CCNA 200-301 Kevin

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

7. Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right.

172.28.228.144/21 -> 172.28.224.1 - 172.28.231.254 172.28.228.144/29 -> 172.28.228.145 - 172.28.228.150 172.28.228.144/23 -> 172.28.228.1 - 172.28.229.254 172.28.228.144/25 -> 172.28.228.129 - 172.28.228.254 172.28.228.144/18 -> 172.28.192.1 - 172.28.255.254

B. Option B

524. Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18? A. Option A B. Option B C. Option C D. Option D

22. Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right.

802.1q double-tagging VLAN-hopping attack: configure the native VLAN with a nondefault VLAN ID MAC flooding attack: configure 802.1x authenticate man-in-the-middle spoofing attack: configure DHCP snooping switch-spoofing VLAN-hopping attack: disable DTP

505. An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used? A)interface fastethernet0/1switchport priority extend cos 7 B)interface fastethernet0/1switchport voice vlan untagged C)interface fastethernet0/1switchport voice vlan dot1p D)interface fastethernet0/1switchport priority extend trust

A)interface fastethernet0/1switchport priority extend cos 7

83. Which MAC address is recognized as a VRRP virtual address? A. 0000.5E00.010a B. 0005.3711.0975 C. 0000.0C07.AC99 D. 0007.C070/AB01

A. 0000.5E00.010a Explanation/Reference: With VRRP, the virtual router's MAC address is0000.5E00.01xx , in which xx is the VRRP group

313. Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions? A. 1,6,11 B. 1,5,10 C. 1,2,3 D. 5,6,7

A. 1,6,11

385. What is the maximum bandwidth of a T1 point-to-point connection? A. 1.544 Mbps B. 2.048 Mbps C. 34.368 Mbps D. 43.7 Mbps

A. 1.544 Mbps Explanation: Point to Point T1 A Point to Point T1 service is a private data connection securely connecting two or more locations with T1 data speeds (1.54Mbps)

458. Refer to the exhibit. Which two prefixes are included in this routing table entry?(Choose two.) A. 192.168.1.17 B. 192.168.1.61 C. 192.168.1.64 D. 192.168.1.127 E. 192.168.1.254

A. 192.168.1.17 B. 192.168.1.61

136. Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IPaddress does it send the packet? A. 192.168.14.4 B. 192.168.12.2 C. 192.168.13.3 D. 192.168.15.5

A. 192.168.14.4

138. Refer to the exhibit. If RTR01 is configured as shown, which three addresses willbe received by other routers that are running EIGRP on the network? (Choose three) A. 192.168.2.0 B. 10.4.3.0 C. 10.0.0.0 D. 172.16.0.0 E. 172.16.4.0 F. 192.168.0.0

A. 192.168.2.0 C. 10.0.0.0 D. 172.16.0.0

462. Which HTTP status code is returned after a successful REST API request? A. 200 B. 301 C. 404 D. 500

A. 200

359. Which technology can prevent client devices from arbitrarily connecting to the network without state remediation? A. 802.1x B. IP Source Guard C. MAC Authentication Bypass D. 802.11n

A. 802.1x

103. Which IPv6 address is the equivalent of the IPv4 interface loopback address127.0.0.1? A. : :1 B. :: C. 2000::/3 D. 0::/10

A. : :1 Explanation: In IPv6 the loopback address is written as, ::1This is a 128bit number, with the first 127 bits being '0' and the 128th bit being '1'.It's just a single address, so could also be written as ::1/128

118. Which option best describes an API? A. A contract that describes how various components communicate and exchange data with each other. B. an architectural style (versus a protocol) for designing applications C. a stateless client-server model D. request a certain type of data by specifying the URL path that models thedata

A. A contract that describes how various components communicate and exchange data with each other.

197. Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with RouterC? A. AS numbers must be changed to match on all the routers B. Loopback interfaces must be configured so a DR is elected C. The no auto-summary command is needed on Router A and Router C D. Router B needs to have two network statements, one for each connected

A. AS numbers must be changed to match on all the routers Explanation/Reference: This question is to examine the understanding of the interaction between EIGRP routers. The following information must be matched so as to create neighborhood. EIGRP routers to establish, must match the followinginformation:1. AS Number;2. K value.

91. When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN ControllerGUI, which two formats are available to select? (Choose two) A. ASCII B. base64 C. binary D. decimal E. hexadecimal

A. ASCII E. hexadecimal Explanation/Reference: When configuring a WLAN with WPA2 Preshared Key (PSK),we can choose the encryption key format as either ASCII or HEX.

370. Refer to the exhibit. An access list is created to deny Telnet access from hostPC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:"% Connection refused by remote host" Without allowing Telnet access from PC-1, which action must be taken to permit the traffic? A. Add the access-list 10 permit any command to the configuration B. Remove the access-class 10 in command from line vty 0.4. C. Add the ip access-group 10 out command to interface g0/0. D. Remove the password command from line vty 0 4

A. Add the access-list 10 permit any command to the configuration

418. An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken? A. Add the switch in the VTP domain with a lower revision number B. Add the switch with DTP set to dynamic desirable C. Add the switch in the VTP domain with a higher revision number D. Add the switch with DTP set to desirable

A. Add the switch in the VTP domain with a lower revision number

164. Which two statements about VTP are true? (Choose two.) A. All switches must be configured with the same VTP domain name B. All switches must be configured to perform trunk negotiation. C. All switches must be configured with a unique VTP domain name D. The VTP server must have the highest revision number in the domain E. All switches must use the same VTP version.

A. All switches must be configured with the same VTP domain name E. All switches must use the same VTP version.

355. Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes? A. Ansible B. Python C. Puppet D. Chef

A. Ansible

425. What is a similarity between OM3 and OM4 fiber optic cable? A. Both have a 50 micron core diameter B. Both have a 9 micron core diameter C. Both have a 62.5 micron core diameter D. Both have a 100 micron core diameter

A. Both have a 50 micron core diameter

519. What is a similarly between 1000BASE-LX and 1000BASE-T standards? A. Both use the same data-link header and trailer formats B. Both cable types support LP connectors C. Both cable types support Rj-45 connectors D. Both support up to 550 meters between nodes

A. Both use the same data-link header and trailer formats

57. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks? A. CPU ACL B. TACACS C. Flex ACL D. RADIUS

A. CPU ACL Explanation/Reference: Whenever you want to control which devices can talk to themain CPU, a CPU ACL is used.Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting orgenerated by the CPU

218. How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment? A. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management B. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management C. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options D. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

A. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management

484. On workstations running Microsoft Windows, which protocol provides the default gateway for the device? A. DHCP B. STP C. SNMP D. DNS

A. DHCP

482. When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP? A. DHCP relay agent B. DHCP server C. DHCPDISCOVER D. DHCPOFFER

A. DHCP relay agent

133. Which two statements about the purpose of the OSI model are accurate?(Choose two.) A. Defines the network functions that occur at each layer B. Facilitates an understanding of how information travels throughout a network C. Changes in one layer do not impact other layer D. Ensures reliable data delivery through its layered approach

A. Defines the network functions that occur at each layer B. Facilitates an understanding of how information travels throughout a network

201. A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped? A. Device(Config)#lldp run B. Device(Config)#cdp run C. Device(Config-if)#cdp enable D. Device(Config)#flow-sampler-map topology

A. Device(Config)#lldp run

206. What is a characteristic of spine-and-leaf architecture? A. Each device is separated by the same number of hops B. It provides variable latency C. It provides greater predictability on STP blocked ports. D. Each link between leaf switches allows for higher bandwidth

A. Each device is separated by the same number of hops

491. An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled. Which action is necessary to complete the configuration if the ISP uses third-party network devices? A. Enable LLDP globally B. Disable auto negotiation C. Disable Cisco Discovery Protocol on the interface D. Enable LLDP-MED on the ISP device

A. Enable LLDP globally Explanation: LDDP-MED is used only between network devices (such as switches) andendpoint devices (such as phones). For network-to-network connections, LLDP isused.

69. Which two tasks must be performed to configure NTP to a trusted server in clientmode on a single network device? (Choose two) A. Enable NTP authentication. B. Verify the time zone. C. Disable NTP broadcasts. D. Specify the IP address of the NTP server. E. Set the NTP server private key.

A. Enable NTP authentication. D. Specify the IP address of the NTP server. Explanation/Reference: To configure authentication, perform this task in privilegedmode:Step 1: Configure an authentication key pair for NTP and specify whether the key willbe trusted or untrusted.Step 2: Set the IP address of the NTP server and the public key.Step 3: Enable NTP client mode.Step 4: Enable NTP authentication.Step 5: Verify the NTP configuration

469. After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials? A. Enable the allow AAA Override B. Enable the Even: Driven RRM C. Disable the LAG Mode or Next Reboot. D. Enable the Authorized MIC APs against auth-list or AAA

A. Enable the allow AAA Override

130. Which two statements about EtherChannel technology are true? (Choose two.) A. EtherChannel provides increased bandwidth by bundling existingFastEthernet or Gigabit Ethernet interfaces into a single EtherChannel. B. STP does not block EtherChannel links. C. You can configure multiple EtherChannel links between two switches,using up to a limit of sixteen physical ports. D. EtherChannel does not allow load sharing of traffic among the physicallinks within the EtherChannel. E. EtherChannel allows redundancy in case one or more links in theEtherChannel fail

A. EtherChannel provides increased bandwidth by bundling existingFastEthernet or Gigabit Ethernet interfaces into a single EtherChannel. E. EtherChannel allows redundancy in case one or more links in theEtherChannel fail.

98. Which two statements describe characteristics of IPv6 unicast addressing?(Choose two.) A. Global addresses start with 2000::/3. B. Link-local addresses start with FE00:/12. C. Link-local addresses start with FF00::/10. D. There is only one loopback address and it is ::1. E. If a global address is assigned to an interface, then that is the only allowable address for the interface.

A. Global addresses start with 2000::/3. D. There is only one loopback address and it is ::1. Explanation: Below is the list of common kinds of IPv6 addresses: Loopback address ::1 Link-local address FE80::/10 Site-local address FEC0::/10 Global address 2000::/3 Multicast address FF00::/8

349. Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access? A. HTTPS B. RADIUS C. TACACS+ D. HTTP

A. HTTPS

430. Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue? A. Interface errors are incrementing B. An incorrect SFP media type was used at SiteA C. High usage is causing high latency D. The sites were connected with the wrong cable type

A. Interface errors are incrementing Explanation: reliability 255/255: When the input and output errors increase, theyaffect the reliability counter. This indicates how likely it is that a packet can bedelivered or received succesfully. Reliability is calculated like this: reliability =number of packets / number of total frames. The value of 255 is the highest valuemeaning that the interface is very reliable at the moment. The calculation above isdone every 5 minutes

28. A Cisco IP phone receive untagged data traffic from an attached PC. Which actionis taken by the phone? A. It allows the traffic to pass through unchanged. B. It drops the traffic. C. It tags the traffic with the default VLAN. D. It tags the traffic with the native VLAN.

A. It allows the traffic to pass through unchanged. Explanation/Reference: Untagged traffic from the device attached to the Cisco IPPhone passes through the phone unchanged, regardless of the trust state of theaccess port on the phone.

387. How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap? A. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points B. It allows the administrator to assign channels on a per-device or per-interface basis. C. It segregates devices from different manufacturers onto different channels. D. It analyzes client load and background noise and dynamically assigns a channel.

A. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points

508. What are two characteristics of an SSID? (Choose Two) A. It can be hidden or broadcast in a WLAN B. It uniquely identifies an access point in a WLAN C. It uniquely identifies a client in a WLAN D. It is at most 32 characters long. E. IT provides secured access to a WLAN

A. It can be hidden or broadcast in a WLAN D. It is at most 32 characters long.

18. Which two actions are performed by the Weighted Random Early Detectionmechanism? (Choose two) A. It drops lower-priority packets before it drops higher-priority packets. B. It can identify different flows with a high level of granularity. C. It guarantees the delivery of high-priority packets. D. It can mitigate congestion by preventing the queue from filling up. E. It supports protocol discovery.

A. It drops lower-priority packets before it drops higher-priority packets. D. It can mitigate congestion by preventing the queue from filling up. Explanation/Reference: Weighted Random Early Detection (WRED) is just acongestion avoidance mechanism. WRED drops packets selectively based on IPprecedence. Edge routers assign IP precedences to packets as they enter thenetwork. When a packet arrives, the following events occur:1. The average queue size is calculated.2. If the average is less than the minimum queue threshold, the arriving packet isqueued.3. If the average is between the minimum queue threshold for that type of traffic andthe maximum threshold for the interface, the packet is either dropped or queued,depending on the packet drop probability for that type of traffic.4. If the average queue size is greater than the maximum threshold, the packet isdropped. WRED reduces the chances of tail drop (when the queue is full, the packetis dropped) by selectively dropping packets when the output interface begins toshow signs of congestion (thus it can mitigate congestion by preventing the queuefrom filling up). By dropping some packets early rather than waiting until the queue isfull, WRED avoids dropping large numbers of packets at once and minimizes thechances of global synchronization. Thus, WRED allows the transmission line to beusedfully at all times.WRED generally drops packets selectively based on IP precedence. Packets with ahigher IP precedence are less likely to be dropped than packets with a lowerprecedence. Thus, the higher the priority of a packet, the higher the probability thatthe packet will be delivered (-> answer A is correct)

157. Which effete does the aaa new-model configuration command have? A. It enables AAA services on the device B. It configures the device to connect to a RADIUS server for AAA C. It associates a RADIUS server to an group. D. It configures a local user on the device.

A. It enables AAA services on the device.

248. Which two statements are true about the command ip route 172.16.3.0255.255.255.0 192.168.2.4? (Choose two.) A. It establishes a static route to the 172.16.3.0 network. B. It establishes a static route to the 192.168.2.0 network. C. It configures the router to send any traffic for an unknown destination to the 172.16.3.0 network. D. It configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4. E. It uses the default administrative distance. F. It is a route that would be used last if other routes to the same destination exist.

A. It establishes a static route to the 172.16.3.0 network. E. It uses the default administrative distance.

87. Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond? A. It ignores the new static route until the existing OSPF default route is removed. B. It immediately replaces the existing OSPF route in the routing table with the newly configured static route. C. It starts load-balancing traffic between the two default routes. D. It starts sending traffic without a specific matching entry in the routingtable to GigabitEthernet0/ 1.

A. It ignores the new static route until the existing OSPF default route is removed. Explanation/Reference: Our new static default route has the Administrative Distance(AD) of 120, which is bigger than the AD of OSPF External route (O*E2) so it will notbe pushed into the routing table until the current OSPF External route is removed.For your information, if you don't type the AD of 120 (using the command "ip route0.0.0.0 0.0.0.0 10.13.0.1") then the new static default route would replace the OSPFdefault route as the default AD of static route is 1. You will see such line in therouting table:S* 0.0.0.0/0 [1/0] via 10.13.0.1

527. Refer to the exhibit. The entire MAC address table for SW1 is shown here: SW1#show mac-address-table Mac Address Table Vlan Mac Address Type Ports 000c.8590.bb7d DYNAMIC Fa0/1 010a.7a17.45bc DYNAMIC FaO/3 7aa7.4037.8935 DYNAMIC FaO/4 SW1# What does SW1 do when Br-4 sends a frame to Br-2? A. It inserts the source MAC address and port into the forwarding table and forwards the frame to Br-2. B. It maps the Layer 2 MAC address for FaO/3 to the Layer 3 IP address and forwards the frame. C. It performs a lookup in the MAC address table for Br-4 and discards the frame due to a missing entry. D. It floods the frame out of all ports except on the port where Br-2 is connected.

A. It inserts the source MAC address and port into the forwarding table and forwards the frame to Br-2.

183. Which statement about Cisco Discovery Protocol is true? A. It is a Cisco-proprietary protocol. B. It runs on the network layer. C. It can discover information from routers, firewalls, and switches. D. It runs on the physical layer and the data link layer.

A. It is a Cisco-proprietary protocol.

72. Refer to exhibit. Which statement explains the configuration error message that is received? A. It is a broadcast IP address. B. The router does not support/28 mask. C. It belongs to a private IP address range. D. It is a network IP address.

A. It is a broadcast IP address.

472. What is a function of the Cisco DNA Center Overall Health Dashboard? A. It provides a summary of the top 10 global issues. B. It provides detailed activity logging for the 10 devices and users on the network. C. It summarizes the operational status of each wireless devise on the network. D. It summarizes daily and weekly CPU usage for servers and workstations in the network.

A. It provides a summary of the top 10 global issues.

259. The OSPF Hello protocol performs which of the following tasks? (Choose two.) A. It provides dynamic neighbor discovery. B. It detects unreachable neighbors in 90 second intervals. C. It maintains neighbor relationships. D. It negotiates correctness parameters between neighboring interfaces. E. It uses timers to elect the router with the fastest links as the designated router. F. It broadcasts hello packets throughout the internetwork to discover all routers that are running OSPF.

A. It provides dynamic neighbor discovery. C. It maintains neighbor relationships.

215. Refer to the exhibit. How does the router manage traffic to 192.168.12.16? A. It selects the RIP route because it has the longest prefix inclusive of the destination address. B. It chooses the OSPF route because it has the longest prefix inclusive of the destination address. C. It load-balances traffic between all three routes D. It chooses the EIGRP route because it has the lowest administrative distance

A. It selects the RIP route because it has the longest prefix inclusive of the destination address.

158. Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1? A. It sends the traffic to VLAN 10. B. It sends the traffic to VLAN 100. C. It drops the traffic. D. It sends the traffic to VLAN 1.

A. It sends the traffic to VLAN 100. Explanation/Reference: Since SW-1 is configured native VLAN is VLAN10, so traffic coming out of VLAN-10 is untagged, & goes directly to SW-2 Native VLAN: VLAN100,due to VLAN mismatch.

464. What is the function of a controller in controller-based networking? A. It serves as the centralized management point of an SDN architecture. B. It centralizes the data plane for the network. C. It is the card on a core router that maintains all routing decisions for acampus. D. It is a pair of core routers that maintain all routing decisions for a campus

A. It serves as the centralized management point of an SDN architecture.

142. Which statements describe the routing protocol OSPF? (Choose three.) A. It supports VLSM. B. It is used to route between autonomous systems. C. It confines network instability to one area of the network. D. It increases routing overhead on the network. E. It allows extensive control of routing updates. F. It is simpler to configure than RIP v2.

A. It supports VLSM. C. It confines network instability to one area of the network. E. It allows extensive control of routing updates. Explanation/Reference: The OSPF protocol is based on link-state technology, which isa departure from the Bellman-Ford vector based algorithms used in traditionalInternet routing protocols such as RIP. OSPF has introduced new concepts such asauthentication of routing updates, Variable Length Subnet Masks (VLSM), routesummarization, and so forth.OSPF uses flooding to exchange link-state updates between routers. Any change inrouting information is flooded to all routers in the network. Areas are introduced toput a boundary on the explosion of link-state updates. Flooding and calculation ofthe Dijkstra algorithm on a router is limited to changes within an area

216. What is an advantage of Cisco DNA Center versus traditional campus device management? A. It supports numerous extensibility options including cross-domain adapters and third-party SDKs. B. It supports high availability for management functions when operating in cluster mode. C. It enables easy auto discovery of network elements m a brown field deployment. D. It is designed primarily to provide network assurance.

A. It supports numerous extensibility options including cross-domain adapters and third-party SDKs.

512. How does WPA3 improve security? A. It uses SAE for authentication. B. It uses a 4-way handshake for authentication. C. It uses RC4 for encryption. D. It uses TKIP for encryption.

A. It uses SAE for authentication.

228. What are two differences between optical-fiber cabling and copper cabling?(Choose two) A. Light is transmitted through the core of the fiber B. A BNC connector is used for fiber connections C. The glass core component is encased in a cladding D. Fiber connects to physical interfaces using Rj-45 connections E. The data can pass through the cladding

A. Light is transmitted through the core of the fiber C. The glass core component is encased in a cladding

220. What is a difference between local AP mode and FlexConnect AP mode? A. Local AP mode creates two CAPWAP tunnels per AP to the WLC B. FiexConnect AP mode fails to function if me AP loses connectivity with the WLC C. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured D. Local AP mode causes the AP to behave as if it were an autonomous AP

A. Local AP mode creates two CAPWAP tunnels per AP to the WLC

173. Which NAT term is defined as a group of addresses available for NAT use? A. NAT pool B. dynamic NAT C. static NAT D. one-way NAT

A. NAT pool

180. Which two statements about NTP operations are true? (Choose two.) A. NTP uses UDP over IP. B. Cisco routers can act as both NTP authoritative servers and NTP clients. C. Cisco routers can act only as NTP servers. D. Cisco routers can act only as NTP clients. E. NTP uses TCP over IP.

A. NTP uses UDP over IP. B. Cisco routers can act as both NTP authoritative servers and NTP clients.

187. Refer to the exhibit. Which Command do you enter so that R1 advertises theloopback0 interface to the BGP Peers? A. Network 172.16.1.32 mask 255.255.255.224 B. Network 172.16.1.0 0.0.0.255 C. Network 172.16.1.32 255.255.255.224 D. Network 172.16.1.33 mask 255.255.255.224 E. Network 172.16.1.32 mask 0.0.0.31 F. Network 172.16.1.32 0.0.0.31

A. Network 172.16.1.32 mask 255.255.255.224

243. How does Cisco DNA Center gather data from the network? A. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller B. Devices establish an iPsec tunnel to exchange data with the controller C. Devices use the call-home protocol to periodically send data to the controller. D. The Cisco CU Analyzer tool gathers data from each licensed network device and streams it to the controller

A. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller

229. Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate? (Choose two) A. OSPF area B. OSPF MD5 authentication key C. iPv6 address D. OSPf process ID E. OSPf stub flag

A. OSPF area D. OSPf process ID

441. What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API? A. OpenFlow B. Java C. REST D. XML

A. OpenFlow

8. What are two southbound APIs? (Choose two ) A. OpenFlow B. NETCONF C. Thrift D. CORBA E. DSC

A. OpenFlow B. NETCONF Explanation/Reference: OpenFlow is a well-known southbound API. OpenFlowdefines the way the SDN Controller should interact with the forwarding plane tomake adjustments to the network, so it can better adapt to changing businessrequirements.The Network Configuration Protocol (NetConf) uses Extensible Markup Language(XML) to install, manipulate and delete configuration to network devices.Other southbound APIs are:+ onePK: a Cisco proprietary SBI to inspect or modify the network elementconfiguration without hardware upgrades.+ OpFlex: an open-standard, distributed control system. It send "summary policy" tonetwork elements

412. Refer to the exhibit. An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G/0/1. Which access list must be applied? A. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255 B. ip access-list standard 99 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255 C. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.255.255.255 A. ip access-list standard 199 permit 10.100.100.0 0.0.0.255 deny 192.168.0.0 0.0.255.255 A. Option A B. Option B C. Option C D. Option D

A. Option A

431. Refer to the exhibit. An engineer must configure GigabitEthernet1/ 1 to accommodate voice and data traffic Which configuration accomplishes this task? A. interface gigabitethernet 1/1 switchport mode access switchport access vlan 300 switchport voice vlan 400 B. interface gigabitethernet 1/1 switchport mode trunk switchport trunk vlan 300 switchport voice vlan 400 C. interface gigabitethernet 1/1 switchport mode trunk switchport trunk vlan 300 switchport trunk vlan 400 D. interface gigabitethernet 1/1 switchport mode access switchport voice vlan 300 switchport access vlan 400 A. Option A B. Option B C. Option C D. Option D

A. Option A

453. Refer to the exhibit. How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C? A. config t Router A (config)#cdp run Router A (config)#interface gi0/0/0 Router A (config)#no cdp enable B. config t Router A (config)#cdp run Router A (config)#interface gi0/0/0 Router A (config)#cdp enable C. config t Router A (config)#cdp run Router A (config)#interface gi0/0/1 Router A (config)#cdp enable D. config t Router A (config)#cdp run Router A (config)#interface gi0/0/1 Router A (config)#no cdp enable A. Option A B. Option B C. Option C D. Option D

A. Option A

185. When configuring an EtherChannel bundle, which mode enables LACP only if aLACP device is detected? A. Passive B. Desirable C. On D. Auto E. Active

A. Passive Explanation/Reference: The LACP is Link Aggregation Control Protocol. LACP is anopen protocol, published under the 802.3ad.The modes of LACP are active, passive or on. The side configured as "pasive" willwaiting the other side that should an Active for the Etherchannel to be established.PAgP is Port-Aggregation Protocol. It is Cisco proprietary protocol. The mode are On,Desirable or Auto. Desirable - Auto will establish a EtherChannel.An example of how to configure an Etherchannel:SwitchFormula1> enableSwitchFormula1# configure terminalSwitchFormula1( config)# interface range f0/5 -14SwitchFormula1( config-if-range)# channel-group 13 mode ?active Enable LACP unconditionallyauto Enable PAgP only if a PAgP device is detecteddesirable Enable PAgP unconditionallyon Enable Etherchannel onlypassive Enable LACP only if a LACP device is detected

333. Which two functions are performed by the core layer in a three-tier architecture? (Choose two) A. Provide uninterrupted forwarding service. B. Police traffic that is sent to the edge of the network. C. Provide direct connectivity for end user devices. D. Ensure timely data transfer between layers. E. Inspect packets for malicious activity.

