CCNA composite
Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs? A.VLAN tagging B.VLAN marking C.VLAN DSCP D.VLAN numbering
A.VLAN tagging Explanation VLAN tagging is a method through which more than one VLAN is handled on a port. VLAN tagging is used to tell which packet belongs to which VLAN on the other side. To make recognition easier, a packet is tagged with a VLAN tag in the Ethernet frame.
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, to which type of OSPF network does this interface belong? A.broadcast B.point-to-multipoint C.point-to-point D.nonbroadcast
A.broadcast
Switch1: 0C.E0.38.57.24.22 Switch2: 0C.0E.15.22.1A.61 Switch3: 0C.0E.15.1D.3C.9A Switch4: 0C.E0.19.A1.4D.16 After the election process what is the root bridge in the HQ LAN? A. Switch 3 B. Switch 4 C. Switch 2 D. Switch 1
A. Switch 3
What is a reason for poor performance on the network interface? A. The cable connection between the two devices is faulty. B. The bandwidth setting of the interface is misconfigured C. The interface is receiving excessive broadcast traffic. D. The interface is operating at a different speed than the connected device.
A. The cable connection between the two devices is faulty Explanation A working interface (in an up/up state) can still suffer from issues related to the physical cabling as well. The cabling problems might not be bad enough to cause a complete failure, but the transmission failures result in some frames failing to pass successfully over the cable. For example, excessive interference on the cable can cause the various input error counters to keep growing larger, especially the CRC counter. In particular, if the CRC errors grow, but the collisions counters do not, the problem might simply be interference on the cable. (The switch counts each collided frame as one form of input error as well.)
Which command should you enter to configure a device as an NTP server? A. ntp master B. ntp server C. ntp peer D. ntp authenticat
A. ntp master Explanation To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command. To configure a Cisco device as a NTP client, use the command ntp server <IP address>. For example: Router(config)#ntp server 192.168.1.1. This command will instruct the router to query 192.168.1.1 for the time.
Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1? ip arp inspection vlan 2-10 interface fastethernet 0/1 ip arp inspection trust A. router B. access point C. DHCP client D. PC
A. router
Which command verifies whether any IPv6 ACLs are configured on a router? A. show ipv6 access-list B. show ipv6 route C. show ipv6 interface D. show access-list
A. show ipv6 access-list
Which port type does a lightweight AP use to connect to the wired network when configured in FlexConnect mode with local switching and VLAN tagging? A. trunk B. LAG C. EtherChannel D. access
A. trunk Explanation Local Switched: Locally-switched WLAN's (the SSID you are connected to) will map their wireless user traffic to a VLAN via 802.1Q trunking to a local switch adjacent to the access point.
Which technology must be implemented to configure network device monitoring with the highest security? A.SNMPv3 B.IP SLA C.NetFlow D.syslog
A.SNMPv3 Explanation SNMPv3—The most up-to-date protocol focuses on security. SNMPv3 defines a security model, user-based security model (USM), and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload.
Which protocol does an IPv4 host use to obtain a dynamically assigned IP address? A. DNS B. DHCP C. CDP D. ARP
B. DHCP
Which configuration is needed to generate an RSA key for SSH on a router? A. Assign a DNS domain name B. Configure the version of SSH C. Configure VTY access D. Create a user with a password
A. Assign a DNS domain name Explanation In order to generate an RSA key for SSH, we need to configure the hostname and a DNS domain name on the router (a username and password is also required). Therefore in fact both answer 'Create a user with a password' and answer 'Assign a DNS domain name' are correct.
Drag and drop the descriptions of IP protocol transmissions from the left onto the correct IP traffic types on the right.
146235 Explanation UDP is a simpler message-based connectionless protocol. In connectionless protocols, there is no effort made to setup a dedicated end-to-end connection. ... Datagrams - Packets are sent individually and are guaranteed to be whole if they arrive. Packets have definite bounds and no split or merge into data streams may exist. TCP is connection-oriented and UDP is connectionless. This means that before sending TCP packets, a connection is established between the server and the client. This process of setting up a connection is called TCP handshaking. The stream of packets is then sent over this connection -> TCP transmits packet as stream.
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
2413 Explanation Answer: TCP + used to reliably share files between devices + supports reliable data transmission UDP + provides best-effort service + appropriate for streaming operations with minimal latency
Which statement about the Cisco ACI fabric is most accurate? A. An APIC is a cluster of at least three APIC controllers, providing a single point of management without a single point of failure. B. The spine switch rewrites the EPG from ingress to egress when it performs the forwarding proxy function C. The fabric header carries the EPG from the egress to the ingress leaf switch. D. The APIC is able to enforce security by inserting itself into the data path.
A. An APIC is a cluster of at least three APIC controllers, providing a single point of management without a single point of failure.
What is the difference between IPv6 unicast and anycast addressing? A. An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes. B. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration C. Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes D. IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration
A. An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. CRC B. runts C. frame D. giants E. input error
A. CRC E. input error Explanation Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The "input errors" includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts.
Which interface is used to send traffic to the destination network? D 10.214.247.237/28 [90/2170] via G0/12 D 10.214.247.237/28 [90/46985] via G0/19 O 10.214.247.237/28 [110/665] via G0/9 O 10.214.247.237/28 [110/3399] via G0/1 A. G0/12 B. G0/9 C. G0/1 D. G0/19
A. G0/12 Explanation The first entry has lowest AD (90) so it will be installed into the routing table and it has the lowest metric (2170) so it is the best route.
