CCNA October 2023
Drag and drop the management connection types from the left onto the definitions on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left A.supports clear-text connections to the controller CLI B.supports physical connections over a serial cable C.supports secure web access for management of the device D.supports encrypted access to CLI and a secure channel for data transfer
A. TELENET B.CONSOLE C. HTTPS D.SSH
Packets are flowing from 192.168.10.1 to the destination at IP address 192.168.20.75. Which next hop will the router select for the packet? R_1# show ip route ..... D 192.168.20.0/26 [90/24513456] via 10.10.10.1 R 192.168.20.0/24 [120/5] via 10.10.10.2 0 192.168.0.0/19 [110/219414] via 10.10.10.13 B 192.168.0.0/16 is variably subnetted, 4 subnets,4 masks D 192.168.20.0/27 [90/4123710] via 10.10.10.12 D 192.168.20.0/25 [90/14464211] via 10.10.10.11 S* 0.0.0.0/0 [1/0] via 10.10.10.14 A.10.10.10.11 B.10.10.10.1 C.10.10.10.14 D.10.10.10.12
A.10.10.10.11 Explanation The destination at IP address 192.168.20.75 does not belong to 192.168.20.0/26 or 192.168.20.0/27. It only belongs to 192.168.20.0/25 (increment: 128) so the next hop router will be 10.10.10.11.
Which two host addresses are reserved for private use within an enterprise network? (Choose two) A.10.172.76.200 B.12.17.1.20 C.192.169.32.10 D.172.31.255.100 E.172.15.2.250
A.10.172.76.200 D.172.31.255.100 Explanation The following IPv4 address ranges are reserved by the IANA for private internets, and are not publicly routable on the global internet:+ 10.0.0.0/8 IP addresses: 10.0.0.0 - 10.255.255.255 -> Answer '10.172.76.200' is correct.+ 172.16.0.0/12 IP addresses: 172.16.0.0 - 172.31.255.255 -> Answer '172.31.255.100' is correct.+ 192.168.0.0/16 IP addresses: 192.168.0.0 - 192.168.255.255
Which address will the client contact to renew their IP address when the current lease expires? A.192.168.25.100 B.192.168.25.103 C.192.168.25.254 D.192.168.25.1
A.192.168.25.100 Explanation The client will contact DHCP server again to renew their expired IP address.
By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic? A.300 seconds B.200 seconds C.600 seconds D.900 seconds
A.300 seconds Explanation The default MAC address age timeout is 300 seconds.
The switch cat9k-acc-1 connects users to the campus LAN. Printing services are inaccessible through the network. Which interface issue is causing the connectivity problems? A.A bad checksum is causing Ethernet frames to drop. B.A large number of broadcast packets are resulting in a port reset. C.The interface output queue cannot process the Ethernet frames. D.Excessive collisions are causing dropped frames.
A.A bad checksum is causing Ethernet frames to drop. Explanation There are large number of CRC errors (1790 CRC) so answer 'A bad checksum is causing Ethernet frames to drop' is the best choice. Note: CRC field in the "show interfaces ..." command is the number of packets received with CRC (Cyclic Redundancy Checksum) errors. This means that the checksum that was generated by the sender does not match the checksum that the receiver calculated. On a LAN this typically occurs when you have issues with cabling or defective network cards
Which interface is used to send traffic to the destination network? O 10.18.75.113/27 [110/6906] via G0/6 O 10.18.75.113/27 [110/23018] via G0/3 R 10.18.75.113/27 [120/16] via G0/16 R 10.18.75.113/27 [120/14] via G0/23 A.G0/6 B.G0/23 C.G0/3 D.G0/16
A.G0/6 Explanation The first entry has lowest AD (110) and lowest metric (6906) so it is the best route and will be installed into the routing table.
Which two tasks support the physical access control element of a security program? (Choose two) A.Implement badge access to critical locations B.Develop slideshows about new security regulations C.Deploy a video surveillance system D.Disperse information about how to protect the organization's confidential data E.Run a workshop on corporate security policies
A.Implement badge access to critical locations C.Deploy a video surveillance system Explanation Physical access control: Infrastructure locations, such as network closets and data centers, should remain securely locked. Badge access to sensitive locations is a scalable solution, offering an audit trail of identities and timestamps when access is granted. Administrators can control access on a granular basis and quickly remove access when an employee is dismissed. Physical access control can take a number of forms, but the basic idea is to create barriers to prevent unauthorized people from entering a physical space.
How does IPsec provide secure networking for applications within an organization? A.It enables sets of security associations between peers. B.It provides GRE tunnels to transmit traffic securely between network nodes. C.It leverages TFTP providing secure file transfers among peers on the network. D.It takes advantage of FTP to secure file transfers between nodes on the network.
A.It enables sets of security associations between peers.
What are two functions of a firewall within an enterprise? (Choose two) A.It enables traffic filtering based on URLs. B.It enables wireless devices to connect to the network. C.It provides support as an endpoint for a remote access VPN in multiple context mode. D.It offers Layer 2 services between hosts. E.It serves as an endpoint for a site-to-site VPN in standalone mode.
A.It enables traffic filtering based on URLs C.It provides support as an endpoint for a remote access VPN in multiple context mode.
What does the host do when using the IPv4 Preferred function? A.It requests the same IPv4 address when it renews its lease with the DHCP server B.It continues to use a statically assigned IPv4 address C.It forces the DNS server to provide the same IPv4 address at each renewal D.It prefers a pool of addresses when renewing the IPv4 host IP address
A.It requests the same IPv4 address when it renews its lease with the DHCP server Explanation "Preferred" is what your client will ask the DHCP server for when it gets/renews the lease
Rapid PVST+ mode is on the same VLAN on each switch. Which switch becomes the root bridge and why? A.SW4, because its priority is highest and its MAC address is lower B.SW2, because its MAC address is the highest C.SW1, because its priority is the lowest and its MAC address is higher D.SW3, because its priority is the highest
A.SW4, because its priority is highest and its MAC address is lower Explanation "its priority is highest" means lowest value.
