a WLAN controller (WLC), as shown in the below figure. Controller-based APs are useful in situations where many APs are required in the network. As more APs are added, each AP is automatically configured and managed by the WLC.
Which technology is used to improve web traffic performance by proxy caching? A. WSA B. Firepower C. ASA D. FireSIGHT Suggested Answer: A Community Answer: A
What criteria is used first during the root port selection process? A. local port ID B. lowest path cost to the toot bridge C. lowest neighbor's bridge ID D. lowest neighbor's port ID Suggested Answer: B Community Answer: B
Which statement about VLAN configuration is true? A. The switch must be in VTP server or transparent mode before you can configure a VLAN B. The switch must be in config-vlan mode before you configure an extended VLAN C. Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064 D. A switch in VTP transparent mode save the VLAN databases to the running configuration only Suggested Answer: A Community Answer: A
Refer to the exhibit. What two conclusions should be made about this configuration? (Choose two.)A. The root port is FastEthernet 2/1 B. The designated port is FastEthernet 2/1 C. The spanning-tree mode is PVST+ D. This is a root bridge E. The spanning-tree mode is Rapid PVST+ Suggested Answer: AE Community Answer: AE
A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network is allowed to be mapped? A. Device(config)#lldp run B. Device(config)#cdp run C. Device(config-if)#cdp enable D. Device(config)#flow-sampler-map topology Suggested Answer: A Community Answer: A
How do AAA operations compare regarding user identification, user services, and access control? A. Authorization provides access control, and authentication tracks user services B. Authentication identifies users, and accounting tracks user services C. Accounting tracks user services, and authentication provides access control D. Authorization identifies users, and authentication provides access control Suggested Answer: B Community Answer: B
What is the difference between RADIUS and TACACS+? A. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands. B. TACACS+ separates authentication and authorization, and RADIUS merges them. C. TACACS+ encrypts only password information, and RADIUS encrypts the entire payload. D. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication. Suggested Answer: B Community Answer: B
What is a difference between local AP mode and FlexConnect AP mode? A. Local AP mode creates two CAPWAP tunnels per AP to the WLC B. Local AP mode causes the AP to behave as if it were an autonomous AP C. FlexConnect AP mode fails to function if the AP loses connectivity with the WLC D. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured Suggested Answer: A Community Answer: A
The SW1 interface g0/1 is in the down/down state. What are two reasons for the interface condition? (Choose two.) A. There is a protocol mismatch B. There is a duplex mismatch C. The interface is shut down D. The interface is error-disabled E. There is a speed mismatch Suggested Answer: DE Community Answer: DE The interface is shut down - ADMIN DOWN / DOWN The interface is error-disabled - DOWN / DOWN There is a speed mismatch - DOWN / DOWN
How will Link Aggregation be implemented on a Cisco Wireless LAN Controller? A. The EtherChannel must be configured in ג€mode activeג€. B. When enabled, the WLC bandwidth drops to 500 Mbps. C. To pass client traffic, two or more ports must be configured. D. One functional physical port is needed to pass client traffic. Suggested Answer: D Community Answer: D Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/config-guide/b_cg82/b_cg82_chapter_010101011.html
Which two conditions must be met before SSH operates normally on a Cisco IOS switch? (Choose two.) A. IP routing must be enabled on the switch. B. A console password must be configured on the switch. C. Telnet must be disabled on the switch. D. The switch must be running a k9 (crypto) IOS image. E. The ip domain-name command must be configured on the switch. Suggested Answer: DE Community Answer: DE Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
Refer to the exhibit. Which password must an engineer use to enter the enable mode? A. adminadmin123 B. cisco123 C. default D. testing1234 Suggested Answer: D Community Answer: D If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The ג€enable secretג€ will be used first if available, then ג€enable passwordג€ and line password.
Which state does the switch port move to when PortFast is enabled? A. blocking B. listening C. learning D. forwarding Suggested Answer: D Community Answer: D
Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access? A. RADIUS B. HTTPS C. TACACS+ D. HTTP Suggested Answer: B Community Answer: B You can protect communication with the GUI by enabling HTTPS. HTTPS protects HTTP browser sessions by using the Secure Sockets Layer (SSL) protocol. When you enable HTTPS, the controller generates its own local web administration SSL certificate and automatically applies it to the GUI. You also have the option of downloading an externally generated certificate. Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_011.html
An engineer must configure interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken? A. configure DSCP B. configure IEEE 802.1q C. configure ISL D. configure IEEE 802.1p Suggested Answer: B Community Answer: B VLAN trunking offers two options, ISL and 802.1Q. ISL is Cisco proprietary while 802.1Q is standards based and supported by multiple vendors.
Refer to the exhibit. Which two commands when used together create port channel 10? (Choose two.)A. int range g0/0-1 channel-group 10 mode active B. int range g0/0-1 channel-group 10 mode desirable C. int range g0/0-1 channel-group 10 mode passive D. int range g0/0-1 channel-group 10 mode auto E. int range g0/0-1 channel-group 10 mode on Suggested Answer: AC Community Answer: AC
Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEthernet 3/1/4 port on a switch?A. The phone and a workstation that is connected to the phone do not have VLAN connectivity. B. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1. C. The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity. D. The phone and a workstation that is connected to the phone send and receive data in VLAN 50. Suggested Answer: B Community Answer: B
Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?A. The frame is processed in VLAN 1 B. The frame is processed in VLAN 11 C. The frame is processed in VLAN 5 D. The frame is dropped Suggested Answer: C Community Answer: C
Which command is used to enable LLDP globally on a Cisco IOS ISR? A. lldp run B. lldp enable C. lldp transmit D. cdp run E. cdp enable Suggested Answer: A Community Answer: A Link Layer Discovery Protocol (LLDP) is an industry standard protocol that allows devices to advertise, and discover connected devices, and there capabilities (same as CDP of Cisco). To enable it on Cisco devices, we have to use this command under global configuration mode: Sw(config)# lldp run
Which command should you enter to configure an LLDP delay time of 5 seconds? A. lldp timer 5000 B. lldp holdtime 5 C. lldp reinit 5000 D. lldp reinit 5 Suggested Answer: D Community Answer: D ✑ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it ✑ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface ✑ lldp timer rate: Set the sending frequency of LLDP updates in seconds Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swlldp.html
In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an IP address? A. CDP becomes inoperable on that neighbor B. CDP uses the IP address of another interface for that neighbor C. CDP operates normally, but it cannot provide IP address information for that neighbor D. CDP operates normally, but it cannot provide any information for that neighbor Suggested Answer: C Community Answer: B Although CDP is a Layer 2 protocol but we can check the neighbor IP address with the ג€show cdp neighbor detailג€ command. If the neighbor does not has an IP address then CDP still operates without any problem. But the IP address of that neighbor is not provided.
DRAG DROP - Drag and drop the benefits of a Cisco Wireless Lan Controller from the left onto the correct examples on the right. Select and Place:Suggested Answer:
When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected? A. Passive B. Desirable C. On D. Auto E. Active Suggested Answer: A Community Answer: A The LACP is Link Aggregation Control Protocol. LACP is an open protocol, published under the 802.3ad. The modes of LACP are active, passive or on. The side configured as ג€passiveג€ will waiting the other side that should an Active for the Etherchannel to be established. PAgP is Port-Aggregation Protocol. It is Cisco proprietary protocol. The mode are On, Desirable or Auto. Desirable ג€" Auto will establish an EtherChannel. An example of how to configure an Etherchannel: SwitchFormula1>enable - SwitchFormula1#configure terminal SwitchFormula1(config)# interface range f0/5 -14 SwitchFormula1(config-if-range)# channel-group 13 mode ? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected
Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment?A. VLAN 1 B. VLAN 5 C. VLAN 10 D. VLAN 20 Suggested Answer: A Community Answer: A
Which two VLAN IDs indicate a default VLAN? (Choose two.) A. 0 B. 1 C. 1005 D. 1006 E. 4096 Suggested Answer: BC Community Answer: BC VLAN 1 is a system default VLAN, you can use this VLAN but you cannot delete it. By default VLAN 1 is use for every port on the switch. Standard VLAN range from 1002-1005 it's Cisco default for FDDI and Token Ring. You cannot delete VLANs 1002-1005. Mostly we don't use VLAN in this range.
Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose two.) A. the native VLAN B. the trunking protocol C. the VTP domain D. the spanning-tree priority E. the spanning-tree protocol Suggested Answer: AC Community Answer: AC
After you deploy a new WLAN controller on your network, which two additional tasks should you consider? (Choose two.) A. deploy load balancers B. configure additional vlans C. configure multiple VRRP groups D. deploy POE switches E. configure additional security policies Suggested Answer: AE Community Answer: AE
Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1?A. It sends the traffic to VLAN 10. B. It sends the traffic to VLAN 100. C. It drops the traffic. D. It sends the traffic to VLAN 1. Suggested Answer: B Community Answer: B Since SW-1 is configured native VLAN is VLAN10, so traffic coming out of VLAN-10 is untagged, & goes directly to SW-2 Native VLAN: VLAN100, due to VLAN mismatch.