A. Provide uninterrupted forwarding service. D. Ensure timely data transfer between layers. Explanation: Cisco is very clear about the purpose of this layer. Its only role is toforward traffic, the fastest it can. Here you don't apply any policy, as you must try toreduce the load of the core so it can focus on routing.

444. Which 802.11 management frame type is sent when a client roams between access points on the same SSID? A. Reassociation Request B. Probe Request C. Authentication Request D. Association Request

A. Reassociation Request

163. You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface. Which action can you take to correct the problem in the least disruptive way? A. Reload the OSPF process. B. Specify a loopback address C. Reboot the router. D. Save the router configuration

A. Reload the OSPF process. Explanation/Reference: Once an OSPF Router ID selection is done, it remains there even if you remove it or configure another OSPF Router ID. So the least disruptive way is to correct it using the command "clear ip ospf process".

280. Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR? A. Router R3 will become the DR and router R1 will become the BDR. B. Router R4 will become the DR and router R3 will become the BDR. C. Router R1 will become the DR and router R2 will become the BDR. D. Router R3 will become the DR and router R2 will become the BDR

A. Router R3 will become the DR and router R1 will become the BDR. Explanation: OSPF elections of a DR are based on the following in order ofprecedence:highest pritority from 1 -255 (0 = never a DR)highest router IDhighest IP address of a loopback or active interface in the absence of amanually configured router ID. Loopback IP addresses take higherprecedence than other interfaces.In this case routers R1 and R3 have the highest router priority. Between the two, R3has the higher router ID. Therefore, R3 will become the DR and R1 will become theBDR.

71. Which result occurs when PortFast is enabled on an interface that is connected to another switch? A. Spanning tree may fail to detect a switching loop in the network thatcauses broadcast storms. B. VTP is allowed to propagate VLAN configuration information from switchto switch automatically. C. Root port choice and spanning tree recalculation are accelerated when aswitch link goes down. D. After spanning tree converges PortFast shuts down any port that receivesBPDUS.

A. Spanning tree may fail to detect a switching loop in the network that causes broadcast storms. Explanation/Reference: Enabling the PortFast feature causes a switch or a trunk portto enter the STP forwarding-state immediately or upon a linkup event, thusbypassing the listening and learning states.Note: To enable portfast on a trunk port you need the trunk keyword "spanning-treeportfast trunk"

132. Which three statements about network characteristics are true? (Choose three.) A. Speed is a measure of the data rate in bits per second of a given link in the network. B. Scalability indicates how many nodes are currently on the network. C. The logical topology is the arrangement of cables, network devices, and end systems. D. Availability is a measure of the probability that the network will be available for use when it is required. E. Reliability indicates the dependability of the components that make up the network.

A. Speed is a measure of the data rate in bits per second of a given link inthe network. D. Availability is a measure of the probability that the network will be available for use when it is required. E. Reliability indicates the dependability of the components that make up the network.

244. What is the difference regarding reliability and communication type between TCP and UDP? A. TCP is reliable and is a connection-oriented protocol; UDP is not reliable and is a connectionless protocol B. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol C. TCP is not reliable and is a connectionless protocol; UDP is reliable and isa connection-oriented protocol D. TCP is reliable and is a connectionless protocol; UDP is not reliable and isa connection-oriented protocol

A. TCP is reliable and is a connection-oriented protocol; UDP is not reliable and is a connectionless protocol

310. How do TCP and UDP differ in the way they guarantee packet delivery? A. TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only. B. TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only. C. TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only. D. TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only

A. TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.

481. Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two) A. Telnet B. SSH C. HTTP D. HTTPS E. TFTP

A. Telnet C. HTTP

361. How does the dynamically-learned MAC address feature function? A. The CAM table is empty until ingress traffic arrives at each port B. Switches dynamically learn MAC addresses of each connecting CAM table. C. The ports are restricted and learn up to a maximum of 10dynamically-learned addresses D. It requires a minimum number of secure MAC addresses to be filled dynamically

A. The CAM table is empty until ingress traffic arrives at each port

238. What are two roles of the Dynamic Host Configuration Protocol (DHCP)?(Choose two) A. The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses B. The DHCP client can request up to four DNS server addresses C. The DHCP server assigns IP addresses without requiring the client to renew them D. The DHCP server leases client IP addresses dynamically. E. The DHCP client maintains a pool of IP addresses it can assign.

A. The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses D. The DHCP server leases client IP addresses dynamically.

414. Which condition must be met before an NMS handles an SNMP trap from an agent? A. The NMS software must be loaded with the MIB associated with the trap. B. The NMS must be configured on the same router as the SNMP agent C. The NMS must receive a trap and an inform message from the SNMPagent within a configured interval D. The NMS must receive the same trap from two different SNMP agents toverify that it is reliable

A. The NMS software must be loaded with the MIB associated with the trap.

198. Refer to the exhibit. Which rule does the DHCP server use when there is an IP address conflict? A. The address is removed from the pool until the conflict is resolved. B. The address remains in the pool until the conflict is resolved. C. Only the IP detected by Gratuitous ARP is removed from the pool. D. Only the IP detected by Ping is removed from the pool. E. The IP will be shown, even after the conflict is resolved.

A. The address is removed from the pool until the conflict is resolved. Explanation/Reference: An address conflict occurs when two hosts use the same IPaddress. During address assignment, DHCP checks for conflicts using ping andgratuitous ARP. If a conflict is detected, the address is removed from the pool. Theaddress will not be assigned until the administrator resolves the conflict.

295. An organization secures its network with multi-factor authentication using an authenticator app on employee smartphones. How is the applic secured in the case of a user's smartphone being lost or stolen? A. The application requires the user to enter a PIN before it provides the second factor B. the application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted C. The application requires an a administrator password to reactivate after a configured interval D. The application verifies that the user is in a specific location before itprovides the second factor

A. The application requires the user to enter a PIN before it provides the second factor

175. Refer to the exhibit. After you apply the give configurations to R1 and R2 you notice that OSPFv3 fails to start. Which reason for the problem is most likely true ? A. The area numbers on R1 and R2 are mismatched B. The IPv6 network addresses on R1 and R2 are mismatched C. The autonomous system numbers on R1 and R2 are mismatched D. The router ids on R1 and R2 are mismatched

A. The area numbers on R1 and R2 are mismatched

492. Which two events occur automatically when a device Is added to Cisco DNA Center? (Choose two.) A. The device Is assigned to the Global site. B. The device Is placed into the Unmanaged state. C. The device Is placed into the Provisioned state. D. The device Is placed into the Managed state. E. The device is assigned to the Local site

A. The device Is assigned to the Global site. D. The device Is placed into the Managed state. Explanation: Device in Global Site: When you successfully add, import, or discover adevice, Cisco DNA Center places the device in the Managed state and assigns it to theGlobal site by default. Even if you have defined SNMP server, Syslog server, andNetFlow collector settings for the Global site, Cisco DNA Center does not changethese settings on the device

73. When a floating static route is configured, which action ensures that the backup route is used when the primary route fails? A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup. B. The administrative distance must be higher on the primary route so that the backup route becomes secondary C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup. D. The default-information originate command must be configured for the route to be installed into the routing table

A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup.

240. Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/ 1 interface? A. The frame is processed in VLAN 5. B. The frame is processed in VLAN 11 C. The frame is processed in VLAN 1 D. The frame is dropped

A. The frame is processed in VLAN 5.

274. Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are correctly configured, but there is no connectivity between the web server and users on the Internet. What is a possible reason for this lack of connectivity? A. The router NAT configuration has an incorrect inside local address. B. The inside global address is incorrect. C. The NAT configuration on interface S0/0/1 is incorrect. D. Interface Fa0/0 should be configured with the command ip nat outside

A. The router NAT configuration has an incorrect inside local address.

110. Refer to the exhibit. Which two events occur on the interface, if packets from anunknown Source address arrive after the interface learns the maximum number ofsecure MAC address? (Choose two.) A. The security violation counter dose not increment B. The port LED turns off C. The interface is error-disabled D. A syslog message is generated E. The interface drops traffic from unknown MAC address

A. The security violation counter dose not increment E. The interface drops traffic from unknown MAC address

203. What is the expected outcome when an EUI-64 address is generated?' A. The seventh bit of the original MAC address of the interface is inverted B. The interface ID is configured as a random 64-bit value C. The characters FE80 are inserted at the beginning of the MAC address of the interface D. The MAC address of the interface is used as the interface ID without modification

A. The seventh bit of the original MAC address of the interface is inverted

150. Which statement about VLAN configuration is true? A. The switch must be in VTP server or transparent mode before you can configure a VLAN B. The switch must be in config-vlan mode before you configure an extended VLAN C. Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064 D. A switch in VTP transparent mode save the VLAN databases to therunning configuration only

A. The switch must be in VTP server or transparent mode before you can configure a VLAN

13. Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two) A. The switch must be running a k9 (crypto) IOS image. B. The ip domain-name command must be configured on the switch. C. IP routing must be enabled on the switch. D. A console password must be configured on the switch. E. Telnet must be disabled on the switch.13. Which two must be met before SSH can operate normally on a Cisco IOS switch?

A. The switch must be running a k9 (crypto) IOS image. B. The ip domain-name command must be configured on the switch

20. Refer to the exhibit. What is the effect of this configuration? A. The switch port interface trust state becomes untrusted. B. The switch port remains administratively down until the interface is connected to another switch. C. Dynamic ARP inspection is disabled because the ARP ACL is missing. D. The switch port remains down until it is configured to trust or untrustincoming packets.

A. The switch port interface trust state becomes untrusted Explanation/Reference: Dynamic ARP inspection (DAI) is a security feature thatvalidates ARP packets in a network. It intercepts, logs, and discards ARP packets withinvalid IP-to-MAC address bindings. This capability protects the network from certainman-in-the-middle attacks. After enabling DAI, all ports become untrusted ports

169. Which two statements about eBGP neighbor relationships are true? (Choosetwo) A. The two devices must reside in different autonomous systems B. Neighbors must be specifically declared in the configuration of each device C. They can be created dynamically after the network statement is configured. D. The two devices must reside in the same autonomous system E. The two devices must have matching timer settings

A. The two devices must reside in different autonomous systems B. Neighbors must be specifically declared in the configuration of each device

66. Which two outcomes are predictable behaviors for HSRP? (Choose two) A. The two routers share a virtual IP address that is used as the defaultgateway for devices on the LAN. B. The two routers negotiate one router as the active router and the otheras the standby router. C. Each router has a different IP address both routers act as the defaultgateway on the LAN, and traffic is load balanced between them. D. The two routers synchronize configurations to provide consistent packetforwarding. E. The two routed share the same IP address, and default gateway traffic isload-balanced between them

A. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN. B. The two routers negotiate one router as the active router and the other as the standby router.

88. Refer to the Exhibit. After the switch configuration the ping test fails between PCA and PC B Based on the output for switch 1. Which error must be corrected? A. There is a native VLAN mismatch. B. Access mode is configured on the switch ports. C. The PCs are in the incorrect VLAN. D. All VLANs are not enabled on the trunk

A. There is a native VLAN mismatch. Explanation/Reference: From the output we see the native VLAN of Switch1 on Gi0/1interface is VLAN 1 while that of Switch2 is VLAN 99 so there would be a native VLAN mismatch.

367. In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization? A. There is limited unique address space, and traffic on the new subnet will stay local within the organization. B. The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts. C. Traffic on the subnet must traverse a site-to-site VPN to an outside organization. D. The ISP requires the new subnet to be advertised to the internet for webservices.

A. There is limited unique address space, and traffic on the new subnet will stay local within the organization.

131. Which three statements about MAC addresses are correct? (Choose three.) A. To communicate with other devices on a network, a network device musthave a unique MAC address. B. The MAC address is also referred to as the IP address. C. The MAC address of a device must be configured in the Cisco IOS CLI by auser with administrative privileges. D. A MAC address contains two main components, the first of whichidentifies the manufacturer of the hardware and the second of whichuniquely identifies the hardware. E. An example of a MAC address is 0A:26:B8:D6:65:90. F. A MAC address contains two main components, the first of whichidentifies the network on which the host resides and the second of whichuniquely identifies the host on the network.

A. To communicate with other devices on a network, a network device musthave a unique MAC address. D. A MAC address contains two main components, the first of whichidentifies the manufacturer of the hardware and the second of whichuniquely identifies the hardware. E. An example of a MAC address is 0A:26:B8:D6:65:90.

167. Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment? A. VLAN 1 B. VLAN 5 C. VLAN 10 D. VLAN 20

A. VLAN 1

395. Which implementation provides the strongest encryption combination for the wireless environment? A. WPA2 + AES B. WPA + AES C. WEP D. WPA + TKIP

A. WPA2 + AES

312. Which technology is used to improve web traffic performance by proxy caching? A. WSA B. Firepower C. ASA D. FireSIGHT

A. WSA

381. A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server? A. a DHCP Relay Agent B. DHCP Binding C. a DHCP Pool D. DHCP Snooping

A. a DHCP Relay Agent

323. Which type of information resides on a DHCP server? A. a list of the available IP addresses in a pool B. a list of public IP addresses and their corresponding names C. usernames and passwords for the end users in a domain D. a list of statically assigned MAC addresses

A. a list of the available IP addresses in a pool

264. On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs? A. a router with sub interfaces configured on the physical interface that is connected to the switch B. a router with an IP address on the physical interface connected to the switch C. a switch with an access link that is configured between the switches D. a switch with a trunk link that is configured between the switches

A. a router with sub interfaces configured on the physical interface that is connected to the switch Explanation:Different VLANs can't communicate with each other , they can communicate withthe help of Layer3 router. Hence , it is needed to connect a router to a switch , thenmake the sub-interface on the router to connect to the switch, establishing Trunkinglinks to achieve communications of devices which belong to different VLANs

504. Which port type supports the spanning-tree portfast command without additional configuration? A. access ports B. Layer 3 main Interfaces C. Layer 3 suninterfaces D. trunk ports

A. access ports

380. Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task? A. access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh B. access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp C. access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet D. access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

A. access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh

268. Which function dose the range of private IPv4 addresses perform? A. allow multiple companies to each use the same address without conflicts B. provides a direct connection for hosts from outside of the enterprise network C. ensues that NAT is not required to reach the internet with private range addressing D. enable secure communications to the internet for all external hosts

A. allow multiple companies to each use the same address without conflicts

221. Which function does the range of private IPv4 addresses perform? A. allows multiple companies to each use the same addresses without conflicts B. provides a direct connection for hosts from outside of the enterprise network C. ensures that NAT is not required to reach the internet with private range addressing D. enables secure communications to the internet for all external hosts

A. allows multiple companies to each use the same addresses without conflicts

101. Which two are features of IPv6? (Choose two.) A. anycast B. broadcast C. multicast D. podcast E. allcast

A. anycast C. multicast Explanation: IPv6 addresses are classified by the primary addressing and routingmethodologies common in networking: unicast addressing, anycast addressing, andmulticast addressing. A unicast address identifies a single network interface. TheInternet Protocol delivers packets sent to a unicast address to that specific interface.An anycast address is assigned to a group of interfaces, usually belonging to differentnodes. A packet sent to an anycast address is delivered to just one of the memberinterfaces, typically the nearest host, according to the routing protocol's definition ofdistance. Anycast addresses cannot be identified easily, they have the same formatas unicast addresses, and differ only by their presence in the network at multiplepoints. Almost any unicast address can be employed as an anycast address.A multicast address is also used by multiple hosts, which acquire the multicastaddress destination by participating in the multicast distribution protocol among thenetwork routers. A packet that is sent to a multicast address is delivered to allinterfaces that have joined the corresponding multicast group.

124. Which statement about the nature of NAT overload is true? A. applies a one-to-many relationship to internal IP addresses B. applies a one-to-one relationship to internal IP addresses C. applies a many-to-many relationship to internal IP addresses D. can be configured only on Gigabit interface

A. applies a one-to-many relationship to internal IP addresses

319. Which two WAN architecture options help a business scalability and reliability for the network? (Choose two) A. asychronous routing B. single-homed branches C. dual-homed branches D. static routing E. dynamic routing

A. asychronous routing C. dual-homed branches

317. Which WAN access technology is preferred for a small office / home office architecture? A. broadband cable access B. frame-relay packet switching C. dedicated point-to-point leased line D. Integrated Services Digital Network switching

A. broadband cable access

371. What is a role of wireless controllers in an enterprise network? A. centralize the management of access points in an enterprise network B. support standalone or controller-based architectures C. serve as the first line of defense in an enterprise network D. provide secure user logins to devices on the network.

A. centralize the management of access points in an enterprise network

434. Which network action occurs within the data plane? A. compare the destination IP address to the IP routing table. B. run routing protocols (OSPF, EIGRP, RIP, BGP) C. make a configuration change from an incoming NETCONF RPC D. reply to an incoming ICMP echo request

A. compare the destination IP address to the IP routing table.

306. An engineer must configure an OSPF neighbor relationship between router R1and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.) A. configure the hello and dead timers to match on both sides B. configure the same process ID for the router OSPF process C. configure the same router ID on both routing processes D. Configure the interfaces as OSPF active on both sides. E. configure both interfaces with the same area ID

A. configure the hello and dead timers to match on both sides E. configure both interfaces with the same area ID

424. What is a role of access points in an enterprise network? A. connect wireless devices to a wired network B. support secure user logins to devices or the network C. integrate with SNMP in preventing DDoS attacks D. serve as a first line of defense in an enterprise network

A. connect wireless devices to a wired network

467. Why was the RFC 1918 address space defined? A. conserve public IPv4 addressing B. preserve public IPv6 address space C. reduce instances of overlapping IP addresses D. support the NAT protocol

A. conserve public IPv4 addressing

474. Where is the interface between the control plane and data plane within the software defined architecture? A. control layer and the infrastructure layer B. application layer and the infrastructure layer C. control layer and the application layer D. application layer and the management layer

A. control layer and the infrastructure layer

403. When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed? A. default-router B. default-gateway C. ip helper-address D. dns-server

A. default-router

115. After you deploy a new WLAN controller on your network, which two additional tasks should you consider? (Choose two) A. deploy load balancers B. configure additional vlans C. configure multiple VRRP groups D. deploy POE switches E. configure additional security policies

A. deploy load balancers E. configure additional security policies

341. What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency? A. different nonoverlapping channels B. different overlapping channels C. one overlapping channel D. one nonoverlapping channel

A. different nonoverlapping channels

394. Which resource is able to be shared among virtual machines deployed on the same physical server? A. disk B. applications C. VM configuration file D. operating system

A. disk

127. What is the purpose of the show ip ospf interface command? A. displaying OSPF-related interface information B. displaying general information about OSPF routing processes C. displaying OSPF neighbor information on a per-interface basis D. displaying OSPF neighbor information on a per-interface-type basis

A. displaying OSPF-related interface information

351. Which function is performed by the collapsed core layer in a two-tier architecture? A. enforcing routing policies B. marking interesting traffic for data polices C. attaching users to the edge of the network D. applying security policies

A. enforcing routing policies

252. What are two requirements for an HSRP group? (Choose two.) A. exactly one active router B. one or more standby routers C. one or more backup virtual routers D. exactly one standby active router E. exactly one backup virtual router

A. exactly one active router B. one or more standby routers Explanation:A: exactly one active router: Only one Active Router per HSRP group will be electedbased on highestpriority. In case of equal priority, Highest IP address will be elected as Active Router.B: one or more standby routers : There can be one or more Standby Routers.C, D And E are incorrect: Wrong terminology.