The LACP EtherChannel is configured, and the last change is to modify the interfaces on SwitchA to respond to packets received, but not to initiate negotiation. The interface range gigabitethernet0/0/0-15 command is entered. What must be configured next? A.SwitchA(config-if-range)#channel-group 1 mode passive B.SwitchA(config-if-range)#channel-group 1 mode desirable C.SwitchA(config-if-range)#channel-group 1 mode auto D.SwitchA(config-if-range)#channel-group 1 mode active
A.SwitchA(config-if-range)#channel-group 1 mode passive
How does a hub handle a frame traveling to a known destination MAC address differently than a switch? A.The hub forwards the frame to all ports, and a switch forwards the frame to the known destination. B.The hub forwards the frame using the information in the MAC table, and a switch uses data in its routing table. C.The hub forwards the frame to all ports in the FIB table, and a switch forwards the frame the destination MAC is known. D.The hub forwards the frame only to the port connected to the known MAC address,and a switch forwards the frame to all ports.
A.The hub forwards the frame to all ports, and a switch forwards the frame to the known destination.
Drag and drop the characteristic from the left onto the IPv6 address type on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group)
ANSWER:1423 Explanation Answer: Unique Local + counterpart of private IPv4 addresses + may be used by multiple organizations at the same time Global Unicast Address + publicly routable in the same way as IPv4 addresses + provides for one-to-one communication
Drag and drop the IPv6 address type characteristics from the left to the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER:2413 Explanation Answer: Global Unicast Address: + equivalent to public IPv4 addresses + routable and reachable via the Internet Link-Local Address: + configured only once per interface + attached to a single subnet
Drag and drop the characteristic from the left onto the IPv6 address type on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
Answer:1,4,2,3 Explanation Answer: Multicast+ never used as a source address+ provides one-to-many communications Unique Local+ unable to route on the internet+ allows sites to be combined without address conflicts
Router R1 receives static routing updates from routers A, B, C. and D. The network engineer wants R1 to advertise static routes in OSPF area 1. Which summary address must be advertised in OSPF? A.10.1.41.0/25 B.10.1.40.0/23 C.10.1.40.0/25 D.10.1.40.0/24
B.10.1.40.0/23 Explanation Maybe there is a typo in this question for the subnet of routerC as 10.1.40.176/28 belongs to 10.1.40.128/25 subnet of routerB. Therefore we guess in fact the subnet of routerC is 10.1.41.176/28. In four options only the subnet mask of /23 can cover all of these subnets so answer '10.1.40.0/23' is the best choice.
A network engineer must configure the WLC to allow only DHCP and DNS packets for User1 and User2. Which configuration must be used? A.Enable Web Authentication under the AAA Server configuration on the WLAN B.Enable Web policy and Authentication in the Layer 3 Security configuration C.Enable Fallback Policy with MAC filtering under the Layer 3 Security configuration D.Enable Web Authentication for 802.1X standard in the Layer 2 Security configuration
B.Enable Web policy and Authentication in the Layer 3 Security configuration Explanation Web Authentication or Web Auth is a layer 3 security method that allow client to pass DHCP & DNS traffic only until they have passed some form of authentication. When you enable Authentication option (as shown in the above screen capture), a guest client has to enter a username & password to gain access to the guest network.
The engineer configured the VLANs on the new AccSw2 switch. A router on-a-stick is connected to both switches. How must the ports be configured on AccSw2 to establish full connectivity between the two switches and for Server1? A.Option A B.Option B C.Option C D.Option D
B.Option B
A network administrator is evaluating network security in the aftermath of an attempted ARP spoofing attack. If Port-channel1 is the uplink interface of the access-layer switch toward the distribution-layer switch, which two configurations must the administrator configure on the access-layer switch to provide adequate protection? (Choose two) A.Option A B.Option B C.Option C D.Option D E.Option E
B.Option B E.Option E Explanation We need to configure the uplink (Po1) to the distribution switch in "trust" state.
A network engineer is verifying the settings on a new OSPF network. All OSPF configurations use the default values unless otherwise indicated. Which router does the engineer expect will be elected as the DR when all devices boot up simultaneously? A.R1 B.R4 C.R3 D.R2
B.R4 Explanation The router with highest OSPF priority will be elected as the DR when all devices boot up simultaneously.
An engineer assigns IP addressing to the current VLAN with three PCs. The configuration must also account for the expansion of 30 additional VLANs using the same Class C subnet for subnetting and host count. Which command set fulfills the request while reserving address space for the expected growth? A.Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.0 B.Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.248 C.Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.252 D.Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.128
B.Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.248 Explanation We need 30 additional VLANs so we need 30 subnets. Therefore we need to borrow 5 bits (25 = 32 > 30) from 192.168.0.0/24 -> The new subnet masks should be /29 (/24 + 5) or 255.255.255.248
Under which condition is TCP preferred over UDP? A.UDP is used when low latency is optimal, and TCP is used when latency is tolerable B.TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable C.UDP is used when data is highly interactive, and TCP is used when data is time-sensitive D.TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out-of-order
B.TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable
A network engineer executes the show ip route command on router D. What is the next hop to network 192.168.1.0/24 and why? A.The next hop is 10.0.2.1 because it uses distance vector routing B.The next hop is 10.0.0.1 because it has a better administrative distance C.The next hop is 10.0.0.1 because it has a higher metric D.The next hop is 10.0.2.1 because it is a link-state routing protocol
B.The next hop is 10.0.0.1 because it has a better administrative distance Explanation We don't care about metric in this question as Administrative Distances (AD) are compared first. Router D receives two paths for networks 192.168.1.0/24: + From Router C: OSPF External route with AD of 110+ From Router B: EIGRP route with AD of 90 -> Route from Router B wins with lower AD.
What are two benefits for using private IPv4 addressing? (Choose two) A.They allow for Internet access from IoT devices B.They alleviate the shortage of public IPv4 addresses. C.They supply redundancy in the case of failure D.They provide a layer of security from Internet threats. E.They offer Internet connectivity to endpoints on private networks
B.They alleviate the shortage of public IPv4 addresses. D.They provide a layer of security from Internet threats.