What makes Cisco DNA Center different from traditional network management applications and their management of networks? A. It abstracts policy from the actual device configuration B. It only supports auto-discovery of network elements in a green field deployment. C. It does not support high availability of management functions when operating in cluster mode D. It modular design allows someone to implement different versions to meet the specific needs of an organization
A. It abstracts policy from the actual device configuration
What is a benefit of using a Cisco Wireless LAN Controller? A. It eliminates the need to configure each access point individually B. Central AP management requires more complex configurations C. It supports autonomous and lightweight APs D. Unique SSIDs cannot use the same authentication method
A. It eliminates the need to configure each access point individually
In which two ways does a password manager reduce the chance of a hacker stealing a user's password? (Choose two) A. It protects against keystroke logging on a compromised device or web site B. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality C. It automatically provides a second authentication factor that is unknown to the original user D. It uses an internal firewall to protect the password repository from unauthorized access E. It encourages users to create stronger password
A. It protects against keystroke logging on a compromised device or web site E. It encourages users to create stronger password Explanation A password manager only helps you remember your chosen passwords without typing them by yourself. It automatically fills into the password textbox for you so it does not provides a second authentication factor. An example of second authentication factor is an one time password (OTP) sent to your phone after typing your password and you have to type this OTP to authenticate. By using a password manager, you are encouraged to create a complex password because you don't need to remember it.
What are two southbound APIs? (Choose two) A. Open Flow B. DSC C. Thrift D. CORBA E. NETCON
A. Open Flow E. NETCON Explanation OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices. Other southbound APIs are:+ onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades.+ OpFlex: an open-standard, distributed control system. It send "summary policy" to network elements.
Refer to exhibit. Which action do the switches take on the trunk link? A. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain B. The trunk does not form and the ports go into an err-disabled status C. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state D. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link
A. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain Explanation The trunk still forms with mismatched native VLANs and the traffic can actually flow between mismatched switches. But it is absolutely necessary that the native VLANs on both ends of a trunk link match; otherwise a native VLAN mismatch occurs, causing the two VLANs to effectively merge. For example with the above configuration, SW1 would send untagged frames for VLAN 999. SW2 receives them but would think they are for VLAN 99 so we can say these two VLANs are merged.
What are two benefits of FHRPs? (Choose two) A. They enable automatic failover of the default gateway. B. They allow encrypted traffic. C. They allow multiple devices to serve as a single virtual gateway for clients in the network D. They prevent loops in the Layer 2 network. E. They are able to bundle multiple ports to increase bandwidth
A. They enable automatic failover of the default gateway C. They allow multiple devices to serve as a single virtual gateway for clients in the network
What software defined architecture plane assists network devices with making packet forwarding decisions by providing Layer 2 reachability and Layer 3 routing information? A. control plane B. data plane C. management plane D. policy plane
A. control plane Explanation Control Plane FunctionIn its simplest form, the control plane provides layer-2 MAC reachability and layer-3 routing information to network devices that require this information to make packet forwarding decisions. In the case of firewalls, the control plane would include stateful flow information for inspection. Control plane functionality can implemented as follows: + Distributed - Conventional routers and switches operate using distributed protocols for control, i.e. where each device makes its own decisions about what to do, and communicate relevant information to other devices for input into their decision making process. For example, the Spanning Tree Protocol (STP), Fabric Path, and routing protocols such as IS-IS and BGP provide distributed control of packet forwarding functionality to networking devices. + Centralized - In this case, a centralized controller provides the necessary information for a network element to make a decision. For example, these controller(s) instruct networking devices on where to forward packets by explicitly programming their MAC and FIBs.
What is the destination MAC address of a broadcast frame? A. ff:ff:ff:ff:ff:ff B. 00:00:0c:07:ac:01 C. 43:2e:08:00:00:0c D. 00:00:0crfHfrff E. 00:00:0c:43:2e:08
A. ff:ff:ff:ff:ff:ff
Drag and drop the Rapid PVST+ forwarding state actions from the left to the right. Not all actions are used. Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1346 (which means 1346 for the four actions on the right).Please type your answer here:
Answer:2356 Explanation BPDUs received are forwarded to the system module The port in the forwarding state responds to network management messages Switched frames received from other ports are advanced Frames received from the attached segment are processed Explanation Forwarding StateA LAN port in the forwarding state forwards frames. The LAN port enters the forwarding state from the learning state. A LAN port in the forwarding state performs as follows: Forwards frames received from the attached segment. Forwards frames switched from another port for forwarding. Incorporates the end station location information into its address database. Receives BPDUs and directs them to the system module. Processes BPDUs received from the system module. Receives and responds to network management messages.
R1 has just received a packet from host A that is destined to host B. Which route in the routing table is used by R1 to reach host B? A. 10.10.13.0/25[110/2] via 10.10.10.6 B. 10.10.13.0/25[108/0] via 10.10.10.10 C. 10.10.13.0/25[1/0] via 10.10.10.2 D. 10.10.13.0/25[110/2] via 10.10.10.2
B. 10.10.13.0/25[108/0] via 10.10.10.10 Explanation The "10.10.13.0/25[1/0] via 10.10.10.2" entry is from default route (ip route 0.0.0.0 0.0.0.0 10.10.10.2) so it is only used when no other routes to 10.10.13.0/25 is found. In three static routes, the best match for hostB should be "ip route 10.10.13.0 255.255.255.128 10.10.10.10 108" with lowest AD of 108 so R1 would choose this path. This AD is also lower than the AD of OSPF so it is preferred over OSPF learned routes.