104. In which two formats can the IPv6 addressfd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose two.) A.fd15:0db8:0000:0000:700:3:400F:527B B. fd15::db8::700:3:400F:527B C. fd15:db8:0::700:3:4F:527B D. fd15:0db8::7:3:4F:527B E. fd15:db8::700:3:400F:572B

A. fd15:0db8:0000:0000:700:3:400F:527B E. fd15:db8::700:3:400F:572B

301. Which device performs stateful inspection of traffic? A. firewall B. switch C. access point D. wireless controller

A. firewall

369. Which state does the switch port move to when PortFast is enabled? A. forwarding B. listening C. blocking D. learning

A. forwarding

435. Which networking function occurs on the data plane? A. forwarding remote client/server traffic B. facilitates spanning-tree elections C. processing inbound SSH management traffic D. sending and receiving OSPF Hello packets

A. forwarding remote client/server traffic

456. An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between hardware and virtual machines? A. hypervisor B. router C. straight cable D. switch

A. hypervisor

272. Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the 192.168.1.0 subnet from accessing the server at 10.1.1.5: access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5 access-list 100 permit ip any any Where should the administrator place this ACL for the most efficient use of network resources? A. inbound on router A Fa0/0 B. outbound on router B Fa0/0 C. outbound on router A Fa0/1 D. inbound on router B Fa0/1

A. inbound on router A Fa0/0

213. Refer to the exhibit. Which two commands were used to create port channel 10? (Choose two ) A. int range g0/0-1 channel-group 10 mode active B. int range g0/0-1 channel-group 10 mode desirable C. int range g0/0-1 channel-group 10 mode passive D. int range g0/0-1 channel-group 10 mode auto E. int range g0/0-1 channel-group 10 mode on

A. int range g0/0-1 channel-group 10 mode active C. int range g0/0-1 channel-group 10 mode passive

251. Refer to the exhibit. Which two commands were used to create port channel10? (Choose two.) A. int range g0/0-1channel-group 10 mode active B. int range g0/0-1channel-group 10 mode desirable C. int range g0/0-1channel-group 10 mode passive D. int range g0/0-1channel-group 10 mode auto E. int range g0/0-1channel-group 10 mode on

A. int range g0/0-1channel-group 10 mode active C. int range g0/0-1channel-group 10 mode passive

423. Refer to the exhibit. An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement? A. interface gi0/1no cdp enable B. interface gi0/1clear cdp table C. interface gi0/0no cdp advertise-v2 D. interface gi0/0no cdp run

A. interface gi0/1no cdp enable

2. Which command enables a router to become a DHCP client? A. ip address dhcp B. ip helper-address C. ip dhcp pool D. ip dhcp client

A. ip address dhcp

363. Which command must be entered to configure a DHCP relay? A. ip helper-address B. ip address dhcp C. ip dhcp pool D. ip dhcp relay

A. ip helper-address

449. An engineer must configure the IPv6 address2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface? A. ipv6 address 2001:db8::700:3:400F:572B B. ipv6 address 2001:db8:0::700:3:4F:572B C. ipv6 address 2001:Odb8::7:3:4F:572B D. ipv6 address 2001::db8:0000::700:3:400F:572B

A. ipv6 address 2001:db8::700:3:400F:572B

285. Refer to Exhibit. The loopback1 interface of the Atlanta router must reach theloopback3 interface of the Washington router. Which two static host routes must be configured on the NEW York router? (Choose two) A. ipv6 route 2000::1/128 2012::1 B. ipv6 route 2000::3/128 2023::3 C. ipv6 route 2000::3/128 s0/0/0 D. ipv6 route 2000::1/128 2012::2 E. ipv6 route 2000::1/128 s0/0/1

A. ipv6 route 2000::1/128 2012::1 B. ipv6 route 2000::3/128 2023::3

125. Which command is used to configure an IPv6 static default route? A. ipv6 route ::/0 interface next-hop5 B. ipv6 route default interface next-hop C. ipv6 route 0.0.0.0/0 interface next-hop D. ip route 0.0.0.0/0 interface next-hop

A. ipv6 route ::/0 interface next-hop5

64. Refer to Exhibit. An engineer is configuring the NEW York router to reach the Lo1interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach theLo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two) A. ipv6 router 2000::1/128 2012::1 B. ipv6 router 2000::1/128 2012:1 5 C. ipv6 router 2000::1/128 2012::2 D. ipv6 router 2000::1/128 2023:2 5 E. ipv6 router 2000::1/128 2023::3 5

A. ipv6 router 2000::1/128 2012::1 E. ipv6 router 2000::1/128 2023::3 5 Explanation/Reference: Floating static routes are static routes that have anadministrative distance greater than the administrative distance (AD) of anotherstatic route or dynamic routes. By default a static route has an AD of 1 then floatingstatic route must have the AD greater than 1. Floating static route has a manuallyconfigured administrative distance greater than that of the primary route andtherefore would not be in the routing table until the primary route fails.

204. Which function does an SNMP agent perform? A. it sends information about MIB variables in response to requests from the NMS B. it coordinates user authentication between a network device and aTACACS+ or RADIUS server C. it requests information from remote network nodes about catastrophic system events. D. it manages routing between Layer 3 devices in a network

A. it sends information about MIB variables in response to requests from the NMS

236. By default, how Does EIGRP determine the metric of a route for the routing table? A. it uses the bandwidth and delay values of the path to calculate the route metric B. it uses a default metric of 10 for all routes that are learned by the router C. it uses a reference Bandwidth and the actual bandwidth of the connected link to calculate the route metric D. it counts the number of hops between the receiving and destination routers and uses that value as the metric

A. it uses the bandwidth and delay values of the path to calculate the route metric

109. Refer to the exhibit. Which two statements about the interface that generatedthe output are true? (Choose two.) A. learned MAC addresses are deleted after five minutes of inactivity B. the interface is error-diabled if packets arrive from a new unknownsource address C. it has dynamically learned two secure MAC addresses D. it has dynamically learned three secure MAC addresses E. the security violation counter increments if packets arrive from a newunknown source address

A. learned MAC addresses are deleted after five minutes of inactivity C. it has dynamically learned two secure MAC addresses

174. Which command is used to enable LLDP globally on a Cisco IOS ISR? A. lldp run B. lldp enable C. lldp transmit D. cdp run E. cdp enable

A. lldp run Explanation/Reference: Link Layer Discovery Protocol (LLDP) is a industry standardprotocol that allows devices to advertise, and discover connected devices, and therecapabilities (same as CDP of Cisco). To enable it on Cisco devices, we have to use thiscommand under global configuration mode:Sw(config)# lldp run

208. Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that it receives for destination IP 172.16.32.1? A. longest prefix B. metric C. cost D. administrative distance

A. longest prefix

68. Which 802.11 frame type is association response? A. management B. protected frame C. control D. action

A. management Explanation/Reference: There are three main types of 802.11 frames: the DataFrame, the Management Frame and the Control Frame. Association Responsebelongs to Management Frame. Association response is sent in response to anassociation request

146. Which configuration command can u apply to a HSRP router so that its local interface becomes active if all other routers in the group fail? A. no additional config is required B. standby 1 track ethernet C. standby 1 preempt D. standby 1 priority 250

A. no additional config is required Explanation/Reference: Simply because that will be the default behavior routerswould follow in the event all other routers in the HSRP group fail, then it would notkeep attributes such as priority or preemption.What preemption does in summary is to make sure that the configured Priority on allrouters within the same HSRP group is always respected. That is, if R1 is configuredon the HSRP group with a priority of 150 but he stands as active since all otherrouters currently subscribed to that group have a priority 150, then will router willpreempt the current active router and will take over hence becoming the new activerouter.With preemption disabled, the new router does not preempt the current activerouter, unless routers in the group have to renegotiate their roles based on eachrouter's priority at the time of negotiation.

80. Which mode must be used to configure EtherChannel between two switcheswithout using a negotiation protocol? A. on B. auto C. active D. desirable

A. on Explanation/Reference: The Static Persistence (or "on" mode) bundles the linksunconditionally and no negotiation protocol is used. In this mode, neither PAgP norLACP packets are sent or received

376. Which CRUD operation corresponds to the HTTP GET method? A. read B. update C. create D. delete

A. read Explanation: GET: This method retrieves the information identified by the requestURI. In the context of the RESTful web services, this method is used to retrieveresources. This is the method used for read operations (the R in CRUD).https://hub.packtpub.com/crud-operations-rest/

1. What are two benefits of network automation? (Choose two) A. reduced operational costs B. reduced hardware footprint C. faster changes with more reliable results D. fewer network failures E. increased network security

A. reduced operational costs C. faster changes with more reliable results

246. The service password-encryption command is entered on a router. What is the effect of this configuration? A. restricts unauthorized users from viewing clear-text passwords in the running configuration B. prevents network administrators from configuring clear-text passwords C. protects the VLAN database from unauthorized PC connections on the switch D. encrypts the password exchange when a VPN tunnel is established

A. restricts unauthorized users from viewing clear-text passwords in the running configuration

466. When a switch receives a frame for a known destination MAC address, how is the frame handed? A. sent to the port identified for the known MAC address B. broadcast to all ports C. forwarded to the first available port D. flooded to all ports except the one from which it originated

A. sent to the port identified for the known MAC address xplanation/Reference: A switch builds its MAC address table by recording the MACaddress of each device connected to each of its ports. The switch uses theinformation in the MAC address table to send frames destined for a specific deviceout the port, which has been assigned to that device.

405. How is the native VLAN secured in a network? A. separate from other VLANs within the administrative domain B. give it a value in the private VLAN range C. assign it as VLAN 1 D. configure it as a different VLAN ID on each end of the link

A. separate from other VLANs within the administrative domain

500. What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two.) A. serves as the network aggregation point B. provides a boundary between Layer 2 and Layer 3 communications C. designed to meet continuous, redundant uptime requirements D. is the backbone for the network topology E. physical connection point for a LAN printer

A. serves as the network aggregation point B. provides a boundary between Layer 2 and Layer 3 communications Explanation/Reference: The distribution layer aggregates the data received from theaccess layer switches before it is transmitted to the core layer for routing to its finaldestination. In Figure 1-6, the distribution layer is the boundary between the Layer 2domains and the Layer 3 routed network

145. Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP primary router after it is reloaded? A. standby 10 preempt B. standby 10 version 1 C. standby 10 priority 150 D. standby 10 version 2

A. standby 10 preempt Explanation/Reference: The "preempt" command enables the HSRP router with the highest priority to immediately become the active router.

165. Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose two.) A. the native VLAN B. the trunking protocol C. the VTP domain D. the spanning-tree priority E. the spanning tree protocol

A. the native VLAN C. the VTP domain

111. Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.) A. there are 20 different network masks within the 10.0.0.0/8 network B. A static default route to 10.85.33.14 was defined C. Ten routes are equally load-balanced between Te0/1/0.100 andTe0/2/0.100 D. The 10.0.0.0/8 network was learned via external EIGRP E. The EIGRP administrative distance was manually changed from 90 to 170

A. there are 20 different network masks within the 10.0.0.0/8 network C. Ten routes are equally load-balanced between Te0/1/0.100 andTe0/2/0.100

241. What are two reasons for an engineer to configure a floating state route?(Choose two) A. to automatically route traffic on a secondary path when the primary path goes down B. to route traffic differently based on the source IP of the packet C. to enable fallback static routing when the dynamic routing protocol fails D. to support load balancing via static routing E. to control the return path of traffic that is sent from the router

A. to automatically route traffic on a secondary path when the primary path goes down C. to enable fallback static routing when the dynamic routing protocol fails

139. Which two options are the best reasons to use an IPV4 private IP space?(choosetwo) A. to enable intra-enterprise communication B. to implement NAT C. to connect applications D. to conserve global address space E. to manage routing overhead

A. to enable intra-enterprise communication D. to conserve global address space

141. Which three describe the reasons large OSPF networks use a hierarchicaldesign? (Choose Three) A. to speed up convergence B. to reduce routing overhead C. to lower costs by replacing routers with distribution layer switches. D. to decrease latency by increasing bandwidth. E. to confine network instability to single areas of the network. F. to reduce the complexity of router configuration.

A. to speed up convergence B. to reduce routing overhead E. to confine network instability to single areas of the network

188. For what two purposes does the Ethernet protocol use physical addresses? A. to uniquely identify devices at Layer 2 B. to allow communication with devices on a different network C. to differentiate a Layer 2 frame from a Layer 3 packet D. to establish a priority system to determine which device gets to transmitfirst E. to allow communication between different devices on the same network F. to allow detection of a remote device when its physical address isunknown

A. to uniquely identify devices at Layer 2 E. to allow communication between different devices on the same network

120. Which command can you enter to allow Telnet to be supported in addition to SSH? A. transport input telnet ssh B. transport input telnet C. no transport input telnet D. privilege level 15

A. transport input telnet ssh

117. Which of the following is the JSON encoding of a dictionary or hash? A. {"key":"value"} B. ["key","value"] C. {"key","value"} D. ("key":"value")

A. {"key":"value"}

277. Refer to the exhibit. Which two configurations would be used to create and apply a standard access list on R1, so that only the 10.0.70.0/25 network devices are allowed to access the internal database server? (Choose two.) A.R1(config)# interface GigabitEthernet0/ 0 R1(config-if)# ip access-group 5 out B.R1(config)# access-list 5 permit 10.0.54.0 0.0.1.255 C.R1(config)# interface Serial0/0/0 R1(config-if)# ip access-group 5 in D.R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127 E.R1(config)# access-list 5 permit any

A.R1(config)# interface GigabitEthernet0/ 0 R1(config-if)# ip access-group 5 out D.R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127

Drag and drop the routing table components on the left onto the corresponding letter from the exhibit on the right not all options are used.

A: router source B: administrative distance C: metric D: timestamp E: outbound intercace

9. Drag drop the descriptions from the left on to the correct configuration-management technologies on the right.

Ansible: - uses SSH for remote device communication - uses YAML for fundamental configuration elements Chef: - uses TCP port 10002 for configuration push jobs - uses Ruby for fundamental configuration elements Puppet: - fundamental configuration elements are stored in a manifest - uses TCP 8140 for communication

6. Drag and drop the AAA functions from the left onto the correct AAA services on the right.

Authentication: - verifies the password associated with a user - identifies the user Authorization: - controls the actions that a user can perform - restricts the services that are available to a user Accounting: - provides analytical Information for the network administrator - records user activities

137. Which two VLAN IDs indicate a default VLAN? (Choose two.) A. 0 B. 1 C. 1005 D. 1006 E. 4096

B. 1 C. 1005 Explanation/Reference: VLAN 1 is a system default VLAN, you can use this VLAN butyou cannot delete it. By default VLAN 1 is use for every port on the switch.Standard VLAN range from 1002-1005 it's Cisco default for FDDI and Token Ring. Youcannot delete VLANs 1002-1005. mostly we don't use VLAN in this range

160. What is the binary pattern of unique ipv6 unique local address? A. 00000000 B. 11111100 C. 11111111 D. 11111101

B. 11111100 Explanation/Reference: A IPv6 Unique Local Address is an IPv6 address in the blockFC00::/7, which means that IPv6 Unique Local addresses begin with 7 bits with exactbinary pattern as 1111 110 -> Answer B is correct.Note: IPv6 Unique Local Address is the approximate IPv6 counterpart of the IPv4private address. It is not routable on the global Internet.

75. Which network allows devices to communicate without the need to access the Internet? A. 172.9.0.0/16 B. 172.28.0.0/16 C. 192.0.0.0/8 D. 209.165.201.0/24

B. 172.28.0.0/16 Explanation/Reference: This question asks about the private ranges of IPv4addresses. The private ranges of each class of IPv4 are listed below:Class A private IP address ranges from 10.0.0.0 to 10.255.255.255 Class B private IPaddress ranges from 172.16.0.0 to 172.31.255.255 Class C private IP address rangesfrom 192.168.0.0 to 192.168.255.255 Only the network 172.28.0.0/16 belongs to theprivate IP address (of class B).

140. Which technique can you use to route IPv6 traffic over an IPv4 infrastructure? A. NAT B. 6to4 tunneling C. L2TPv3 D. dual-stack

B. 6to4 tunneling

289. When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII formar? A. 6 B. 8 C. 12 D. 18

B. 8

154. Refer to exhibit. What Administrative distance has route to 192.168.10.1 ? A. 1 B. 90 C. 110 D. 120

B. 90

37. Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table? A. 20 B. 90 C. 110 D. 115

B. 90 Explanation/Reference: The Administrative distance (AD) of EIGRP is 90 while the AD of OSPF is 110 so EIGRP route will be chosen to install into the routing table.

217. While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this behavior? (Choose two) A. The packets fail to match any permit statement B. A matching permit statement is too high in the access test C. A matching permit statement is too broadly defined D. The ACL is empty E. A matching deny statement is too high in the access list

B. A matching permit statement is too high in the access test C. A matching permit statement is too broadly defined

288. Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and the File Server Switch A and Switch B have been partially configured with VLANs 10, 11, 12, and 13 What is the next step in the configuration? A. Add PDA to VLAN 10 and the File Server to VLAN 11 for VLAN segmentation B. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation C. Add a router on a stick between Switch A and Switch B allowing for Inter VLAN routing D. Add PC A to the same subnet as the File Server allowing for intra-VLAN communication

B. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation

79. Refer to the exhibit. An extended ACL has been configured and applied to routerR2 The configuration started to work as intended.Which two changes stop outboundtraffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet whilestill allowing all other traffic? (Choose two) A. Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic. B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic C. The source and destination IPs must be swapped in ACL 101. D. The ACL must be configured the Gi0/2 interface inbound on R1.E. The ACL must be moved to the Gi0/1 interface outbound on R2.

B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic C. The source and destination IPs must be swapped in ACL 101.

50. An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two) A. Configure the ports in an EtherChannel. B. Administratively shut down the ports. C. Configure the port type as access and place in VLAN 99. D. Configure the ports as trunk ports. E. Enable the Cisco Discovery Protocol

B. Administratively shut down the ports. C. Configure the port type as access and place in VLAN 99.

479. What is the benefit of configuring PortFast on an interface? A. After the cable is connected, the interface uses the fastest speed setting available for that cable type B. After the cable is connected, the interface is available faster to send and receive user data C. The frames entering the interface are marked with higher priority and then processed faster by a switch. D. Real-time voice and video frames entering the interface are processed faster

B. After the cable is connected, the interface is available faster to send and receive user data

448. What are two improvements provided by automation for network management in an SDN environment? (Choose two) A. Data collection and analysis tools establish a baseline for the network B. Artificial intelligence identifies and prevents potential design failures. C. Machine learning minimizes the overall error rate when automating troubleshooting processes D. New devices are onboarded with minimal effort E. Proprietary Cisco APIs leverage multiple network management tools.

B. Artificial intelligence identifies and prevents potential design failures. E. Proprietary Cisco APIs leverage multiple network management tools

219. How do AAA operations compare regarding user identification, user services and access control? A. Authorization provides access control and authentication tracks user services B. Authentication identifies users and accounting tracks user services C. Accounting tracks user services, and authentication provides access control D. Authorization identifies users and authentication provides access control

B. Authentication identifies users and accounting tracks user services

422. Which two QoS tools provides congestion management? (Choose two) A. CAR B. CBWFQ C. PQ D. PBR E. FRTS

B. CBWFQ C. PQ Explanation: Type of queuing methods are available:* First-In-First-Out (FIFO)*Priority Queuing (PQ)* Custom Queuing (CQ)* Weighted Fair Queuing (WFQ)*Class-Based Weighted Fair Queuing (CBWFQ)* LowLatency Queuing (LLQ)

510. Refer to the exhibit. Which change to the configuration on Switch allows the two switches to establish an GtherChannel? A. Change the protocol to EtherChannel mode on. B. Change the LACP mode to active C. Change the LACP mode to desirable D. Change the protocol to PAqP and use auto mode

B. Change the LACP mode to active

134. You have two paths for the 10.10.10.0 network - one that has a feasible distance of 3072 and the other of 6144. What do you need to do to load balance your EIGRP routes? (choose 2) A. Change the maximum paths to 2 B. Change the configuration so they both have the same feasible distance C. Change the variance for the path that has a feasible distance of 3072 to 2 D. Change the IP addresses so both paths have the same source IP address

B. Change the configuration so they both have the same feasible distance C. Change the variance for the path that has a feasible distance of 3072 to 2

249. Which three statements are typical characteristics of VLAN arrangements?(Choose three.) A. A new switch has no VLANs configured. B. Connectivity between VLANs requires a Layer 3 device. C. VLANs typically decrease the number of collision domains. D. Each VLAN uses a separate address space. E. A switch maintains a separate bridging table for each VLAN. F. VLANs cannot span multiple switches

B. Connectivity between VLANs requires a Layer 3 device. D. Each VLAN uses a separate address space. E. A switch maintains a separate bridging table for each VLAN.

411. Which protocol does an IPv4 host use to obtain a dynamically assigned IP address? A. ARP B. DHCP C. CDP D. DNS

B. DHCP

360. What facilitates a Telnet connection between devices by entering the device name? A. SNMP B. DNS lookup C. syslog D. NTP

B. DNS lookup

135. Which of the following dynamic routing protocols are Distance Vector routing protocols? A. IS-IS B. EIGRP C. OSPF D. BGP E. RIP

B. EIGRP E. RIP

493. What are two benefits of using the PortFast feature? (Choose two) A. Enabled interfaces are automatically placed in listening state B. Enabled interfaces come up and move to the forwarding state immediately C. Enabled interfaces never generate topology change notifications. D. Enabled interfaces that move to the learning state generate switch topology change notifications E. Enabled interfaces wait 50 seconds before they move to the forwarding state

B. Enabled interfaces come up and move to the forwarding state immediately C. Enabled interfaces never generate topology change notifications. Explanation/Reference: "A switch will never generate a topology change notificationfor an interface that has portfast enabled. Another major benefit of the STP portfast feature is that the access ports bypass theearlier 802.1D STP states (learning and listening) and forward traffic immediately.

473. Which protocol requires authentication to transfer a backup configuration file from a router to a remote server? A. DTP B. FTP C. SMTP D. TFTP

B. FTP

415. What is the purpose of a southbound API in a control based networking architecture? A. Facilities communication between the controller and the applications B. Facilities communication between the controller and the networking hardware C. allows application developers to interact with the network D. integrates a controller with other automation and orchestration tools

B. Facilities communication between the controller and the networking hardware Explanation: The Southbound InterfaceIn a controller-based network architecture, the controller needs to communicate tothe networking devices. In most network drawings and architecture drawings, thosenetwork devices typically sit below the controller, as shown in Figure 16-5. There isan interface between the controller and those devices, and given its location at thebottom part of drawings, the interface came to be known as the southboundinterface, or SBI, as labeled in Figure 16-5.

193. Refer to the exhibit. A network associate has configured OSPF with the command: City(config-router)# network 192.168.12.64 0.0.0.63 area 0. After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF. Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration statement? (Choose three.) A. FastEthernet0 /0 B. FastEthernet0 /1 C. Serial0/0 D. Serial0/1.102 E. Serial0/1.103 F. Serial0/1.104

B. FastEthernet0 /1 C. Serial0/0 D. Serial0/1.102 Explanation/Reference: The "network 192.168.12.64 0.0.0.63 equals to network192.168.12.64/26. This network has:+ Increment: 64 (/26= 1111 1111.1111 1111.1111 1111.1100 0000) + Networkaddress:192.168.12.64+ Broadcast address: 192.168.12.127Therefore all interface in the range of this network will join OSPF.

321. What mechanism carries multicast traffic between remote sites and supports encryption? A. ISATAP B. GRE over iPsec C. iPsec over ISATAP D. GRE

B. GRE over iPsec

426. Refer to the exhibit. What does the switch do as it receives the frame from Sales-4? A. Perform a lookup in the MAC address table and discard the frame due to a missing entry. B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1. C. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame. D. Flood the frame out of all ports except on the port where Sales-1 is connected.

B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.

477. Refer to the exhibit. Which two commands, when configured on router R1, fulfill these requirements? (Choose two.) Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.Packets toward host 2001:db8:23::14 preferably must be forwarded through R3. A. Ipv6 route 2001:db8:23::/128 fd00:12::2 B. Ipv6 route 2001:db8:23::14/128 fd00:13::3 C. Ipv6 route 2001:db8:23::14/64 fd00:12::2 D. Ipv6 route 2001:db8:23::/64 fd00:12::2 E. Ipv6 route 2001:db8:23::14/64 fd00:12::2 200

B. Ipv6 route 2001:db8:23::14/128 fd00:13::3 D. Ipv6 route 2001:db8:23::/64 fd00:12::2 Explanation/Reference: We choose option B instead of option D because thedestination is a host. Therefore, we use a host route meaning that all bits of the ipv6destination address must match (prefix-length of /128). Also, the next hop addressshould be that of R3 (fd00:13::3) since the question asks that packets for the hostmust be forwarded through it.