How are RFC 1918 IP addresses used in a network? A.They are used instead of public addresses for increased security. B.They are used with NAT to preserve public IPv4 addresses. C.They are used by internet service providers to route over the internet. D.They are used to access the internet from the internal network without conversion.
B.They are used with NAT to preserve public IPv4 addresses. Explanation The RFC 1918 is Address Allocation for Private Internets, which reserves IP addresses for private and internal use. These addresses can be used for networks that do not need to connect to the Internet. RFC 1918 addresses are used to conserve IPv4 addresses from depletion by reserving ranges of IPv4 addresses for the devices which are inside a private network so answer 'They are used with NAT to preserve public IPv4 addresses' is the best choice (and it is better than answer 'They are used instead of public addresses for increased security' ).
What are two functions of DHCP servers? (Choose two) A.issue DHCPDISCOVER messages when added to the network B.assign dynamic IP configurations to hosts in a network C.respond to client DHCPOFFER requests by Issuing an IP address D.support centralized IP management E.prevent users from assigning their own IP addresses to hosts
B.assign dynamic IP configurations to hosts in a network D.support centralized IP management Explanation Benefits of DHCP Centralized IP Address Management: DHCP centralizes the management of IP address allocation and configuration parameters for switches. Administrators can configure and control IP address assignment policies, lease durations, and other network parameters from a central DHCP server, ensuring consistency and simplifying network administration for switches.
Which connection type is used when an engineer connects to an AP without a configured IP address or dial-up number to manage the device? A.Ethernet B.console C.VIY D.AUX
B.console
Which interface condition is occurring in this output? A.broadcast storm B.duplex mismatch C.queueing D.bad NIC
B.duplex mismatch Explanation This interface gets high collision (480 collisions) so one end may be set to "Half-duplex".
What is a characteristic of frame switching? A.inspects and drops frames from unknown destinations B.floods unknown destinations to all ports except the receiving port C.protects against denial of service attacks D.forwards frames to a neighbor port using CDP
B.floods unknown destinations to all ports except the receiving port
What is the metric for the route to the 192.168.10.33 host? A.192 B.110 C.193 D.84
C.193 Explanation Traffic destined to host 192.168.10.33 will match the entry "O IA 192.168.10.32/28 [110/193] via 192.168.30.10, 00:18:49, Serial0/0.1" so the metric is the second parameter in the square bracket.
The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A.2001:db8:9bb6:6bb9:4626:109F:FE56:1 B.2001:db8:9bb6:6bb9:C081:B6FF:FF4B:1 C.2001:db8:9bb6:6bb9:C801:B6FF:FEB4:1 D.2001:db8:9bb6:6bb9:C001:6BFE:FF01:1
C.2001:db8:9bb6:6bb9:C801:B6FF:FEB4:1 Explanation The EUI-64 format must have "FF:FE" in the middle of the MAC address of E0/1 interface of R1 -> Only answer '2001:db8:9bb6:6bb9:C801:B6FF:FEB4:1' is correct.
Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP? A.virtual AP connection B.service C.AP-manager D.trunk
C.AP-manager Explanation The AP-manager IP address is used as the tunnel source for CAPWAP packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller.
What is used to identify spurious DHCP servers? A.DHCPACK B.DHCPOFFER C.DHCPDISCOVER D.DHCPREQUEST
C.DHCPDISCOVER Explanation You can detect spurious DHCP servers by sending dummy DHCPDISCOVER packets out to all of the DHCP servers so that a response is sent back to the switch. We can also prevent spurious DHCP servers by using DHCP Snooping feature on switches.
Which interface is used to send traffic to the destination network? D 10.47.114.119/29 [90/6451] via F0/2 D 10.47.114.119/29 [90/52201] via F0/20 R 10.47.114.119/29 [120/9] via F0/12 R 10.47.114.119/29 [120/10] via F0/10 A.F0/12 B.F0/20 C.F0/2 D.F0/10
C.F0/2
Which SNMP message type is reliable and precedes an acknowledgment response from the SNMP manager? A.Traps B.Get C.Inform D.Set
C.Inform Explanation From SNMPv2c, two new messages were added: INFORM and GETBULK. INFORM: An disadvantage of TRAP message is unreliable. SNMP communicates via UDP so it is unreliable because when the SNMP Agents send TRAP message to the SNMP Manager it cannot know if its messages arrive to the SNMP Manager. To amend this problem, a new type of message, called INFORM, was introduced from SNMPv2. With INFORM message, the SNMP Manager can now acknowledge that the message has been received at its end with an SNMP response protocol data unit (PDU). If the sender never receives a response, the INFORM can be sent again. Thus, INFORMs are more likely to reach their intended destination
What is the purpose of an ESSID? A.It supports fast roaming features such as 802.11 r, 802.11k, and 802.11v. B.It provides greater security than a standard SSID. C.It allows multiple access points to provide a common network for client connections. D.It serves as the wireless MAC address of the access point.
C.It allows multiple access points to provide a common network for client connections. Explanation A group of access points connected to the same WLAN are known as an Extended Service Set (ESS). Within an ESS, a client can associate with any one of many access points that use the same Extended service set identifier (ESSID). It allows users to roam about an office without losing wireless connection
Which EtherChannel mode must be configured when using LAG on a WLC? A.passive B.active C.On D.auto
C.On Explanation Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller's distribution system ports into a single 802.3ad port channel. Restriction for Link aggregation: + LAG requires the EtherChannel to be configured for 'mode on' on both the controller and the Catalyst switch.
VoIP is being implemented in the network using VLAN ID 73 and named "VoIP". Each user needs a Cisco IP phone at their desk. Switchport e0/0 has been configured as an access port in the data VLAN. Cisco Discovery Protocol is enabled globally. Which command sequence completed the configuration? Option A vlan 73name VoIPe0/0switchport trunk allowed vlan 72,73switchport voice vlan 73 Option B vlan 73name VoIPe0/0switchport mode trunkchannel-group 73 mode active Option C vlan 73name VoIPe0/0switchport voice vlan 73 Option D vlan73name VoIPe0/0switchport voice vlan dot1p A.Option A B.Option B C.Option C D.Option D
C.Option C Explanation The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone.