Which interface on the WLC is limited to one when LAG is in use? A. service B. AP-manager C. trunk D. virtual
B. AP-manager Explanation If link aggregation (LAG) is enabled, there can be only one AP-manager interface
Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report intermittent connectivity issues with applications hosted at SiteB. What is the cause of the intermittent connectivity issue? A. Heavy usage is causing high latency. B. An incorrect type of transceiver has been inserted into a device on the link. C. The wrong cable type was used to make the connection. D. Physical network errors are being transmitted between the two sites.
B. An incorrect type of transceiver has been inserted into a device on the link. Explanation SR stands for Short Reach, and LR stands for Long Reach. SR supports 400metres while LR supports 10 kilometers. In this question, SiteA is using SFP-SR so it is not suitable for 7KM distance.
What is the primary difference between AAA authentication and authorization? A. Authentication controls the system processes a user can access and authorization logs 9ie activities the user initiates B. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform C. Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database D. Authentication identifies a user who is attempting to access a system, and authorization validates the users password
B. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform Explanation AAA stands for Authentication, Authorization and Accounting. + Authentication: Specify who you are (usually via login username & password) + Authorization: Specify what actions you can do, what resource you can access + Accounting: Monitor what you do, how long you do it (can be used for billing and auditing) An example of AAA is shown below: + Authentication: "I am a normal user. My username/password is user_tom/learnforever" + Authorization: "user_tom can access LearnCCNA server via HTTP and FTP" + Accounting: "user_tom accessed LearnCCNA server for 2 hours". This user only uses "show" commands.
What is a characteristic of spine-and-leaf architecture? A. It provides variable latency B. Each device is separated by the same number of hops C. It provides greater predictability on STP blocked ports D. Each link between leaf switches allows for higher bandwidth
B. Each device is separated by the same number of hops Explanation Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency (-> Answer 'It provides variable latency' is not correct), nonblocking server-to-server connectivity. With a spine-and-leaf architecture, no matter which leaf switch to which a server is connected, its traffic always has to cross the same number of devices to get to another server (unless the other server is located on the same leaf) (-> Answer 'Each device is separated by the same number of hops' is correct) . This approach keeps latency at a predictable level because a payload only has to hop to a spine switch and another leaf switch to reach its destination. With Leaf-Spine, the network uses Layer 3 routing so STP is no longer required. (-> Answer 'It provides greater predictability on STP blocked ports' is not correct). Spine-leaf architectures rely on protocols such as Equal-Cost Multipath (ECPM) routing to load balance traffic across all available paths while still preventing network loops. This allows all connections to be utilized at the same time while still remaining stable and avoiding loops within the network.
Which interface is used to send traffic to the destination network? D 10.47.114.119/29 [90/6451] via F0/2 D 10.47.114.119/29 [90/52201] via F0/20 R 10.47.114.119/29 [120/9] via F0/12 R 10.47.114.119/29 [120/10] via F0/10 A. F0/10 B. F0/2 C. F0/20 D. F0/12
B. F0/2
Which IPv6 address block forwards packets to a multicast address rather than a unicast address? A. FC00::/7 B. FF00::/12 C. 2000::/3 D. FE80::/10
B. FF00::/12 Explanation Well-known multicast addresses have the prefix ff00::/12.
Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is taken by S1? A. It forwards it out interface G0/2 only B. It is flooded out every port except G0/0 C. It drops the frame D. It forwards it out G0/3 only
B. It is flooded out every port except G0/0
Refer to the exhibit. A router reserved these five routes from different routing information sources. Which two routes does the router install in its routing table? (Choose two) IBGP route 10.0.0.0/30 RIP route 10.0.0.0/30 OSPF route 10.0.0.0/16 OSPF route 10.0.0.0/30 EIGRP route 10.0.0.1/32 A. RIP route 10.0.0.0/30 B. OSPF route 10.0.0.0/30 C. OSPF route 10.0.0.0/ D. EIGRP route 10.0.0.1/32 E. iBGP route 10.0.0.0/30
B. OSPF route 10.0.0.0/30 D. EIGRP route 10.0.0.1/32 Explanation In the five above routes, there are only three different routes which are 10.0.0.0/30 and 10.0.0.0/16 and 10.0.0.1/32. Since each of these routes has a different prefix length (subnet mask), they're considered different destinations, and they will all be installed in the routing table. The prefix 10.0.0.0/30 was learned from three different routing protocols IBGP, RIP and OSPF so the route with lowest AD would be chosen. The AD of IBGP is 200 and the AD of RIP is 120 so for the prefix 10.0.0.0/30, only the OSPF route has the lowest AD (110) and it would be chosen to install into the routing table.
Connections must be blocked from PC2 to the file server while still allowing PC2 to connect to other network hosts and devices. Which configuration must be used to complete the task? A. Option A B. Option B C. Option C D. Option D
B. Option B Explanation Block connection from R2 to Server -> "deny 192.168.2.10" and we should apply to R2 which is closest to the Server so that it does not affect other devices.
Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two) A. POP B. POST C. REDIRECT D. GET E. REMOVE
B. POST D. GET Explanation GET: retrieve data POST: create data PUT: fully update (i.e. replace) an existing record PATCH: update part of an existing record DELETE: delete records
All routers in the network are configured. R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configure on R2 to be elected as the DR in the network? A. R2(config)#router ospf 1R2(config-router)#router-id 192.168.2.7 B. R2(config)#interface gi0/0R2(config-if)#ip ospf priority 100 C. R2(config)#router ospf 1R2(config-router)#router-id 10.100.100.100 D. R2(config)#interface gi0/0R2(config-if)#ip ospf priority 1
B. R2(config)#interface gi0/0R2(config-if)#ip ospf priority 100
Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement? A. Under Protected Management Frames, set the PMF option to Required B. Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management C. Enable CCKM under Authentication Key Management D. Set the Fast Transition option and the WPA gtk-randomize State to disable
B. Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management Explanation Configuring 802.11r Fast Transition (GUI)Procedure Step 1 Choose WLANs to open the WLANs window. Step 2 Click a WLAN ID to open the WLANs > Edit window. Step 3 Choose Security > Layer 2 tab. Step 4 From the Layer 2 Security drop-down list, choose WPA+WPA2.The Authentication Key Management parameters for Fast Transition are displayed. Step 5 From the Fast Transition drop-down list, choose Fast Transition on the WLAN. Step 6 Check or uncheck the Over the DS check box to enable or disable Fast Transition over a distributed system.This option is available only if you enable Fast Transition or if Fast Transition is adaptive.To use 802.11r Fast Transition over-the-air and over-the-ds must be disabled. Step 7 In the Reassociation Timeout field, enter the number of seconds after which the reassociation attempt of a client to an AP should time out. The valid range is 1 to 100 seconds.Note: This option is available only if you enable Fast Transition. Step 8 Under Authentication Key Management, choose FT 802.1X or FT PSK.
Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS? A. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load. B. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received. C. UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery. D. UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order
B. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received. Explanation Note: The flow control mechanism tells the sender the maximum speed at which the data can be sent to the receiver device. One of the popular flow control mechanisms in TCP is the sliding window protocol -> Answer 'UDP uses flow control mechanisms for the delivery of packets, and TCP uses congestion control for efficient packet delivery' is not correct.
A Cisco WLC administrator is creating a new wireless network with enhanced SSID security. The new network must operate at 2.4 GHz with 54 Mbps of throughput. Which set of tasks must the administrator perform to complete the configuration? A. Check the Broadcast SSID check box and set the Radio Policy to 802.11a only. B. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only. C. Check the Broadcast SSID check box and set the Radio Policy to 802.11g only. D. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11a/g only.
B. Uncheck the Broadcast SSID check box and set the Radio Policy to 802.11g only. Explanation "operate at 2.4 GHz with 54 Mbps of throughput" -> Only 804.11g is suitable. "enhanced SSID security" so we should not broadcast SSID so that no one can see the SSID.
Which wireless security protocol relies on Perfect Forward Secrecy? A. WEP B. WPA3 C. WPA D. WPA2
B. WPA3 Explanation WPA3 (Wi-Fi Protected Access 3) is the newest wireless security protocol designed to encrypt data using a frequent and automatic encryption type called Perfect Forward Secrecy. It's more secure than its predecessor, WPA2, but it hasn't been widely adopted yet. Not all hardware supports WPA3 automatically, and using this protocol often requires costly upgrades.
What is a DHCP client? A. a workstation that requests a domain name associated with its IP address B. a host that is configured to request an IP address automatically C. a router that statically assigns IP addresses to hosts D. a server that dynamically assigns IP addresses to hosts
B. a host that is configured to request an IP address automatically
Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol? A. autonomous B. bridge C. lightweight D. route
C. lightweight Explanation Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight+ Autonomous: self-sufficient and standalone. Used for small wireless networks.+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.
Which security method is used to prevent man-in-the-middle attack? A. authentication B. anti-replay C. authorization D. accounting
B. anti-replay Explanation The anti-replay protocol provides Internet Protocol (IP) packet-level security by making it impossible for a hacker to intercept message packets and insert changed packets into the data stream between a source computer and a destination computer. How does the anti-replay protocol work? The answer to preventing replay attacks is encrypting messages and including a key. IPsec provides anti-replay protection against attackers who could potentially intercept, duplicate or resend encrypted packets.The mechanism uses a unidirectional security association to establish a secure connection between the source and destination nodes in the network and check whether a received message is a replayed message. It works by assigning a monotonically increasing sequence number to each encrypted packet and then keeping track of the sequence numbers as packets arrive at the destination.
Which cable type must be used when connecting two like devices together using these criteria? - Pins 1 to 3 and 2 to 6 are required. - Auto detection MDI-X is unavailable. A. straight-through B. crossover C. rollover D. console
B. crossover Explanation Without the MDI-X auto detection feature, we have to use correct cable type to connect two devices. Two devices of the same type (like router to router, switch to switch) always use the crossover cable.
What does the implementation of a first-hop redundancy protocol protect against on a network? A. spanning-tree loops B. default gateway failure C. root-bridge loss D. BGP neighbor flapping
B. default gateway failure
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller? A. mesh B. flex connect C. sniffer D. local
B. flex connect Explanation In previous releases, whenever a FlexConnect access point disassociates from a controller, it moves to the standalone mode. The clients that are centrally switched are disassociated. However, the FlexConnect access point continues to serve locally switched clients. When the FlexConnect access point rejoins the controller (or a standby controller), all clients are disconnected and are authenticated again. This functionality has been enhanced and the connection between the clients and the FlexConnect access points are maintained intact and the clients experience seamless connectivity. When both the access point and the controller have the same configuration, the connection between the clients and APs is maintained.
How does frame switching function on a switch? A. modifies frames that contain a known source VLAN B. forwards known destinations to the destination port C. forwards frames to a neighbor port using CDP D. inspects and drops frames from unknown destinations
B. forwards known destinations to the destination port
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. infrastructure-as-a-service C. network-as-a-service D. software-as-a-service
B. infrastructure-as-a-service Explanation Below are the 3 cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing
Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header? A. policing B. marking C. shaping D. classification
B. marking
Refer to the exhibit. Which password must an engineer use to enter the enable mode? Atlanta#config t Atlanta(config)#aaa new-model Atlanta(config)#aaa authentication login default local Atlanta(config)#line vty 0 4 Atlanta(config-line)#login authentication default Atlanta(config-line)#exit Atlanta(config)#username ciscoadmin password adminadmin123 Atlanta(config)#username ciscoadmin privilege 15 Atlanta(config)#enable password cisco123 Atlanta(config)#enable secret testing1234 Atlanta(config)#end A. adminadmin123 B. testing1234 C. default D. cisco123
B. testing1234 Explanation If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The "enable secret" will be used first if available, then "enable password" and line password.