224. What are two fundamentals of virtualization? (choose two) A. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic B. It allows logical network devices to move traffic between virtual machines and the rest of the physical network C. It allows multiple operating systems and applications to run independently on one physical server. D. It allows a physical router to directly connect NICs from each virtual machine into the network E. It requires that some servers, virtual machines and network gear reside on the Internet

B. It allows logical network devices to move traffic between virtual machines and the rest of the physical network C. It allows multiple operating systems and applications to run independently on one physical server.

95. What are two enhancements that OSPFv3 supports over OSPFV2? (Choose two.) A. It requires the use of ARP. B. It can support multiple IPv6 subnets on a single link. C. It supports up to 2 instances of OSPFv3 over a common link. D. It routes over links rather than over networks.

B. It can support multiple IPv6 subnets on a single link. D. It routes over links rather than over networks.

465. Refer to me exhibit. Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16? A. It uses a route that is similar to the destination address B. It discards the packets. C. It floods packets to all learned next hops. D. It Queues the packets waiting for the route to be learned.

B. It discards the packets. Explanation: Referring to routing table, 10.10.10.0/28 supports network from10.10.10.0-10.10.10.15.Gateway of last resort is not setSo traffic destined to 10.10.10.16 will be discarded

379. Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is taken by S1? A. It forwards it out G0/3 only B. It is flooded out every port except G0/0. C. It drops the frame. D. It forwards it out interface G0/2 only

B. It is flooded out every port except G0/0.

356. Refer to the exhibit. If OSPF Is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A? A. It load-balances traffic out of Fa0/1 and Fa0/2. B. It is unreachable and discards the traffic. C. It sends packets out of interface Fa0/2. D. It sends packets out of interface Fa0/1.

B. It is unreachable and discards the traffic.

490. What must be considered when using 802.11a? A. It is compatible with 802 lib- and 802 11-compliant wireless devices B. It is used in place of 802 11b/g when many nonoverlapping channels are required C. It is susceptible to interference from 2 4 GHz devices such as microwave ovens. D. It is chosen over 802 11b/g when a lower-cost solution is necessary

B. It is used in place of 802 11b/g when many nonoverlapping channels are required Explanation/Reference: 802.11a and 802.11b are not compatible since 802.11aoperates at the 5GHz frequency band and 802.11b operates at the 2.4GHz band. The2.4 GHz frequency band with a channel width of 22 MHz only has 3 non-overlappingchannels (1, 6 and 11) whereas the 5 GHz band has 23 non-overlapping channels witha 20 MHz channel width. Therefore, 802.11a is preferred over 802.11b and 802.11gwhen many non-overlapping channels are required since they both operate at2.4GHz unlike 802.11a

38. What is the primary effect of the spanning-tree portfast command? A. It enables BPDU messages B. It minimizes spanning-tree convergence time C. It immediately puts the port into the forwarding state when the switch isreloaded D. It immediately enables the port in the listening state

B. It minimizes spanning-tree convergence time

327. What is the function of a server? A. It transmits packets between hosts in the same broadcast domain. B. It provides shared applications to end users. C. It routes traffic between Layer 3 devices. D. It Creates security zones between trusted and untrusted networks

B. It provides shared applications to end users.

107. Refer to the exhibit. Which two statements are true about the loopback addressthat is configured on RouterB? (Choose two.) A. It ensures that data will be forwarded by RouterB. B. It provides stability for the OSPF process on RouterB. C. It specifies that the router ID for RouterB should be 10.0.0.1. D. It decreases the metric for routes that are advertised from RouterB. E. It indicates that RouterB should be elected the DR for the LAN.

B. It provides stability for the OSPF process on RouterB. C. It specifies that the router ID for RouterB should be 10.0.0.1. Explanation: A loopback interface never comes down even if the link is broken so itprovides stability for the OSPF process (for example we use that loopback interfaceas the router-id) - The router-ID is chosen in the order below:+ The highest IP address assigned to a loopback (logical) interface. + If a loopbackinterface is not defined, the highest IP address of all active router's physicalinterfaces will be chosen.-> The loopback interface will be chosen as the router ID of RouterB ?

410. What is a benefit of VRRP? A. It provides traffic load balancing to destinations that are more than two hops from the source. B. It provides the default gateway redundancy on a LAN using two or more routers. C. It allows neighbors to share routing table information between each other. D. It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision.

B. It provides the default gateway redundancy on a LAN using two or more routers.

31. What are two characteristics of a controller-based network? (Choose two) A. The administrator can make configuration updates from the CLI B. It uses northbound and southbound APIs to communicate between architectural layers. C. It moves the control plane to a central point. D. It decentralizes the control plane, which allows each device to make itsown forwarding decisions. E. It uses Telnet to report system issues.

B. It uses northbound and southbound APIs to communicate between architectural layers. C. It moves the control plane to a central point.

35. Which two encoding methods are supported by REST APIs? (Choose two) A. YAML B. JSON C. EBCDIC D. SGML E. XML

B. JSON E. XML Explanation/Reference: The Application Policy Infrastructure Controller (APIC) RESTAPI is a programmatic interface that uses REST architecture. The API accepts andreturns HTTP (not enabled by default) or HTTPS messages that contain JavaScriptObject Notation (JSON) or Extensible Markup Language (XML) documents

436. A network administrator must to configure SSH for remote access to router R1The requirement is to use a public and private key pair to encrypt management traffic to and from the connecting client. Which configuration, when applied, meets the requirements? A. Option A B. Option B C. Option C D. Option D

B. Option B

55. Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computers must be able to access the web server. Which configuration when applied to switch A accomplishes this task? A. Option A B. Option B C. Option C D. Option D

B. Option B

51. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment? A. Bronze B. Platinum C. Silver D. Gold

B. Platinum Explanation/Reference: Cisco Unified Wireless Network solution WLANs support fourlevels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), andBronze/Background.

330. Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state? A. BPDUfilter B. PortFast C. Backbonefast D. BPDUguard

B. PortFast Explanation/Reference: PortFastSpanning Tree Portfast causes layer 2 switch interfaces to enter forwarding stateimmediately,bypassing the listening and learning states. It should be used on ports connecteddirectly to end hostslike servers or workstations. Note: If portfast isn't enabled, DHCP timeouts can occurwhile STPconverges, causing more problems.

432. Which technology is appropriate for communication between an SDN controller and applications running over the network? A. OpenFlow B. REST API C. NETCONF D. Southbound API

B. REST API

211. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1. The new circuit uses eBGP and teams the route to VLAN25 from the BGP path. What is the expected behavior for the trafficflow for route 10.10.13.0/25? A. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1. C. Traffic to 10.10.13.0/25 is asymmeteical D. Route 10.10.13.0/25 learned via the GiO/0 interface remains in the routing table

B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.

463. Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A verifying the IP addresses, and forwarding the packet to PC-B? A. Layer 2 switch B. Router C. Load balancer D. firewall

B. Router

182. Which value is used to determine the active router in an HSRP default configuration? A. Router loopback address B. Router IP address C. Router priority D. Router tracking number

B. Router IP address Explanation/Reference: In the case of an equal priority, the router with the highest IPaddress for the respective group is elected as active. Furthermore, if there are morethan two routers in the group, the second highest IP address determines the standbyrouter and the other router/routers are in the listen state.

230. Refer to the exhibit. Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the reason for the problem? A. The OSPF router IDs are mismatched. B. Router2 is using the default hello timer. C. The network statement on Router1 is misconfigured. D. The OSPF process IDs are mismatched.

B. Router2 is using the default hello timer.

250. Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165? A. Router2 B. Router3 C. Router4 D. Router5

B. Router3

292. Refer to the exhibit. Which switch becomes the root bridge? A. S1 B. S2 C. S3 D. S4

B. S2

10. Which two capacities of Cisco DNA Center make it more extensible? (Choose two) A. adapters that support all families of Cisco IOS software B. SDKs that support interaction with third-party network equipment C. customized versions for small, medium, and large enterprises D. REST APIs that allow for external applications to interact natively with Cisco DNA Center E. modular design that is upgradable as needed

B. SDKs that support interaction with third-party network equipment D. REST APIs that allow for external applications to interact natively with Cisco DNA Center Explanation/Reference: Cisco DNA Center offers 360-degree extensibility throughfour distinct types of platform capabilities:+ Intent-based APIs leverage the controller and enable business and IT applicationsto deliver intent to the network and to reap network analytics and insights for IT andbusiness innovation.+ Process adapters, built on integration APIs, allow integration with other IT andnetwork systems to streamline IT operations and processes.+ Domain adapters, built on integration APIs, allow integration with otherinfrastructure domains such as data center, WAN, and security to deliver a consistentintent-based infrastructure across the entire IT environment.+ SDKs allow management to be extended to third-party vendor's network devices tooffer support for diverse environments

307. What protocol allows an engineer to back up 20 network router configurations globally while using the copy function? A. SMTP B. SNMP C. TCP D. FTP

B. SNMP

19. A network engineer must back up 20 network router configurations globallywithin a customer environment. Which protocol allows the engineer to perform thisfunction using the Cisco IOS MIB? A. CDP B. SNMP C. SMTP D. ARP

B. SNMP Explanation/Reference: SNMP is an application-layer protocol that provides amessage format for communication between SNMP managers and agents. SNMPprovides a standardized framework and a common language used for the monitoringand management of devices in a network.The SNMP framework has three parts:+ An SNMP manager+ An SNMP agent+ A Management Information Base (MIB)The Management Information Base (MIB) is a virtual information storage area fornetwork management information, which consists of collections of managed objects.With SNMP, the network administrator can send commands to multiple routers to dothe backup

501. What prevents a workstation from receiving a DHCP address? A. DTP B. STP C. VTP D. 802.10

B. STP

126. Which statement about static and dynamic routes is true? A. Dynamic routes are manually configured by a network administrator,while static routes are automatically learned and adjusted by a routingprotocol. B. Static routes are manually configured by a network administrator, whiledynamic routes are automatically learned and adjusted by a routingprotocol. C. Static routes tell the router how to forward packets to networks that arenot directly connected, while dynamic routes tell the router how to forwardpackets to networks that are directly connected. D. Dynamic routes tell the router how to forward packets to networks thatare not directly connected, while static routes tell the router how to forward packets to networks that are directly connected

B. Static routes are manually configured by a network administrator, while dynamic routes are automatically learned and adjusted by a routing protocol.

409. Refer to the exhibit. Which switch becomes the root of the spanning tree for VLAN 110? A. Switch 1 B. Switch 2 C. Switch 3 D. Switch 4

B. Switch 2

39. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch drops the received frame. B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning. D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table.

B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. Explanation/Reference: If the destination MAC address is not in the CAM table(unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.

372. What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration? A. No router ID is set, and the OSPF protocol does not run. B. The highest up/up physical interface IP address is selected as the router ID. C. The lowest IP address is incremented by 1 and selected as the router ID. D. The router ID 0.0.0.0 is selected and placed in the OSPF process.

B. The highest up/up physical interface IP address is selected as the router ID.

53. Which statement identifies the functionality of virtual machines? A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor. B. The hypervisor can virtualize physical components including CPU, memory, and storage. C. Each hypervisor can support a single virtual machine and a single software switch. D. The hypervisor communicates on Layer 3 without the need for additional resources

B. The hypervisor can virtualize physical components including CPU, memory, and storage.

261. Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEthernet 3/1/4 port on a switch? A. The phone and a workstation that is connected to the phone do not have VLAN connectivity. B. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1. C. The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connected. D. The phone and a workstation that is connected to the phone send and receive data in VLAN 50.

B. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1.

184. Which value can you modify to configure a specific interface as the preferred forwarding interface? A. The interface number B. The port priority C. The VLAN priority D. The hello time

B. The port priority

45. Which two actions influence the EIGRP route selection process? (Choose two) A. The router calculates the reported distance by multiplying the delay on the exiting Interface by 256. B. The router calculates the best backup path to the destination route and assigns it as the feasible successor. C. The router calculates the feasible distance of all paths to the destination route. D. The advertised distance is calculated by a downstream neighbor to in form the local router of the bandwidth on the link. E. The router must use the advertised distance as the metric for any given route.

B. The router calculates the best backup path to the destination route and assigns it as the feasible successor. C. The router calculates the feasible distance of all paths to the destination route. Explanation/Reference: The reported distance (or advertised distance) is the costfrom the neighbor to the destination. It is calculated from the router advertising theroute to the network. For example in the topology below, suppose router A & B areexchanging their routing tables for the first time. Router B says "Hey, the best metric(cost) from me to IOWA is 50 and the metric from you to IOWA is 90" and advertisesit to router A.Router A considers the first metric (50) as the Advertised distance. The second metric(90), which is from NEVADA to IOWA (through IDAHO), is called the Feasible distance. The reported distance is calculated in the same way of calculating the metric. Bydefault (K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0), the metric is calculated as follows:-> Answer A is not correct.Feasible successor is the backup route. To be a feasible successor, the route musthave an Advertised distance (AD) less than the Feasible distance (FD) of the currentsuccessor route -> Answer B is correct.Feasible distance (FD): The sum of the AD plus the cost between the local router andthe next- hop router.The router must calculate the FD of all paths to choose the best path to put into therouting table.Note: Although the new CCNA exam does not have EIGRP topic but you should learnthe basic knowledge of this routing protocol.

290. Refer to the exhibit Which outcome is expected when PC_A sends data to PC_B? A. The switch rewrites the source and destination MAC addresses with its own B. The source and destination MAC addresses remain the same C. The source MAC address is changed D. The destination MAC address is replaced with ffff.ffff.ffff

B. The source and destination MAC addresses remain the same

46. Refer to Exhibit. Which action do the switches take on the trunk link? A. The trunk does not form and the ports go into an err-disabled status. B. The trunk forms but the mismatched native VLANs are merged into as single broadcast domain. C. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link. D. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

B. The trunk forms but the mismatched native VLANs are merged into as ingle broadcast domain. Explanation/Reference: The trunk still forms with mismatched native VLANs and thetraffic can actually flow between mismatched switches. But it is absolutely necessarythat the native VLANs on both ends of a trunk link match; otherwise a native VLANmismatch occurs, causing the two VLANs to effectively merge.For example with the above configuration, SW1 would send untagged frames forVLAN 999. SW2 receives them but would think they are for VLAN 99 so we can saythese two VLANs are merged

9. Which set of action satisfy the requirement for multifactor authentication? A. The user swipes a key fob, then clicks through an email link. B. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device. C. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen. D. The user enters a user name and password and then re-enters the credentials on a second screen.

B. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device. Explanation/Reference: This is an example of how two-factor authentication (2FA)works:1. The user logs in to the website or service with their username and password.2. The password is validated by an authentication server and, if correct, the userbecomes eligible for the second factor.3. The authentication server sends a unique code to the user's second-factor method(such as a smartphone app).4. The user confirms their identity by providing the additional authentication for theirsecond-factor method.

281. The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface conditions?(choose two) A. There is a duplex mismatch B. There is a speed mismatch C. There is a protocol mismatch D. The interface is shut down E. The interface is error-disabled

B. There is a speed mismatch E. The interface is error-disabled

161. Which two statements about exterior routing protocols are true? (Choose two.) A. They determine the optimal within an autonomous system. B. They determine the optimal path between autonomous systems. C. BGP is the current standard exterior routing protocol. D. Most modern networking supports both EGP and BGP for external routing. E. Most modern network routers support both EGP and EIGRP for externalrouting

B. They determine the optimal path between autonomous systems. C. BGP is the current standard exterior routing protocol.

346. What is the same for both copper and fiber interfaces when using SFP modules? A. They support an inline optical attenuator to enhance signal strength B. They provide minimal interruption to services by being hot-swappable C. They offer reliable bandwidth up to 100 Mbps in half duplex mode D. They accommodate single-mode and multi-mode in a single module

B. They provide minimal interruption to services by being hot-swappable

121. AAA stands for authentication, authorization, and accounting A. False B. True

B. True

345. What is a DHCP client? A. a workstation that requests a domain name associated with its IP address B. a host that is configured to request an IP address automatically C. a server that dynamically assigns IP addresses to hosts. D. a router that statically assigns IP addresses to hosts.

B. a host that is configured to request an IP address automatically

488. What are network endpoints? A. act as routers to connect a user to the service prowler network B. a threat to the network if they are compromised C. support inter-VLAN connectivity D. enforce policies for campus-wide traffic going to the internet

B. a threat to the network if they are compromised

503. Which communication interaction takes place when a southbound API Is used? A. between the SDN controller and PCs on the network B. between the SON controller and switches and routers on the network C. between the SON controller and services and applications on the network D. between network applications and switches and routers on the network

B. between the SON controller and switches and routers on the network

275. Any company has decided to reduce its environmental footprint by reducing energy costs, moving to a smaller facility, and promoting telecommuting. What service or technology would support this requirement? A. Cisco ACI B. cloud services C. APIC-EM D. data center

B. cloud services

348. An engineer must configure Inter switch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken? A. configure IEEE 802.1p B. configure IEEE 802.1q C. configure ISL D. configure DSCP

B. configure IEEE 802.1q

494. A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused remaining. Which action should be taken for the unused ports? A. configure port in the native VLAN B. configure ports in a black hole VLAN C. configure in a nondefault native VLAN D. configure ports as access ports

B. configure ports in a black hole VLAN

373. What is recommended for the wireless infrastructure design of an organization? A. group access points together to increase throughput on a given channel B. configure the first three access points are configured to use Channels 1, 6,and 11 C. include a least two access points on nonoverlapping channels to support load balancing D. assign physically adjacent access points to the same Wi-Fi channel

B. configure the first three access points are configured to use Channels 1, 6,and 11

316. What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing formation? A. data plane B. control plane C. policy plane D. management plane

B. control plane

496. Which plane is centralized by an SON controller? A. management-plane B. control-plane C. data-plane D. services-plane

B. control-plane

398. What are two functions of an SDN controller? (Choose two) A. Layer 2 forwarding B. coordinating VTNs C. tracking hosts D. managing the topology E. protecting against DDoS attacks

B. coordinating VTNs D. managing the topology

362. When implementing a router as a DHCP server, which two features must be configured? (Choose two) A. relay agent information B. database agent C. address pool D. smart-relay E. manual bindings

B. database agent C. address pool

278. Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology? A. GRE over IPsec B. dynamic multipoint VPN C. MPLS VPN D. IPsec virtual tunnel interface

B. dynamic multipoint VPN

207. Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface? A. configure a stateful DHCPv6 server on the network B. enable SLAAC on an interface C. disable the EUI-64 bit process D. explicitly assign a link-local address

B. enable SLAAC on an interface

393. What is a characteristic of a SOHO network? A. connects each switch to every other switch in the network B. enables multiple users to share a single broadband connection C. provides high throughput access for 1000 or more users D. includes at least three tiers of devices to provide load balancing andredundancy

B. enables multiple users to share a single broadband connection

273. Which step in the link-state routing process is described by a router sending Hello packets out all of the OSPF-enabled interfaces? A. electing the designated router B. establishing neighbor adjacencies C. injecting the default route D. exchanging link-state advertisements

B. establishing neighbor adjacencies

162. What is the destination MAC address of a broadcast frame? A. 00:00:0c:07:ac:01 B. ff:ff:ff:ff:ff:ff C. 43:2e:08:00:00:0c D. 00:00:0c:43:2e:08 E. 00:00:0c:ff:ff:ff

B. ff:ff:ff:ff:ff:ff

378. Which device tracks the state of active connections in order to make a decision to forward a packet through? A. wireless access point B. firewall C. wireless LAN controller D. router

B. firewall

526. Which device permits or denies network traffic based on a set of rules? A. access point B. firewall C. wireless controller D. switch

B. firewall

308. Which state does the switch port move to when PortFast is enabled? A. learning B. forwarding C. blocking D. listening

B. forwarding

149. Which two command sequences must you configure on a switch to establish aLayer 3 EtherChannel with an open-standard protocol? (Choose two.) A. interface GigabitEthernet0/ 0/1channel-group 10 mode on B. interface GigabitEthernet0/ 0/1channel-group 10 mode active C. interface GigabitEthernet0/ 0/1channel-group 10 mode auto D. interface port-channel 10switchportswitchport mode trunk E. interface port-channel 10no switchportip address 172.16.0.1.255.255.255.0

B. interface GigabitEthernet0/ 0/1channel-group 10 mode active E. interface port-channel 10no switchport ip address 172.16.0.1.255.255.255.0

300. An office has 8 floors with approximately 30-40 users per floor .What command must be configured on the router Switched Virtual Interface to use address space efficiently? A. ip address 192.168.0.0 255.255.0.0 B. ip address 192.168.0.0 255.255.254.0 C. ip address 192.168.0.0 255.255.255.128 D. ip address 192.168.0.0 255.255.255.224

B. ip address 192.168.0.0 255.255.254.0

440. A network engineer must configure the router R1 GigabitEthernet1/ 1 interface to connect to the router R2 GigabitEthernet1/ 1 interface. For the configuration to be applied the engineer must compress the address2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface? A. ipv6 address 2001:0db8::5: a: 4F 583B B. ipv6 address 2001:db8::500:a:400F:583B C. ipv6 address 2001 db8:0::500:a:4F:583B D. ipv6 address 2001::db8:0000::500:a:400F:583B

B. ipv6 address 2001:db8::500:a:400F:583B

62. Which mode allows access points to be managed by Cisco Wireless LAN Controllers? A. autonomous B. lightweight C. bridge D. mobility express

B. lightweight Explanation/Reference: A Lightweight Access Point (LAP) is an AP that is designed tobe connected to a wireless LAN (WLAN) controller (WLC). APs are "lightweight,"which means that they cannot act independently of a wireless LAN controller (WLC).The WLC manages the AP configurations and firmware. The APs are "zero touch"deployed, and individual configuration of APs is not necessary.

302. What criteria is used first during the root port selection process? A. local port ID B. lowest path cost to the root bridge C. lowest neighbor's bridge ID D. lowest neighbor's port ID

B. lowest path cost to the root bridge

374. Which 802.11 frame type is indicated by a probe response after a client sends a probe request? A. action B. management C. control D. data

B. management

480. How are VLAN hopping attacks mitigated? A. enable dynamic ARP inspection B. manually implement trunk ports and disable DTP C. activate all ports and place in the default VLAN D. configure extended VLANs

B. manually implement trunk ports and disable DTP

352. Where does the configuration reside when a helper address Is configured to support DHCP? A. on the router closest to the server B. on the router closest to the client C. on every router along the path D. on the switch trunk interface

B. on the router closest to the client

97. Which three are characteristics of an IPv6 anycast address? (Choose three.) A. one-to-many communication model B. one-to-nearest communication model C. any-to-many communication model D. a unique IPv6 address for each device in the group E. the same address for multiple devices in the group F. delivery of packets to the group interface that is closest to the sending device

B. one-to-nearest communication model E. the same address for multiple devices in the group F. delivery of packets to the group interface that is closest to the sending device Explanation: A new address type made specifically for IPv6 is called the AnycastAddress. These IPv6 addresses are global addresses, these addresses can be assignedto more than one interface unlike an IPv6 unicast address. Anycast is designed tosend a packet to the nearest interface that is a part of that anycast group. The sendercreates a packet and forwards the packet to the anycast address as the destinationaddress which goes to the nearest router. The nearest router or interface is found byusing the metric of a routing protocol currently running on the network. However ina LAN setting the nearest interface is found depending on the order the neighborswere learned. The anycast packet in a LAN setting forwards the packet to theneighbor it learned about first.