Which two commands can you use to configure an actively negotiate EtherChannel? (Choose two.) A. channel-group 10 mode on B. channel-group 10 mode auto C. channel-group 10 mode passive D. channel-group 10 mode desirable E. channel-group 10 mode active Suggested Answer: DE Community Answer: DE
How does STP prevent forwarding loops at OSI Layer 2? A. TTL B. MAC address forwarding C. Collision avoidance D. Port blocking Suggested Answer: D Community Answer: D
Which two statements about VTP are true? (Choose two.) A. All switches must be configured with the same VTP domain name B. All switches must be configured to perform trunk negotiation C. All switches must be configured with a unique VTP domain name D. The VTP server must have the highest revision number in the domain E. All switches must use the same VTP version Suggested Answer: AE Community Answer: AE
Which type does a port become when it receives the best BPDU on a bridge? A. The designated port B. The backup port C. The alternate port D. The root port Suggested Answer: D Community Answer: D
Which value can you modify to configure a specific interface as the preferred forwarding interface? A. The interface number B. The port priority C. The VLAN priority D. The hello time Suggested Answer: B Community Answer: B
Which statement about Cisco Discovery Protocol is true? A. It is a Cisco-proprietary protocol. B. It runs on the network layer. C. It can discover information from routers, firewalls, and switches. D. It runs on the physical layer and the data link layer. Suggested Answer: A Community Answer: A
What are two reasons a network administrator would use CDP? (Choose two.) A. to verify the type of cable interconnecting two devices B. to determine the status of network services on a remote device C. to obtain VLAN information from directly connected switches D. to verify Layer 2 connectivity between two devices when Layer 3 fails E. to obtain the IP address of a connected device in order to telnet to the device F. to determine the status of the routing protocols between directly connected routers Suggested Answer: DE Community Answer: DE
Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? SW1: 0C:E0:38:41:86:07 - SW2: 0C:0E:15:22:05:97 - SW3: 0C:0E:15:1A:3C:9D - SW4: 0C:E0:18:A1:B3:19 - A. SW1 B. SW2 C. SW3 D. SW4 Suggested Answer: C Community Answer: C
DRAG DROP -Refer to the exhibit. An engineer is required to verify that the network parameters are valid for the users' wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used. Select and Place:
Suggested Answer:
An engineer needs to configure LLDP to send the port description type length value (TLV). Which command sequence must be implemented? A. switch(config-if)#lldp port-description B. switch#lldp port-description C. switch(config-line)#lldp port-description D. switch(config)#lldp port-description Suggested Answer: D Community Answer: D
Refer to the exhibit. Which switch becomes the root bridge? A. S1 B. S2 C. S3 D. S4 Suggested Answer: B Community Answer: B
Which configuration ensures that the switch is always the root for VLAN 750? A. Switch(config)#spanning-tree vlan 750 priority 38418607 B. Switch(config)#spanning-tree vlan 750 priority 0 C. Switch(config)#spanning-tree vlan 750 root primary D. Switch(config)#spanning-tree vlan 750 priority 614440 Suggested Answer: C Community Answer: B
Refer to the exhibit. After the switch configuration, the ping test fails between PC A and PC B. Based on the output for switch 1, which error must be corrected? A. The PCs are in the incorrect VLAN. B. All VLANs are not enabled on the trunk. C. Access mode is configured on the switch ports. D. There is a native VLAN mismatch. Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the WLAN components from the left onto the correct descriptions on the right. Select and Place:Suggested Answer:
The service port can be used management purposes, primarily for out-of-band management. However, AP management traffic is not possible across the service port. In most cases, the service port is used as a ג€last resortג€ means of accessing the controller GUI for management purposes. For example, in the case where the system distribution ports on the controller are down or their communication to the wired network is otherwise degraded. A dynamic interface with the Dynamic AP Management option enabled is used as the tunnel source for packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller. The virtual interface is used to support mobility management, Dynamic Host Configuration Protocol (DHCP) relay, and embedded Layer 3 security such as guest web authentication. It also maintains the DNS gateway host name used by Layer 3 security and mobility managers to verify the source of certificates when Layer 3 web authorization is enabled. Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ports_and_interfaces.html
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller? A. local B. mesh C. flexconnect D. sniffer Suggested Answer: C Community Answer: C In previous releases, whenever a FlexConnect access point disassociates from a controller, it moves to the standalone mode. The clients that are centrally switched are disassociated. However, the FlexConnect access point continues to serve locally switched clients. When the FlexConnect access point rejoins the controller (or a standby controller), all clients are disconnected and are authenticated again. This functionality has been enhanced and the connection between the clients and the FlexConnect access points are maintained intact and the clients experience seamless connectivity. When both the access point and the controller have the same configuration, the connection between the clients and APs is maintained. Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ b_cg74_CONSOLIDATED_chapter_010001101.html
Refer to the exhibit. Which command provides this output? A. show ip route B. show cdp neighbor C. show ip interface D. show interface Suggested Answer: B Community Answer: B
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. active B. on C. auto D. desirable Suggested Answer: B Community Answer: B The Static Persistence (or ג€onג€ mode) bundles the links unconditionally and no negotiation protocol is used. In this mode, neither PAgP nor LACP packets are sent or received.
Which mode allows access points to be managed by Cisco Wireless LAN Controllers? A. bridge B. lightweight C. mobility express D. autonomous Suggested Answer: B Community Answer: B A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are ג€lightweight,ג€ which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are ג€zero touchג€ deployed, and individual configuration of APs is not necessary.
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.) A. QoS settings B. IP address of one or more access points C. SSID D. profile name E. management interface settings Suggested Answer: CD Community Answer: CD
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface? A. lldp timer B. lldp tlv-select C. lldp reinit D. lldp holdtime Suggested Answer: C Community Answer: C ג€¢ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it ג€¢ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface ג€¢ lldp timer rate: Set the sending frequency of LLDP updates in seconds Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swlldp.html
Refer to the exhibit. How does SW2 interact with other switches in this VTP domain? A. It transmits and processes VTP updates from any VTP clients on the network on its trunk ports. B. It processes VTP updates from any VTP clients on the network on its access ports. C. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports. D. It forwards only the VTP advertisements that it receives on its trunk ports. Suggested Answer: D Community Answer: D The VTP mode of SW2 is transparent so it only forwards the VTP updates it receives to its trunk links without processing them. Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/10558-21.html
Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured? A. mode on B. active C. passive D. auto Suggested Answer: B Community Answer: B From the neighbor status, we notice the ג€Flagsג€ are SP. ג€Pג€ here means the neighbor is in Passive mode. In order to create an Etherchannel interface, the (local) SW1 ports should be in Active mode. Moreover, the ג€Port Stateג€ in the exhibit is ג€0x3cג€ (which equals to ג€00111100ג€³ in binary format). Bit 3 is ג€1ג€ which means the ports are synchronizing -> the ports are working so the local ports should be in Active mode.
Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Auto and SW2 is set to Dynamic Desirable. What is the result of this configuration? A. The link becomes an access port. B. The link is in an error disabled state. C. The link is in a down state. D. The link becomes a trunk port. Suggested Answer: D Community Answer: D
A Cisco IP phone receives untagged data traffic from an attached PC. Which action is taken by the phone? A. It drops the traffic. B. It allows the traffic to pass through unchanged. C. It tags the traffic with the native VLAN. D. It tags the traffic with the default VLAN. Suggested Answer: B Community Answer: B Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone. Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_40_se/configuration/guide/scg/swvoip.pdf
Which design element is a best practice when deploying an 802.11b wireless infrastructure? A. allocating nonoverlapping channels to access points that are in close physical proximity to one another B. disabling TCP so that access points can negotiate signal levels with their attached wireless devices C. configuring access points to provide clients with a maximum of 5 Mbps D. setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller Suggested Answer: A Community Answer: A
Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2, while all other VLANs are to remain tagged. Which command accomplishes this task?A. switchport access vlan 67 B. switchport trunk allowed vlan 67 C. switchport private-vlan association host 67 D. switchport trunk native vlan 67 Suggested Answer: D Community Answer: D
Which two command sequences must be configured on a switch to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two.) A. interface GigabitEthernet0/0/1 channel-group 10 mode auto B. interface GigabitEthernet0/0/1 channel-group 10 mode on C. interface port-channel 10 no switchport ip address 172.16.0.1 255.255.255.0 D. interface GigabitEthernet0/0/1 channel-group 10 mode active E. interface port-channel 10 switchport switchport mode trunk Suggested Answer: CD Community Answer: CD
Which two cable types must be used to connect an access point to the WLC when 2.5-Gbps and 5-Gbps upload speeds are required? (Choose two.) A. 10GBASE-T B. 1000BASE-LX/LH C. Cat 5e D. Cat 5 E. Cat 3 Suggested Answer: AC Community Answer: AC
What is a benefit for external users who consume public cloud resources? A. Implemented over a dedicated WAN B. All hosted on physical servers C. Accessed over the Internet D. Located in the same data center as the users Suggested Answer: C Community Answer: C
An engineer must update the configuration on two PCs in two different subnets to communicate locally with each other. One PC is configured with IP address 192.168.25.128/25 and the other with 192.168.25.100/25. Which network mask must the engineer configure on both PCs to enable the communication? A. 255.255.255.248 B. 255.255.255.224 C. 255.255.255.0 D. 255.255.255.252 Suggested Answer: C Community Answer: C
Which key function is provided by the data plane? A. Originating packets B. Exchanging routing table data C. Making routing decisions D. Forwarding traffic to the next hop Suggested Answer: D Community Answer: D
When should an engineer implement a collapsed-core architecture? A. Only when using VSS technology B. For small networks with minimal need for growth C. For large networks that are connected to multiple remote sites D. The access and distribution layers must be on the same device Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional VLANS using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth? A. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 265 255.255.252 B. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255 255.255.248 C. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255 255.255.0 D. Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.0.1 255.255.255.128 Suggested Answer: B Community Answer: B
A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server. What is the cause of the throughput issue? A. a physical cable fault B. a speed mismatch C. high bandwidth usage D. a cable that is too long Suggested Answer: A Community Answer: A
What is the difference between 1000BASE-LX/LH and 1000BASE-ZX interfaces? A. 1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 1000BASE-ZX needs a conditioning patch cable with multimode. B. 1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate C. 1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km D. 1000BASE- LX/LH is supported on links up to 10km, and 1000Base-ZX operates over links up to 70 km Suggested Answer: D Community Answer: D