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two) A.QoS settings B.management interface settings C.Profile name D.ip address of one or more access points E.SSID
C.Profile name E.SSID
Which switch becomes the root bridge? A.SW3Bridge Priority - 12288mac-address 00:10:a1:95:2b:77 B.SW 2Bridge Priority - 28672mac-address 00:10:a1:82:03:94 C.SW4Bridge Priority - 12288mac-address 00:10:a1:03:42:e8 D.SW 1Bridge Priority - 28672mac-address 00:10:a1:51:57:51
C.SW4Bridge Priority - 12288mac-address 00:10:a1:03:42:e8 Explanation The switch with lowest bridge priority will be chosen the root bridge. If many switches have the same bridge priority then the lowest MAC address would be chosen
Which type of encryption does WPA1 use for data protection? A.PEAP B.EAP C.TKIP D.AES
C.TKIP Explanation By default, WPA1 uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data protection.
What is preventing host A from reaching the internet? A.The default gateway should be the first usable IP address. B.IP address assignment is incorrect. C.The domain name server is unreachable. D.LAN and WAN network segments are different.
C.The domain name server is unreachable. Explanation From the dialog in the exhibit, we see the both IP address and default gateway were configured correctly for hostA. But the IP addresses of "Preferred DNS server" and "Alternate DNS server" were wrongly configured. The correct DNS server should be 196.1.38.132 (not 192.168.1.254 or 196.1.38.254)
R1# Gateway of last resort is 10.56.0.1 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 10.56.0.1 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.56.0.0/16 is directly connected, Null0 C 10.56.0.0/26 is directly connected, Vlan58 C 10.56.0.0/17 is directly connected, Vlan59 C 10.56.0.0/24 is directly connected, Vlan60 When router R1 receives a packet with destination IP address 10.56.0.62, through which interface does it route the packet? A.Null0 B.Vlan60 C.Vlan58 D.Vlan59
C.Vlan58
Which type of wired port is required when an AP offers one unique SSID, passes client data and management traffic, and is in autonomous mode? A.trunk B.default C.access D.LAG
C.access Explanation Each SSID is mapped to one VLAN so in this question we only need one VLAN so we can assign the wired port in access mode.
How does MAC learning function? A.increases security on the management VLAN B.restricts ports to a maximum of 10 dynamically-learned addresses C.associates the MAC address with the port on which it is received D.drops received MAC addresses not listed in the address table
C.associates the MAC address with the port on which it is received
Which cable type must be used when connecting two like devices together using these criteria?- Pins 1 to 3 and 2 to 6 are required.- Auto detection MDI-X is unavailable. A.console B.rollover C.crossover D.straight-through
C.crossover Explanation Without the MDI-X auto detection feature, we have to use correct cable type to connect two devices. Two devices of the same type (like router to router, switch to switch) always use the crossover cable.
What does a switch search for in the CAM table when forwarding a frame? A.source MAC address and aging time B.destination MAC address and flush time C.destination MAC address and destination port D.source MAC address and source port
C.destination MAC address and destination port
A network architect is deciding whether to implement Cisco autonomous access points or lightweight access points. Which fact about firmware updates must the architect consider? A.Unlike lightweight access points, which require redundant WLCs to support firmware upgrades, autonomous access points require only one WLC. B.Unlike lightweight access points, autonomous access points can recover automatically from a corrupt firmware update C.Unlike autonomous access points, lightweight access points store a complete copy of the current firmware for backup. D.Unlike autonomous access points, lightweight access points require a WLC to implement remote firmware updates.
D. Unlike autonomous access points, lightweight access points require a WLC to implement remote firmware updates Explanation Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight+ Autonomous: self-sufficient and standalone. Used for small wireless networks. Each autonomous AP must be configured with a management IP address so that it can be remotely accessed using Telnet, SSH, or a web interface. Each AP must be individually managed and maintained unless you use a management platform such as Cisco DNA Center.+ Lightweight: The term 'lightweight' refers to the fact that these devices cannot work independently. A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.
Why would an administrator choose to implement an automated network management solution? A.to limit recurrent management costs B.to enable 'box by box" configuration and deployment C.to support simpler password policies D.to reduce operational costs
D. to reduce operational costs Explanation Why automate your network?One of the biggest issues for network managers is the growth of IT costs for network operations. The growth of data and devices is starting to outpace IT capabilities, making manual approaches nearly impossible. Yet up to 95 percent of network changes are performed manually, resulting in operational costs 2 to 3 times higher than the cost of the network. Increased IT automation, centrally and remotely managed, is essential for businesses to keep pace in the digital world. -> Automated network management solution helps reduce the operational costs.
The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A.2001:db8:d955:1008:1030:ABFF:FECC:1 B.2001:db8:d955:1008:4635:278F:FE95:1 C.2001:db8:d955:1008:12D8:BAFE:FF01:1 D.2001:db8:d955:1008:10D8:BAFF:FEC2:1
D.2001:db8:d955:1008:10D8:BAFF:FEC2:1 Explanation The EUI-64 format must have "FF:FE" in the middle of the MAC address of E0/1 interface of R2 and "C2:1" (means "C2:0001") at the end -> Only answer '2001:db8:d955:1008:10D8:BAFF:FEC2:1' is correct.
An engineer must update the configuration on two PCs in two different subnets to communicate locally with each other. One PC is configured with IP address 192.168.25.128/25 and the other with 192.168.25.100/25. Which network mask must the engineer configure on both PCs to enable the communication? A.255.255.255.248 B.255.255.255.252 C.255.255.255.224 D.255.255.255.0
D.255.255.255.0 Explanation This question wants to merge two above IP addresses into one subnet so that two PCs can communicate locally so only answer '255.255.255.0 ' can do it. With other subnet masks, IP address 192.168.25.128 becomes network address so it cannot be assigned to a host.
How does Chef configuration management enforce a required device configuration? A.The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook. B.The installed agent on the device queries the Chef Infra Server and the server responds by pushing the configuration from the cookbook. C.The Chef Infra Server uses its configured cookbook to alert each remote device when it is time for the device to pull a new configuration. D.The Chef Infra Server uses its configured cookbook to push the required configuration to the remote device requesting updates.