417. What causes a port to be placed in the err-disabled state? A. latency B. port security violation C. shutdown command issued on the port D. nothing plugged into the port

B. port security violation Explanation: This mode is the default violation mode; when in this mode, the switchwill automatically force the switchport into an error disabled (err-disable) state whena violation occurs. While in this state, the switchport forwards no traffic. Theswitchport can be brought out of this error disabled state by issuing the errdisablerecovery cause CLI command or by disabling and reenabling the switchport

455. What is the function of a hub-and-spoke WAN topology? A. allows access restrictions to be implemented between subscriber sites. B. provides direct connections between subscribers C. supports Layer 2 VPNs D. supports application optimization

B. provides direct connections between subscribers

155. Refer to the exhibit. Which command would you use to configure a static route on Router1 to network 192.168.202.0/24 with a nondefault administrative distance? A. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1 B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5 C. router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2 D. router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2

B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5 Explanation/Reference: The default AD of static route is 1 so we need to configure another number for the static route

335. What are two functions of a server on a network? (Choose two) A. achieves redundancy by exclusively using virtual server clustering B. runs applications that send and retrieve data for workstations that make requests C. handles requests from multiple workstations at the same time D. runs the same operating system in order to communicate with other servers E. housed solely in a data center that is dedicated to a single client

B. runs applications that send and retrieve data for workstations that make requests C. handles requests from multiple workstations at the same time

7. Which command prevents passwords from being stored in the configuration as plaintext on a router or switch? A. enable secret B. service password-encryption C. username Cisco password encrypt D. enable password

B. service password-encryption

334. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200? A. spanning -tree vlan 200 priority 614440 B. spanning -tree vlan 200 priority 0 C. spanning -tree vlan 200 priority 38572422 D. spanning -tree vlan 200 root primary

B. spanning -tree vlan 200 priority 0

303. Router R2 is configured with multiple routes to reach network 10 1.1.0/24 from router R1. What protocol is chosen by router R2 to reach the destination network10.1.1.0/24? A. eBGP B. static C. OSPF D. EIGRP

B. static

291. An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented? A. switch#lldp port-description B. switch(config)#lldp port-description C. switch(config-line)#lldp port-description D. switch(config-if)#lldp port-description

B. switch(config)#lldp port-description

338. An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured? A. switchport mode trunk B. switchport mode dynamic desirable C. switchport mode dynamic auto D. switchport nonegotiate

B. switchport mode dynamic desirable

386. An engineer must configure traffic for a VLAN that is untagged by the switch a sit crosses a trunk link. Which command should be used? A. switchport trunk allowed vlan 10 B. switchport trunk native vlan 10 C. switchport mode trunk D. switchport trunk encapsulation dot1q

B. switchport trunk native vlan 10

457. Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.) A. cookbook B. task C. playbook D. model E. recipe

B. task C. playbook Explanation: Ansible playbooks: "files that provide actions and logic about whatAnsible should do.""The playbook will list tasks and choices based on those results, like "Configure allbranch routers in these locations, and if errors occur for any device, do these extratasks for that device"."

170. Which two pieces of information can you determine from the output of the show ntp status command? (Choose two) A. whether the NTP peer is statically configured B. the IP address of the peer to which the clock is synchronized C. the configured NTP servers D. whether the clock is synchronized E. the NTP version number of the peer

B. the IP address of the peer to which the clock is synchronized D. whether the clock is synchronized Explanation/Reference: Below is the output of the "show ntp status" command. From this output we learn that R1 has a stratum of 10 and it is getting clock from10.1.2.1.

354. What is the purpose of traffic shaping? A. to mitigate delays over slow links B. to provide fair queuing for buffered flows C. to limit the bandwidth that a flow can use to D. be a marking mechanism that identifies different flows

B. to provide fair queuing for buffered flows Explanation: Traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of time

6. Which IPv6 address type provides communication between subnets and cannot route on the Internet? A. global unicast B. unique local C. link-local D. multicast

B. unique local Explanation/Reference: A IPv6 Unique Local Address is an IPv6 address in the blockFC00::/7. It is the approximate IPv6 counterpart of the IPv4 private address. It is notroutable on the global Internet.Note: In the past, Site-local addresses (FEC0::/10) are equivalent to private IPaddresses in IPv4 but now they are deprecated.Link-local addresses only used for communications within the local subnet. It isusually created dynamically using a link-local prefix of FE80::/10 and a 64-bitinterface identifier (based on 48-bit MAC address).

5. Which option about JSON is true? A. uses predefined tags or angle brackets (<>) to delimit markup text B. used to describe structured data that includes arrays C. used for storing information D. similar to HTML, it is more verbose than XML

B. used to describe structured data that includes arrays Explanation/Reference: JSON data is written as name/value pairs.A name/value pair consists of a field name (in double quotes), followed by a colon,followed by a value:"name":"Mark"JSON can use arrays. Array values must be of type string, number, object, array,boolean or null..For example:{"name":"John","age":30,"cars":[ "Ford", "BMW", "Fiat" ]}

36. What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two) A. when the sending device waits 15 seconds before sending the frameagain B. when the cable length limits are exceeded C. when one side of the connection is configured for half-duplex D. when Carriner Sense Multiple Access/Collision Detection is used E. when a collision occurs after the 32nd byte of a frame has beentransmitted

B. when the cable length limits are exceeded C. when one side of the connection is configured for half-duplex Explanation/Reference: A late collision is defined as any collision that occurs after thefirst 512 bits (or 64th byte) of the frame have been transmitted. The usual possiblecauses are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits,or defective hardware such as incorrect cabling, noncompliant number of hubs in thenetwork, or a bad NIC.Late collisions should never occur in a properly designed Ethernet network. Theyusually occur when Ethernet cables are too long or when there are too manyrepeaters in the network.

263. Refer to the exhibit. What commands are needed to add a sub interface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24? A.R1(config)#interface ethernet0/0 R1(config)#encapsulation dot1q 20 R1(config)#ip address 10.20.20.1 255.255.255.0 B.R1(config)#interface ethernet0/0.20 R1(config)#encapsulation dot1q 20 R1(config)#ip address 10.20.20.1 255.255.255.0 C.R1(config)#interface ethernet0/0.20 R1(config)#ip address 10.20.20.1 255.255.255.0 D.R1(config)#interface ethernet0/0 R1(config)#ip address 10.20.20.1 255.255.255.0

B.R1(config)#interface ethernet0/0.20 R1(config)#encapsulation dot1q 20 R1(config)#ip address 10.20.20.1 255.255.255.0

262. Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server configurations are complete and correct. Which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two) A.R1(config)# interface fa0/0 R1(config-if)# ip helper-address 198.51.100.100 B.R2(config)# interface gi0/0 R2(config-if)# ip helper-address 198.51.100.100 C.R1(config)# interface fa0/0 R1(config-if)# ip address dhcp R1(config-if)# no shutdown D.R2(config)# interface gi0/0 R2(config-if)# ip address dhcp E.R1(config)# interface fa0/0 R1(config-if)# ip helper-address 192.0.2.2

B.R2(config)# interface gi0/0 R2(config-if)# ip helper-address 198.51.100.100 C.R1(config)# interface fa0/0 R1(config-if)# ip address dhcp R1(config-if)# no shutdown

267. Refer to the exhibit. Which configuration on RTR-1 denies SSH access from PC-1to any RTR-1 interface and allows all other traffic? A.access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any interface GigabitEthernet0/ 0 ip access-group 100 in B.access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any line vty 0 15 access-class 100 in C.access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any interface Gigabit Ethernet0/0 ip access-group 100 in D.access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any any line vty 0 15 access-class 100 in

B.access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any any line vty 0 15 access-class 100 in

93. Refer to the exhibit. A network administrator is configuring an EtherChannel between SW1 and SW2. The SW1 configuration is shown. What is the correct configuration for SW2? A. interface FastEthernet 0/1channel-group 1 mode activeswitchport trunk encapsulation dot1qswitchport mode trunkinterface FastEthernet 0/2channel-group 1 mode activeswitchport trunk encapsulation dot1qswitchport mode trunk B. interface FastEthernet 0/1channel-group 2 mode autoswitchport trunk encapsulation dot1qswitchport mode trunkinterface FastEthernet 0/2channel-group 2 mode autoswitchport trunk encapsulation dot1qswitchport mode trunk C. interface FastEthernet 0/1channel-group 1 mode desirableswitchport trunk encapsulation dot1qswitchport mode trunkinterface FastEthernet 0/2channel-group 1 mode desirable switchport trunk encapsulation dot1qswitchport mode trunk D. interface FastEthernet 0/1channel-group 1 mode passiveswitchport trunk encapsulationdot1q switchport mode trunkinterface FastEthernet 0/2channel-group 1 mode passiveswitchport trunk encapsulation dot1qswitchport mode trunk

C Explanation: If the etherchannel was configured with mode "auto", it was using PagP,so, we need to configure the other switch with "desirable" mode.PagP modes: auto | DesirableLACP modes: active | pasive

284. Refer to the exhibit. Which path is used by the router for internet traffic? A. 209.165.200.0/27 B. 10.10.10.0/28 C. 0.0.0.0/0 D. 10.10.13.0/24

C. 0.0.0.0/0

516. Which virtual MAC address is used by VRRP group 1? A. 0050.0c05.ad81 B. 0007.c061.bc01 C. 0000.5E00.0101 D. 0500.3976.6401

C. 0000.5E00.0101

293. Refer to the exhibit. What is the next hop address for traffic that is destined to host 10.0.1.5? A. Loopback 0 B. 10.0.1.4 C. 10.0.1.50 D. 10.0.1.3

C. 10.0.1.50

76. Refer to the exhibit. What does router R1 use as its OSPF router-ID? A. 10.10.1.10 B. 10.10.10.20 C. 172.16.15.10 D. 192.168.0.1

C. 172.16.15.10 Explanation/Reference: OSPF uses the following criteria to select the router ID:1. Manual configuration of the router ID (via the "router-id x.x.x.x" command underOSPF router configuration mode).2. Highest IP address on a loopback interface.3. Highest IP address on a non-loopback and active (no shutdown) interface

196. Refer to the exhibit. Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router? A. 10.1.1.2 B. 10.154.154.1 C. 172.16.5.1 D. 192.168.5.3

C. 172.16.5.1 Explanation/Reference: The highest IP address of all loopback interfaces will bechosen -> Loopback 0 will be chosen as the router ID.

192. Refer to the exhibit. Which address and mask combination represents asummary of the routes learned by EIGRP? A. 192.168.25.0 255.255.255.240 B. 192.168.25.0 255.255.255.252 C. 192.168.25.16 255.255.255.240 D. 192.168.25.16 255.255.255.252 E. 192.168.25.28 255.255.255.240 F. 192.168.25.28 255.255.255.252

C. 192.168.25.16 255.255.255.240 Explanation/Reference:The binary version of 20 is 10100.The binary version of 16 is 10000.The binary version of 24 is 11000.The binary version of 28 is 11100.The subnet mask is /28. The mask is 255.255.255.240.Note:From the output above, EIGRP learned 4 routes and we need to find out thesummary of them:+ 192.168.25.16+ 192.168.25.20+ 192.168.25.24+ 192.168.25.28-> The increment should bE. 28 ?16 = 12 but 12 is not an exponentiation of 2 so wemust choose 16 (24). Therefore the subnet mask is /28 (=1111 1111.1111 1111.11111111.11110000) = 255.255.255.240So the best answer should be 192.168.25.16 255.255.255.240

286. Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14.To which destination does the router send the packet? A. 207.165.200.246 via Serial0/1/0 B. 207.165.200.254 via Serial0/0/0 C. 207.165.200.254 via Serial0/0/1 D. 207.165.200.250 via Serial0/0/0

C. 207.165.200.254 via Serial0/0/1

86. Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned? A. 0 B. 110 C. 38443 D. 3184439

C. 38443 Explanation/Reference: Both the line "O 172.16.0.128/25" and "S 172.16.0.0/24"cover the host 172.16.0.202 but with the "longest (prefix) match" rule the router will choose the first route.

497. Which access layer threat-mitigation technique provides security based on identity? A. Dynamic ARP Inspection B. using a non-default native VLAN C. 802.1x D. DHCP snooping

C. 802.1x

85. If a notice-level messaging is sent to a syslog server, which event has occurred? A. A network device has restarted. B. An ARP inspection has failed. C. A routing instance has flapped. D. A debug operation is running

C. A routing instance has flapped. Explanation/Reference: Usually no action is required when a route flaps so it generates the notification syslog level message (level 5).

89. An engineer must configure a WLAN using the strongest encryption type forWPA2-PSK. Which cipher fulfills the configuration requirement? A. WEP B. RC4 C. AES D. TKIP

C. AES Explanation/Reference: Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES),and WPA2-PSK (TKIP/AES) as options.TKIP is actually an older encryption protocol introduced with WPA to replace thevery-insecure WEP encryption at the time. TKIP is actually quite similar to WEPencryption. TKIP is no longer considered secure, and is now deprecated. In otherwords, you shouldn't be using it. AES is a more secure encryption protocol introduced with WPA2 and it is currentlythe strongest encryption type for WPA2-PSK/

222. What event has occurred if a router sends a notice level message to a syslogserver? A. A TCP connection has been torn down B. An ICMP connection has been built C. An interface line has changed status D. A certificate has expired.

C. An interface line has changed status

27. What is the primary different between AAA authentication and authorization? A. Authentication verifies a username and password, and authorizationhandles the communication between the authentication agent and the userdatabase. B. Authentication identifies a user who is attempting to access a system,and authorization validates the users password. C. Authentication identifies and verifies a user who is attempting to access asystem, and authorization controls the tasks the user can perform. D. Authentication controls the system processes a user can access andauthorization logs the activities the user initiates.

C. Authentication identifies and verifies a user who is attempting to access asystem, and authorization controls the tasks the user can perform. Explanation/Reference: AAA stands for Authentication, Authorization andAccounting.+ Authentication: Specify who you are (usually via login username & password)+ Authorization: Specify what actions you can do, what resource you can access+ Accounting: Monitor what you do, how long you do it (can be used for billing andauditing)An example of AAA is shown below:+ Authentication: "I am a normal user. My username/password isuser_tom/learnforever"+ Authorization: "user_tom can access LearnCCNA server via HTTP and FTP"+ Accounting: "user_tom accessed LearnCCNA server for 2 hours". This user only uses"show" commands.

498. What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.) A. Both operate at a frequency of 500 MHz. B. Both support runs of up to 55 meters. C. Both support runs of up to 100 meters. D. Both support speeds of at least 1 Gigabit. E. Both support speeds up to 10 Gigabit.

C. Both support runs of up to 100 meters. D. Both support speeds of at least 1 Gigabit.

428. Refer to the exhibit. Only four switches are participating in the VLAN spanning-tree process. Branch-1 priority 614440 Branch-2: priority 39082416 Branch-3: priority 0 Branch-4: root primary Which switch becomes the permanent root bridge for VLAN 5? A. Branch-1 B. Branch-2 C. Branch-3 D. Branch-4

C. Branch-3 Explanation: Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking.

179. In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an IP address? A. CDP becomes inoperable on that neighbor B. CDP uses the IP address of another interface for that neighbor C. CDP operates normally, but it cannot provide IP address information for that neighbor D. CDP operates normally, but it cannot provide any information for that neighbor

C. CDP operates normally, but it cannot provide IP address information for that neighbor Explanation/Reference: Although CDP is a Layer 2 protocol but we can check the neighbor IP address with the "show cdp neighbor detail" command. If the neighbor does not has an IP address then CDP still operates without any problem. But the IP address of that neighbor is not provided.

245. Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard designs are recommended? (Choose two.) A. 5GHz provides increased network capacity with up to 23 non overlapping channels. B. 5GHz channel selection requires an autonomous access point. C. Cells that overlap one another are configured to use non overlapping channels. D. Adjacent cells with overlapping channels use a repeater access point. E. For maximum throughput, the WLC is configured to dynamically set adjacent access points to the channel

C. Cells that overlap one another are configured to use non overlapping channels. E. For maximum throughput, the WLC is configured to dynamically set adjacent access points to the channel

358. What is a practice that protects a network from VLAN hopping attacks? A. Enable dynamic ARP inspection B. Configure an ACL to prevent traffic from changing VLANs C. Change native VLAN to an unused VLAN ID D. Implement port security on internet-facing VLANs

C. Change native VLAN to an unused VLAN ID

437. Which protocol does an access point use to draw power from a connected switch? A. Internet Group Management Protocol B. Adaptive Wireless Path Protocol C. Cisco Discovery Protocol D. Neighbor Discovery Protocol

C. Cisco Discovery Protocol

116. Refer to the exhibit. The default-information originate command is configuredunder the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site Bcannot reach a DNS server on the Internet.Which action corrects the configuration issue? A. Add the default-information originate command on R2. B. Add the always keyword to the default-information originate command on R1. C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. D. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2.

C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1.

315. What are two benefits of controller-based networking compared to traditional networking? A. controller-based increases network bandwidth usage, while traditional lightens the load on the network. B. controller-based inflates software costs, while traditional decreases individual licensing costs C. Controller-based reduces network configuration complexity, while traditional increases the potential for errors D. Controller-based provides centralization of key IT functions. While traditional requires distributes management function E. controller-based allows for fewer network failure, while traditionalincreases failure rates

C. Controller-based reduces network configuration complexity, while traditional increases the potential for errors D. Controller-based provides centralization of key IT functions. While traditional requires distributes management function Explanation: Cisco DNA Center Device Management3. Monitor the cloud for software update5. Uses CLI templates to apply a consistent configuration to multiple devices at anindividual location6. Uses NetFlow to analyse potential security threats throughout the network andtake appropriate action on that traffic Traditional device management2. Manages device configuration on a per-device basis4. Security is managed near the perimeter of the network with firewalls, VPNs, andIPS Implements changes via an SSH terminal

523. In software-defined architecture, which place handles switching for trafficthrough a Cisco router? A. Control B. Management C. Data D. application

C. Data

514. How are the switches in a spine-and-leaf topology inter connected? A. Each leaf switch is connected to one of the spine switches. B. Each leaf switch is connected to two spine switches, making a loop. C. Each leaf switch is connected to each spine switch. D. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.

C. Each leaf switch is connected to each spine switch.

253. What occurs to frames during the process of frame flooding? A. Frames are sent to all ports, including those that are assigned to other VLANs. B. Frames are sent to every port on the switch that has a matching entry in MAC address table. C. Frames are sent to every port on the switch in the same VLAN except from the originating port. D. Frames are sent to every port on the switch in the same VLAN.

C. Frames are sent to every port on the switch in the same VLAN except from the originating port.

48. An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode? A. Exchange B. 2-way C. Full D. Init

C. Full

177. Which feature or protocol determines whether the QOS on the network is sufficient to support IP services? A. LLDP B. CDP C. IP SLA D. EEM

C. IP SLA Explanation/Reference: IP SLA allows an IT professional to collect information about network performance in real time. Therefore it helps determine whether the QoS on the network is sufficient for IP services or not. Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible subsystem that provides real time network event detection and onboard automation. It gives you the ability to adapt the behavior of your network devices to align with your business needs.

78. When a site-to-site VPN is used, which protocol is responsible for the transport ofuser data? A. IKEv2 B. IKEv1 C. IPsec D. MD5

C. IPsec Explanation/Reference: A site-to-site VPN allows offices in multiple fixed locations toestablish secure connections with each other over a public network such as theInternet. A site-to-site VPN means that two sites create a VPN tunnel by encryptingand sending data between two devices. One set of rules for creating a siteto-site VPNis defined by IPsec

476. When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet? A. IPsec tunnel mode with AH B. IPsec transport mode with AH C. IPsec tunnel mode with ESP D. IPsec transport mode with ESP

C. IPsec tunnel mode with ESP

82. R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRPUnder normal operating conditions, which routing protocol is installed in the routingtable? A. IS-IS B. RIP C. Internal EIGRP D. OSPF

C. Internal EIGRP Explanation/Reference: With the same route (prefix), the router will choose therouting protocol with lowest Administrative Distance (AD) to install into the routingtable. The AD of Internal EIGRP (90) is lowest so it would be chosen. The table belowlists the ADs of popular routing protocols. Note: The AD of IS-IS is 115. The "EIGRP" in the table above is "Internal EIGRP". TheAD of "External EIGRP" is 170. An EIGRP external route is a route that wasredistributed into EIGRP

74. What makes Cisco DNA Center different from traditional network management applications and their management of networks? A. It only supports auto-discovery of network elements in a green field deployment. B. It modular design allows someone to implement different versions to meet the specific needs of an organization. C. It abstracts policy from the actual device configuration. D. It does not support high availability of management functions whenoperating in cluster mode.

C. It abstracts policy from the actual device configuration.

77. Refer to the exhibit. If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13.128/25 at Site A? A. It sends packets out of interface Fa0/2 only. B. It sends packets out of interface Fa0/1 only. C. It cannot send packets to 10.10.13.128/25. D. It load-balances traffic out of Fa0/1 and Fa0/2.

C. It cannot send packets to 10.10.13.128/25. Explanation/Reference: Router2 does not have an entry for the subnet10.10.13.128/25. It only has an entry for 10.10.13.0/25, which ranges from10.10.13.0 to 10.10.13.127

122. What will happen if you configure the logging trap debug command on a router? A. It causes the router to send messages with lower severity levels to thesyslog server. B. It causes the router to send all messages with the severity levels Warning,Error, Critical, and Emergency to the syslog server. C. It causes the router to send all messages to the syslog server D. It causes the router to stop sending all messages to the syslog server.

C. It causes the router to send all messages to the syslog server

23. When OSPF learns multiple paths to a network, how does it select a route? A. It multiple the active K value by 256 to calculate the route with the lowestmetric. B. For each existing interface, it adds the metric from the source router tothe destination to calculate the route with the lowest bandwidth. C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth ofthe existing interface to calculate the router with the lowest cost. D. It count the number of hops between the source router and thedestination to determine the router with the lowest metric.

C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth ofthe existing interface to calculate the router with the lowest cost.

413. How does a switch process a frame received on Fa0/1 with the destination MAC address of 0e38.7363.657b when the table is missing the address? A. lt drops the frame immediately. B. It forwards the frame back out of interface Fa0/1. C. It floods the frame to all interfaces except Fa0/1. D. It holds the frame until the MAC address timer expires and then drops the frame.

C. It floods the frame to all interfaces except Fa0/1.

33. Refer to Exhibit. How does SW2 interact with other switches in this VTP domain? A. It processes VTP updates from any VTP clients on the network on itsaccess ports. B. It receives updates from all VTP servers and forwards all locallyconfigured VLANs out all trunk ports. C. It forwards only the VTP advertisements that it receives on its trunkports. D. It transmits and processes VTP updates from any VTP Clients on thenetwork on its trunk ports.

C. It forwards only the VTP advertisements that it receives on its trunkports. Explanation/Reference: The VTP mode of SW2 is transparent so it only forwards theVTP updates it receives to its trunk links without processing them.