What are two reasons to implement IPv4 private addressing on a network? (Choose two.) A. To enable internal applications to treat the private IPv4 addresses as unique B. To facilitate renumbering when merging networks C. To expand the routing table on the router D. To provide protection from external denial-of-service attacks E. To conserve global unique IPv4 addresses Suggested Answer: DE Community Answer: AE
Which concern is addressed with the use of private IPv4 addressing? A. Lack of routing protocol support for CIDR and VLSM B. Lack of security protocols at the network perimeter C. Lack of available TCP/UDP ports per IPv5 address D. Lack of available publicly routable unique IPv4 address Suggested Answer: D Community Answer: D
What is the path for traffic sent from one user workstation to another workstation on a separate switch in a three-tier architecture model? A. access ג€" core ג€" access B. access ג€" distribution ג€" distribution ג€" access C. access ג€" core ג€" distribution ג€" access D. access ג€" distribution ג€" core ג€" distribution ג€" access Suggested Answer: D Community Answer: D
What is the difference between IPv6 unicast and anycast addressing? A. An individual IPv6 unicast address is supported on a single interface on one node, but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes. B. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration. C. IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration. D. Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes. Suggested Answer: A Community Answer: A
Refer to the exhibit. Between which zones do wireless users expect to experience intermittent connectivity? A. between zones 1 and 2 B. between zones 2 and 5 C. between zones 3 and 4 D. between zones 3 and 6 Suggested Answer: C Community Answer: C
Which WAN topology provides a combination of simplicity quality, and availability? A. partial mesh B. full mesh C. point-to-point D. hub-and-spoke Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the statements about wireless architectures from the left onto the architectures on the right. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the Wi-Fi terms from the left onto the descriptions on the right. Select and Place:Suggested Answer:
How are the switches in a spine-and-leaf topology interconnected? A. Each leaf switch is connected to one of the spine switches B. Each leaf switch is connected to each spine switch. C. Each leaf switch is connected to two spine switches, making a loop. D. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch. Suggested Answer: B Community Answer: B
What is the primary effect of the spanning-tree portfast command? A. It immediately enables the port in the listening state. B. It immediately puts the port into the forwarding state when the switch is reloaded. C. It enables BPDU messages. D. It minimizes spanning-tree convergence time. Suggested Answer: D Community Answer: D Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html
What occurs when PortFast is enabled on an interface that is connected to another switch? A. Root port choice and spanning-tree recalculation are accelerated when a switch link goes down. B. After spanning-tree converges, PortFast shuts down any port that receives BPDUs. C. VTP is allowed to propagate VLAN configuration information from switch to switch automatically. D. Spanning-tree fails to detect a switching loop increasing the likelihood of broadcast storms. Suggested Answer: D Community Answer: D Enabling the PortFast feature causes a switch or a trunk port to enter the STP forwarding-state immediately or upon a linkup event, thus bypassing the listening and learning states. Note: To enable portfast on a trunk port you need the trunk keyword ג€spanning-tree portfast trunkג€
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment? A. Platinum B. Bronze C. Gold D. Silver Suggested Answer: A Community Answer: A Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background. Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/ b_cg74_CONSOLIDATED_chapter_01010111.html
DRAG DROP - Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right. Select and Place:Suggested Answer:
A network engineer must configure an interface with IP address 10.10.10.145 and a subnet mask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask must the engineer use? A. /29 B. /30 C. /27 D. /28 Suggested Answer: A Community Answer: A
Refer to the exhibit. The switches are connected via a Cat5 Ethernet cable that is tested successfully. The interfaces are configured as access ports and are both in a down status. What is the cause of the issue? A. The speed settings on the switches are mismatched B. The distance between the two switches is not supported by Cat5 C. The switches are configured with incompatible duplex settings D. The portfast command is missing from the configuration Suggested Answer: A Community Answer: A
Which two IP addressing schemes provide internet access to users on the network while preserving the public IPv4 address space? (Choose two.) A. IPv6 addressing B. PAT with private internal addressing C. single public Class A network D. private networks only E. custom addresses from ARIN Suggested Answer: AB Community Answer: AB PAT with private internal addressing is the usual method of allowing Internet access while preserving IPv4 addresses. Another alternative is using IPV6, which will allow internet access without using any IPv4 addresses. The other answer choices will consume a great deal of public IPV4 addresses, or will not allow for internet access.
The address block 192.168.32.0/24 must be subnetted into smaller networks. The engineer must meet these requirements: ✑ Create 8 new subnets. ✑ Each subnet must accommodate 30 hosts. ✑ Interface VLAN 10 must use the last usable IP in the first new subnet. ✑ A Layer 3 interface is used. Which configuration must be applied to the interface? A. no switchport mode trunk ip address 192.168.32.97 255.255.255.224 B. switchport ip address 192.168.32.65 255.255.255.240 C. no switchport ip address 192.168.32.30 255.255.255.224 D. no switchport mode access ip address 192.168.32.62 255.255.255.240 Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right. Select and Place:Suggested Answer:
What are two reasons to deploy private addressing on a network? (Choose two.) A. to subnet addresses in an organized hierarchy B. to reduce network maintenance costs C. to segment local IP addresses from the global routing table D. to hide sensitive data from access users within an enterprise E. to route protected data securely via an Internet service provider Suggested Answer: AC Community Answer: BC
DRAG DROP - Drag and drop the IPv6 DNS record types from the left onto the description on the right. Select and Place:Suggested Answer:
Which property is shared by 10GBase-SR and 10GBase-LR interfaces? A. Both use the single-mode fiber type. B. Both require UTP cable media for transmission. C. Both require fiber cable media for transmission. D. Both use the multimode fiber type. Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right. Select and Place:Suggested Answer:
Which device permits or denies network traffic based on a set of rules? A. switch B. firewall C. wireless controller D. access point Suggested Answer: B Community Answer: B
What is the role of a firewall in an enterprise network? A. determines which packets are allowed to cross from unsecured to secured networks B. processes unauthorized packets and allows passage to less secure segments of the network C. forwards packets based on stateless packet inspection D. explicitly denies all packets from entering an administrative domain Suggested Answer: A Community Answer: A
DRAG DROP - Refer to the exhibit.An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers from the left onto the network parameters on the right. Select and Place:
Suggested Answer:
DRAG DROP - Drag and drop the DNS lookup components from the left onto the functions on the right. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right. Select and Place:Suggested Answer:
Refer to the exhibit. An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and anticipates no more than 10% growth for new hosts. Which configuration script must be used? A.
B.
C.
D.
Suggested Answer: C
Which action is taken by a switch port enabled for PoE power classification override? A. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused B. When a powered device begins drawing power from a PoE switch port, a syslog message is generated C. If a switch determines that a device is using less than the minimum configured power, it assumes the device has failed and disconnects it D. Should a monitored port exceed the maximum administrative value for power, the port is shut down and err-disabled Suggested Answer: D Community Answer: D
What is a function spine-and-leaf architecture? A. Offers predictable latency of the traffic path between end devices. B. Exclusively sends multicast traffic between servers that are directly connected to the spine. C. Mitigates oversubscription by adding a layer of leaf switches. D. Limits payload size of traffic within the leaf layer. Suggested Answer: A Community Answer: A With a spine-and-leaf architecture, no matter which leaf switch to which a server is connected, its traffic always has to cross the same number of devices to get to another server (unless the other server is located on the same leaf). This approach keeps latency at a predictable level because a payload only has to hop to a spine switch and another leaf switch to reach its destination. Reference: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series-switches/white-paper-c11-737022.html
Which action is taken by the data plane within a network device? A. Constructs a routing table based on a routing protocol. B. Forwards traffic to the next hop. C. Looks up an egress interface in the forwarding information base. D. Provides CLI access to the network device. Suggested Answer: B Community Answer: B
What is the function of the control plane? A. It exchanges routing table information. B. It provides CLI access to the network device. C. It looks up an egress interface in the forwarding information base. D. It forwards traffic to the next hop. Suggested Answer: A Community Answer: A
What is the role of disaggregation in controller-based networking? A. It divides the control-plane and data-plane functions. B. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions C. It summarizes the routes between the core and distribution layers of the network topology D. It enables a network topology to quickly adjust from a ring network to a star network Suggested Answer: A Community Answer: A
What is a function performed by a web server? A. send and retrieve email from client devices B. securely store files for FTP access C. authenticate and authorize a user's identity D. provide an application that is transmitted over HTTP Suggested Answer: D Community Answer: D
Refer to the exhibit. Site A was recently connected to site B over a new single-mode fiber path. Users at site A report intermittent connectivity issues with applications hosted at site B. What is the reason for the problem? A. Physical network errors are being transmitted between the two sites. B. Heavy usage is causing high latency. C. The wrong cable type was used to make the connection. D. An incorrect type of transceiver has been inserted into a device on the link Suggested Answer: D Community Answer: D
Which protocol uses the SSL? A. SSH B. HTTPS C. HTTP D. Telnet Suggested Answer: B Community Answer: B
Why is UDP more suitable than TCP for applications that require low latency such as VoIP? A. UDP reliably guarantees delivery of all packets: TCP drops packets under heavy load B. UDP uses sequencing data for packets to arrive in order TCP offers the capability to receive packets in random order C. TCP uses congestion control for efficient packet delivery: UDP uses flow control mechanisms for the delivery of packets D. TCP sends an acknowledgement for every packet received: UDP operates without acknowledgments Suggested Answer: D Community Answer: D
What are the two functions of SSIDs? (Choose two.) A. uses the maximum of 32 alphanumeric characters B. controls the speed of the Wi-Fi network C. used exclusively with controller-based Wi-Fi networks D. supports a single access point E. broadcasts by default Suggested Answer: AD Community Answer: AE The SSID is a unique identifier that wireless networking devices use to establish and maintain wireless connectivity. The SSID can consist of up to 32 alphanumeric, case-sensitive, characters. Wireless clients connect using the SSID for secure communications. The SSID is a unique token that identifies an 802.11 wireless network. It is used by wireless devices to identify a network and to establish and maintain wireless connectivity. An SSID must be configured and assigned to a wireless client device interface before the device can associate with an access point.