A.The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook. Explanation Any changes made to your infrastructure code must pass through the Chef server in order to be applied to nodes. Prior to accepting or pushing changes, the Chef server authenticates all communication via its REST API using public key encryption. Chef client periodically pulls Chef server to see if there are any changes in cookbooks or settings. If there are changes then Chef server sends the latest configuration information to Chef client. Chef client applies these changes to nodes.
Which type of hypervisor operates without an underlying OS to host virtual machines? A.Type 1 B.Type 3 C.Type 12 D.Type 2
A.Type 1 Explanation There are two types of hypervisors: type 1 and type 2 hypervisor. In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V. In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).
A Cisco WLC administrator is creating a new wireless network with enhanced SSID security. The new network must operate at 2.4 GHz with 54 Mbps of throughput. Which set of tasks must the administrator perform to complete the configuration? A.Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only. B.Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11a/g only. C.Check the Broadcast SSID check box and set the Radio Policy to 802.11a only. D.Check the Broadcast SSID check box and set the Radio Policy to 802.11g only.
A.Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only. Explanation "operate at 2.4 GHz with 54 Mbps of throughput" -> Only 804.11g is suitable. "enhanced SSID security" so we should not broadcast SSID so that no one can see the SSID.
configure terminal interface range GigabitEthernet 0/1-2 switchport mode trunk channel-group 1 mode active SW2 configure terminal interface range GigabitEthernet 0/1-2 switchport mode trunk interface Port-channel1 switchport mode trunk An LACP EtherChannel between two directly connected switches is in the configuration process. Which command must be configured on switch SW2s Gi0/1-2 interfaces to establish the channel to SW1? A.channel-group 1 mode active B.channel-group 1 mode on C.channel-group 1 mode auto D.channel-group 1 mode desirable
A.channel-group 1 mode active
Which components are contained within a virtual machine? A.configuration files backed by physical resources from the Hypervisor B.physical resources, including the NIC, RAM, disk, and CPU C.applications running on the Hypervisor D.processes running on the Hypervisor and a guest OS
A.configuration files backed by physical resources from the Hypervisor Explanation A Virtual Machine (VM) is a compute resource that uses software instead of a physical computer to run programs and deploy apps. A virtual machine needs four core resources: CPU, memory, network, and storage (disk). These resources are granted to the virtual machine through the configuration of the virtual hardware.
What is the temporary state that switch ports always enter immediately after the boot process when Rapid PVST+ is used? A.discarding B.forwarding C.listening D.learning
A.discarding Explanation At first, a switch port starts in a discarding state, a discarding port does not forward any frames nor does it learn MAC addresses, and it also listens for BPDUs. Backup and alternate ports remain discarding. In RSTP if a port is elected as a Root port or Designated port, the transition will directly take place from a discarding state to a learning state. Hence, RSTP doesn't need a listening state. A learning port adds MAC addresses into the Content addressable memory table; However, it can not forward frames. In the next phase, a learning port transitions into a forwarding state. A forwarding port is completely functional i.e., it learns MAC addresses, sends and listens for BPDUs, and forwards frames.
What is an Ansible inventory? A.file that defines the target devices upon which commands and tasks are executed B.unit of Python code to be executed within Ansible C.device with Ansible installed that manages target devices D.collection of actions to perform on target devices, expressed in YAML format
A.file that defines the target devices upon which commands and tasks are executed Explanation Once Ansible is installed, it creates several text files: + Playbooks: These files provide actions and logic about what Ansible should do. Ansible playbooks are files that contain tasks to configure hosts. Ansible playbooks are written in YAML format. + Inventory: a file contains a list of the hosts (usually their IP addresses, ports) which you want to configure or manage. Hosts in an inventory can be divided into smaller groups for easier management and configuration. Each group can run different tasks. An example of a task is to ping all hosts in group [routers]. + Templates: Using Jinja2 language, the templates represent a device's configuration but with variables. + Variables: Using YAML, a file can list variables that Ansible will substitute into templates.
Drag and drop the characteristic from the left onto the cable type on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER:1324 Explanation Answer: copper: + is easy to tap into and obtain secure information + is comprised of shielded and unshielded twisted pairs multi-mode fiber: + attenuation increases over long distances + vulnerable to damage when handled
Company has decided to require multifactor authentication for all systems. Which set of parameters meets the requirement? A.fingerprint scanning and facial recognition B.password of 8 to 15 characters and personal 12-digit PIN C.complex password and personal 10-digit PIN D.personal 10-digit PIN and RSA certificate
A.fingerprint scanning and facial recognition Explanation Multi-factor authentication, or MFA, protects your applications by using a second source of validation before granting access to users. Common examples of multi-factor authentication include personal devices, such as a phone or token, or geographic or network locations. This is a tricky question to choose the correct answer. It seems both answer 'complex password and personal 10-digit PIN' and answer 'password of 8 to 15 characters and personal 12-digit PIN' are correct too but in fact they use the same source of validation (from the keyboard). So we believe answer 'fingerprint scanning and facial recognition' is the best choice as it requires "a second source of validation". Answer 'personal 10-digit PIN and RSA certificate' is not correct as RSA certificate cannot be used as a standalone method of authentication.
An on-site service desk technician must verify the IP address and DNS server information on a user's Windows computer. Which command must the technician enter at the command prompt on the user's computer? A.ipconfig /all B.ifconfig -a C.show interface D.netstat -r
A.ipconfig /all
A wireless access point is needed and must meet these requirements:* "zero-touch" deployed and managed by a WLC* process only real-time MAC functionality* used in a split-MAC architecture. Which access point type must be used? A.lightweight B.mesh C.cloud-based D.autonomous
A.lightweight Explanation + Lightweight: The term 'lightweight' refers to the fact that these devices cannot work independently. A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels. Note: The LAP-WLC division of labor is known as a split-MAC architecture, where the normal MAC operations are pulled apart into two distinct locations. This occurs for every LAP in the network; each one must boot and bind itself to a WLC to support wireless clients. The WLC becomes the central hub that supports a number of LAPs scattered about in the network.