What is the primary function of a Layer 3 device? A. forward traffic within the same broadcast domain B. to pass traffic between different networks C. to transmit wireless traffic between hosts D. to analyze traffic and drop unauthorized traffic from the Internet
B. to pass traffic between different networks
When is the PUT method used within HTTP? A. when a read-only operation is required B. to update a DNS server C. to display a web site D. when a nonidempotent operation is needed
B. to update a DNS server Explanation PUT is similar to POST in that it can create resources, but it does so when there is a defined URL wherein PUT replaces the entire resource if it exists or creates new if it does not exist
What is an advantage of Cisco DNA Center versus traditional campus device management? A.It enables easy autodiscovery of network elements m a brownfield deployment B.It supports numerous extensibility options including cross-domain adapters and third-party SDKs C.It supports high availability for management functions when operating in cluster mode D.It is designed primarily to provide network assurance
B.It supports numerous extensibility options including cross-domain adapters and third-party SDKs
Which 802.11 management frame type is sent when a client roams between access points on the same SSID? A.Authentication Request B.Reassociation Request C.Association Request D.Probe Request
B.Reassociation Request Explanation Association request frame - (0x00) Sent from a wireless client, it enables the AP to allocate resources and synchronize. The frame carries information about the wireless connection including supported data rates and SSID of the network to the wireless client that wants to associate. If the request is accepted, the AP reserves memory and establishes an association ID for the device. Association response frame - (0x01) Sent from an AP to a wireless client containing the acceptance or rejection to an association request. If it is an acceptance, the frame contains information, such as an association ID and supported data rates. Reassociation request frame - (0x02) A device sends a reassociation request when it drops from range of the currently associated AP and finds another AP with a stronger signal. The new AP coordinates the forwarding of any information that may still be contained in the buffer of the previous AP. Reassociation response frame - (0x03) Sent from an AP containing the acceptance or rejection to a device reassociation request frame. The frame includes information required for association, such as the association ID and supported data rates. Probe request frame - (0x04) Sent from a wireless client when it requires information from another wireless client. Authentication frame - (0x0B) The sending device sends an authentication frame to the AP containing its identity.
Which command enables HTTP access to the Cisco WLC? A.config certificate generate webadmin B.config network webmode enable C.config network secureweb enable D.config network telnet enable
B.config network webmode enable Explanation Enable or disable web mode by entering this command: config network webmode {enable | disable} This command allows users to access the controller GUI using "http://ip-address." The default value is disabled. Web mode is not a secure connection. Note: The command "config network secureweb enable" enables HTTPS access to the WLC.
Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses? A. 10.10.225.48 255.255.255.224 B. 10.10.225.32 255.255.255.240 C. 10.10.225.32 255.255.255.224 D. 10.10.225.48 255.255.255.240
C. 10.10.225.32 255.255.255.224 Explanation We need a subnet with 20 users so we need 5 bits 0 in the subnet mask as 25 - 2 = 30 > 20. Therefore the subnet mask should be /27 (with last octet is 1110 0000 in binary). The increment is 32 so the valid network address is 10.10.225.32.
Which HTTP status code is returned after a successful REST API request? A. 404 B. 500 C. 200 D. 301
C. 200 Explanation HTTP defines these standard status codes that can be used to convey the results of a client's request. The status codes are divided into the five categories. 1xx: Informational - Communicates transfer protocol-level information. 2xx: Success - Indicates that the client's request was accepted successfully. 3xx: Redirection - Indicates that the client must take some additional action in order to complete their request. 4xx: Client Error - This category of error status codes points the finger at clients. 5xx: Server Error - The server takes responsibility for these error status codes.
Routers R1, R2, and R3 use a protocol to identify their neighbors' IP addresses, hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement? A. Configure the no cdp run command globally B. Configure the no lldp run command globally C. Configure the no cdp enable command on g0/2 D. Configure the no lldp receive command on g0/1
C. Configure the no cdp enable command on g0/2 Explanation In order to disable CDP on an interface, we have to use the "no cdp enable" under interface mode. If we want to disable sending LLDP on g0/2 only then we have to use the command "no lldp transmit".
Which two characteristics are representative of virtual machines (VMs)? (Choose two) A. Each VMs operating system depends on its hypervisor. B. A VM on an individual hypervisor shares resources equally. C. Each VM runs independently of any other VM in the same hypervisor. D. A VM on a hypervisor is automatically interconnected to other VMs. E. multiple VMs operate on the same underlying hardware
C. Each VM runs independently of any other VM in the same hypervisor. E. multiple VMs operate on the same underlying hardware
A company has each office using wireless access with multiple SSIDs while limiting roaming capabilities, covering different locations on the internal office LAN, guest networks, and BYOD access for employees. Which change must be enabled to improve the customer experience during SSID changes? A. Neighbor List Dual Band B. Assisted Roaming Prediction Optimization C. Fast SSID Change D. Fast Transition
C. Fast SSID Change Explanation "When you enable Fast SSID Change, the controller allows clients to move between SSIDs. When the client sends a new association request for a different SSID, the client entry in the controller connection table is cleared before the client is added to the new SSID.