Which two characteristics describe the access layer in a three-tier network architecture? (Choose two.) A. serves as the network aggregation point B. physical connection point for a LAN printer C. designed to meet continuous redundant uptime requirements D. layer at which a wireless access point connects to the wired network E. provides a boundary between Layer 2 and Layer 3 communications Suggested Answer: BD Community Answer: BD The Access Layer is the one closer to the users. In fact, at this layer, we find the users themselves and the access-layer switches. The main purpose of this layer is to physically connect users to the network. In other words, there is just a cable between end-user PCs, printers, and wireless access points and access-layer switches.
Which PoE mode enables powered-devices detection and guarantees power when the device detected? A. auto B. static C. dynamic D. active Suggested Answer: A Community Answer: B
Refer to the exhibit. The router has been configured with a super net to accommodate the requirements for 380 users on a Subnet. The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4? A. Subnet: 10.7.54.0 Subnet mask: 255.255.128.0 Broadcast address: 10.5.55.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254 B. Subnet: 10.7.54.0 Subnet mask: 255.255.255.0 Broadcast address: 10.7.54.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254 C. Subnet: 10.7.54.0 Subnet mask: 255.255.254.0 Broadcast address: 10.7.54.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254 D. Subnet: 10.7.54.0 Subnet mask: 255.255.254.0 Broadcast address: 10.7.55.255 Usable IP address range: 10.7.54.1 ג€" 10.7.55.254 Suggested Answer: D Community Answer: D
Refer to the exhibit. Configurations for the switch and PCs are complete. Which configuration must be applied so that VLANs 2 and 3 communicate back and forth? A. interface GigabitEthernet0/0 ip address 10.10.2.10 255.255.252.0 B. interface GigabitEthernet0/0.10 encapsulation dot1Q 3 ip address 10.10.2.10 255.255.254.0 C. interface GigabitEthernet0/0.3 encapsulation dot1Q 3 native ip address 10.10.2.10 255.255.252.0 D. interface GigabitEthernet0/0.3 encapsulation dot1Q 10 ip address 10.10.2.10 255.255.255.252 Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the IPv6 address type characteristics from the left to the right. Select and Place:Suggested Answer:
DRAG DROP -Refer to the exhibit. The IP address configurations must be completed on the DC-1 and HQ-1 routers based on these requirements: ✑ DC-1 Gi1/0 must be the last usable address on a /30 ✑ DC-1 Gi1/1 must be the first usable address on a /29 ✑ DC-1 Gi1/2 must be the last usable address on a /28 ✑ HQ-1 Gi1/3 must be the last usable address on a /29 Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used. Select and Place:
Suggested Answer:
How is RFC 1918 addressing used in a network? A. They are used to access the Internet from the internal network without conversion. B. They are used in place of public addresses for Increased security. C. They are used with NAT to preserve public IPv4 addresses. D. They are used by Internet Service Providers to route over the Internet. Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 address types from the left onto their descriptions on the right. Select and Place:Suggested Answer:
Refer to the exhibit. What is a reason for poor performance on the network interface? A. The interface is receiving excessive broadcast traffic. B. The bandwidth setting of the interface is misconfigured. C. The cable connection between the two devices is faulty. D. The interface is operating at a different speed than the connected device. Suggested Answer: C Community Answer: C Here we see a large number of input errors and CRC errors. <img src="https://www.examtopics.com/assets/media/exam-media/04300/0009600001.png" alt="Reference Image" />
DRAG DROP - Drag and drop the IPv6 address descriptions from the left onto the IPv6 address types on the right. Not all options are used. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right. Select and Place:Suggested Answer:
Which WAN topology has the highest degree of reliability? A. point-to-point B. router-on-a-stick C. full mesh D. hub-and-spoke Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 address type characteristics from the left to the right. Select and Place:Suggested Answer:
What causes a port to be placed in the err-disabled state? A. nothing plugged into the port B. link flapping C. latency D. shutdown command issued on the port Suggested Answer: B Community Answer: B
Refer to the exhibit. An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0/1 interface for the router to assign a unique 64-bit IPv6 address to itself? A. ipv6 address 2001:DB8:0:1:FFFF:C601:420F:7/64 B. ipv6 address 2001:DB8:0:1:FE80:C601:420F:7/64 C. ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64 D. ipv6 address 2001:DB8:0:1:C601:42FF:800F:7/64 Suggested Answer: B Community Answer: C
What is a similarity between 1000BASE-LX and 1000BASE-T standards? A. Both use the same data-link header and trailer formats. B. Both cable types support RJ-45 connectors. C. Both support up to 550 meters between nodes. D. Both cable types support LR connectors. Suggested Answer: A Community Answer: A
Refer to the exhibit. The given Windows PC is requesting the IP address of the host at www.cisco.com. To which IP address is the request sent? A. 192.168.1.253 B. 192.168.1.100 C. 192.168.1.226 D. 192.168.1.254 Suggested Answer: A Community Answer: A
Which function forwards frames to ports that have a matching destination MAC address? A. frame flooding B. frame filtering C. frame pushing D. frame switching Suggested Answer: D Community Answer: D
Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time? A. global unicast address B. link-local address C. anycast address D. multicast address Suggested Answer: C Community Answer: C
What is a characteristic of private IPv4 addressing? A. composed of up to 65,536 available addresses B. issued by IANA in conjunction with an autonomous system number C. used without tracking or registration D. traverse the Internet when an outbound ACL is applied Suggested Answer: C Community Answer: C
What is a function of an endpoint on a network? A. provides wireless services to users in a building B. connects server and client device to a network C. allows users to record data and transmit to a file server D. forwards traffic between VLANs on a network Suggested Answer: C Community Answer: B An endpoint is a remote computing device that communicates back and forth with a network to which it is connected. Examples of endpoints include: ✑ Desktops ✑ Laptops ✑ Smartphones ✑ Tablets ✑ Servers ✑ Workstations Internet-of-things (IoT) devices <img src="https://www.examtopics.com/assets/media/exam-media/04300/0007300007.png" alt="Reference Image" />
What is the function of a controller in controller-based networking? A. It serves as the centralized management point of an SDN architecture B. It is a pair of core routers that maintain all routing decisions for a campus C. It centralizes the data plane for the network D. It is the card on a core router that maintains all routing decisions for a campus. Suggested Answer: A Community Answer: A
Refer to the exhibit. Each router must be configured with the last usable IP address in the subnet. Which configuration fulfills this requirement? A. R7# interface FastEthernet1/0 ip address 10.88.31.127 255.255.255.192 R8# interface FastEthernet0/0 ip address 10.19.63.95 255.255.255.240 R9# interface FastEthernet1/1 ip address 10.23.98.159 255.255.255.224 B. R7# interface FastEthernet1/0 ip address 10.88.31.126 255.255.255.240 R8# interface FastEthernet0/0 ip address 10.19.63.94 255.255.255.192 R9# interface FastEthernet1/1 ip address 10.23.98.158 255.255.255.248 C. R7# interface FastEthernet1/0 ip address 10.88.31.127 255.255.255.240 R8# interface FastEthernet0/0 ip address 10.19.63.95 255.255.255.192 R9# interface FastEthernet1/1 ip address 10.23.98.159 255.255.255.248 D. R7# interface FastEthernet1/0 ip address 10.88.31.126 255.255.255.192 R8# interface FastEthernet0/0 ip address 10.19.63.94 255.255.255.240 R9# interface FastEthernet1/1 ip address 10.23.98.158 255.255.255.224 Suggested Answer: D Community Answer: D
How do TCP and UDP fit into a query-responsible model? A. TCP avoids using sequencing and UDP avoids using acknowledgments B. TCP establishes a connection prior to sending data, and UDP sends immediately C. TCP encourages out-of-order packet delivery, and UDP prevents re-ordering D. TCP uses error detection for packets, and UDP uses error recovery. Suggested Answer: B Community Answer: B
What provides centralized control of authentication and roaming in an enterprise network? A. a lightweight access point B. a wireless LAN controller C. a firewall D. a LAN switch Suggested Answer: B Community Answer: B
Which set of 2 4 GHz nonoverlapping wireless channels is standard in the United States? A. channels 1, 6, 11, and 14 B. channels 2, 7, 9, and 11 C. channels 2, 7, and 11 D. channels 1, 6, and 11 Suggested Answer: D
A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign? A. IPv4-compatible IPv6 address B. unique local address C. link-local address D. aggregatable global address Suggested Answer: C Community Answer: B
What is a requirement for nonoverlapping Wi-Fi channels? A. different security settings B. discontinuous frequency ranges C. unique SSIDs D. different transmission speeds Suggested Answer: B Community Answer: B
A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being advertised to the internet. Which configuration must the engineer apply? A. interface vlan 2000 ipv6 address ff00:0000:aaaa::1234:2343/64 B. interface vlan 2000 ipv6 address fd00::1234:2343/64 C. interface vlan 2000 ipv6 address fe80:0000:aaaa::1234:2343/64 D. interface vlan 2000 ipv6 address fc00:0000:aaaa::a15d:1234:2343:8aca/64 Suggested Answer: D Community Answer: B
What are two characteristics of an SSID? (Choose two.) A. It uniquely identifies a client in a WLAN. B. It is at most 32 characters long C. It uniquely identifies an access point in a WLAN D. It provides secured access to a WLAN. E. It can be hidden or broadcast in a WLAN. Suggested Answer: CD Community Answer: BE
When a switch receives a frame for a known destination MAC address, how is the frame handled? A. flooded to all ports except the one from which it originated B. forwarded to the first available port C. sent to the port identified for the known MAC address D. broadcast to all ports Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the IPv6 address details from the left onto the corresponding types on the right. Select and Place:Suggested Answer:
What is the collapsed layer in collapsed core architectures? A. Core and distribution B. access and WAN C. distribution and access D. core and WAN Suggested Answer: A Community Answer: A
What is a characteristic of a SOHO network? A. includes at least three tiers of devices to provide load balancing and redundancy B. connects each switch to every other switch in the network C. enables multiple users to share a single broadband connection D. provides high throughput access for 1000 or more users Suggested Answer: C Community Answer: C
In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization? A. The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts. B. The ISP requires the new subnet to be advertised to the Internet for web services. C. There is limited unique address space, and traffic on the new subnet will stay local within the organization. D. Traffic on the subnet must traverse a site-to-site VPN to an outside organization. Suggested Answer: C Community Answer: C
DRAG DROP - Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right. Select and Place:Suggested Answer:
Which 802.11 frame type is indicated by a probe response after a client sends a probe request? A. data B. management C. control D. action Suggested Answer: B Community Answer: B
What is the difference in data transmission delivery and reliability between TCP and UDP? A. TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end. B. TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery. C. UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection. D. UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking. Suggested Answer: B Community Answer: B UDP speeds up transmissions by enabling the transfer of data before an agreement is provided by the receiving party. As a result, UDP is beneficial in time- sensitive communications, including voice over IP (VoIP), domain name system (DNS) lookup, and video or audio playback.
Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A, verifying the IP addresses, and forwarding the packet to PC-B? A. router B. Layer 2 switch C. load balancer D. firewall Suggested Answer: A Community Answer: A
What is the maximum bandwidth of a T1 point-to-point connection? A. 1.544 Mbps B. 2.048 Mbps C. 34.368 Mbps D. 43.7 Mbps Suggested Answer: A Community Answer: A
What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.) A. Both support speeds up to 10 Gigabit. B. Both support speeds of at least 1 Gigabit. C. Both support runs of up to 55 meters. D. Both support runs of up to 100 meters. E. Both operate at a frequency of 500 MHz. Suggested Answer: BD Community Answer: BD
What is a characteristic of cloud-based network topology? A. onsite network services are provided with physical Layer 2 and Layer 3 components B. wireless connections provide the sole access method to services C. physical workstations are configured to share resources D. services are provided by a public, private, or hybrid deployment Suggested Answer: D Community Answer: D
Which network action occurs within the data plane? A. reply to an incoming ICMP echo request B. make a configuration change from an incoming NETCONF RPC C. run routing protocols (OSPF, EIGRP, RIP, BGP) D. compare the destination IP address to the IP routing table Suggested Answer: D Community Answer: D
Refer to the exhibit. R1 has just received a packet from host A that is destined to host B. Which route in the routing table is used by R1 to reach host B? A. 10.10.13.0/25 [1/0] via 10.10.10.2 B. 10.10.13.0/25 [108/0] via 10.10.10.10 C. 10.10.13.0/25 [110/2] via 10.10.10.6 D. 10.10.13.0/25 [110/2] via 10.10.10.2 Suggested Answer: B Community Answer: B
Which two network actions occur within the data plane? (Choose two.) A. Run routing protocols. B. Make a configuration change from an incoming NETCONF RPC. C. Add or remove an 802.1Q trunking header. D. Match the destination MAC address to the MAC address table. E. Reply to an incoming ICMP echo request. Suggested Answer: CD Community Answer: CD
What are network endpoints? A. support inter-VLAN connectivity B. a threat to the network if they are compromised C. act as routers to connect a user to the service provider network D. enforce policies for campus-wide traffic going to the Internet Suggested Answer: B Community Answer: B
Refer to the exhibit. The link between PC1 and the switch is up, but it is performing poorly. Which interface condition is causing the performance problem? A. There is an issue with the fiber on the switch interface. B. There is a duplex mismatch on the interface. C. There is an interface type mismatch. D. There is a speed mismatch on the interface. Suggested Answer: B Community Answer: B
Why was the RFC 1918 address space defined? A. conserve public IPv4 addressing B. support the NAT protocol C. preserve public IPv6 address space D. reduce instances of overlapping IP addresses Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right. Select and Place:Suggested Answer:
DRAG DROP - Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right. Select and Place:Suggested Answer:
Reference: https://learningnetwork.cisco.com/s/question/0D53i00000Kt6kl/ipv6-unique-local-addresses
Which type of organization should use a collapsed-core architecture? A. small and needs to reduce networking costs B. large and must minimize downtime when hardware fails C. large and requires a flexible, scalable network design D. currently small but is expected to grow dramatically in the near future Suggested Answer: A Community Answer: A It is ideal for small companies: The collapsed core model is a reduced version of the three-tier model. The deduction was made to create a network for small and medium-sized campuses. Therefore, smaller institutions can get the advantage of using a collapsed core network while still gaining the same benefits they would if they were using a three-tier model. Small organizations often cannot afford the hardware and human resources to run the network can benefit greatly with less oversight necessary. And reduces cost: In a traditional three-tier campus network, the core layer is typically a complex and expensive piece of hardware. This layer is eliminated with collapsed core architecture, reducing both cost and complexity.
A network administrator is setting up a new IPv6 network using the 64-bit address 2001:0EB8:00C1:2200:0001:0000:0000:0331/64. To simplify the configuration, the administrator has decided to compress the address. Which IP address must the administrator configure? A. ipv6 address 2001:EB8:C1:22:1::331/64 B. ipv6 address 21:EB8:C1:2200:1::331/64 C. ipv6 address 2001:EB8:C1:2200:1:0000:331/64 D. ipv6 address 2001:EB8:C1:2200:1::331/64 Suggested Answer: D Community Answer: D
DRAG DROP - Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right. Select and Place:Suggested Answer:
What is an appropriate use for private IPv4 addressing? A. to allow hosts inside to communicate in both directions with hosts outside the organization B. on internal hosts that stream data solely to external resources C. on the public-facing interface of a firewall D. on hosts that communicate only with other internal hosts Suggested Answer: D Community Answer: D
Which two options are the best reasons to use an IPV4 private IP space? (Choose two.) A. to enable intra-enterprise communication B. to implement NAT C. to connect applications D. to conserve global address space E. to manage routing overhead Suggested Answer: AD Community Answer: AD
Refer to the exhibit. When PC1 sends a packet to PC2, the packet has which source and destination IP address when it arrives at interface Gi0/0 on router R2?A. source 192.168.10.10 and destination 10.10.2.2 B. source 192.168.20.10 and destination 192.168.20.1 C. source 192.168.10.10 and destination 192.168.20.10 D. source 10.10.1.1 and destination 10.10.2.2 Suggested Answer: C Community Answer: C The source and destination IP addresses of the packets are unchanged on all the way. Only source and destination MAC addresses are changed.
What is the same for both copper and fiber interfaces when using SFP modules? A. They support an inline optical attenuator to enhance signal strength B. They accommodate single-mode and multi-mode in a single module C. They provide minimal interruption to services by being hot-swappable D. They offer reliable bandwidth up to 100 Mbps in half duplex mode Suggested Answer: C Community Answer: C
What are two functions of a server on a network? (Choose two.) A. handles requests from multiple workstations at the same time B. achieves redundancy by exclusively using virtual server clustering C. housed solely in a data center that is dedicated to a single client achieves redundancy by exclusively using virtual server clustering D. runs the same operating system in order to communicate with other servers E. runs applications that send and retrieve data for workstations that make requests Suggested Answer: AE Community Answer: AE
Which function is performed by the collapsed core layer in a two-tier architecture? A. enforcing routing policies B. marking interesting traffic for data policies C. applying security policies D. attaching users to the edge of the network Suggested Answer: A Community Answer: A
What is the primary function of a Layer 3 device? A. to transmit wireless traffic between hosts B. to analyze traffic and drop unauthorized traffic from the Internet C. to forward traffic within the same broadcast domain D. to pass traffic between different networks Suggested Answer: D Community Answer: D
Which two functions are performed by the core layer in a three-tier architecture? (Choose two.) A. Provide uninterrupted forwarding service B. Inspect packets for malicious activity C. Ensure timely data transfer between layers D. Provide direct connectivity for end user devices E. Police traffic that is sent to the edge of the network Suggested Answer: AC Community Answer: AC Reference: https://www.mcmcse.com/cisco/guides/hierarchical_model.shtml
What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency? A. different nonoverlapping channels B. one overlapping channel C. one nonoverlapping channel D. different overlapping channels Suggested Answer: A Community Answer: A
A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software that is only used occasionally. Which cloud service model does the engineer recommend? A. infrastructure-as-a-service B. platform-as-a-service C. business process as service to support different types of service D. software-as-a-service Suggested Answer: D Community Answer: D
What are two functions of a Layer 2 switch? (Choose two.) A. acts as a central point for association and authentication servers B. selects the best route between networks on a WAN C. moves packets within a VLAN D. moves packets between different VLANs E. makes forwarding decisions based on the MAC address of a packet Suggested Answer: CE Community Answer: CE
DRAG DROP - Drag and drop the TCP/IP protocols from the left onto their primary transmission protocols on the right. Select and Place:Suggested Answer:
An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use 5GHz access points? A. Client Band Select B. Re-Anchor Roamed Clients C. OEAP Spilt Tunnel D. 11ac MU-MIMO Suggested Answer: A Community Answer: A
Which networking function occurs on the data plane? A. processing inbound SSH management traffic B. sending and receiving OSPF Hello packets C. facilitates spanning-tree elections D. forwarding remote client/server traffic Suggested Answer: D Community Answer: D
Under which condition is TCP preferred over UDP? A. UDP is used when low latency is optimal, and TCP is used when latency is tolerable. B. TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out-of-order. C. TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable. D. UDP is used when data is highly interactive, and TCP is used when data is time-sensitive. Suggested Answer: C Community Answer: C
Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report intermittent connectivity issues with applications hosted at SiteB. What is the cause of the intermittent connectivity issue? A. Interface errors are incrementing. B. High usage is causing high latency. C. An incorrect SFP media type was used at SiteA. D. The sites were connected with the wrong cable type. Suggested Answer: A Community Answer: A The only indicator of any issues here is the reliability 166/255 on SiteA. When the input and output errors increase, they affect the reliability counter. This indicates how likely it is that a packet can be delivered or received successfully. Reliability is calculated like this: reliability = number of packets / number of total frames. The value of 255 is the highest value meaning that the interface is very reliable at the moment. The calculation above is done every 5 minutes.