257. What are two benefits of using VTP in a switching environment? (Choose two.) A. It allows switches to read frame tags. B. It allows ports to be assigned to VLANs automatically. C. It maintains VLAN consistency across a switched network. D. It allows frames from multiple VLANs to use a single interface. E. It allows VLAN information to be automatically propagated throughout the switching environment

C. It maintains VLAN consistency across a switched network. E. It allows VLAN information to be automatically propagated throughout the switching environment

282. In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.) A. It automatically provides a second authentication factor that is unknown to the original user. B. It uses an internal firewall to protect the password repository from unauthorized access. C. It protects against keystroke logging on a compromised device or website. D. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality E. It encourages users to create stronger passwords

C. It protects against keystroke logging on a compromised device or website. E. It encourages users to create stronger passwords

256. The OSPF Hello protocol performs which of the following tasks? (Choose two.) A. It negotiates correctness parameters between neighboring interfaces. B. It broadcasts hello packets throughout the internetwork to discover all routers that are running OSP C. It provides dynamic neighbor discovery. D. It detects unreachable neighbors in 90 second intervals. E. It uses timers to elect the router with the fastest links as the designated router. F. It maintains neighbor relationships

C. It provides dynamic neighbor discovery. F. It maintains neighbor relationships

515. What are two characteristics of a public cloud Implementation? (Choose two.) A. It is owned and maintained by one party, but it is shared among multiple organizations. B. It enables an organization to fully customize how It deploys network resources. C. It provides services that are accessed over the Internet. D. It Is a data center on the public Internet that maintains cloud services for only one company. E. It supports network resources from a centralized third-party provider and privately-owned virtual resources

C. It provides services that are accessed over the Internet. E. It supports network resources from a centralized third-party provider and privately-owned virtual resources

30. What is a benefit of using a Cisco Wireless LAN Controller? A. Central AP management requires more complex configurations. B. Unique SSIDs cannot use the same authentication method. C. It supports autonomous and lightweight APs. D. It eliminates the need to configure each access point individually.

C. It supports autonomous and lightweight APs.

226. Refer to the exhibit. A router reserved these five routes from different routing information sources. Which two routes does the router install in its routing table?(Choose two) A. RIP route 10.0.0.0/30 B. iBGP route 10.0.0.0/30 C. OSPF route 10.0.0.0/30 D. EIGRP route 10.0.0.1/32 E. OSPF route 10.0.0.0/16

C. OSPF route 10.0.0.0/30 D. EIGRP route 10.0.0.1/32

112. Refer to the exhibit. Which statement about the interface that generated the output is true? A. Five secure MAC addresses are dynamically learned on the interface. B. A syslog message is generated when a violation occurs. C. One secure MAC address is manually configured on the interface. D. One secure MAC address is dynamically configured on the interface

C. One secure MAC address is manually configured on the interface.

408. Refer to the exhibit. An administrator must configure interfaces Gi1/1 and Gi1/3on switch SW11 PC-1 and PC-2 must be placed in the Data VLAN and Phone-1 must be placed in the Voice VLAN Which configuration meets these requirements? A. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport voice vlan 8 switchport access vlan 9 B. interface gigabitethernet1/1 switchport mode access switchport access vlan 9 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport trunk vlan 9 C. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode access switchport access vlan 8 switchport voice vlan 9 D. interface gigabitethernet1/1 switchport mode access switchport access vlan 8 ! interface gigabitethernet1/3 switchport mode trunk switchport trunk vlan 8 switchport voice vlan 9 A. Option A B. Option B C. Option C D. Option D

C. Option C

521. Refer to the exhibit. A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each site? A. R1 ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/0 B. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.225 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.226 C. R1 ip route 192.168.1.1 255.255.255.0 GigabitEthernet0/1 R2 ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/1 D. R1 ip route 0.0.0.0 0.0.0.0 209.165.200.226 R2 ip route 0.0.0.0 0.0.0.0 209.165.200.225 A. Option A B. Option B C. Option C D. Option D

C. Option C

26. Which output displays a JSON data representation? A. Option A B. Option B C. Option C D. Option D

C. Option C Explanation/Reference: JSON data is written as name/value pairs.A name/value pair consists of a field name (in double quotes), followed by a colon,followed by a value:"name":"Mark"JSON can use arrays. Array values must be of type string, number, object, array,boolean or null.For example:{"name":"John","age":30,"cars":[ "Ford", "BMW", "Fiat" ]}JSON can have empty object like "taskId":{}

483. Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic? A. FIFO B. WFQ C. PQ D. WRED

C. PQ

459. Which two primary drivers support the need for network automation? (Choosetwo.) A. Eliminating training needs B. Increasing reliance on self-diagnostic and self-healing C. Policy-derived provisioning of resources D. Providing a ship entry point for resource provisioning E. Reducing hardware footprint

C. Policy-derived provisioning of resources D. Providing a ship entry point for resource provisioning

209. Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration accomplishes this task? A. R1# config tR1(config)# ip routingR1(config)# ip route default-route 192.168.1.1 B. R1# config tR1(config)# ip routingR1(config)# ip route 192.168.1.1 0.0.0.0 0.0.0.0 C. R1# config tR1(config)# ip routingR1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1 D. R1# config tR1(config)# ip routingR1(config)# ip default-gateway 192.168.1.1

C. R1# config tR1(config)# ip routingR1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1

400. Refer to the exhibit. The ntp server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock? A. Router2(config)#ntp passive B. Router2(config)#ntp server 172.17.0.1 C. Router2(config)#ntp master 4 D. Router2(config)#ntp server 192.168.0.2

C. Router2(config)#ntp master 4

106. Refer to the exhibit. Which switch in this configuration becomes the root bridge? A. SW1 B. SW2 C. SW3 D. SW4

C. SW3

223. Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements? A. SW1 B. SW2 C. SW3 D. SW4

C. SW3

298. Refer to the exhibit. Which switch in this configuration will be elected as the root bridge? SW1: 0C:E0:38:00:36:75 SW2: 0C:0E:15:22:05:97 SW3: 0C:0E:15:1A:3C:9D SW4: 0C:E0:18:A1:B3:19 A. SW1 B. SW2 C. SW3 D. SW4

C. SW3

265. Which command can you enter to determine the addresses that have been assigned on a DHCP Server? A. Show ip DHCP database. B. Show ip DHCP pool. C. Show ip DHCP binding. D. Show ip DHCP server statistic.

C. Show ip DHCP binding.

337. Refer to the exhibit. After the election process what is the root bridge in the HQLAN? A. Switch 1 B. Switch 2 C. Switch 3 D. Switch 4

C. Switch 3 Explanation: The root bridge is determined by the lowest bridge ID, which consists ofthe priority value and the MAC address. Because the priority values of all of theswitches are not avalable, the MAC address is used to determine the root bridge.Because S3 has the lowest MAC address, S3 becomes the root bridge

392. Refer to the exhibit. A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured? A. Switch trunk allowed vlan 12 B. Switchport trunk allowed vlan none C. Switchport trunk allowed vlan add 13 D. Switchport trunk allowed vlan remove 10-11

C. Switchport trunk allowed vlan add 13

214. What is a difference between RADIUS and TACACS+? A. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication B. TACACS+ encrypts only password information and RADIUS encrypts the entire payload C. TACACS+ separates authentication and authorization, and RADIUS merges them D. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands

C. TACACS+ separates authentication and authorization, and RADIUS merges them

231. How do TCP and UDP differ in the way they provide reliability for delivery of packets? A. TCP is a connectionless protocol that does not provide reliable delivery of data, UDP is a connection-oriented protocol that uses sequencing to provide reliable delivery. B. TCP does not guarantee delivery or error checking to ensure that there is no corruption of data UDP provides message acknowledgement and retransmits data if lost. C. TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing D. TCP uses windowing to deliver packets reliably; UDP provides reliable message transfer between hosts by establishing a three-way handshake

C. TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing

49. Refer to the exhibit. The show ip ospf interface command has been executed onR1. How is OSPF configured? A. The interface is not participating in OSPF. B. A point-to-point network type is configured. C. The default Hello and Dead timers are in use. D. There are six OSPF neighbors on this interface

C. The default Hello and Dead timers are in use. Explanation/Reference:From the output we can see there are Designated Router & Backup DesignatedRouter for this OSPF domain so this is a broadcast network (point-to-point andpoint-to multipoint networks do not elect DR & BDR) -> Answer B is not correct.By default, the timers on a broadcast network (Ethernet, point-to-point andpoint-to-multipoint) are 10 seconds hello and 40 seconds dead (therefore answer C iscorrect). The timers on a non- broadcast network are 30 seconds hello 120 secondsdead.From the line "Neighbor Count is 3", we learn there are four OSPF routers in thisOSPF domain -> Answer D is not correct

108. Refer to the exhibit. Which two statements about the interface that generatedthe output are true? (Choose two.) A. Two secure MAC address are manually configured on the interface. B. A syslog message is generated when the maximum number of secureMAC addresses is on the interface. C. The interface is error-disabled. D. The interface dynamically learned two secure MAC addresses. E. An SNMP trap is generated when the maximum number of secure MACaddresses is reached on the interface.

C. The interface is error-disabled. D. The interface dynamically learned two secure MAC addresses.

56. Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable. What is the result of this configuration? A. The link is in a down state. B. The link is in an error disables state C. The link is becomes an access port. D. The link becomes a trunk port.

C. The link is becomes an access port.

202. What are two descriptions of three-tier network topologies? (Choose two) A. The core and distribution layers perform the same functions B. The access layer manages routing between devices in different domains C. The network core is designed to maintain continuous connectivity when devices fail. D. The core layer maintains wired connections for each host E. The distribution layer runs Layer 2 and Layer 3 technologies

C. The network core is designed to maintain continuous connectivity when devices fail. E. The distribution layer runs Layer 2 and Layer 3 technologies

399. If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames? A. The new frame is delivered first, the previous frame is dropped, and are transmission request is sent. B. The previous frame is delivered, the new frame is dropped, and are transmission request is sent. C. The new frame is placed in a queue for transmission after the previous frame. D. The two frames are processed and delivered at the same time.

C. The new frame is placed in a queue for transmission after the previous frame.

475. Which action does the router take as rt forwards a packet through the network? A. The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as adesbnabon B. The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination C. The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination D. The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

C. The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

152. Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156? A. The router will forward the packet via either Serial0 or Serial1. B. The router will return the packet to its source. C. The router will forward the packet via Serial2. D. The router will drop the packet

C. The router will forward the packet via Serial2.

199. Refer to the exhibit. A network technician is asked to design a small network with redundancy. The exhibit represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this design? A. This design will function as intended. B. Spanning-tree will need to be used. C. The router will not accept the addressing scheme. D. The connection between switches should be a trunk. E. The router interfaces must be encapsulated with the 802.1Q protocol.

C. The router will not accept the addressing scheme. Explanation/Reference: Each interface on a router must be in a different network. If two interfaces are in the same network, the router will not accept it and show error when the administrator assigns it.

225. Refer to the exhibit. What two conclusions should be made about this configuration? (Choose two ) A. The designated port is FastEthernet 2/1 B. This is a root bridge C. The spanning-tree mode is Rapid PVST+ D. The spanning-tree mode is PVST+ E. The root port is FastEthernet 2/1

C. The spanning-tree mode is Rapid PVST+ E. The root port is FastEthernet 2/1

416. Which switch technology establishes a network connection immediately when it is plugged in? A. PortFast B. BPDU guard C. UplinkFast D. BackboneFast

C. UplinkFast

420. What occurs when overlapping Wi-Fi channels are implemented? A. The wireless network becomes vulnerable to unauthorized access. B. Wireless devices are unable to distinguish between different SSIDs C. Users experience poor wireless network performance. D. Network communications are open to eavesdropping.

C. Users experience poor wireless network performance.

178. Refer to the exhibit. Which feature is enabled by this configuration? A. static NAT translation B. a DHCP pool C. a dynamic NAT address pool D. PAT

C. a dynamic NAT address pool

32. Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols? A. dual algorithm B. metric C. administrative distance D. hop count

C. administrative distance Explanation/Reference: Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines thereliability of a routing protocol.

3. Which design element is a best practice when deploying an 802.11b wireless infrastructure? A. disabling TPC so that access points can negotiate signal levels with theirattached wireless devices B. setting the maximum data rate to 54 Mbps on the Cisco Wireless LANController C. allocating nonoverlapping channels to access points that are in closephysical proximity to one another D. configuring access points to provide clients with a maximum of 5 Mbps

C. allocating nonoverlapping channels to access points that are in close physical proximity to one another

200. What benefit does controller-based networking provide versus traditional networking? A. moves from a two-tier to a three-tier network architecture to provide maximum redundancy B. provides an added layer of security to protect from DDoS attacks C. allows configuration and monitoring of the network from one centralized point D. combines control and data plane functionality on a single device tominimize latency

C. allows configuration and monitoring of the network from one centralized point.

525. Refer to the exhibit. Between which zones do wireless users expect to experience intermittent connectivity? A. between zones 1 and 2 B. between zones 2 and 5 C. between zones 3 and 4 D. between zones 3 and 6

C. between zones 3 and 4 Explanation: Zones 3 and 4 both have Channel 11 that is overlapped. Zones 3 and 6 do not overlap at all

60. A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF bydefault, which type of OSPF network does this interface belong to? A. point-to-multipoint B. point-to-point C. broadcast D. nonbroadcast

C. broadcast Explanation/Reference: The Broadcast network type is the default for an OSPFenabled ethernet interface (while Point-toPoint is the default OSPF network type forSerial interface with HDLC and PPP encapsulation).

487. How does QoS optimize voice traffic? A. reducing bandwidth usage B. by reducing packet loss C. by differentiating voice and video traffic D. by increasing jitter

C. by differentiating voice and video traffic

322. An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken? A. configure switchport nonegotiate B. configure switchport mode dynamic desirable C. configure switchport mode dynamic auto D. configure switchport trunk dynamic desirable

C. configure switchport mode dynamic auto

325. What role does a hypervisor provide for each virtual machine in server virtualization? A. infrastructure-as-a-service. B. Software-as-a-service C. control and distribution of physical resources D. services as a hardware controller

C. control and distribution of physical resources Explanation/Reference: The hypervisor creates and manages virtual machines on a host computer and allocates physical system resources to them

389. Which network plane is centralized and manages routing decisions? A. policy plane B. management plane C. control plane D. data plane

C. control plane

271. What is the name of the layer in the Cisco borderless switched network design that is considered to be the backbone used for high-speed connectivity and fault isolation? A. data link B. access C. core D. network E. network access

C. core

242. Refer to the exhibit. Which route type is configured to reach the internet? A. floating static route B. host route C. default route D. network route

C. default route

478. What is the role of a firewall in an enterprise network? A. Forwards packets based on stateless packet inspection B. Processes unauthorized packets and allows passage to less secure segments of the network C. determines which packets are allowed to cross from unsecured to secured networks D. explicitly denies all packets from entering an administrative domain

C. determines which packets are allowed to cross from unsecured to secured networks

450. Which WLC port connects to a switch to pass normal access-point traffic? A. redundancy B. console C. distribution system D. service

C. distribution system

304. A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically? A. enable dynamic MAC address learning B. implement static MAC addressing. C. enable sticky MAC addressing D. implement auto MAC address learning

C. enable sticky MAC addressing

404. What is a network appliance that checks the state of a packet to determine whether the packet is legitimate? A. Layer 2 switch B. load balancer C. firewall D. LAN controller

C. firewall

34. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller? A. sniffer B. mesh C. flexconnect D. local

C. flexconnect

153. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller? A. sniffer B. mesh C. flexconnect D. local

C. flexconnect Explanation/Reference: In previous releases, whenever a FlexConnect access pointdisassociates from a controller, it moves to the standalone mode. The clients that arecentrally switched are disassociated.However, the FlexConnect access point continues to serve locally switched clients.When the FlexConnect access point rejoins the controller (or a standby controller),all clients are disconnected and are authenticated again. This functionality has beenenhanced and the connection between the clients and the FlexConnect access pointsare maintained intact and the clients experience seamless connectivity. When boththe access point and the controller have the same configuration, the connectionbetween the clients and APs is maintained

368. Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two) A. listening B. blocking C. forwarding D. learning E. speaking

C. forwarding D. learning

438. What is the benefit of using FHRP? A. reduced management overhead on network routers B. balancing traffic across multiple gateways in proportion to their loads C. higher degree of availability D. reduced ARP traffic on the network

C. higher degree of availability

340. What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closet? (Choose two) A. configure static ARP entries B. enable the PortFast feature on ports C. implement port-based authentication D. configure ports to a fixed speed E. shut down unused ports

C. implement port-based authentication E. shut down unused ports

364. Where does a switch maintain DHCP snooping information? A. in the MAC address table B. in the CAM table C. in the binding database D. in the frame forwarding database

C. in the binding database

14. Which type of address is the public IP address of a NAT device? A. outside global B. outsdwde local C. inside global D. insride local E. outside public F. inside public

C. inside global Explanation/Reference: NAT use four types of addresses: * Inside local address - The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address. * Inside global address - A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world. * Outside local address - The IP address of an outside host as it is known to the hosts on the inside network. * Outside global address - The IP address assigned to a host on the outside network. The owner of the host assigns this address.

232. A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet? A. ip route 10.10.1.0 255.255.255.240 10.10.255.1 B. ip route 10.10.1.16 255.255.255.252 10.10.255.1 C. ip route 10.10.1.20 255.255.255.252 10.10.255.1 D. ip route 10.10.1.20 255.255.255.254 10.10.255.1

C. ip route 10.10.1.20 255.255.255.252 10.10.255.1

63. Which command automatically generates an IPv6 address from a specified IPv6prefix and MAC address of an interface? 'A. ipv6 address dhcp B. ipv6 address 2001:DB8:5:112::/64 eui-64 C. ipv6 address autoconfig D. ipv6 address 2001:DB8:5:112::2/64 link-local

C. ipv6 address autoconfig Explanation/Reference: The "ipv6 address autoconfig" command causes the deviceto perform IPv6 stateless address autoconfiguration to discover prefixes on the linkand then to add the EUI-64 based addresses to theinterface.Addresses are configured depending on the prefixes received in RouterAdvertisement (RA)messages.The device will listen for RA messages which are transmitted periodically from therouter (DHCPServer).This RA message allows a host to create a global IPv6 address from:+ Its interface identifier (EUI-64 address)+ Link Prefix (obtained via RA)Note: Global address is the combination of Link Prefix and EUI-64 address

342. Refer to the exhibit. An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router? A. ipv6 route ::/0 Serial 0/0/1 B. ipv6 route 0/0 Serial 0/0/0 C. ipv6 route ::/0 Serial 0/0/0 D. ip route 0.0.0.0.0.0.0.0 Serial 0/0/0 E. ipv6 route ::/0 2000::2

C. ipv6 route ::/0 Serial 0/0/0

102. Which command enables IPv6 forwarding on a Cisco router? A. ipv6 local B. ipv6 host C. ipv6 unicast-routing D. ipv6 neighbor

C. ipv6 unicast-routing Explanation: To enable IPv6 routing on the Cisco router use the following command:ipv6 unicast-routing If this command is not recognized, your version of IOS does not support IPv6

47. Which command is used to specify the delay time in seconds for LLDP to initializeon any interface? A. lldp timer B. lldp holdtimt C. lldp reinit D. lldp tlv-select

C. lldp reinit Explanation/Reference:+ lldp holdtime seconds: Specify the amount of time a receiving device should holdthe information from your device before discarding it+ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on aninterface+ lldp timer rate: Set the sending frequency of LLDP updates in seconds

451. An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result? A. logging trap 5 B. logging trap 2 C. logging trap 4 D. logging trap 3

C. logging trap 4

81. A router running EIGRP has learned the same route from two different paths.Which parameter does the router use to select the best path? A. cost B. adminstrative distance C. metric D. as-path

C. metric Explanation/Reference: If a router learns two different paths for the same networkfrom the same routing protocol, it has to decide which route is better and will beplaced in the routing table. Metric is the measure used to decide which route isbetter (lower number is better). Each routing protocol uses its own metric.For example, RIP uses hop counts as a metric, while OSPF uses cost.

296. Refer to the exhibit. What action establishes the OSPF neighbor relationship without forming an adjacency? A. modify priority B. modify process ID C. modify hello interval D. modity network type

C. modify hello interval

331. What are two functions of a Layer 2 switch? (Choose two) A. acts as a central point for association and authentication servers B. selects the best route between networks on a WAN C. moves packets within a VLAN D. moves packets between different VLANs E. makes forwarding decisions based on the MAC address of a packet

C. moves packets within a VLAN E. makes forwarding decisions based on the MAC address of a packet

94. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN 2. What causes this behavior? A. trunk mode mismatches B. allowing only VLAN 2 on the destination C. native VLAN mismatches D. VLANs that do not correspond to a unique IP subnet

C. native VLAN mismatches Explanation: Untagged frames are encapsulated with the native VLAN. In this case,the native VLANs are different so although S1 will tag it as VLAN 1 it will be received by S2.

419. Which JSON data type is an unordered set of attribute- value pairs? A. array. string C. object D. Boolean

C. object

365. Which type of security program is violated when a group of employees enters abuilding using the ID badge of only one person? A. intrusion detection B. user awareness C. physical access control D. network authorization

C. physical access control

401. Which WAN topology provides a combination of simplicity quality, and availability? A. partial mesh B. full mesh C. point-to-point D. hub-and-spoke

C. point-to-point

191. A user configured OSPF in a single area between two routers A serial interfaceconnecting R1 and R2 is running encapsulation PPP. By default which OSPF networktype is seen on this interface when the user types show ip ospf interface on R1 or R2? A. port-to-multipoint B. broadcast C. point-to-point D. non-broadcast

C. point-to-point Explanation/Reference: The default OSPF network type for HDLC and PPP on Seriallink is point-to-point (while the default OSPF network type for Ethernet link isBroadcast).

58. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP, by default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2? A. port-to-multipoint B. broadcast C. point-to-point D. nonbroadcast

C. point-to-point Explanation/Reference: The default OSPF network type for HDLC and PPP on Seriallink is point-to-point (while the default OSPF network type for Ethernet link isBroadcast).

144. Which component of an Ethernet frame is used to notify a host that traffic is coming? A. start of frame delimiter B. Type field C. preamble D. Data field

C. preamble

266. Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1? A. DHCP client B. access point C. router D. PC

C. router

324. What is a function of Wireless LAN Controller? A. register with a single access point that controls traffic between wired and wireless endpoints. B. use SSIDs to distinguish between wireless clients. C. send LWAPP packets to access points. D. monitor activity on wireless and wired LANs

C. send LWAPP packets to access points. Explanation/Reference: Lightweight APs (LAPs) is devices require no initialconfiguration. LAPs use the Lightweight Access Point Protocol (LWAPP) tocommunicate with a WLAN controller (WLC), as shown in the below figure.Controller-based APs are useful in situations where many APs are required in thenetwork. As more APs are added, each AP is automatically configured and managedby the WLC.

460. What is a characteristic of cloud-based network topology? A. wireless connections provide the sole access method to services B. onsite network services are provided with physical Layer 2 and Layer 3components C. services are provided by a public, private, or hybrid deployment D. physical workstations are configured to share resources

C. services are provided by a public, private, or hybrid deployment

119. Which command verifies whether any IPv6 ACLs are configured on a router? A. show ipv6 interface B. show access-list C. show ipv6 access-list D. show ipv6 route

C. show ipv6 access-list

522. Which type of organization should use a collapsed-core architecture? A. large and requires a flexible, scalable network design B. large and must minimize downtime when hardware fails C. small and needs to reduce networking costs currently D. small but is expected to grow dramatically in the near future

C. small and needs to reduce networking costs currently

113. Refer to the exhibit. When PC 1 sends a packet to PC2,the packet has. Which source and destination IP address when it arrives at interface Gi0/0 on router R2? A. source 192.168.10.10 and destination 10.10.2.2 B. source 192.168.20.10 and destination 192.168.20.1 C. source 192.168.10.10 and destination 192.168.20.10 D. source 10.10.1.1 and destination 10.10.2.2

C. source 192.168.10.10 and destination 192.168.20.10 Explanation/Reference: The source and destination IP addresses of the packets areunchanged on all the way. Only source and destination MAC addresses are changed.

347. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200? A. spanning -tree vlan 200 priority 614440 B. spanning -tree vlan 200 priority 38572422 C. spanning -tree vlan 200 priority 0 D. spanning -tree vlan 200 root primary

C. spanning -tree vlan 200 priority 0

294. When the active router in an HSRP group fails, what router assumes the role and forwards packets? A. forwarding B. backup C. standby D. listening

C. standby

406. Which command on a port enters the forwarding state immediately when a PC is connected to it? A. switch(config)#spanning-tree portfast default B. switch(config)#spanning-tree portfast bpduguard default C. switch(config-if)#spanning-tree portfast trunk D. switch(config-if)#no spanning-tree portfast

C. switch(config-if)#spanning-tree portfast trunk

447. Refer to the exhibit. Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode? A. switchport mode trunk B. switchport mode dot1-tunnel C. switchport mode dynamic auto D. switchport mode dynamic desirable

C. switchport mode dynamic auto

329. A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded Which command must be configured to increment the security-violation count and forward an SNMP trap? A. switchport port-security violation access B. switchport port-security violation protect C. switchport port-security violation restrict D. switchport port-security violation shutdown

C. switchport port-security violation restrict

24. Refer to the exhibit. Which password must an engineer use to enter the enablemode? A. adminadmin123 B. default C. testing1234 D. cisco123

C. testing1234 Explanation/Reference: If neither the enable password command nor the enablesecret command is configured, and if there is a line password configured for theconsole, the console line password serves as the enable password for all VTY sessions-> The "enable secret" will be used first if available, then "enable password" and linepassword.

254. If all OSPF routers in a single area are configured with the same priority value, what value does a router use for the OSPF router ID in the absence of a loopback interface? A. the IP address of the first Fast Ethernet interface B. the IP address of the console management interface C. the highest IP address among its active interfaces D. the lowest IP address among its active interfaces E. the priority value until a loopback interface is configured

C. the highest IP address among its active interfaces

471. Refer to the exhibit. Router R4 is dynamically learning the path to the server. IfR4 is connected to R1 via OSPF Area 20, to R2 via R2 BGP, and to R3 via EIGRP 777,which path is installed in the routing table of R4? A. the path through R1, because the OSPF administrative distance is 110 B. the path through R2. because the IBGP administrative distance is 200 C. the path through R2 because the EBGP administrative distance is 20 D. the path through R3. because the EIGRP administrative distance is lower than OSPF and BGP

C. the path through R2 because the EBGP administrative distance is 20

279. What are two purposes of launching a reconnaissance attack on a network?(Choose two.) A. to prevent other users from accessing the system B. to escalate access privileges C. to gather information about the network and devices D. to scan for accessibility E. to retrieve and modify data

C. to gather information about the network and devices D. to scan for accessibility Explanation: Gathering information about a network and scanning for access is areconnaissance attack. Preventing other users from accessing a system is a denial ofservice attack. Attempting to retrieve and modify data, and attempting to escalateaccess privileges are types of access attacks

336. What is the primary function of a Layer 3 device? A. to analyze traffic and drop unauthorized traffic from the Internet B. to transmit wireless traffic between hosts C. to pass traffic between different networks D. forward traffic within the same broadcast domain

C. to pass traffic between different networks

520. What is a capability of FTP in network management operations? A. encrypts data before sending between data resources B. devices are directly connected and use UDP to pass file information C. uses separate control and data connections to move files between server and client D. offers proprietary support at the session layer when transferring data

C. uses separate control and data connections to move files between server and client Explanation: - Control Connection: The control connection uses very simple rules forcommunication. Through control connection, we can transfer a line of command orline of response at a time. The control connection is made between the controlprocesses. The control connection remains connected during the entire interactiveFTP session.- Data Connection: The Data Connection uses very complex rules as data types mayvary. The data connection is made between data transfer processes. The dataconnection opens when a command comes for transferring the files and closes whenthe file is transferred.

172. Which two pieces of information can you learn by viewing the routing table?(Choose two) A. whether an ACL was applied inbound or outbound to an interface B. the EIGRP or BGP autonomous system C. whether the administrative distance was manually or dynamically configured D. Which neighbor adjacencies are established E. the length of time that a route has been known

C. whether the administrative distance was manually or dynamically configured E. the length of time that a route has been known

299. An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.3.1, 192.168.3.2, 192.168.3.3 . Which configuration should be used? A.enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 route-map permit 10.10.0.0 255.255.255.0 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2ip nat outside B.enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.254 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside C.enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside D.enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat outside destination list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside

C.enable configure terminal ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30 access-list 1 permit 10.10.0.0 0.0.0.255 ip nat inside source list 1 pool mypool interface g1/1 ip nat inside interface g1/2 ip nat outside

41. Drag and drop the DNS lookup components from the left onto the functions on the right.

Cache -> Local database of address mappings that improves name resolution performance. _ DNS -> service that maps hostnames to IP addresses. _ no ip domain-lookup -> disables DNS services on a Cisco device. _ name resolver -> in response to client requests, queries a name server for IP address information. _ domain -> components of a URL that indicates the location or organization type

24. Drag the descriptions of device management from the left onto the types of device management on the right

Cisco DNA Center Device Management _ 3. Monitor the cloud for software update _ 5. Uses CLI templates to apply a consistent configuration to multiple devices at an individual location _ 6. Uses NetFlow to analyse potential security threats throughout the network and take appropriate action on that traffic Traditional device management _ 1. Implements changes via an SSH terminal _ 2. Manages device configuration on a per-device basis _ 4. Security is managed near the perimeter of the network with firewalls, VPNs, and IPS

2. Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Configure VACL. -> 802.1q double tagging Configure dynamic ARP inspection. -> ARP spoofing Configure root guard. -> unwanted superior BPDUs Configure BPDU guard. -> unwanted BPDUs on PortFast-enabled interfaces

4. Drag and drop the network protocols from the left onto the correct transport services on the right.

Connection Oriented: - FTP - SMTP - SSH Connectionless: - SNMP - VoIP - TFTP

40. Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.

Controller-based Networking : - This type deploys a consistent configuration across multiple devices. - Southbound APIs are used to apply configurations. Traditional Networking : - A distributed control plane is needed. - This type requires a distributed management plane.

100. Which IPv6 address is valid? A.2001:0db8:0000:130F:0000:0000:08GC:140B B. 2001:0db8:0:130H::87C:140B C. 2031::130F::9C0:876A:130B D. 2031:0:130F::9C0:876A:130B

D. 2031:0:130F::9C0:876A:130B Explanation: An IPv6 address is represented as eight groups of four hexadecimaldigits, each group representing 16 bits (two octets). The groups are separated bycolons (:). An example of an IPv6 address is2001:0db8:85a3:0000:0000:8a2e:0370:7334.The leading O's in a group can be collapsed using ::, but this can only be done once inan IP address.

15. Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A? A. 10.10.10.0/28 B. 10.10.13.0/25 C. 10.10.13.144/28 D. 10.10.13.208/29

D. 10.10.13.208/29 Explanation/Reference: Host A address fall within the address range. However, ifmore than one route to the same subnet exist (router will use the longest stickmatch, which match more specific route to the subnet). If there are route10.10.13.192/26 and 10.10.13.208/29, the router will forward the packet to /29rather than /28

234. Refer to the exhibit. Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize wasting addresses? A. 10.10.225.48 255.255.255.240 B. 10.10.225.32 255.255.255.240 C. 10.10.225.48 255.255.255.224 D. 10.10.225.32 255.255.255.224

D. 10.10.225.32 255.255.255.224

41. Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP? A. 10.4.4.4 B. 10.4.4.5 C. 172.23.103.10 D. 172.23.104.4

D. 172.23.104.4

235. A corporate office uses four floors in a building * Floor 1 has 24 users * Floor 2 has 29 users * Floor 3 has 28 users * Floor 4 has 22 users Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration? A. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor B. 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor C. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor D. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor

D. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor

42. Refer to the exhibit. Which route does R1 select for traffic that is destined to 192168.16.2? A. 192.168.16.0/21 B. 192.168.16.0/24 C. 192.168 26.0/26 D. 192.168.16.0/27

D. 192.168.16.0/27 Explanation/Reference: The destination IP addresses match all four entries in the routing table but the 192.168.16.0/27 has the longest prefix so it will be chosen. This is called the "longest prefix match" rule

96. Which option is a valid IPv6 address? A. 2001:0000:130F::099a::12a B. 2002:7654:A1AD:61:81AF:CCC1 C. FEC0:ABCD:WXYZ:0067::2A4 D. 2004:1:25A4:886F::1

D. 2004:1:25A4:886F::1 Explanation: An IPv6 address is represented as eight groups of four hexadecimaldigits, each group representing 16 bits (two octets). The groups are separated bycolons (:). An example of an IPv6 address is2001:0db8:85a3:0000:0000:8a2e:0370:7334.The leading 0's in a group can be collapsed using ::, but this can only be done once inan IP address.

429. When deploying syslog, which severity level logs informational message? A. 0 B. 2 C. 4 D. 6

D. 6

17. In Which way does a spine-and-leaf architecture allow for scalability in a networkwhen additional access ports are required? A. A spine switch and a leaf switch can be added with redundantconnections between them. B. A spine switch can be added with at least 40 GB uplinks. C. A leaf switch can be added with a single connection to a core spineswitch. D. A leaf switch can be added with connections to every spine switch.

D. A leaf switch can be added with connections to every spine switch. Explanation/Reference:Spine-leaf architecture is typically deployed as two layers: spines (such as anaggregation layer), and leaves (such as an access layer). Spine-leaf topologies providehigh-bandwidth, low-latency, nonblocking server-to-server connectivity.Leaf (aggregation) switches are what provide devices access to the fabric (thenetwork of spine and leaf switches) and are typically deployed at the top of the rack.Generally, devices connect to the leaf switches.Devices can include servers, Layer 4-7 services (firewalls and load balancers), andWAN or Internet routers. Leaf switches do not connect to other leaf switches. Inspine-and-leaf architecture, every leaf should connect to every spine in a full mesh.Spine (aggregation) switches are used to connect to all leaf switches and are typicallydeployed at the end or middle of the row. Spine switches do not connect to otherspine switches.

12. Which type of wireless encryption is used for WPA2 in pre-shared key mode? A. TKIP with RC4 B. RC4 C. AES-128 D. AES-256

D. AES-256 Explanation/Reference: We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-128.

443. When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported? A. Unicode B. base64 C. decimal D. ASCII

D. ASCII

377. With REST API, which standard HTTP header tells a server which media type is expected by the client? A. Accept-Encoding: gzip. deflate B. Accept-Patch: text/example; charset=utf-8 C. Content-Type: application/json; charset=utf-8 D. Accept: application/json

D. Accept: application/json Explanation: Accept header is a way for a client to specify the media type of theresponse content it is expecting and Content-type is a way to specify the media typeof request being sent from the client to the server.

384. Which configuration is needed to generate an RSA key for SSH on a router? A. Configure the version of SSH B. Configure VTY access. C. Create a user with a password. D. Assign a DNS domain name

D. Assign a DNS domain name

25. Which configuration is needed to generate an RSA key for SSH on a router? A. Configure the version of SSH. B. Configure VTY access. C. Create a user with a password. D. Assign a DNS domain name.

D. Assign a DNS domain name. Explanation/Reference: In order to generate an RSA key for SSH, we need toconfigure the hostname and a DNS domain name on the router (a username andpassword is also required). Therefore in fact both answer C and answer D are correct

99. What is the alternative notation for the IPv6 addressB514:82C3:0000:0000:0029:EC7A:0000:EC72? A. B514 : 82C3 : 0029 : EC7A : EC72 B. B514 : 82C3 :: 0029 : EC7A : EC72 C. B514 : 82C3 : 0029 :: EC7A : 0000 : EC72 D. B514 : 82C3 :: 0029 : EC7A : 0 : EC72

D. B514 : 82C3 :: 0029 : EC7A : 0 : EC72 Explanation: There are two ways that an IPv6 address can be additionallycompressed: compressing leading zeros and substituting a group of consecutivezeros with a single double colon(::). Both of these can be used in any number ofcombinations to notate the same address. It is important to note that the doublecolon (::) can only be used once within a single IPv6 address notation. So, the extra0's can only be compressed once.

21. A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts B. giants C. frame D. CRC E. input errors

D. CRC E. input errors Explanation/Reference: Whenever the physical transmission has problems, thereceiving device might receive a frame whose bits have changed values. Theseframes do not pass the error detection logic as implemented in the FCS field in theEthernet trailer. The receiving device discards the frame and counts it as some kindof input error.Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a termrelated to how the FCS math detects an error.The "input errors" includes runts, giants, no buffer, CRC, frame, overrun, and ignoredcounts.

445. An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use5GHz access points? A. Re- Anchor Roamed Clients B. 11ac MU-MIMO C. OEAP Split Tunnel D. Client Band Select

D. Client Band Select

461. A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be used? A. Clock time zone B. Clock summer-time-recurring C. Clock summer-time date D. Clock set

D. Clock set

70. Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that theSerial0/0/0 interfaces on the Atlanta and Washington routers can reach one another?(Choose two.) A. Configure the ipv6 route 2012::/126 2023::1 command on theWashington router. B. Configure the ipv6 route 2023::/126 2012::1 command on the Atlantarouter. C. Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlantarouter. D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlantarouter. E. Configure the ipv6 route 2012::/126 2023::2 command on theWashington router.

D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlantarouter. E. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router Explanation/Reference: The short syntax of static IPv6 route is:ipv6 route <destination-IPv6-address> {next-hop-IPv6-address | exit-interface}

166. Refer to the exhibit. On R1 which routing protocol is in use on the route to192.168.10.1? A. RIP B. OSPF C. IGRP D. EIGRP

D. EIGRP

439. An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an association request? A. Enable Security Association Teardown Protection and set the SA Query timeout to 10 B. Enable MAC filtering and set the SA Query timeout to 10 C. Enable 802.1x Layer 2 security and set me Comeback timer to 10 D. Enable the Protected Management Frame service and set the Come back timer to 10

D. Enable the Protected Management Frame service and set the Come back timer to 10

276. A company needs to interconnect several branch offices across a metropolitan area. The network engineer is seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their office locations. Which technology should be recommended? A. VSAT B. ISDN C. Frame Relay D. Ethernet WAN

D. Ethernet WAN Explanation: Ethernet WAN uses many Ethernet standards and it connects easily toexisting Ethernet LANs. It provides a switched, high-bandwidth Layer 2 networkcapable of managing data, voice, and video all on the same infrastructure. ISDN,while capable of supporting both voice and data, does not provide high bandwidth.VSAT uses satellite connectivity to establish a private WAN connection but withrelatively low bandwidth. Use of VSAT, ISDN, and Frame Relay require specificnetwork devices for the WAN connection and data conversion between LAN andWAN

255. Which IPv6 address block forwards packets to a multicast address rather than a unicast address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/12

D. FF00::/12

43. Which IPv6 address block sends packets to a group address rather than a single address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/8

D. FF00::/8 Explanation/Reference: FF00::/8 is used for IPv6 multicast and this is the IPv6 type ofaddress the question wants to ask.FE80::/10 range is used for link-local addresses. Link-local addresses only used forcommunications within the local subnetwork (automatic address configuration,neighbor discovery, router discovery, and by many routing protocols). It is only validon the current subnet.It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bitinterface identifier (based on 48-bit MAC address)

4. When configuring IPv6 on an interface, which two IPv6 multicast groups arejoined? (Choose two) A. 2000::/3 B. 2002::5 C. FC00::/7 D. FF02::1 E. FF02::2

D. FF02::1 E. FF02::2 Explanation/Reference: When an interface is configured with IPv6 address, itautomatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx)multicast groups. The all-node group is used to communicate with all interfaces onthe local link, and the solicited-nodes multicast group is required for link-layeraddress resolution. Routers also join a third multicast group, the all-routers group(FF02::2).

67. Which action is taken by a switch port enabled for PoE power classification override? A. When a powered device begins drawing power from a PoE switch port asyslog message is generated. B. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused. C. If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects. D. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err disabled.

D. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err disabled. Explanation/Reference: PoE monitoring and policing compares the powerconsumption on ports with the administrative maximum value (either a configuredmaximum value or the port's default value). If the power consumption on amonitored port exceeds the administrative maximum value, the following actionsoccur:- A syslog message is issued.- The monitored port is shut down and error-disabled.- The allocated power is freed

518. What is the purpose of an SSID? A. It provides network security B. It differentiates traffic entering access posits C. It identities an individual access point on a WLAN D. It identifies a WLAN

D. It identifies a WLAN

283. What is the primary purpose of a First Hop Redundancy Protocol? A. It allows directly connected neighbors to share configuration information. B. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination. C. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric. D. It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

D. It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.

212. Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16? A. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address. B. It selects the EIGRP route because it has the lowest administrative distance. C. It selects the OSPF route because it has the lowest cost. D. It selects the RIP route because it has the longest prefix inclusive of the destination address.

D. It selects the RIP route because it has the longest prefix inclusive of the destination address.

16. How does HSRP provide first hop redundancy? A. It load-balances traffic by assigning the same metric value to more thanone route to the same destination m the IP routing table. B. It load-balances Layer 2 traffic along the path by flooding traffic out allinterfaces configured with the same VLAN. C. It forwards multiple packets to the same destination over differentrouted links n the data path. D. It uses a shared virtual MAC and a virtual IP address to a group of routersthat serve as the default gateway for hosts on a LAN

D. It uses a shared virtual MAC and a virtual IP address to a group of routersthat serve as the default gateway for hosts on a LAN

366. A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch What must be configured when using active mode on both sides of the connection? A. 802.1q trunks B. Cisco vPC C. LLDP D. LACP

D. LACP

513. Where does wireless authentication happen? A. SSID B. radio C. band D. Layer 2

D. Layer 2

156. Which feature or protocol is required for an IP SLA to measure UDP jitter? A. LLDP B. EEM C. CDP D. NTP

D. NTP

190. Refer to the exhibit. C-router is to be used as a "router-on-a-stick" to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration? A. These commands need to be added to the configuration:C-router(config)# router eigrp 123C-router(config-router)# network 172.19.0.0 B. These commands need to be added to the configuration:C-router(config)# router ospf 1C-router(config-router)# network 172.19.0.0 0.0.3.255 C. These commands need to be added to the configuration:C-router(config)# router ripC-router(config-router)# network 172.19.0.0 D. No further routing configuration is required

D. No further routing configuration is required Explanation/Reference: Since all the same router (C-router) is the default gatewayfor all three VLANs, all traffic destined to a different VLAN will be sent to theC-router. The C-router will have knowledge of all three networks since they willappear as directly connected in the routing table. Since the C-router already knowshow to get to all three networks, no routing protocols need to be configured.

90. Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true? A. To pass client traffic two or more ports must be configured. B. The EtherChannel must be configured in "mode active". C. When enabled, the WLC bandwidth drops to 500 Mbps. D. One functional physical port is needed to pass client traffic.

D. One functional physical port is needed to pass client traffic. Explanation/Reference: Link aggregation (LAG) is a partial implementation of the802.3ad port aggregation standard. It bundles all of the controller's distributionsystem ports into a single 802.3ad port channel.Restriction for Link aggregation:- LAG requires the EtherChannel to be configured for `mode on' on both thecontroller and the Catalyst switch -> Answer B is not correct.- If the recommended load-balancing method cannot be configured on the Catalystswitch, then configure the LAG connection as a single member link or disable LAG onthe controller -> Answer A is not correct while answer D is correct

84. Which statement correctly compares traditional networks and controller-based networks? A. Only traditional networks offer a centralized control plane. B. Only traditional networks natively support centralized management. C. Traditional and controller-based networks abstract policies from device configurations. D. Only controller-based networks decouple the control plane and the dataplane

D. Only controller-based networks decouple the control plane and the dataplane Explanation/Reference: Most traditional devices use a distributed architecture, inwhich each control plane is resided in a networking device. Therefore they need tocommunicate with each other via messages to work correctly.In contrast to distributed architecture, centralized (or controller-based)architectures centralizes the control of networking devices into one device, calledSDN controller -> Answer D is correct.

468. Refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement? A. R4(config)#interface gi0/0 R4(config)#ip ospf priority 20 R5(config)#interface gi0/0 R5(config)#ip ospf priority 10 B. R2(config)#interface gi0/0 R3(config)#ip ospf priority 259 R3(config)#interface gi0/0 R3(config)#ip ospf priority 256 C. R5(config)#interface gi0/0 R5(config)#ip ospf priority 120 R4(config)#interface gi0/0 R4(config)#ip ospf priority 110 D. R3(config)#interface gi0/0 R3(config)#ip ospf priority 255 R2(config)#interface gi0/0 R2(config)#ip ospf priority 240 A. Option B. Option C. Option D. Option

D. Option

407. Refer to Exhibit. Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN100 to use their own IP addresses? A. Option A B. Option B C. Option C D. Option D

D. Option D

129. How does STP prevent forwarding loops at OSI Layer 2? A. TTL B. MAC address forwarding C. Collision avoidance D. Port blocking

D. Port blocking

328. Refer to the exhibit. Which type of configuration is represented in the output? A. Ansible B. JSON C. Chef D. Puppet

D. Puppet

237. Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers? A. R2 is using the passive-interface default command B. R1 has an incorrect network command for interface Gi1/0 C. R2 should have its network command in area 1 D. R1 interface Gi1/0 has a larger MTU size

D. R1 interface Gi1/0 has a larger MTU size

442. What uses HTTP messages to transfer data to applications residing on different hosts? A. OpenFlow B. OpenStack C. OpFlex D. REST

D. REST

52. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1.The new circuit uses eBGP and teams the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25? A. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1. C. Traffic to 10.10.13.0/25 is a symmetrical D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table

D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table

210. Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network? A. TKiP encryption B. AES encryption C. scrambled encryption key D. SAE encryption

D. SAE encryption

326. Which technology must be implemented to configure network device monitoring with the highest security? A. syslog B. NetFlow C. IP SLA D. SNMPv3

D. SNMPv3

44. Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two) A. management interface settings B. QoS settings C. Ip address of one or more access points D. SSID E. Profile name

D. SSID E. Profile name

421. Which technology allows for multiple operating systems to be run on a single host computer? A. virtual routing and forwarding B. network port ID visualization C. virtual device contexts D. Server Virtualization

D. Server Virtualization

305. Which configuration ensures that the switch is always the root for VLAN 750? A. Switch(config)#spanning-tree vlan 750 priority 38003685 B. Switch(config)#spanning-tree vlan 750 root primary C. Switch(config)#spanning-tree vlan 750 priority 614440 D. Switch(config)#spanning-tree vlan 750 priority 0

D. Switch(config)#spanning-tree vlan 750 priority 0 Explanation/Reference: Although the spanning-tree vlan 10 root primary command willensure a switch will have a bridge priority value lower than other bridges introducedto the network, the spanning-tree vlan 10 priority 0 command ensures the bridge prioritytakes precedence over all other priorities.

