CCNA
Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.
Ansible: Uses YAML for fundamental configuration elements. Uses SSH for remote device communication. Chef: Uses TCP fort 10002 for configuration push jobs. Uses Ruby for fundamental configuration elements. Puppet: Uses TCP 8140 for communication. Fundamental configuration elements are stored in a manifest The focus of Ansible is to be streamlined and fast, and to require no node agent installation. Thus, Ansible performs all functions over SSH. Ansible is built on Python, in contrast to the Ruby foundation of Puppet and Chef. TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file . This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server. Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach. A Puppet piece of code is called a manifest, and is a file with .pp extension.
A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped? A. Device(Config)#lldp run B. Device(Config)#cdp run C. Device(Config-if)#cdp enable D. Device(Config)#flow-sampler-map topology
Answer: A
An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria? A. Option A B. Option B C. Option C D. Option D
Answer: A
How do TCP and UDP differ in the way they guarantee packet delivery? A. TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only. B. TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only. C. TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only. D. TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only.
Answer: A
Refer to exhibit. Which statement explains the configuration error message that is received? Router(config)#interface GigabitEthernet 1/0/1Router(config-if)#ip address 192.168.16.143 255.255.255.240Bad mask /28 for address 192.168.16.143 A. It is a broadcast IP address B. The router does not support /28 mask C. It belongs to a private IP address range D. It is a network IP address
Answer: A
What is the difference regarding reliability and communication type between TCP and UDP? A. TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol B. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol C. TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol D. TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol
Answer: A
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails? A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup B. The administrative distance must be higher on the primary route so that the backup route becomes secondary. C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup D. The default-information originate command must be configured for the route to be installed into the routing table
Answer: A
When a floating static route is configured, which action ensures that the backup route is used when the primary route falls? A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup B. The administrative distance must be higher on the primary route so that the backup route becomes secondary C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup D. The default-information originate command must be configured for the route to be installed into the routing table
Answer: A
Which command is used to enable LLDP globally on a Cisco IOS ISR? A. lldp run B. lldp enable C. lldp transmit D. cdp run E. cdp enable
Answer: A
Which command should you enter to configure an LLDP delay time of 5 seconds? A. lldp reinit 5 B. lldp reinit 5000 C. lldp holdtime 5 D. lldp timer 5000
Answer: A
Which configuration ensures that the switch is always the root for VLAN 750? A. Switch(config)#spanning-tree vlan 750 priority 0 B. Switch(config)#spanning-tree vlan 750 priority 614440 C. Switch(config)#spanning-tree vlan 750 priority 38003685 D. Switch(config)#spanning-tree vlan 750 root primary
Answer: A
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks? A. CPU ACL B. TACACS C. Flex ACL D. RADIUS
Answer: A
Which function does the range of private IPv4 addresses perform? A. allows multiple companies to each use the same addresses without conflicts B. provides a direct connection for hosts from outside of the enterprise network C. ensures that NAT is not required to reach the internet with private range addressing D. enables secure communications to the internet for all external hosts
Answer: A
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. on B. auto C. active D. desirable
Answer: A
Which result occurs when PortFast is enabled on an interface that is connected to another switch? A. Spanning tree may fail to detect a switching loop in the network that causes broadcast storms B. VTP is allowed to propagate VLAN configuration information from switch to switch automatically. C. Root port choice and spanning tree recalculation are accelerated when a switch link goes down D. After spanning tree converges PortFast shuts down any port that receives BPDUs.
Answer: A
Which statement explains the configuration error message that is received? A. It is a broadcast IP address B. The router does not support /28 mask. C. It belongs to a private IP address range. D. IT is a network IP address.
Answer: A
Which command enables a router to become a DHCP client? A. ip address dhcp B. ip helper-address C. ip dhcp pool D. ip dhcp client
Answer: A If we want to get an IP address from the DHCP server on a Cisco device, we can use the command "ip address dhcp". Note: The command "ip helper-address" enables a router to become a DHCP Re-lay Agent.
Which MAC address is recognized as a VRRP virtual address? A. 0000.5E00.010a B. 0005.3711.0975 C. 0000.0C07.AC99 D. 0007.C070/AB01
Answer: A With VRRP, the virtual router's MAC address is 0000.5E00.01xx , in which xx is the VRRP group.