A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the configuration to be applied, the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface? A. ipv6 address 2001::db8:0000::500:a:400F:583B B. ipv6 address 2001:db8:0::500:a:4F:583B C. ipv6 address 2001:db8::500:a:400F:583B D. ipv6 address 2001:0db8::5:a:4F:583B Suggested Answer: C Community Answer: C
What is a network appliance that checks the state of a packet to determine whether the packet is legitimate? A. Layer 2 switch B. LAN controller C. load balancer D. firewall Suggested Answer: D Community Answer: D
What is a role of access points in an enterprise network? A. integrate with SNMP in preventing DDoS attacks B. serve as a first line of defense in an enterprise network C. connect wireless devices to a wired network D. support secure user logins to devices on the network Suggested Answer: C Community Answer: C
An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between hardware and virtual machines? A. router B. hypervisor C. switch D. straight cable Suggested Answer: B Community Answer: B
How does a Cisco Unified Wireless Network respond to Wi-Fi channel overlap? A. It allows the administrator to assign the channels on a per-device or per-interface basis. B. It segregates devices from different manufactures onto different channels. C. It analyzes client load and background noise and dynamically assigns a channel. D. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points. Suggested Answer: C Community Answer: C Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-3/b_RRM_White_Paper/dca.html
Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions? A. 5, 6, 7 B. 1, 2, 3 C. 1, 6, 11 D. 1, 5, 10 Suggested Answer: C Community Answer: C
How do TCP and UDP differ in the way they guarantee packet delivery? A. TCP uses retransmissions, acknowledgment, and parity checks, and UDP uses cyclic redundancy checks only B. TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks, and UDP uses retransmissions only C. TCP uses checksum, acknowledgements, and retransmissions, and UDP uses checksums only D. TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only Suggested Answer: C Community Answer: C
A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. Which action must be taken to meet the requirement? A. enable Band Select B. enable DTIM C. enable RX-SOP D. enable AAA override Suggested Answer: A Community Answer: A
DRAG DROP - Drag and drop the application protocols from the left onto the transport protocols that it uses on the right. Select and Place:Suggested Answer:
What is the destination MAC address of a broadcast frame? A. 00:00:0c:07:ac:01 B. ff:ff:ff:ff:ff:ff C. 43:2e:08:00:00:0c D. 00:00:0c:43:2e:08 E. 00:00:0c:ff:ff:ff Suggested Answer: B Community Answer: B
For what two purposes does the Ethernet protocol use physical addresses? A. to uniquely identify devices at Layer 2 B. to allow communication with devices on a different network C. to differentiate a Layer 2 frame from a Layer 3 packet D. to establish a priority system to determine which device gets to transmit first E. to allow communication between different devices on the same network F. to allow detection of a remote device when its physical address is unknown Suggested Answer: AE Community Answer: AE
DRAG DROP - Drag and drop the networking parameters from the left on to the correct values on the right. Select and Place:Suggested Answer:
SSH uses TCP port 22 while SNMP uses UDP port 161 and 162.
Which component of an Ethernet frame is used to notify a host that traffic is coming? A. start of frame delimiter B. Type field C. preamble D. Data field Suggested Answer: C Community Answer: C Preamble is a 7 Byte field in the Ethernet frame which helps to receiver to know that it is an actual data (Ethernet Frame) and not some random noise in the transmission medium. It acts like a doorbell telling about the incoming data.
You are configuring your edge routers interface with a public IP address for Internet connectivity. The router needs to obtain the IP address from the service provider dynamically. Which command is needed on interface FastEthernet 0/0 to accomplish this? A. ip default-gateway B. ip route C. ip default-network D. ip address dhcp E. ip address dynamic Suggested Answer: D Community Answer: D
Which two statements about the purpose of the OSI model are accurate? (Choose two.) A. Defines the network functions that occur at each layer B. Facilitates an understanding of how information travels throughout a network C. Changes in one layer do not impact other layer D. Ensures reliable data delivery through its layered approach Suggested Answer: AB Community Answer: AB
Which three statements about MAC addresses are correct? (Choose three.) A. To communicate with other devices on a network, a network device must have a unique MAC address B. The MAC address is also referred to as the IP address C. The MAC address of a device must be configured in the Cisco IOS CLI by a user with administrative privileges D. A MAC address contains two main components, the first of which identifies the manufacturer of the hardware and the second of which uniquely identifies the hardware E. An example of a MAC address is 0A:26:B8:D6:65:90 F. A MAC address contains two main components, the first of which identifies the network on which the host resides and the second of which uniquely identifies the host on the network Suggested Answer: ADE Community Answer: ADE
Which technique can you use to route IPv6 traffic over an IPv4 infrastructure? A. NAT B. 6 to 4 tunneling C. L2TPv3 D. dual-stack Suggested Answer: B Community Answer: B
Refer to the exhibit. A network technician is asked to design a small network with redundancy. The exhibit represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this design?A. This design will function as intended. B. Spanning-tree will need to be used. C. The router will not accept the addressing scheme. D. The connection between switches should be a trunk. E. The router interfaces must be encapsulated with the 802.1Q protocol. Suggested Answer: C Community Answer: C Each interface on a router must be in a different network. If two interfaces are in the same network, the router will not accept it and show error when the administrator assigns it.
Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4? (Choose two.) A. It establishes a static route to the 172.16.3.0 network. B. It establishes a static route to the 192.168.2.0 network. C. It configures the router to send any traffic for an unknown destination to the 172.16.3.0 network. D. It configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4. E. It uses the default administrative distance. F. It is a route that would be used last if other routes to the same destination exist. Suggested Answer: AE Community Answer: AE
What are two benefits of private IPv4 IP addresses? (Choose two.) A. They are routed the same as public IP addresses. B. They are less costly than public IP addresses. C. They can be assigned to devices without Internet connections. D. They eliminate the necessity for NAT policies. E. They eliminate duplicate IP conflicts. Suggested Answer: BC Community Answer: BC
What are two benefits that the UDP protocol provide for application traffic? (Choose two.) A. UDP traffic has lower overhead than TCP traffic B. UDP provides a built-in recovery mechanism to retransmit lost packets C. The CTL field in the UDP packet header enables a three-way handshake to establish the connection D. UDP maintains the connection state to provide more stable connections than TCP E. The application can use checksums to verify the integrity of application data Suggested Answer: AE Community Answer: AE
Which two goals reasons to implement private IPv4 addressing on your network? (Choose two.) A. Comply with PCI regulations B. Conserve IPv4 address C. Reduce the size of the forwarding table on network routers D. Reduce the risk of a network security breach E. Comply with local law Suggested Answer: BD Community Answer: BD
Which WAN access technology is preferred for a small office / home office architecture? A. broadband cable access B. frame-relay packet switching C. dedicated point-to-point leased line D. Integrated Services Digital Network switching Suggested Answer: A Community Answer: A Service providers provide Internet access using broadband services such as DSL, cable, and satellite access. Broadband connections are typically used to connect small offices and telecommuting employees to a corporate site over the Internet. Data traveling between corporate sites over the public WAN infrastructure should be protected using VPNs.
Which two WAN architecture options help a business scalability and reliability for the network? (Choose two.) A. asychronous routing B. single-homed branches C. dual-homed branches D. static routing E. dynamic routing Suggested Answer: CE Community Answer: CE Reference: https://www.cisco.com/c/dam/en/us/td/docs/nsite/wan_optimization/WANoptSolutionGd.pdf
What is the binary pattern of unique ipv6 unique local address? A. 00000000 B. 11111100 C. 11111111 D. 11111101 Suggested Answer: B Community Answer: B A IPv6 Unique Local Address is an IPv6 address in the block FC00::/7, which means that IPv6 Unique Local addresses begin with 7 bits with exact binary pattern as 1111 110 -> Answer B is correct. Note: IPv6 Unique Local Address is the approximate IPv6 counterpart of the IPv4 private address. It is not routable on the global Internet.