Which interface is used to send traffic to the destination network? D 10.87.161.30/27 [90/10331] via G0/17 D 10.87.161.30/27 [90/44594] via G0/8 O 10.87.161.30/27 [110/7820] via G0/24 O 10.87 161.30/27 [110/7879] via G0/1 A. G0/8 B. G0/24 C. G0/17 D. G0/1
C. G0/17 Explanation The first entry has lowest AD so it will be installed into the routing table and it has the lowest metric so it is the best route.
A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone? A. It tags the traffic with the default VLAN B. It tags the traffic with the native VLAN C. It allows the traffic to pass through unchanged D. It drops the traffic
C. It allows the traffic to pass through unchanged Explanation Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone.
Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points? A. console port B. virtual interface C. management interface D. service port
C. management interface Explanation The management interface is the default interface for in-band management of the controller and connectivity to enterprise services such as AAA servers. It is also used for communications between the controller and access points, for all CAPWAP or intercontroller mobility messaging and tunneling traffic.
How will Link Aggregation be implemented on a Cisco Wireless LAN Controller? A. To pass client traffic, two or more ports must be configured B. When enabled, the WLC bandwidth drops to 500 Mbps C. One functional physical port is needed to pass client traffic D. The EtherChannel must be configured in "mode active"
C. One functional physical port is needed to pass client traffic Explanation Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller's distribution system ports into a single 802.3ad port channel. Restriction for Link aggregation: + LAG requires the EtherChannel to be configured for 'mode on' on both the controller and the Catalyst switch -> Answer 'The EtherChannel must be configured in "mode active"' is not correct.+ If the recommended load-balancing method cannot be configured on the Catalyst switch, then configure the LAG connection as a single member link or disable LAG on the controller -> Answer 'To pass client traffic, two or more ports must be configured' is not correct while answer 'One functional physical port is needed to pass client traffic
When the LAG configuration is updated on a Cisco WLC, which additional task must be performed when changes are complete? A. Re-associate the WLC with the access point. B. Re-enable the WLC interfaces C. Reboot the WLC D. Flush all MAC addresses from the WLC
C. Reboot the WLC Explanation When you enable LAG or make any changes to the LAG configuration, you must immediately reboot the controller.
PC1 regularly sends 1800 Mbps of traffic to the server. A network engineer needs to configure the EtherChannel to disable Port Channel 1 between SW1 and SW2 when the Ge0/0 and Ge0/1 ports on SW2 go down. Which configuration must the engineer apply to the switch? A. SW2#configure terminalSW2(config)#interface port-channel 1SW2(config-if)#lacp max-bundle 2 B. SW2#configure terminalSW2(config)#lacp system-priority 32000 C. SW2#configure terminalSW2(config)#interface port-channel 1SW2(config-if)#port-channel min-links 2 D. SW2#configure terminalSW2(config)# interface port-channel 1SW2(config-if)#lacp port-priority 32000
C. SW2#configure terminalSW2(config)#interface port-channel 1SW2(config-if)#port-channel min-links 2 Explanation The port-channel min-links command specifies the minimum number of interfaces that the configuration mode LAG requires to be active. If there are fewer ports than specified by this command, the port channel interface does not become active.
How do TCP and UDP differ in the way they guarantee packet delivery? A. TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only. B. TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only. C. TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only. D. TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only.
C. TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.
Which type of encryption does WPA1 use for data protection? A. EAP B. PEAP C. TKIP D. AES
C. TKIP Explanation By default, WPA1 uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data protection.
What are two fundamentals of virtualization? (Choose two) A. It requires that some servers, virtual machines and network gear reside on the Internet B. It allows multiple operating systems and applications to run independently on one physical server C. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic D. It allows logical network devices to move traffic between virtual machines and the rest of the physical network E. It allows a physical router to directly connect NICs from each virtual machine into the network
C. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic E. It allows a physical router to directly connect NICs from each virtual machine into the network
What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different? A. The native VLAN must match the management VLAN of the AP. B. The APs must be connected to the switch with multiple links in LAG mode. C. The switch port mode must be set to trunk. D. IEEE 802.1Q trunking must be disabled on the switch port.
C. The switch port mode must be set to trunk. Explanation FlexConnect VLANs and ACLsYou can configure the LAN uplink interface of a FlexConnect AP as either an access port or as a trunk. If you configure the interface as an access port, then the AP's management traffic and all client traffic, whether centrally or locally switched, will be in the same VLAN. For security and reliability reasons, we recommend that you segregate the client traffic from the management VLAN, and so to configure the AP's switchport as a trunk, with separately tagged VLANs for locally switched client traffic.
In software defined architectures, which plane is distributed and responsible for traffic forwarding? A. policy plane B. management plane C. data plane D. control plane
C. data plane Explanation The Open Networking Foundation identifies three main parts of the Software-defined networking (SDN): Application layer; Control layer and Infrastructure layer. SDN separates a router's control plane from the data (forwarding) plane. The control plane makes routing decisions. The data plane forwards data (packets) through the router. With SDN routing, decisions are made remotely instead of on each individual router.