Which two statements about the purpose of the OSI model are accurate? (Choose two) A. Defines the network functions that occur at each layer B. Facilitates an understanding of how information travels throughout a network C. Changes in one layer do not impact other layer D. Ensures reliable data delivery through its layered approach
Answer: A B
What are two functions of a Layer 2 switch? (Choose two) A. makes forwarding decisions based on the MAC address of a packet B. selects the best route between networks on a WAN C. moves packets within a VLAN D. moves packets between different VLANs E. acts as a central point for association and authentication servers
Answer: A C
Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two) A. interface GigabitEthernet0/0/1channel-group 10 mode active B. interface GigabitEthernet0/0/1channel-group 10 mode auto C. interface GigabitEthernet0/0/1channel-group 10 mode on D. interface port-channel 10no switchportip address 172.16.0.1 255.255.255.0 E. interface port-channel 10switchportswitchport mode trunk
Answer: A D
What are two functions of a server on a network? (Choose two) A. runs applications that send and retrieve data for workstations that make requests B. achieves redundancy by exclusively using virtual server clustering C. housed solely in a data center that is dedicated to a single client D. runs the same operating system in order to communicate with other servers E. handles requests from multiple workstations at the same time
Answer: A E
Which two statements about EtherChannel technology are true? (Choose two) A. EtherChannel provides increased bandwidth by bundling existing FastEthernet or Gigabit Ethernet interfaces into a single EtherChannel B. STP does not block EtherChannel links C. You can configure multiple EtherChannel links between two switches, using up to a limit of sixteen physical ports D. EtherChannel does not allow load sharing of traffic among the physical links within the EtherChannel E. EtherChannel allows redundancy in case one or more links in the EtherChannel fail
Answer: A E
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. on B. auto C. active D. desirable
Answer: A The Static Persistence (or "on" mode) bundles the links unconditionally and no negotiation protocol is used. In this mode, neither PAgP nor LACP packets are sent or received.
What are two southbound APIs? (Choose two ) A. OpenFlow B. NETCONF C. Thrift D. CORBA E. DSC
Answer: A, B OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices.
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two) A. It drops lower-priority packets before it drops higher-priority packets B. It can identify different flows with a high level of granularity C. It guarantees the delivery of high-priority packets D. It can mitigate congestion by preventing the queue from filling up E. it supports protocol discovery
Answer: A, D Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers as-sign IP precedence to packets as they enter the network. When a packet arrives, the following events occur: 1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic. 4. If the average queue size is greater than the maximum threshold, the packet is dropped. WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface be-gins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times. WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two) A. ASCII B. base64 C. binary D. decimal E. hexadecimal
Answer: A, E Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/74/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_01010001.html
A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally. Which cloud service model does the engineer recommend? A. infrastructure-as-a-service B. software-as-a-service C. platform-as-a-service D. business process as service to support different types of service
Answer: B
An engineer must configure interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken? A. configure IEEE 802.1p B. configure IEEE 802.1q C. configure ISL D. configure DSCP
Answer: B
An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken? A. configure switchport nonegotiate B. configure switchport mode dynamic desirable C. configure switchport mode dynamic auto D. configure switchport trunk dynamic desirable
Answer: B
An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented? A. switch#lldp port-description B. switch(config)#lldp port-description C. switch(config-line)#lldp port-description D. switch(config-if)#lldp port-description
Answer: B
An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured? A. switchport mode trunk B. switchport mode dynamic desirable C. switchport mode dynamic auto D. switchport nonegotiate
Answer: B
Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16? R1# show ip routeD 192.168.10.0/24 [90/2679326] via 192.168.1.1R 192.168.10.0/27 [120/3] via 192.168.1.2O 192.168.10.0/28 [110/2] via 192.168.1.3i L1 192.168.10.0/13 [115/30] via 192.168.1.4 A. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address B. It selects the RIP route because it has the longest prefix: inclusive of the destination address C. It selects the OSPF route because it has the lowest cost D. It selects the EIGRP route because it has the lowest administrative distance
Answer: B
Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table? A. 20 B. 90 C. 110 D. 115
Answer: B
What criteria is used first during the root port selection process? A. lowest neighbor's port ID B. lowest path cost to the root bridge C. lowest neighbor's bridge ID D. local port ID
Answer: B
What is a function of TFTP in network operations? A. transfers a configuration files from a server to a router on a congested link B. transfers IOS images from a server to a router for firmware upgrades C. transfers a backup configuration file from a server to a switch using a username and password D. transfers files between file systems on a router