Which per-hop QoS behavior is R1 applying to incoming packets? A.queuing B.policing C.shaping D.marking
A.queuing Explanation Forwarding Per-Hop Behavior (PHB) is a mechanism used in Quality of Service (QoS) to control the behavior of packets as they traverse a network. The following are some of the key components of PHB: 1. Classification: This is the process of categorizing network traffic into different groups based on specific criteria such as IP address, protocol, port, or application type. 2. Marking: This is the process of setting a marking or tag on a packet, indicating its priority level or class. Marking is typically done at the edge of the network and is used by the network devices to make QoS decisions. 3. Queuing: This is the process of holding packets in a queue and scheduling their transmission based on their priority. Queuing algorithms, such as Weighted Fair Queuing (WFQ), ensure that high-priority packets are transmitted before low-priority packets. 4. Congestion: This occurs when the network becomes congested and there is not enough bandwidth to handle all the traffic. PHB includes mechanisms, such as Random Early Detection (RED), to help manage congestion by discarding low-priority packets before high-priority packets. 5. Policing: This is the process of monitoring network traffic and enforcing specified traffic rate limits. If a packet exceeds the specified rate limit, it can be discarded or marked with a lower priority. 6. Shaping: This is the process of controlling the rate at which packets are transmitted into the network. This helps to ensure that the network does not become congested and that all packets are transmitted in a timely manner.
What is a function of FTP? A.uses two separate connections for control and data traffic B.always operates without user connection validation C.relies on the well-known UDP port 69 for data transfer D.uses block numbers to identify and mitigate data-transfer errors
A.uses two separate connections for control and data traffic Explanation FTP communicates using two TCP connections. Control traffic is exchanged over TCP port 21, and data transmission is performed over TCP port 20.
Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER.2514 Explanation Answer: Access Point:+ ability to boost a wi-fi signal+ configurable as a workgroup bridge Wireless LAN Controller:+ uses templates to implement QOS configuration+ supplies user connection data within a device group Explanation An access point in workgroup bridge mode can introduce a bridge loop if you connect its Ethernet port to your wired LAN.
Drag and drop the characteristic from the left onto the cable type on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER: 2314 Explanation Answer: copper: + transmits data in the form of electronic signals + is easy to tap into and obtain secure information multi-mode fiber: + transmits signals using pulses of light + contains a core, cladding, and coating Explanation The two main elements of an optical fiber are its core and cladding. The "core", or the axial part of the optical fiber made of silica glass, is the light transmission area of the fiber. It may sometimes be treated with a "doping" element to change its refractive index and therefore the velocity of light down the fiber. The "cladding" is the layer completely surrounding the core.
Drag and drop the characteristic from the left onto the device type on the right. Not all characteristics are used. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER:2513 Explanation Answer: Access Point + formats an Ethernet frame and forwards to a destination + supports both IEEE 802.11 and Ethernet standards Wireless LAN Controller + provides centralized management and security + makes forwarding decisions when in LWAPP mode Explanation Lightweight (LWAPP) Mode: Centrally managed by a Wireless LAN Controller or WLC. The WLC can be a physical appliance for large networks or it can be a virtual machine. Sometimes it is embedded into ISR router or a switch such as Cat3850. Cisco calls it "Converged Access". The "brain" is at the controller level. Think of the AP is simply an Ethernet extension transmitting data frames between wire and wireless. The controller tells the AP who to transmit to and what to transmit and all added on security, OoS and so on.
Drag and drop the statement about AAA services from the left to the corresponding AAA services on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER:3612 Explanation Answer: Authentication+ It performs user validation via TACACS+ + It verifies "who you are" Authorization+ It grants access to network assets, such as FTP servers + It restricts the CLI commands that a user is able to perform
Drag and drop the characteristic from the left onto the cable type on the right. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13 for first group, 24 for second group).
ANSWER;1324 Explanation Answer: copper: + supplies conduit for PoE implementations + easy to tap into and obtain secure information single-mode fiber: + used for DWDM optical systems spanning long distances + has a core diameter of 9 microns
IPv6 must be implemented on R1 to the ISP. The uplink between R1 and the ISP must be configured with a manual assignment, and the LAN interface must be self-provisioned. Both connections must use the applicable IPv6 networks. Which two configurations must be applied to R1? (Choose two) A.interface Gi0/0ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03:/127 B.interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64 C.interface Gi0/0ipv6 address 2001:db8:1:AFFF::/64 eui-64 D.interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127 E.interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127
B.interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64 D.interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127 Explanation We need to assign the LAN interface (gi0/0) with "eui-64" keyword and and correct IPv6 network (2001:db8:0:AFFF::/64) -> Answer 'interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64' is correct. IPv6 addresses are 128 bits long, but in this question we have /127 subnet mask. So there are only two addresses: 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00 (Network Address)2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA01 (Usable Host Address) -> Therefore surely answer 'interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127' is not correct as it is out-of-range of this network. Some devices may support /127 subnet mask and we can assign both above addresses for (point-to-point) devices. Note: In IPv6, there is no concept of a broadcast address as in IPv4. Instead, IPv6 uses multicast addresses for similar purposes.
A network administrator wants the syslog server to filter incoming messages into different files based on their importance. Which filtering criteria must be used? A.facility B.level C.process ID D.message body
B.level Explanation Syslog levels indicate the severity or importance of log messages A syslog message has the following format: seq no:timestamp%FACILTY-SEVERITY-MNEMONIC: message text Each portion of a syslog message has a specific meaning: + Seq no: a sequence number only if the service sequence-numbers global configuration command is configured + Timestamp: Date and time of the message or event. This information appears only if the service timestamps global configuration command is configured. + FACILITY: This tells the protocol, module, or process that generated the message. Some examples are SYS for the operating system, IF for an interface... + SEVERITY: A number from 0 to 7 designating the importance of the action reported. Note: The facility value is used to determine which process of the machine created the message. Since the Syslog protocol was originally written on BSD Unix, the Facilities reflect the names of UNIX processes and daemons -> Answer 'facility' is not correct.