SW1 supports connectivity for a lobby conference room and must be secured. The engineer must limit the connectivity from PC1 to the SW1 and SW2 network. The MAC addresses allowed must be limited to two. Which configuration secures the conference room connectivity? A. interface gi1/0/15switchport port-securityswitchport port-security mac-address 0000.abcd.0004 vlan 100 B. interface gi1/0/15switchport port-security mac-address 0000.abcd.0004 vlan 100interface switchport secure-mac limit 2 C. interface gi1/0/15switchport port-securityswitchport port-security maximum 2 D. interface gi1/0/15switchport port-security mac-address 0000.abcd.0004 vlan 100
C. interface gi1/0/15switchport port-securityswitchport port-security maximum 2
An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured? A. interface gigabitethernet0/0ip address 10.0.0.34 255.255.255.248ip ospf priority 0 B. interface gigabitethernet0/0ip address 10.0.1.1 255.255.255.0ip ospf priority 255 C. interface gigabitethernet0/0ip address 10.0.0.34 255.255.255.224ip ospf priority 100 D. interface gigabitethernet0/0ip address 10.0.1.1 255.255.255.224ip ospf priority 98
C. interface gigabitethernet0/0ip address 10.0.0.34 255.255.255.224ip ospf priority 100 Explanation The OSPF priority of R1 is 99 so we have to set the OSPF priority to a higher value. Also the IP address must be 10.0.0.34/27
What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI? A. continuously attempts to resolve the URL until the command is cancelled B. prompts the user to specify the desired IP address C. sends a broadcast message in an attempt to resolve the URL D. initiates a ping request to the URL
C. sends a broadcast message in an attempt to resolve the URL Explanation With default DNS lookup settings, the router will sends broadcast message to resolve an URL. Consider the following example: R1#test Translating 'test'...domain server (255.255.255.255) % Unknown command or computer name, or unable to find computer address In the output above we typed an unrecognized command "test". The router entered the DNS resolution process which lasted about a minute.
Which AP mode is used for capturing wireless traffic and forwarding that traffic to a PC that is running a packet analyzer? A. bridge B. rouge detector C. sniffer D. monitor
C. sniffer Explanation + Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes. Note: Rogue detector mode: monitor for rogue APs. It does not handle data at all.
What provides centralized control of authentication and roaming in an enterprise network? A.a LAN switch B.a firewall C.a wireless LAN controller D.a lightweight access point
C.a wireless LAN controller
Company has decided to require multifactor authentication for all systems. Which set of parameters meets the requirement? A. complex password and personal 10-digit PIN B. personal 10-digit PIN and RSA certificate C. password of 8 to 15 characters and personal 12-digit PIN D. fingerprint scanning and facial recognition
D. fingerprint scanning and facial recognition Explanation Multi-factor authentication, or MFA, protects your applications by using a second source of validation before granting access to users. Common examples of multi-factor authentication include personal devices, such as a phone or token, or geographic or network locations. This is a tricky question to choose the correct answer. It seems both answer 'complex password and personal 10-digit PIN' and answer 'password of 8 to 15 characters and personal 12-digit PIN' are correct too but in fact they use the same source of validation (from the keyboard). So we believe answer 'fingerprint scanning and facial recognition' is the best choice as it requires "a second source of validation".
Which WAN topology has the highest degree of reliability? A. Point-to-point B. router-on-a-stick C. hub-and-spoke D. full mesh
D. full mesh Explanation Full-mesh is a network topology in which there is a direct link between all pairs of nodes. Below is an example of full-mesh topology.
The clients and DHCP server reside on different subnets. Which command must be used to forward requests and replies between clients on the 10.10.0.1/24 subnet and the DHCP server at 192.168.10.1? A. ip route 192.168.10.1 B. ip dhcp address 192.168.10.1 C. ip default-gateway 192.168.10.1 D. ip helper-address 192.168.10.1
D. ip helper-address 192.168.10.1 Explanation To make a router a DHCP Relay Agent, simply put the "ip helper-address <IP-address-of-DHCP-Server>" command under the interface that receives the DHCP messages from the DHCP Client.
Which functionality is provided by the console connection on a Cisco WLC? A. unencrypted in-band connectivity for file transfers B. secure In-band connectivity for device administration C. HTTP-based GUI connectivity D. out-of-band management
D. out-of-band management Explanation The console port is used for out-of-band management, system recovery, and early boot operations.
GET POST PUT PATCH DELETE
Explanation GET: retrieve data POST: create data PUT: fully update (i.e. replace) an existing record PATCH: update part of an existing record DELETE: delete records PUT is similar to POST in that it can create resources, but it does so when there is a defined URL wherein PUT replaces the entire resource if it exists or creates new if it does not exist. Unlike PUT Request, PATCH does partial update. Fields that need to be updated by the client, only that field is updated without modifying the other
SW1#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/1 unassigned YES manual down down SW1#show interface fa0/1 status Port Name Status Vlan Duplex Speed Type Fa0/1 notconnect 1 a-full a-100 10/100BaseTX What is the cause of the issue? A. shutdown command B. port security C. STP D. wrong cable type
D. wrong cable type Explanation The "Status" of fa0/1 is "notconnect" so port security is not the issue or it would show the status of "err-disabled". "Shutdown" command is also not the issue as it would show "Administratively down" in the "Status" field of the "show ip interface brief" command. With STP, even if the port is in "Block" (BLK) status but it is still in "up/up" state with the "show ip interface brief" command. With wrong cable type, the port is in "down/down" state, same as there is no connected cable to the port.
Which command on a port enters the forwarding state immediately when a PC is connected to it? A.switch(config-if)#no spanning-tree portfast B.switch(config)#spanning-tree portfast bpduguard default C.switch(config-if)#spanning-tree portfast trunk D.switch(config)#spanning-tree portfast default
D.switch(config)#spanning-tree portfast default Explanation Although this question said "which command on a port" but it gave two answers in global configuration mode so it is a bit unclear. But we believe the correct answer should be "spanning-tree portfast default", which enables PortFast on all non-trunking interfaces. Note: The command "spanning-tree portfast trunk" enables portfast on a trunk port. The trunk port enters the STP forwarding-state immediately or upon a linkup event, thus bypassing the listening and learning states.
Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Desirable. What is the result of this configuration? A. The link is in a downstate. B. The link is becomes an access port C. The link is in an error disables stale D. The link becomes a trunkport
D. The link becomes a trunkport Explanation Maybe this question is missing the "SW2 is set to Dynamic Auto" part so we assume this part to find out the best answer. Dynamic Desirable + Dynamic Desirable/Dynamic Auto/Trunk will form a trunk link.
What provides centralized control of authentication and roaming in an enterprise network? A. a LAN switch B. a lightweight access point C. a firewall D. a wireless LAN controller
D. a wireless LAN controller
When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed? A. default-gateway B. dns-server C. ip helper-address D. default-router
D. default-router
The IPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. When configured which ipv6 address is produced by the router? A. 2001:db8:d955:1008:4635:278F:FE95:1 B. 2001:db8:d955:1008:12D8:BAFE:FF01:1 C. 2001:db8:d955:1008:1030:ABFF:FECC:1 D. 2001:db8:d955:1008:10D8:BAFF:FEC2:1
D. 2001:db8:d955:1008:10D8:BAFF:FEC2:1 Explanation The EUI-64 format must have "FF:FE" in the middle of the MAC address of E0/1 interface of R2 and "C2:1" (means "C2:0001") at the end -> Only answer '2001:db8:d955:1008:10D8:BAFF:FEC2:1' is correct.
With REST API, which standard HTTP header tells a server which media type is expected by the client? A. Content-Type: application/json; charset=utf-8 B. Accept-Encoding: gzip, deflate C. Accept-Patch: text/example; charset=utf-8 D. Accept: application/json
D. Accept: application/json
Which two network actions occur within the data plane? (Choose two) A. Run routing protocols. B. Make a configuration change from an incoming NETCONF RPC. C. Reply to an incoming ICMP echo request. D. Add or remove an 802.1Q trunking header. E. Match the destination MAC address to the MAC address table.
D. Add or remove an 802.1Q trunking header. E. Match the destination MAC address to the MAC address table. Explanation For perspective, the following list details some of the more common actions that a networking device does that fit into the data plane: + De-encapsulating and re-encapsulating a packet in a data-link frame (routers, Layer 3 switches) + Adding or removing an 802.1Q trunking header (routers and switches) + Matching an Ethernet frame's destination Media Access Control (MAC) address to the MAC address table (Layer 2 switches) + Matching an IP packet's destination IP address to the IP routing table (routers, Layer 3 switches) + Encrypting the data and adding a new IP header (for virtual private network [VPN] processing) + Changing the source or destination IP address (for Network Address Translation [NAT] processing) + Discarding a message due to a filter (access control lists [ACLs], port security)
Which change to the configuration on Switch2 allows the two switches to establish an EtherChannel? A. Change the LACP mode to desirable B. Change the protocol to PAgP and use auto mode C. Change the protocol to EtherChannel mode on D. Change the LACP mode to active
D. Change the LACP mode to active
Which change to the configuration on Switch2 allows the two switches to establish an EtherChannel? A. Change the protocol to PAgP and use auto mode B. Change the protocol to EtherChannel mode on C. Change the LACP mode to desirable D. Change the LACP mode to active
D. Change the LACP mode to active
Which interface is used to send traffic to the destination network? O 10.18.75.113/27 [110/6906] via G0/6 O 10.18.75.113/27 [110/23018] via G0/3 R 10.18.75.113/27 [120/16] via G0/16 R 10.18.75.113/27 [120/14] via G0/23 A. G0/23 B. G0/16 C. G0/3 D. G0/6
D. G0/6 Explanation The first entry has lowest AD (110) and lowest metric (6906) so it is the best route and will be installed into the routing table.
The SW1 and SW2 Gi0/0 ports have been preconfigured. An engineer is given these requirements: + Allow all PCs to communicate with each other at Layer 3. + Configure untagged traffic to use VLAN 5. + Disable VLAN 1 from being used. Which configuration set meets these requirements? A. Option A B. Option B C. Option C D. Option D
D. Option D Explanation This question requires "Configure untagged traffic to use VLAN 5" so we must use the command "switchport trunk native vlan 5" on both Gi0/1 of Sw1 and Gi0/7 of Sw2 -> Only Option B and Option D are correct. In order to allow all PCs to communicate with each other at Layer 3, interface Gi0/2 of SW1 must be configured as trunk, not access mode -> Only Option D
An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using the cryptographic protocol? A. Option A B. Option B C. Option C D. Option D
D. Option D Explanation This question said "configuring SSH version 2 exclusively" so only SSHv2 should be configured to remote access to this router -> We must use the command "transport input ssh", not "transport input all" (which includes Telnet) -> Only Option C and Option D are correct. We must create a domain-name too for SSH to work with the command "ip domain-name ..." -> Only Option D is correct. Note: There is a typo in this question in the command "ip domain name ...". It should be "ip domain-name ..." instead.
An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be 2019:C15C:0CAF:E002::1 The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route? A. R1(config-if)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1 B. R1(config)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet0/0 C. R1(config-if)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet0/0 D. R1(config)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
D. R1(config)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface. Which action can you take to correct the problem in the least disruptive way? A. Specify a loopback address B. Reload the router C. Save the router configuration D. Reload the OSPF process
D. Reload the OSPF process
How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C? A. Option A B. Option B C. Option C D. Option D
Therefore in order to enable CDP on a specific interface only, we must: 1. Enable CDP globally 2. Disable CDP on other interfaces.
Drag and drop the Ansible features from the left to the right. Not all features are used.
answer:1236