Which action is taken by switch port enabled for PoE power classification override? A. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled. B. When a powered device begins drawing power from a PoE switch port, a syslog message is generated. C. As power usage on a PoE switch port is checked, data flow to the connected device is temporarily paused. D. If a switch determines that a device is using less than the minimum configured power, it assumes the device has failed and disconnects it. Suggested Answer: A Community Answer: A PoE monitoring and policing compares the power consumption on ports with the administrative maximum value (either a configured maximum value or the port's default value). If the power consumption on a monitored port exceeds the administrative maximum value, the following actions occur: - A syslog message is issued. - The monitored port is shut down and error-disabled. - The allocated power is freed. Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/power_over_ethernet.pdf
What occurs to frames during the process of frame flooding? A. Frames are sent to all ports, including those that are assigned to other VLANs. B. Frames are sent to every port on the switch that has a matching entry in MAC address table. C. Frames are sent to every port on the switch in the same VLAN except from the originating port. D. Frames are sent to every port on the switch in the same VLAN. Suggested Answer: C Community Answer: C
Which function does the range of private IPv4 addresses perform? A. allows multiple companies to each use the same addresses without conflicts B. provides a direct connection for hosts from outside of the enterprise network C. ensures that NAT is not required to reach the Internet with private range addressing D. enables secure communications to the Internet for all external hosts Suggested Answer: A Community Answer: A
Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface? A. explicitly assign a link-local address B. disable the EUI-64 bit process C. enable SLAAC on an interface D. configure a stateful DHCPv6 server on the network Suggested Answer: C Community Answer: C
Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard designs are recommended? (Choose two.) A. 5GHz provides increased network capacity with up to 23 nonoverlapping channels. B. 5GHz channel selection requires an autonomous access point. C. Cells that overlap one another are configured to use nonoverlapping channels. D. Adjacent cells with overlapping channels use a repeater access point. E. For maximum throughput, the WLC is configured to dynamically set adjacent access points to the channel. Suggested Answer: CE Community Answer: AC
How do TCP and UDP differ in the way they provide reliability for delivery of packets? A. TCP does not guarantee delivery or error checking to ensure that there is no corruption of data, UDP provides message acknowledgement and retransmits data if lost. B. TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once, UDP sends packets to the receiver in a continuous stream without checking. C. TCP is a connectionless protocol that does not provide reliable delivery of data; UDP is a connection-oriented protocol that uses sequencing to provide reliable delivery. D. TCP uses windowing to deliver packets reliably; UDP provides reliable message transfer between hosts by establishing a three-way handshake. Suggested Answer: B Community Answer: B
What are two differences between optical-fiber cabling and copper cabling? (Choose two.) A. A BNC connector is used for fiber connections B. The glass core component is encased in a cladding C. The data can pass through the cladding D. Light is transmitted through the core of the fiber E. Fiber connects to physical interfaces using RJ-45 connections Suggested Answer: BD Community Answer: BD
How does CAPWAP communicate between an access point in local mode and a WLC? A. The access point must not be connected to the wired network, as it would create a loop B. The access point must be connected to the same switch as the WLC C. The access point must directly connect to the WLC using a copper cable D. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC Suggested Answer: D Community Answer: D
Which IPv6 address block forwards packets to a multicast address rather than a unicast address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/12 Suggested Answer: D Community Answer: D
What is the difference regarding reliability and communication type between TCP and UDP? A. TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol. B. TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol. C. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol. D. TCP is reliable and is a connection-oriented protocol; UDP is not reliable and is a connectionless protocol. Suggested Answer: D Community Answer: D
What are two descriptions of three-tier network topologies? (Choose two.) A. The distribution layer runs Layer 2 and Layer 3 technologies B. The network core is designed to maintain continuous connectivity when devices fail C. The access layer manages routing between devices in different domains D. The core layer maintains wired connections for each host E. The core and distribution layers perform the same functions Suggested Answer: AB Community Answer: AB
Which type of IPv6 address is publicly routable in the same way as IPv4 public addresses? A. multicast B. unique local C. link-local D. global unicast Suggested Answer: D Community Answer: D
What is the expected outcome when an EUI-64 address is generated? A. The interface ID is configured as a random 64-bit value B. The characters FE80 are inserted at the beginning of the MAC address of the interface C. The seventh bit of the original MAC address of the interface is inverted D. The MAC address of the interface is used as the interface ID without modification Suggested Answer: C Community Answer: C
A corporate office uses four floors in a building. ✑ Floor 1 has 24 users. ✑ Floor 2 has 29 users. Floor 3 has 28 users.✑ Floor 4 has 22 users. Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration? A. 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor B. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor C. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor D. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor Suggested Answer: C Community Answer: C
Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses? A. 10.10.225.48 255.255.255.240 B. 10.10.225.32 255.255.255.240 C. 10.10.225.48 255.255.255.224 D. 10.10.225.32 255.255.255.224 Suggested Answer: D Community Answer: D
What is a characteristic of spine-and-leaf architecture? A. Each link between leaf switches allows for higher bandwidth. B. It provides greater predictability on STP blocked ports. C. It provides variable latency. D. Each device is separated by the same number of hops. Suggested Answer: D Community Answer: D
An office has 8 floors with approximately 30-40 users per floor. One subnet must be used. Which command must be configured on the router Switched Virtual Interface to use address space efficiently? A. ip address 192.168.0.0 255.255.0.0 B. ip address 192.168.0.0 255.255.254.0 C. ip address 192.168.0.0 255.255.255.128 D. ip address 192.168.0.0 255.255.255.224 Suggested Answer: B Community Answer: B
DRAG DROP - Drag and drop the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right. Select and Place:Suggested Answer:
A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received. Which interface counter increments? A. runt B. collision C. late collision D. CRC Suggested Answer: C Community Answer: C
Refer to the exhibit. Which outcome is expected when PC_A sends data to PC_B after their initial communication? A. The source MAC address is changed. B. The destination MAC address is replaced with ffff.ffff.ffff. C. The source and destination MAC addresses remain the same. D. The switch rewrites the source and destination MAC addresses with its own. Suggested Answer: C Community Answer: C
Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32? A. default route B. network route C. host route D. floating static route Suggested Answer: B Community Answer: B
Refer to the exhibit. Which prefix does Router1 use for traffic to Host A? A. 10.10.10.0/28 B. 10.10.13.0/25 C. 10.10.13.144/28 D. 10.10.13.208/29 Suggested Answer: D Community Answer: D The prefix with ג€longest prefixג€ will be matched first, in this case is ג€/29ג€.
DRAG DROP - Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right. Select and Place:Suggested Answer:
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two.) A. input errors B. frame C. giants D. CRC E. runts Suggested Answer: AD Community Answer: AD Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The ג€input errorsג€ includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the ג€show interface s0/0/0ג€ command: <img src="https://www.examtopics.com/assets/media/exam-media/04300/0000700001.jpg" alt="Reference Image" />
DRAG DROP - Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right. Select and Place:Suggested Answer:
This subnet question requires us to grasp how to subnet very well. To quickly find out the subnet range, we have to find out the increment and the network address of each subnet. Let's take an example with the subnet 172.28.228.144/18: From the /18 (= 1100 0000 in the 3rd octet), we find out the increment is 64. Therefore the network address of this subnet must be the greatest multiple of the increment but not greater than the value in the 3rd octet (228). We can find out the 3rd octet of the network address is 192 (because 192 = 64 * 3 and 192 < 228) - > The network address is 172.28.192.0. So the first usable host should be 172.28.192.1 and it matches with the 5th answer on the right. In this case we don't need to calculate the broadcast address because we found the correct answer. Let's take another example with subnet 172.28.228.144/23 -> The increment is 2 (as /23 = 1111 1110 in 3rd octet) -> The 3rd octet of the network address is 228 (because 228 is the multiply of 2 and equal to the 3rd octet) -> The network address is 172.28.228.0 -> The first usable host is 172.28.228.1. It is not necessary but if we want to find out the broadcast address of this subnet, we can find out the next network address, which is 172.28.(228 + the increment number).0 or 172.28.230.0 then reduce 1 bit -> 172.28.229.255 is the broadcast address of our subnet. Therefore the last usable host is 172.28.229.254.
How do TCP and UDP differ in the way that they establish a connection between two endpoints? A. TCP uses the three-way handshake, and UDP does not guarantee message delivery. B. TCP uses synchronization packets, and UDP uses acknowledgment packets. C. UDP provides reliable message transfer, and TCP is a connectionless protocol. D. UDP uses SYN, SYN ACK, and FIN bits in the frame header while TCP uses SYN, SYN ACK, and ACK bits. Suggested Answer: A Community Answer: A
Which 802.11 frame type is Association Response? A. management B. protected frame C. action D. control Suggested Answer: A Community Answer: A There are three main types of 802.11 frames: the Data Frame, the Management Frame and the Control Frame. Association Response belongs to Management Frame. Association response is sent in response to an association request. Reference: https://en.wikipedia.org/wiki/802.11_Frame_Types
In which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them. B. A spine switch can be added with at least 40 GB uplinks. C. A leaf switch can be added with connections to every spine switch. D. A leaf switch can be added with a single connection to a core spine switch. Suggested Answer: C Community Answer: C Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and-leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches. Reference: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-733228.html
What identifies the functionality of virtual machines? A. The hypervisor communicates on Layer 3 without the need for additional resources. B. Each hypervisor supports a single virtual machine and a single software switch. C. The hypervisor virtualizes physical components including CPU, memory, and storage. D. Virtualized servers run efficiently when physically connected to a switch that is separate from the hypervisor. Suggested Answer: C Community Answer: C
Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface? A. ipv6 address dhcp B. ipv6 address 2001:DB8:5:112::/64 eui-64 C. ipv6 address autoconfig D. ipv6 address 2001:DB8:5:112::2/64 link-local Suggested Answer: C Community Answer: B The ג€ipv6 address autoconfigג€ command causes the device to perform IPv6 stateless address auto-configuration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages. The device will listen for RA messages which are transmitted periodically from the router (DHCP Server). This RA message allows a host to create a global IPv6 address from: ג€¢ Its interface identifier (EUI-64 address) ג€¢ Link Prefix (obtained via RA) Note: Global address is the combination of Link Prefix and EUI-64 address
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two.) A. 2000::/3 B. 2002::5 C. FC00::/7 D. FF02::1 E. FF02::2 Suggested Answer: DE Community Answer: DE When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all- node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer address resolution. Routers also join a third multicast group, the all-routers group (FF02::2). Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s-book/ip6-multicast.html
DRAG DROP -Refer to the exhibit. Drag and drop the networking parameters from the left onto the correct values on the right. Select and Place:
Suggested Answer:
The ג€ip routeג€ and ג€ip addr show eth1ג€ are Linux commands. ג€¢ ג€ip routeג€: display the routing table ג€¢ ג€ip addr show eth1ג€: get depth information (only on eth1 interface) about your network interfaces like IP Address, MAC Address information
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table. B. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning. C. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. D. The Layer 2 switch drops the received frame. Suggested Answer: C Community Answer: C If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.