Answer: B
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch drops the received frame B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning D. The Layer 2 switch forwards the packet and adds the destination MAC address to Its MAC address table
Answer: B
What is the destination MAC address of a broadcast frame? A. 00:00:0c:07:ac:01 B. ff:ff:ff:ff:ff:ff C. 43:2e:08:00:00:0c D. 00:00:0c:43:2e:08 E. 00:00:0crfHfrff
Answer: B
What is the function of a server? A. It transmits packets between hosts in the same broadcast domain B. It provides shared applications to end users C. It routes traffic between Layer 3 devices D. It creates security zones between trusted and untrusted networks
Answer: B
What is the primary effect of the spanning-tree portfast command? A. It enables BPDU messages B. It minimizes spanning-tree convergence time C. It immediately puts the port into the forwarding state when the switch is reloaded D. It immediately enables the port in the listening state
Answer: B
Which command prevents passwords from being stored in the configuration as plain text on a router or switch? A. enable secret B. service password-encryption C. username Cisco password encrypt D. enable password
Answer: B
Which goal is achieved by the implementation of private IPv4 addressing on a network? A. provides a reduction in size of the forwarding table on network routers B. provides an added level of protection against Internet exposure C. allows communication across the Internet to other private networks D. allows servers and workstations to communicate across public network boundaries
Answer: B
Which state does the switch port move to when PortFast is enabled? A. learning B. forwarding C. blocking D. listening
Answer: B
Which statement about static and dynamic routes is true? A. Dynamic routes are manually configured by a network administrator, while static routes are automatically learned and adjusted by a routing protocol B. Static routes are manually configured by a network administrator, while dynamic routes are automatically learned and adjusted by a routing protocol C. Static routes tell the router how to forward packets to networks that are not directly connected, while dynamic routes tell the router how to forward packets to networks that are directly connected D. Dynamic routes tell the router how to forward packets to networks that are not directly connected, while static routes tell the router how to forward packets to networks that are directly connected
Answer: B
Which statement identifies the functionality of virtual machines? A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor B. The hypervisor can virtualize physical components including CPU, memory, and storage C. Each hypervisor can support a single virtual machine and a single software switch D. The hypervisor communicates on Layer 3 without the need for additional resources
Answer: B
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service
Answer: B Below are the 3 cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In general, IaaS provides hardware so that an organization can install their own operating system.
Which network allows devices to communicate without the need to access the Internet? A. 1729.0.0/16 B. 172.28.0.0/16 C. 192.0.0.0/8 D. 209.165.201.0/24
Answer: B The private ranges of each class of IPv4 are listed below: Class A private IP address ranges from 10.0.0.0 to 10.255.255.255 Class B private IP address ranges from 172.16.0.0 to 172.31.255.255 Class C private IP address ranges from 192.168.0.0 to 192.168.255.255 Only the network 172.28.0.0/16 be-longs to the private IP address (of class B).
Which mode allows access points to be managed by Cisco Wireless LAN Controllers? A. autonomous B. lightweight C. bridge D. mobility express
Answer: B https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200-series/70278-lap-faq.html A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are "lightweight," which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are "zero touch" deployed, and individual configuration of APs is not necessary.
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch drops the received frame B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning. D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table
Answer: B If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment? A. Bronze B. Platinum C. Silver D. Gold
Answer: B Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/81831-qos-wlc-lap.html Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background.
What are two fundamentals of virtualization? (Choose two) A. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic B. It allows logical network devices to move traffic between virtual machines and the rest of the physical network C. It allows multiple operating systems and applications to run independently on one physical server D. It allows a physical router to directly connect NICs from each virtual machine into the network E. It requires that some servers, virtual machines and network gear reside on the Internet
Answer: B C
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two) A. when the sending device waits 15 seconds before sending the frame again B. when the cable length limits are exceeded C. when one side of the connection is configured for half-duplex D. when Carrier Sense Multiple Access/Collision Detection is used E. when a collision occurs after the 32nd byte of a frame has been transmitted
Answer: B C A late collision is defined as any collision that occurs after the first 512 bits (or 64th byte) of the frame have been transmitted. The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC. Late collisions should never occur in a properly designed Ethernet network. They usually occur when Ethernet cables are too long or when there are too many repeaters in the network.