What is a characteristic of a Layer 2 switch? A.offers one collision domain for all connected devices B.makes forwarding decisions based on MAC addresses C.tracks the number of active TCP connections D.provides a single broadcast domain for all connected devices
B.makes forwarding decisions based on MAC addresses Explanation In this question there are two correct answers which are answer 'provides a single broadcast domain for all connected devices ' and answer 'makes forwarding decisions based on MAC addresses' . But answer 'makes forwarding decisions based on MAC addresses' is better as it is an important characteristic of a Layer 2 switch.
{ 'interface':['ethernet0/3', 'ethernet0/4', 'ethernet0/5'] } Which type of JSON data is shown? A.sequence B.object C.Boolean D.string
B.object Explanation JSON syntax structure:+ uses curly braces {} to hold objects
What must be considered before deploying virtual machines? A.support for physical peripherals, such as monitors, keyboards, and mice B.resource limitations, such as the number of CPU cores and the amount of memory C.whether to leverage VSM to map multiple virtual processors to two or more virtual machines D.location of the virtual machines within the data center environment
B.resource limitations, such as the number of CPU cores and the amount of memory
PC A is communicating with another device at IP address 10.227.151.255.Through which router does router Y route the traffic? A.router A B.router D C.router B D.router C
B.router D Explanation The destination IP address 10.227.151.255 belongs to 10.224.0.0/11 (increment: 32) and it is the longest prefix match so it will be routed via 10.224.4.5 which is routerD
What is a characteristic of frame switching? A.drops received MAC addresses not listed in the address table B.stores and forwards frames in a buffer and uses error checking C.populates the ARP table with the egress port D.rewrites the source and destination MAC address
B.stores and forwards frames in a buffer and uses error checkin Explanation Frame switching is one of a few important switching concepts that describe how a switch operates. 2.1.b Frame switchingLAN switches are characterized by the forwarding method that they support, such as a store-and-forward switch, cut-through switch, or fragment-free switch.Store-and-forward switches store the entire frame in internal memory and check the frame for errors before forwarding the frame to its destination
Network security team noticed that an increasing number of employees are becoming victims of phishing attacks. Which security program should be implemented to mitigate the problem? A.email system patches B.user awareness training C.software firewall enabled on all PCs D.physical access control
B.user awareness training Explanation User awareness programs are designed to make employees aware of potential security threats and risks so it is the best answer for this question. Most of phishing attacks are done online so we cannot use physical access control.
Output from R1 GigabitEthernet0/0/1 is up, line protocol is down Hardware is SPA—10X1GE-V2, address is 0023.33ee.7o00 (bia 0023.33ee.7c00) MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not supported Half Duplex, 1000Mbps, link type is auto, media type is LX output flow-control is off, input flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:01, output 00:02:31, output hang never 10 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 314 multicast, 0 pause input 1 packets output, 77 bytes, 0 underruns 0 output errors, 50 collisions, 6 interface resets 17 unknown protocol drops 0 babbles, 0 late collision, 0 deferred What is the issue with the interface GigabitEthernet0/0/1 ? A.cable disconnect B.high throughput C.duplex mismatch D.port security
C.duplex mismatch Explanation From the output, we learn that "line protocol is down" which means a Layer 2 issue. Moreover we have "50 collisions" and this interface was set to "half duplex" so we can think about "duplex mismatch" issue. If the issue is "cable disconnect" we will see "down/down (disable)" state instead.
Which device protects an internal network from the Internet? A.access point B.router C.firewall D.Layer 2 switch
C.firewall
A DHCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16.32.15. What is the next step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server? A.ip default-gateway 192.168.52.253 B.ip forward-protocol udp 137 C.ip helper-address 172.16.32.15 D.ip default-network 192.168.52.253
C.ip helper-address 172.16.32.15 Explanation We see the server is located in a different subnet from the clients so we need to configure the "ip helper-address 172.16.32.15" on the router so that DHCP messages can reach the server.
What are two capabilities provided by VRRP within a LAN network? (Choose two) A.bandwidth optimization B.dynamic routing updates C.load sharing D.granular QoS E.redundancy
C.load sharing E.redundancy Explanation Virtual Router Redundancy Protocol (VRRP) is an open standard protocol, which is used to provide redundancy in a network -> Answer 'redundancy' is correct. In load balancing mode, a VRRP group maps its virtual IP address to multiple virtual MAC addresses: one virtual MAC address for each group member. The master uses these virtual MAC addresses of the member routers to respond to IPv4 ARP requests or IPv6 ND requests from hosts. Therefore, every router in this VRRP group can forward traffic and traffic from hosts is distributed across the VRRP group members -> Answer 'load sharing' is correct.
Which selections must be used on the WLC when implementing a RADIUS server for wireless authentication? A.Client Exclusion and SSH B.802.1x and the MAC address of the server C.Network Access Control State and SSH D.AAA Override and the IP address of the server
D.AAA Override and the IP address of the server Explanation The AAA Override feature on a Wireless LAN Controller (WLC) is used to override the default authentication, authorization, and accounting (AAA) settings for specific WLANs (Wireless LANs). Typically, WLANs are configured with default AAA settings on the WLC. These settings define how clients are authenticated, authorized, and accounted for when they connect to the WLAN. With the AAA Override feature, you can override these default settings for specific WLANs. This allows you to tailor the authentication, authorization, and accounting behavior for each WLAN independently. By using AAA Override, you can apply customized AAA policies to specific WLANs based on their requirements. For example, you might want to enforce stricter authentication methods or assign different authorization roles for users connecting to a guest WLAN compared to an employee WLAN. Note: The WLC also needs the IP address of the AAA server so that it can communicate with AAA server.
What is the role of the root port in a switched network? A.It is administratively disabled until a failover occurs B.It replaces the designated port when the root port fails C.It replaces the designated port when the designated port fails D.It is the best path to the root from a nonroot switch
D.It is the best path to the root from a nonroot switch Explanation Root port is the port that is closest to the root bridge, which means it is the port that receiving the lowest-cost BPDU from the root. Every non-root bridge must have a root port. All root ports are placed in forwarding state.