An engineer must configure a /30 subnet between two routes. Which usable IP address and subnet mask combination meets this criteria? A. interface e0/0 description to XX-AXXX:XXXXX ip address 10.2.1.3 255.255.255.252 B. interface e0/0 description to XX-AXXX:XXXXX ip address 192.168.1.1 255.255.255.248 C. interface e0/0 description to XX-AXXX:XXXXX ip address 172.16.1.4 255.255.255.248 D. interface e0/0 description to XX-AXXX:XXXXX ip address 209.165.201.2 225.255.255.252 Suggested Answer: D Community Answer: D
Which network allows devices to communicate without the need to access the Internet? A. 172.9.0.0/16 B. 172.28.0.0/16 C. 192.0.0.0/8 D. 209.165.201.0/24 Suggested Answer: B Community Answer: B This question asks about the private ranges of IPv4 addresses. The private ranges of each class of IPv4 are listed below: Class A private IP address ranges from 10.0.0.0 to 10.255.255.255 Class B private IP address ranges from 172.16.0.0 to 172.31.255.255 Class C private IP address ranges from 192.168.0.0 to 192.168.255.255 Only the network 172.28.0.0/16 belongs to the private IP address (of class B).
Refer to the exhibit. Which statement explains the configuration error message that is received? A. It belongs to a private IP address range. B. The router does not support /28 mask. C. It is a network IP address. D. It is a broadcast IP address. Suggested Answer: D Community Answer: D
Which IPv6 address type provides communication between subnets and cannot route on the Internet? A. link-local B. unique local C. multicast D. global unicast Suggested Answer: B Community Answer: B A IPv6 Unique Local Address is an IPv6 address in the block FC00::/7. It is the approximate IPv6 counterpart of the IPv4 private address. It is not routable on the global Internet. Note: In the past, Site-local addresses (FEC0::/10) are equivalent to private IP addresses in IPv4 but now they are deprecated. Link-local addresses only used for communications within the local subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address).
Which IPv6 address block sends packets to a group address rather than a single address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/8 Suggested Answer: D Community Answer: D FF00::/8 is used for IPv6 multicast and this is the IPv6 type of address the question wants to ask. FE80::/10 range is used for link-local addresses. Link-local addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address).
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two.) A. when Carrier Sense Multiple Access/Collision Detection is used B. when one side of the connection is configured for half-duplex C. when the sending device waits 15 seconds before sending the frame again D. when a collision occurs after the 32nd byte of a frame has been transmitted E. when the cable length limits are exceeded Suggested Answer: BE Community Answer: BE A late collision is defined as any collision that occurs after the first 512 bits (or 64th byte) of the frame have been transmitted. The usual possible causes are full- duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC. Late collisions should never occur in a properly designed Ethernet network. They usually occur when Ethernet cables are too long or when there are too many repeaters in the network. Reference: https://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1904.html
What is a benefit of using a Cisco Wireless LAN Controller? A. It eliminates the need to configure each access point individually. B. Central AP management requires more complex configurations. C. Unique SSIDs cannot use the same authentication method. D. It supports autonomous and lightweight APs. Suggested Answer: A Community Answer: A
49 views0 answers0 votes
3 views0 answers0 votes
35 views0 answers0 votes
19 views0 answers0 votes
10 views0 answers0 votes
7 views0 answers0 votes
6 views0 answers0 votes
6 views0 answers0 votes
14 views0 answers0 votes
9 views0 answers0 votes
15 views0 answers0 votes
11 views0 answers0 votes
Other exams
- 101 (450)
- 101-500 (120)
- 102-500 (120)
- 1V0-21.20 (97)
- 200-125 (1926)
- 200-201 (300)
- 200-301 (1384)
- 200-901 (587)
- 201-450 (60)
- 202-450 (120)
- 212-89 (82)
- 220-1001 (414)
- 220-1002 (472)
- 220-1101 (517)
- 220-1102 (472)
- 2V0-21.19 (213)
- 2V0-21.19D (90)
- 2V0-21.20 (107)
- 2V0-21.23 (103)
- 2V0-31.20 (86)
- 2V0-31.21 (87)
- 2V0-41.19 (89)
- 2V0-41.20 (92)
- 2V0-41.23 (105)
- 2V0-51.21 (94)
- 2V0-602 (97)
- 2V0-62.21 (87)
- 300-101 (1468)
- 300-115 (992)
- 300-160 (97)
- 300-320 (112)
- 300-410 (621)
- 300-415 (402)
- 300-420 (266)
- 300-425 (176)
- 300-430 (249)
- 300-435 (105)
- 300-510 (106)
- 300-535 (45)
- 300-610 (135)
- 300-615 (200)
- 300-620 (292)
- 300-630 (107)
- 300-635 (46)
- 300-710 (311)
- 300-715 (277)
- 300-730 (172)
- 300-735 (56)
- 300-810 (170)
- 300-815 (170)
- 300-820 (306)
- 300-910 (105)
- 312-38 (184)
- 312-39 (85)
- 312-49 (146)
- 312-49V10 (580)
- 312-50V10 (203)
- 312-50V11 (400)
- 312-50v12 (310)
- 312-50V9 (198)
- 350-201 (129)
- 350-401 (1020)
- 350-501 (396)
- 350-601 (526)
- 350-701 (703)
- 350-801 (443)
- 350-901 (383)
- 3V0-21.21 (90)
- 5V0-21.19 (100)
- 5V0-21.21 (94)
- 5V0-23.20 (123)
- 5V0-31.22 (128)
- 712-50 (638)
- ADM-201 (561)
- AI-100 (206)
- AI-102 (293)
- AI-900 (245)
- ANS-C00 (377)
- ANS-C01 (220)
- AXS-C01 (58)
- AZ-103 (265)
- AZ-104 (606)
- AZ-120 (223)
- AZ-140 (189)
- AZ-204 (399)
- AZ-220 (174)
- AZ-300 (241)
- AZ-301 (232)
- AZ-303 (334)
- AZ-304 (237)
- AZ-305 (284)
- AZ-400 (516)
- AZ-500 (485)
- AZ-700 (260)
- AZ-800 (227)
- AZ-900 (462)
- BDS-C00 (85)
- CAS-003 (390)
- CAS-004 (514)
- CCAK (160)
- CCNA (1385)
- CCSP (509)
- CDPSE (126)
- Certified Advanced Administrator (182)
- Certified AI Associate (72)
- Certified Business Analyst (95)
- Certified CPQ Specialist (240)
- Certified Data Architect (70)
- Certified Experience Cloud Consultant (111)
- Certified Integration Architect (68)
- Certified Marketing Cloud Consultant (99)
- Certified Marketing Cloud Email Specialist (112)
- Certified OmniStudio Developer (77)
- CERTIFIED PLATFORM APP BUILDER (469)
- Certified Platform Developer II (266)
- Certified Sales Cloud Consultant Exam (196)
- Certified Tableau CRM and Einstein Discovery Consultant (95)
- CGEIT (362)
- CISA (1284)
- CISM (1250)
- CISSP (484)
- CISSP-ISSAP (107)
- CLF-C01 (987)
- CLF-C02 (714)
- CRISC (1896)
- CRT-450 (283)
- CS0-001 (277)
- CS0-002 (422)
- CS0-003 (265)
- CSSLP (172)
- CV0-003 (315)
- DA0-001 (190)
- DAS-C01 (164)
- DBS-C01 (359)
- DEA-C01 (141)
- DOP-C01 (208)
- DOP-C02 (281)
- DP-100 (477)
- DP-200 (228)
- DP-201 (206)
- DP-203 (370)
- DP-500 (183)
- DP-900 (285)
- DVA-C01 (443)
- DVA-C02 (414)
- GISF (316)
- GISP (654)
- Google Associate Cloud Engineer (274)
- Google Professional Cloud Architect (278)
- Google Professional Cloud Database Engineer (132)
- Google Professional Cloud Developer (279)
- Google Professional Cloud DevOps Engineer (166)
- Google Professional Cloud Network Engineer (172)
- Google Professional Cloud Security Engineer (244)
- ITILF (540)
- JN0-102 (63)
- JN0-103 (96)
- JN0-104 (103)
- JN0-105 (94)
- JN0-211 (65)
- JN0-231 (102)
- JN0-251 (67)
- JN0-347 (58)
- JN0-348 (69)
- JN0-349 (95)
- JN0-351 (90)
- JN0-360 (74)
- JN0-362 (63)
- JN0-363 (94)
- JN0-649 (65)
- JN0-663 (91)
- JN0-664 (95)
- JN0-682 (56)
- MB-210 (365)
- MB-220 (205)
- MB-230 (249)
- MB-300 (411)
- MB-310 (289)
- MB-330 (392)
- MB-500 (257)
- MB-700 (178)
- MB-800 (238)
- MD-100 (398)
- MLS-C0 (0)
- MLS-C01 (336)
- MS-100 (426)
- MS-101 (449)
- MS-102 (294)
- MS-203 (392)
- MS-500 (344)
- MS-700 (395)
- MS-900 (438)
- N10-007 (701)
- N10-008 (677)
- NSE4_FGT-7.2 (103)
- PAS-C01 (130)
- PCCET (137)
- PCCSE (246)
- PCDRA (93)
- PCNSA (403)
- PCNSE (619)
- PCSAE (139)
- PCSFE (103)
- PL-100 (339)
- PL-200 (279)
- PL-300 (516)
- PL-400 (349)
- PL-500 (158)
- PL-600 (192)
- PL-900 (288)
- PMP (1137)
- PNCSE (0)
- PSE Strata (115)
- PT0-001 (196)
- PT0-002 (341)
- RHCSA-EX200 (109)
- SAA-C02 (800)
- SAA-C03 (1777)
- SAP-C01 (1019)
- SAP-C02 (410)
- SC-100 (185)
- SC-200 (305)
- SC-300 (302)
- SC-400 (580)
- SC-900 (209)
- SCS-C01 (509)
- SCS-C02 (173)
- SK0-005 (303)
- SOA-C01 (931)
- SOA-C02 (464)
- SSCP (151)
- SY0-501 (1043)
- SY0-601 (847)
- SY0-701 (305)
- XK0-004 (322)
- XK0-005 (239)