Which of the following dynamic routing protocols are Distance Vector routing protocols? (Choose two) A. IS-IS B. EIGRP C. OSPF D. BGP E. RIP
Answer: B E
A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB? A. CDP B. SNMP C. SMTP D. ARP
Answer: B SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. The SNMP framework has three parts: + An SNMP manager + An SNMP agent + A Management Information Base (MIB) The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects. With SNMP, the network administrator can send commands to multiple routers to do the backup
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two) A. Configure the ports in an EtherChannel. B. Administratively shut down the ports C. Configure the port type as access and place in VLAN 99 D. Configure the ports as trunk ports E. Enable the Cisco Discovery Protocol
Answer: B, C
An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose two ) A. Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic. B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic C. The source and destination IPs must be swapped in ACL 101 D. The ACL must be configured the Gi0/2 interface inbound on R1 E. The ACL must be moved to the Gi0/1 interface outbound on R2
Answer: B, C
Which two encoding methods are supported by REST APIs? (Choose two) A. YAML B. JSON C. EBCDIC D. SGML E. XML
Answer: B, E https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_x/rest_api_config/b_Cisco_N1KV_VMware_REST_API_Con-fig_5x/b_Cisco_N1KV_VMware_REST_API_Config_5x_chapter_010.pdf The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents.
An office has 8 floors with approximately 30-40 users per floor. What command must be configured on the router Switched Virtual Interface to use address space efficiently? A. ip address 192.168.0.0 255.255.0.0 B. ip address 192.168.0.0 255.255.254.0 C. ip address 192.168.0.0 255.255.255.224 D. ip address 192.168.0.0 255.255.255.128
Answer: C
How do TCP and UDP differ in the way they provide reliability for delivery of packets? A. TCP is a connectionless protocol that does not provide reliable delivery of data, UDP is a connection-oriented protocol that uses sequencing to provide reliable delivery B. TCP does not guarantee delivery or error checking to ensure that there is no corruption of data UDP provides message acknowledgement and retransmits data if lost C. TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing D. TCP uses windowing to deliver packets reliably; UDP provides reliable message transfer between hosts by establishing a three-way handshake
Answer: C
In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an IP address? A. CDP operates normally, but it cannot provide any information for that neighbor. B. CDP operates normally, but it cannot provide IP address information for that neighbor. C. CDP uses the IP address of another interface for that neighbor. D. CDP becomes inoperable on that neighbor.
Answer: C
Refer to exhibit. How does SW2 interact with other switches in this VTP domain? SW2vtp domain ciscovtp mode transparentvtp password testinterface fastethernet0/1description connection to SW1switchport mode trunkswitchport trunk encapsulation dot1q A. It processes VTP updates from any VTP clients on the network on its access ports B. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports C. It forwards only the VTP advertisements that it receives on its trunk ports D. It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports
Answer: C
When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200? A. spanning-tree vlan 200 priority 38572422 B. spanning-tree vlan 200 priority 614440 C. spanning-tree vlan 200 priority 0 D. spanning-tree vlan 200 root primary
Answer: C
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols? A. dual algorithm B. metric C. administrative distance D. hop count
Answer: C
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface? A. lldp timer B. lldp holdtime C. lldp reinit D. lldp tlv-select
Answer: C
Which path is used by the router for Internet traffic? R1#show ip route Gateway of last resort is 10.10.11.2 to network 0.0.0.0 209.165.200.0/27 is subnetted, 1 subnets B 209.165.200.224 [20/0] via 10.10.12.2, 00:10:34 10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks C 10.10.10.0/28 is directly connected, GigabitEthernet0/0 C 10.10.11.0/30 is directly connected, FastEthernet2/0 C 10.10.13.0/30 [110/2] via 10.10.10.1, 00:03:34, GigabitEthernet0/0 C 10.10.12.0/30 is directly connected, GigabitEthernet0/1 S* 0.0.0.0/0 [1/0] via 10.10.11.2 Switch1#show ip route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.10.10.0/28 is directly connected, FastEthernet0/1 C 10.10.13.0/24 is directly connected, VLAN20 A. 209.165.200.0/27 B. 10.10.10.0/28 C. 0.0.0.0/0 D. 10.10.13.0/24
Answer: C
Which password must an engineer use to enter the enable mode? A. adminadmin123 B. default C. testing 1234 D. cisco123
Answer: C If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The "enable secret" will be used first if available, then "enable password" and line password.