What is a service that is provided by a wireless controller? A.It manages interference in a dense network. B.It provides Layer 3 routing between wired and wireless devices. C.It issues IP addresses to wired devices. D.It mitigates threats from the internet.
D.It mitigates threats from the internet. Explanation Security is another important consideration for any organization, with hacking and data breaches in the news every day. Cisco WLAN controllers battle all kinds of threats to your business based on user ID and location thanks to built-in security features.
What should a network administrator consider when deciding to implement automation? A.Network automation typically is limited to the configuration and management of virtual devices within a network. B.Automated systems may have difficulty expanding network changes at scale. C.Network automation typically increases enterprise management operating costs. D.Manual changes frequently lead to configuration errors and inconsistencies.
D.Manual changes frequently lead to configuration errors and inconsistencies.
What happens when a switch receives a frame with a destination MAC address that recently aged out? A.The switch drops the frame and learns the destination MAC address again from the port that received the frame B.The switch floods the frame to all ports in all VLANs except the port that received the frame C.The switch references the MAC address aging table for historical addresses on the port that received the frame D.The switch floods the frame to all ports in the VLAN except the port that received the frame
D.The switch floods the frame to all ports in the VLAN except the port that received the frame
Which type of protocol is VRRP? A.uses Cisco-proprietary First Hop Redundancy Protocol B.uses dynamic IP address assignment C.uses a destination IP address 224.0.0.102 for router-to-router communication D.allows two or more routers to act as a default gateway
D.allows two or more routers to act as a default gateway Explanation VRRP uses multicast address 224.0.0.18 for router-to-router communication -> Answer 'uses a destination IP address 224.0.0.102 for router-to-router communication ' is not correct. VRRP is IETF RFC 3768 standard -> Answer 'uses Cisco-proprietary First Hop Redundancy Protocol ' is not correct. VRRP does not use dynamic IP address assignment. We can configure any virtual IP address -> Answer 'uses dynamic IP address assignment' is not correct.
{ 'Cisco Devices': [ { 'name': 'ASA - Security Device', 'name': 'Cisco 1100 ASR Router', 'name': 'Cisco 6800 Switch' } ] What is missing from this output for it to be executed? A.exclamation point (!) at the beginning of each line B.double quotes (" ") around the "Cisco Devices" string C.square bracket ( [ ) at the beginning D.curly brace ( } ) at the end
D.curly brace ( } ) at the end
PC1 tries to send traffic to newly installed PC2. The PC2 MAC address is not listed in the MAC address table of the switch, so the switch sends the packet to all ports in the same VLAN. Which switching concept does this describe? A.MAC address aging B.spanning-tree protocol C.MAC address table D.frame flooding
D.frame flooding
Which physical component is distributed among multiple virtual machines running on the same hypervisor? A.backplane network B.network interfaces C.external storage D.hardware resources
D.hardware resources Explanation Although the VM is still dependent on the host's physical resources, those resources are virtualized and distributed across the VMs and can be reassigned as necessary.
A secondary route is required on router R1 to pass traffic to the LAN network on R2 if the primary link fails. Which command must be entered to configure the router? A.ip route 10.0.2.0 256.255.255.248 null0 93 B.ip route 10.0.2.0 255.255.255.240 10.0.0.6 91 C.ip route 10.0.2.0 255.255.255.240 10.0.0.7 92 D.ip route 10.0.2.0 255.255.255.248 10.0.0.6 91
D.ip route 10.0.2.0 255.255.255.248 10.0.0.6 91 Explanation We need to add a floating static route in this case so this route must have the AD greater than the AD of EIGRP (90) to the next-hop of 10.0.0.6 (R2) for 10.0.2.0/29 (with subnet mask of 255.255.255.248).
Which capability does TFTP provide? A.provides secure file access within the LAN B.provides authentication for data communications over a private data network C.provides encryption mechanisms for file transfer across a WAN D.loads configuration files on systems without data storage devices
D.loads configuration files on systems without data storage devices
Which interface condition is occurring in this output? A.duplex mismatch B.bad NIC C.broadcast storm D.queueing
D.queueing
Which port-security violation mode drops traffic from unknown MAC addresses and forwards an SNMP trap? A.shutdown VLAN B.shutdown C.protect D.restrict
D.restrict Explanation For your information, the port security violation modes are described below: Protect - This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped. Restrict - This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped. Shutdown - This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and reenabling the switchport. Shutdown VLAN -This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN
Which interface is used for out-of-band management on a WLC? A.management B.virtual C.dynamic D.service port
D.service port
Which AP mode is used for capturing wireless traffic and forwarding that traffic to a PC that is running a packet analyzer? A.bridge B.monitor C.rouge detector D.sniffer
D.sniffer Explanation + Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes. Note: Rogue detector mode: monitor for rogue APs. It does not handle data at all.
What is represented by the word "R20" within this JSON schema? 1 [ 2 {'firewall': 'FW12', 'port':'e0/23'}, 3 {'router': 'R20', 'port':'te5/5'}, 4 {'switch': 'SW25', 'port':'ge1/36'}, 5 ] A.object B.key C.array D.value
D.value Explanation JSON syntax structure: + A key/value pair consists of a key (must be a string in double quotation marks ''), followed by a colon :, followed by a value. For example: "name":"John" Therefore in this question, "router" is the key while "R20" is the valu
Drag and drop the HTTP verbs from the left onto the API operations on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. DELETE GET PATCH POST PUT
Explanation Answer: + DELETE: erases a specific resource + GET: requests specific information about a resource + PATCH: partially modifies a specific resource + POST: creates a subordinate resource under the specified URI + PUT: fully replaces the current version of a specific resource with new content from the payload Explanation GET: retrieve dataPOST: create data PUT: fully update (i.e. replace) an existing record PATCH: update part of an existing record DELETE: delete records PUT is similar to POST in that it can create resources, but it does so when there is a defined URL wherein PUT replaces the entire resource if it exists or creates new if it does not exist. Unlike PUT Request, PATCH does partial update. Fields that need to be updated by the client, only that field is updated without modifying the other field.