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface? A. lldp timer B. lldp holdtimt C. lldp reinit D. lldp tlv-select
Answer: C Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/re-lease/12-2_37_ey/configuration/guide/scg/swlldp.pdf + lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it + lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface + lldp timer rate: Set the sending frequency of LLDP updates in seconds
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols. A. dual algorithm B. metric C. administrative distance D. hop count
Answer: C Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines the reliability of a routing protocol.
Which output displays a JSON data representation? A. Option A B. Option B C. Option C D. Option D
Answer: C JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value: "name":"Mark" JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example: { "name":"John", "age":30, "cars":[ "Ford", "BMW", "Fiat" ] } JSON can have empty object like "taskId":{}
Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface? A. ipv6 address dhcp B. ipv6 address 2001:DB8:5:112::/64 eui-64 C. ipv6 address autoconfig D. ipv6 address 2001:DB8:5:112::2/64 link-local
Answer: C The "ipv6 address autoconfig" command causes the device to perform IPv6 stateless address autoconfiguration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages. The device will listen for RA messages which are transmitted periodically from the router (DHCP Server). This RA message allows a host to create a global IPv6 address from: + Its interface identifier (EUI-64 address) + Link Prefix (obtained via RA) Note: Global address is the combination of Link Prefix and EUI-64 address
If a notice-level messaging is sent to a syslog server, which event has occurred? A. A network device has restarted B. An ARP inspection has failed C. A routing instance has flapped D. A debug operation is running
Answer: C Usually no action is required when a route flaps so it generates the notification syslog level message (level 5).
A corporate office uses four floors in a building* Floor 1 has 24 users* Floor 2 has 29 users* Floor 3 has 28 users* Floor 4 has 22 users Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration? A. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor B. 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor C. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor D. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor
Answer: D
An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP? A. 10.4.4.4 B. 10.4.4.5 C. 172.23.103.10 D. 172.23.104.4
Answer: D
An engineer must configure a /30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria? A. interface e0/0description to HQ-A371:10975ip address 172.16.1.4 255.255.255.248 B. interface e0/0description to HQ-A371:10975ip address 10.2.1.3 255.255.255.252 C. interface e0/0description to HQ-A371:10975ip address 192.168.1.1 255.255.255.248 D. interface e0/0description to HQ-A371:10975ip address 209.165.201.2 255.255.255.252
Answer: D
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service
Answer: D
How can the Cisco Discovery Protocol be used? A. to allow a switch to discover the devices that are connected to its ports B. to determine the hardware platform of the device C. to determine the IP addresses of connected Cisco devices D. all of the above
Answer: D
How do TCP and UDP differ in the way that they establish a connection between two endpoints? A. TCP uses synchronization packets, and UDP uses acknowledgment packets B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits C. UDP provides reliable message transfer and TCP is a connectionless protocol D. TCP uses the three-way handshake and UDP does not guarantee message delivery
Answer: D
How do TCP and UDP differ in the way that they establish a connection between two endpoints? A. TCP uses synchronization packets, and UDP uses acknowledgment packets. B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits C. UDP provides reliable message transfer and TCP is a connectionless protocol D. TCP uses the three-way handshake and UDP does not guarantee message delivery
Answer: D
How does STP prevent forwarding loops at OSI Layer 2? A. TTL B. MAC address forwarding C. Collision avoidance. D. Port blocking
Answer: D
How does the dynamically-learned MAC address feature function? A. It requires a minimum number of secure MAC addresses to be filled dynamically B. Switches dynamically learn MAC addresses of each connecting CAM table C. The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses D. The CAM table is empty until ingress traffic arrives at each port
Answer: D
Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable What is the result of this configuration? A. The link is in a down state. B. The link is in an error disables state C. The link is becomes an access port. D. The link becomes a trunk port
Answer: D
Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Desirable. What is the result of this configuration? A. The link is in a downstate. B. The link is in an error disables stale C. The link is becomes an access port D. The link becomes a trunkport
Answer: D
What is a benefit of using a Cisco Wireless LAN Controller? A. Central AP management requires more complex configurations B. Unique SSIDs cannot use the same authentication method C. It supports autonomous and lightweight APs D. It eliminates the need to configure each access point individually
Answer: D
What is the same for both copper and fiber interfaces when using SFP modules? A. They support an inline optical attenuator to enhance signal strength B. They accommodate single-mode and multi-mode in a single module C. They offer reliable bandwidth up to 100 Mbps in half duplex mode D. They provide minimal interruption to services by being hot-swappable
Answer: D
Which type of route does R1 use to reach host 10.10.13.10/32? A. floating static route B. host route C. default route D. network route
Answer: D
Which type of wireless encryption is used for WPA2 in preshared key mode? A. TKIP with RC4 B. RC4 C. AES-128 D. AES-256
Answer: D We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-128.
Which action is taken by a switch port enabled for PoE power classification override? A. When a powered device begins drawing power from a PoE switch port a syslog message is generated B. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused C. If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects D. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled
Answer: D PoE monitoring and policing compares the power consumption on ports with the administrative maximum value (either a configured maximum value or the port's default value). If the power consumption on a monitored port exceeds the administrative maximum value, the following actions occur: + A syslog message is issued.+ The monitored port is shut down and error-disabled.+ The allocated power is freed.
In which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them B. A spine switch can be added with at least 40 GB uplinks C. A leaf switch can be added with a single connection to a core spine switch D. A leaf switch can be added with connections to every spine switch
Answer: D Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (access) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and-leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches. Reference: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-733228.html
Which IPv6 address block sends packets to a group address rather than a single address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/8
Answer: D FF00::/8 is used for IPv6 multicast and this is the IPv6 type of address the question wants to ask. FE80::/10 range is used for link-local addresses. Link-local addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address).
In Which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them B. A spine switch can be added with at least 40 GB uplinks C. A leaf switch can be added with a single connection to a core spine switch. D. A leaf switch can be added with connections to every spine switch.
Answer: D Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies pro-vide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the net-work of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and-leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches.
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place? A. Physical access control B. Social engineering attack C. brute force attack D. user awareness
Answer: D This is a training program which simulates an attack, not a real attack (as it says "The webpage that opens reports that it was safe") so we believed it should be called a "user awareness" program. Therefore the best answer here should be "user awareness". This is the definition of "User awareness" from CCNA 200- 301 Offical Cert Guide Book: "User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. " Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts B. giants C. frame D. CRC E. input errors
Answer: D E Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The "input errors" includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the "show interface s0/0/0" command:
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts B. giants C. frame D. CRC E. input errors
Answer: D, E Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The "input errors" includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the "show interface s0/0/0"
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two) A. 2000::/3 B. 2002::5 C. FC00::/7 D. FF02::1 E. FF02::2
Answer: D, E Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s-book/ip6-multicast.html When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all-node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer address resolution. Routers also join a third multicast group, the all-routers group (FF02::2).
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.
Configure VACL - 802.1q double tagging Configure dynamic ARP inspection - ARP spoofing Configure root guard - unwanted superior BPDUs Configure BPDU guard - unwanted BPDUs on PortFast-enabled interfaces
Drag and drop the network protocols from the left onto the correct transport services on the right.
Connection Oriented: FTP/SMMP/SSH Connectionless: TFTP/VoIP/SMTP
Drag and drop the functions from the left onto the correct network components on the right
DHCP Server: Holds the TCP/IP settings to be distributed to the clients. Assigns IP addresses to enable clients. Assigns a default gateway to a client DNS Server: Resolves web URLs to IP addresses Stores a list of IP addresses mapped to names
Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right.
FTP: Provides reliability when loading an IOC image upon boot up. Uses Ports 20 and 21. Uses TCP TFTP: Does not requires user authentication. Uses port 69. Uses UDP
A network engineer is configuring an OSPFv2 neighbor adjacency Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used
Must be unique: IP Address/ Router ID Must match: Area ID/netmask/timers
Drag and drop the WLAN components from the left onto the correct descriptions on the right.
Wireless LAN Controller - Device that manages access points Access Point - Device that provides Wi-Fi devices with a connection to a wired network Service Port - Used for out of band management of a WLC Virtual Interface - Use to support mobility management of the WLC Dynamic Interface - Applied to the WLAN for wireless client communication