486. What is the difference in data transmission delivery and reliability between TCPand UDP? A. TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end. B. UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection. C. UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking. D. TCP requires the connection to be established before transmitting data .UDP transmits data at a higher rate without ensuring packet delivery.

D. TCP requires the connection to be established before transmitting data .UDP transmits data at a higher rate without ensuring packet delivery.

22. How do TCP and UDP differ in the way that they establish a connection betweentwo endpoints? A. TCP uses synchronization packets, and UDP uses acknowledgmentpackets. B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP usesSYN, SYN ACK and ACK bits. C. UDP provides reliable message transfer and TCP is a connectionlessprotocol. D. TCP uses the three-way handshake and UDP does not guarantee messagedelivery.

D. TCP uses the three-way handshake and UDP does not guarantee messagedelivery.

452. Which two protocols are supported on service-port interfaces? (Choose two.) A. RADIUS B. TACACS+ C. SCP D. Telnet E. SSH

D. Telnet E. SSH

239. How does CAPWAP communicate between an access point in local mode and a WLC? A. The access point must directly connect to the WLC using a copper cable B. The access point must not be connected to the wired network, as it would create a loop C. The access point must be connected to the same switch as the WLC D. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

D. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

402. Why does a switch flood a frame to all ports? A. The frame has zero destination MAC addresses. B. The source MAC address of the frame is unknown C. The source and destination MAC addresses of the frame are the same D. The destination MAC address of the frame is unknown.

D. The destination MAC address of the frame is unknown.

105. Refer to the exhibit. The MAC address table is shown in its entirety. TheEthernet frame that is shown arrives at the switch. What two operations will theswitch perform when it receives this frame? (Choose two.) A. The switch will not forward a frame with this destination MAC address. B. The frame will be forwarded out of all the ports on the switch. C. The MAC address of ffff.ffff.ffff will be added to the MAC address table. D. The frame will be forwarded out of all the active switch ports except forport fa0/0. E. The MAC address of 0000.00aa.aaaa will be added to the MAC AddressTable. F. The frame will be forwarded out of fa0/0 and fa0/1 only

D. The frame will be forwarded out of all the active switch ports except forport fa0/0. E. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table.

195. Refer to the graphic. R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.) A. All of the routers need to be configured for backbone Area 1. B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3. C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established. D. The hello and dead interval timers are not set to the same values on R1and R3. E. EIGRP is also configured on these routers with a lower administrativedistance. F. R1 and R3 are configured in different areas.

D. The hello and dead interval timers are not set to the same values on R1and R3. F. R1 and R3 are configured in different areas. Explanation/Reference: This question is to examine the conditions for OSPF to createneighborhood. So as to make the two routers become neighbors, each router mustbe matched with the following items:1. The area ID and its types;2. Hello and failure time interval timer;3. OSPF Password (Optional);

194. A network administrator is troubleshooting the OSPF configuration of routersR1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip ospf interface e0command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem? A. The OSPF area is not configured properly. B. The OSPF area is not configured properly. C. The cost on R1 should be set higher. D. The hello and dead timers are not configured properly. E. A backup designated router needs to be added to the network. F. The OSPF process ID numbers must match.

D. The hello and dead timers are not configured properly.

383. Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU? A. The port transitions to STP blocking B. The port transitions to the root port C. The port immediately transitions to STP forwarding. D. The port goes into error-disable state

D. The port goes into error-disable state

148. Which type does a port become when it receives the best BPDU on a bridge? A. The designated port B. The backup port C. The alternate port D. The root port

D. The root port

40. Refer to the exhibit. What is the effect of this configuration? A. All ARP packets are dropped by the switch. B. Egress traffic is passed only if the destination is a DHCP server. C. All ingress and egress traffic is dropped because the interface is untrusted. D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings. Explanation/Reference: Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking

507. What are two benefits of FHRPs? (Choose two.) A. They prevent (oops in the Layer 2 network. B. They allow encrypted traffic. C. They are able to bundle muftlple ports to increase bandwidth D. They enable automatic failover of the default gateway. E. They allow multiple devices lo serve as a single virtual gateway for clients in the network

D. They enable automatic failover of the default gateway. E. They allow multiple devices lo serve as a single virtual gateway for clients in the network

396. Refer to the exhibit. After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface's configuration? A. Use the Ixml library to parse the data returned by the NETCONF server forthe interface's configuration. B. Create an XML filter as a string and pass it to get_config() method as anargument. C. Create a JSON filter as a string and pass it to the get_config() method asan argument. D. Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

D. Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

114. Refer to the exhibit Users in your office are complaining that they cannot connect to the severs at a remote site. When troubleshooting, you find that you can successfully reach the severs from router R2. What is the most likely reason that the other users are experiencing connection failure? A. interface ports are shut down on the remote servers B. The DHCP address pool has been exhausted C. The ip helper-address command is missing on the R2 interface that connects to the switch D. VLSM is misconfigured between the router interface and the DHCP pool.

D. VLSM is misconfigured between the router interface and the DHCP pool.

427. What describes the operation of virtual machines? A. Virtual machines are responsible for managing and allocating host hardware resources B. In a virtual machine environment, physical servers must run one operating system at a time. C. Virtual machines are the physical hardware that support a virtual environment. D. Virtual machines are operating system instances that are decoupled from server hardware

D. Virtual machines are operating system instances that are decoupled from server hardware

375. How do servers connect to the network in a virtual environment? A. wireless to an access point that is physically connected to the network B. a cable connected to a physical switch on the network C. a virtual switch that links to an access point that is physically connected to the network D. a software switch on a hypervisor that is physically connected to the network

D. a software switch on a hypervisor that is physically connected to the network

511. What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model? A. access - core - distribution - access B. access - distribution - distribution - access C. access - core - access D. access -distribution - core - distribution - access

D. access -distribution - core - distribution - access

489. What does physical access control regulate? A. access to spec fie networks based on business function B. access to servers to prevent malicious activity C. access :o computer networks and file systems D. access to networking equipment and facilities

D. access to networking equipment and facilities

59. Refer to the exhibit. Based on the LACP neighbor status, in which mode is theSW1 port channel configured? A. passive B. mode on C. auto D. active

D. active Explanation/Reference: From the neighbor status, we notice the "Flags" are SP. "P"here means the neighbor is in Passive mode.In order to create an Etherchannel interface, the (local) SW1 ports should be inActive mode.Moreover, the "Port State" in the exhibit is "0x3c" (which equals to "00111100 inbinary format).Bit 3 is "1" which means the ports are synchronizing -> the ports are working so thelocal ports should be in Active mode

128. How can the Cisco Discovery Protocol be used? A. to allow a switch to discover the devices that are connected to its ports B. to determine the hardware platform of the device C. to determine the IP addresses of connected Cisco devices D. all of the above

D. all of the above

343. What is a function of a remote access VPN? A. used cryptographic tunneling to protect the privacy of data for multiple users simultaneously B. used exclusively when a user is connected to a company's internal network C. establishes a secure tunnel between two branch sites D. allows the users to access company internal network resources through a secure tunnel

D. allows the users to access company internal network resources through a secure tunnel

159. Which two commands can you use to configure an actively negotiate EtherChannel? (Choose two) A. channel-group 10 mode on B. channel-group 10 mode auto C. channel-group 10 mode passive D. channel-group 10 mode desirable E. channel-group 10 mode active

D. channel-group 10 mode desirable E. channel-group 10 mode active

233. Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to help resolve the configuration issue? A. set the default network as 20.20.20.0/24 B. set the default gateway as 20.20.20.2 C. configure a static route with Fa0/1 as the egress interface to reach the20.20.20.0/24 network D. configure a static route with 10.10.10.2 as the next hop to reach the20.20.20.0/24 network

D. configure a static route with 10.10.10.2 as the next hop to reach the20.20.20.0/24 network

151. Refer to the exhibit. After you apply the given configuration to a router, the DHCP clients behind the device cannot communicate with hosts outside of their subnet. Which action is most likely to correct the problem? A. Configure the dns server on the same subnet as the clients B. Activate the dhcp pool C. Correct the subnet mask D. configure the default gateway

D. configure the default gateway

350. In software defined architectures, which plane is distributed and responsible for traffic forwarding? A. management plane B. control plane C. policy plane D. data plane

D. data plane

470. Which level of severity must be set to get informational syslogs? A. alert B. critical C. notice D. debug

D. debug Explanation/Reference: Specifying a level causes messages at that level andnumerically lower levels to be displayed at the destination.From Table 3 : informational level = 6, debugging level = 7, notice/notifications level= 5

320. A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must betaken to meet the requirement? A. enable AAA override B. enable RX-SOP C. enable DTIM D. enable Band Select

D. enable Band Select

309. What are two roles of Domain Name Services (DNS)? (Choose Two) A. builds a flat structure of DNS names for more efficient IP operations B. encrypts network Traffic as it travels across a WAN by default C. improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs) D. enables applications to identify resources by name instead of IP address E. allows a single host name to be shared across more than one IP address

D. enables applications to identify resources by name instead of IP address E. allows a single host name to be shared across more than one IP address

258. Which purpose does a northbound API serve in a controller-based networking architecture? A. communicates between the controller and the physical network hardware B. reports device errors to a controller C. generates statistics for network hardware and traffic D. facilitates communication between the controller and the applications

D. facilitates communication between the controller and the applications

485. What is the purpose of using First Hop Redundancy Protocol in a specific subnet? A. Filter traffic based on destination IP addressing B. Sends the default route to the hosts on a network C. ensures a loop-free physical topology D. forwards multicast hello messages between routers

D. forwards multicast hello messages between routers

247. Which type of ipv6 address is publicly routable in the same way as ipv4 public addresses? A. multicast B. unique local C. link-local D. global unicast

D. global unicast

61. An organization has decided to start using cloud-provided services. Which cloudservice allows the organization to install its own operating system on a virtualmachine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service

D. infrastructure-as-a-service Explanation/Reference: Below are the 3 cloud supporting services cloud providersprovide to customer:+ SaaS (Software as a Service): SaaS uses the web to deliver applications that aremanaged by a thirdparty vendor and whose interface is accessed on the clients' side.Most SaaS applications can be run directly from a web browser without anydownloads or installations required, although some require plugins.+ PaaS (Platform as a Service): are used for applications, and other development,while providing cloud components to software. What developers gain with PaaS is aframework they can build upon to develop or customize applications. PaaS makesthe development, testing, and deployment of applications quick, simple, andcost-effective. With this technology, enterprise operations, or a thirdparty provider,can manage OSes, virtualization, servers, storage, networking, and the PaaS softwareitself. Developers, however, manage the applications.+ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, andmanaging remote datacenter infrastructures, such as compute (virtualized or baremetal), storage, networking, and networking services (e.g. firewalls). Instead ofhaving to purchase hardware outright, users can purchase IaaS based onconsumption, similar to electricity or other utility billing.In general, IaaS provides hardware so that an organization can install their ownoperating system.

388. What does a switch use to build its MAC address table? A. VTP B. DTP C. egress traffic D. ingress traffic

D. ingress traffic

29. An engineer must configure a/30 subnet between two routers. Which usable IPaddress and subnet mask combination meets this criteria? A. interface e0/0description to HQ-A370:98968ip address 10.2.1.3 255.255.255.252 B. interface e0/0description to HQ-A370:98968ip address 192.168.1.1 255.255.255.248 C. interface e0/0description to HQ-A370:98968ip address 172.16.1.4 255.255.255.248 D. interface e0/0description to HQ-A370:98968ip address 209.165.201.2 255.255.255.252

D. interface e0/0description to HQ-A370:98968ip address 209.165.201.2 255.255.255.252 Explanation/Reference: A /30 subnet means subnet mask of 255.255.255.252. But10.2.1.3 255.255.255.252 is a broadcast IP address; only 209.165.201.2/30 is theusable IP address.

147. You are configuring your edge routers interface with a public IP address forInternet connectivity.The router needs to obtain the IP address from the service provider dynamically.Which command is needed on interface FastEthernet 0/0 to accomplish this? A. ip default-gateway B. ip route C. ip default-network D. ip address dhcp E. ip address dynamic

D. ip address dhcp

357. Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link? A. ip route 0.0.0.0 0.0.0.0 209.165.202.131 B. ip route 209.165.201.0 255.255.255.224 209.165.202.130 C. ip route 0.0.0.0 0.0.0.0 209.165.200.224 D. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

D. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

311. A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received interface counter increments? A. collision B. CRC C. runt D. late collision

D. late collision

506. Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol? A. bridge B. route C. autonomous D. lightweight

D. lightweight

181. Which command should you enter to configure an LLDP delay time of 5seconds? A. lldp timer 5000 B. lldp holdtime 5 C. lldp reinit 5000 D. lldp reinit 5

D. lldp reinit 5 Explanation/Reference:+ lldp holdtime seconds: Specify the amount of time a receiving device should holdthe information from your device before discarding it+ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on aninterface+ lldp timer rate: Set the sending frequency of LLDP updates in seconds

509. In QoS, which prioritization method is appropriate for interactive voice and video? A. expedited forwarding B. traffic policing C. round-robin scheduling D. low-latency queuing

D. low-latency queuing

314. Which type of attack can be mitigated by dynamic ARP inspection? A. worm B. malware C. DDoS D. man-in-the-middle

D. man-in-the-middle

168. Which two circumstances can prevent two routers from establishing an OSPFneighbor adjacency? (Choose two.) A. mismatched autonomous system numbers B. an ACL blocking traffic from multicast address 224.0.0.10 C. mismatched process IDs D. mismatched hello timers and dead timers E. use of the same router ID on both devices

D. mismatched hello timers and dead timers E. use of the same router ID on both devices

270. What is a characteristic of the REST API? A. evolved into what became SOAP B. used for exchanging XML structured information over HTTP or SMTP C. considered slow, complex, and rigid D. most widely used API for web services

D. most widely used API for web services

54. Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32? A. floating static route B. host route C. default route D. network route

D. network route Explanation/Reference: From the output, we see R1 will use the entry "O10.10.13.0/25 [110/4576] via 10.10.10.1, ..." to reach host 10.10.13.10. This is anetwork route.Note: "B* 0.0.0.0/0 ..." is a default route.

353. Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the10.20.1.0/25 network. Which command will accomplish this task? A. access-list 2699 permit udp 10.20.1.0 0.0.0.255 B. no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22 C. access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22 D. no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

D. no access-list 2699 deny ip any 10.20.1.0 0.0.0.255 Explanation: Already a statement is there in last to allow SSH Traffic for network10.20.1.0 0.0.0.127, but Second statement says deny ip any 10.20.1.0 0.0.0.255, so how it will work once it is denied. So the right answer is remove the — no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

176. Which command must be entered when a device is configured as an NTP server? A. ntp sever B. ntp peer C. ntp authenticate D. ntp master

D. ntp master Explanation/Reference: To configure a Cisco device as an Authoritative NTP Server,use the ntp master [stratum] command.To configure a Cisco device as a NTP client, use the command ntp server <IPaddress>. For example:Router(config)#ntp server 192.168.1.1. This command will instruct the router toquery 192.168.1.1 for the time.

397. What is an appropriate use for private IPv4 addressing? A. on the public-facing interface of a firewall B. to allow hosts inside to communicate in both directions with hosts outside the organization C. on internal hosts that stream data solely to external resources D. on hosts that communicates only with other internal hosts

D. on hosts that communicates only with other internal hosts

171. Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts? A. source B. static C. pool D. overload

D. overload Explanation/Reference: By adding the keyword "overload" at the end of a NATstatement, NAT becomes PAT (Port Address Translation). This is also a kind ofdynamic NAT that maps multiple private IP addresses to a single public IP address(many-to-one) by using different ports. Static NAT and Dynamic NAT both require aone-to-one mapping from the inside local to the inside global address. By using PAT,you can have thousands of users connect to the Internet using only one real global IPaddress. PAT is the technology that helps us not run out of public IP address on theInternet.This is the most popular type of NAT.An example of using "overload" keyword is shown below:R1(config)# ip nat inside source list 1 interface ethernet1 overload

433. Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles? A. role-based access control B. biometrics C. multifactor authentication D. physical access control

D. physical access control

269. Which type of API would be used to allow authorized salespeople of an organization access to internal sales data from their mobile devices? A. partner B. open C. public D. private

D. private

287. Which goal is achieved by the implementation of private IPv4 addressing on a network? A. allows servers and workstations to communicate across public network boundaries B. provides a reduction in size of the forwarding table on network routers C. allows communication across the Internet to other private networks D. provides an added level of protection against Internet exposure

D. provides an added level of protection against Internet exposure

495. Which function is performed by DHCP snooping? A. propagates VLAN information between switches B. listens to multicast traffic for packet forwarding C. provides DDoS mitigation D. rate-limits certain traffic

D. rate-limits certain traffic

391. What is a DNS lookup operation? A. DNS server pings the destination to verify that it is available B. serves requests over destination port 53 C. DNS server forwards the client to an alternate IP address when the primary IP is down D. responds to a request for IP address to domain name resolution to the DNS server

D. responds to a request for IP address to domain name resolution to the DNS server

318. Refer to the exhibit. Which route type does the routing protocol Code D represent in the output? A. internal BGP route B. /24 route of a locally configured IP C. statically assigned route D. route learned through EIGRP

D. route learned through EIGRP

205. R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed? A. route with the lowest cost B. route with the next hop that has the highest IP C. route with the shortest prefix length D. route with the lowest administrative distance

D. route with the lowest administrative distance

390. What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI? A. initiates a ping request to the URL B. prompts the user to specify the desired IP address C. continuously attempts to resolve the URL until the command is cancelled D. sends a broadcast message in an attempt to resolve the URL

D. sends a broadcast message in an attempt to resolve the URL

454. Which global command encrypt all passwords in the running configuration? A. password-encrypt B. enable password-encryption C. enable secret D. service password-encryption

D. service password-encryption

502. What Is a syslog facility? A. Host that is configured for the system to send log messages B. password that authenticates a Network Management System to receive log messages C. group of log messages associated with the configured severity level D. set of values that represent the processes that can generate a log message

D. set of values that represent the processes that can generate a log message

65. Refer to the exhibit. Which command provides this output? A. show ip route B. show ip interface C. show interface D. show cdp neighbor

D. show cdp neighbor

123. Which Cisco IOS command will indicate that interface Gigabit Ethernet 0/0 is configured via DHCP? A. show ip interface GigabitEthernet 0/0 dhcp B. show interface GigabitEthernet 0/0 C. show ip interface dhcp D. show ip interface GigabitEthernet 0/0 E. show ip interface GigabitEthernet 0/0 brief

D. show ip interface GigabitEthernet 0/0

189. Which command is used to display the collection of OSPF link states? A. show ip ospf link-state B. show ip ospf lsa database C. show ip ospf neighbors D. show ip ospf database

D. show ip ospf database Explanation/Reference: The "show ip ospf database" command displays the linkstates. Here is an example:Here is the lsa database on R2.R2#show ip ospf databaseOSPF Router with ID (2.2.2.2) (Process ID 1)Router Link States (Area 0)Link ID ADV Router Age Seq# Checksum Link count2.2.2.2 2.2.2.2 793 0x800000030x004F85 210.4.4.4 10.4.4.4 776 0x80000004 0x005643 1111.111.111.111111.111.111.111 755 0x80000005 0x0059CA 2133.133.133.133 133.133.133.133 7750x80000005 0x00B5B1 2 Net Link States (Area 0) Link ID ADV Router Age Seq#Checksum10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B10.2.2.3133.133.133.133 812 0x80000001 0x004BA910.4.4.1 111.111.111.111 7550x80000001 0x007F1610.4.4.3 133.133.133.133 775 0x80000001 0x00C31F

143. Which command should you enter to view the error log in an EIGRP for IPv6environment? A. show ipv6 eigrp neighbors B. show ipv6 eigrp topology C. show ipv6 eigrp traffic D. show ipv6 eigrp events

D. show ipv6 eigrp events

186. Which command should you enter to verify the priority of a router in an HSRP group? A. show hsrp B. show sessions C. show interfaces D. show standby

D. show standby Explanation/Reference: The following is sample output from the show standbycommand:

332. A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend? A. infrastructure-as-a-service B. platform-as-a-service C. business process as service to support different types of service D. software-as-a-service

D. software-as-a-service

92. Which API is used in controller-based architectures to interact with edge devices? A. overlay B. northbound C. underlay D. southbound

D. southbound

227. Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other VLANs are to remain tagged. Which command accomplishes this task? A. switchport access vlan 67 B. switchport trunk allowed vlan 67 C. switchport private-vlan association host 67 D. switchport trunk native vlan 67

D. switchport trunk native vlan 67

260. What are two reasons a network administrator would use CDP? (Choose two.) A. to verify the type of cable interconnecting two devices B. to determine the status of network services on a remote device C. to obtain VLAN information from directly connected switches D. to verify Layer 2 connectivity between two devices when Layer 3 fails E. to obtain the IP address of a connected device in order to telnet to the device F. to determine the status of the routing protocols between directly connected routers

D. to verify Layer 2 connectivity between two devices when Layer 3 fails E. to obtain the IP address of a connected device in order to telnet to the device

339. What is a function of TFTP in network operations? A. transfers a backup configuration file from a server to a switch using a username and password B. transfers files between file systems on a router C. transfers a configuration files from a server to a router on a congested link D. transfers IOS images from a server to a router for firmware upgrades

D. transfers IOS images from a server to a router for firmware upgrades

517. Which type of traffic Is sent with pure iPsec? A. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites B. multicast traffic from a server at one site to hosts at another location C. spanning-tree updates between switches that are at two different sites D. unicast messages from a host at a remote site lo a server at headquarters

D. unicast messages from a host at a remote site lo a server at headquarters

344. Which CRUD operation modifies an existing table or view? A. read B. create C. replace D. update

D. update

446. What is a characteristic of private IPv4 addressing? A. traverse the Internet when an outbound ACL is applied B. issued by IANA in conjunction with an autonomous system number C. composed of up to 65.536 available addresses D. used without tracking or registration

D. used without tracking or registration

11. An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place? A. Physical access control B. Social engineering attack C. brute force attack D. user awareness

D. user awareness Explanation/Reference: This is a training program which simulates an attack, not a real attack (as it says "The webpage that opens reports that it was safe") so we believed it should be called a "user awareness" program. Therefore the best answer here should be "user awareness". This is the definition of "User awareness" from CCNA 200- 301 Offical Cert Guide Book: "User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. " Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.

382. Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point? A. TACACS server B. wireless access point C. RADIUS server D. wireless LAN controller

D. wireless LAN controller

297. Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password? A.R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234 B.R1(config)#username admin R1(config-if)#line vty 0 4 R1(config-line)#password p@ss1234 R1(config-line)#transport input telnet C.R1(config)#username admin secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local R1(config)#enable secret p@ss1234 D.R1(config)#username admin privilege 15 secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local

D.R1(config)#username admin privilege 15 secret p@ss1234 R1(config-if)#line vty 0 4 R1(config-line)#login local

11. Drag and drop the functions from the left onto the correct network components on the right.

DHCP Server: - assigns a default gateway to a client - holds the TCP/IP settings to be distributed to the clients - assigns IP addresses to enabled clients DNS Server: - resolves web URLs to IP addresses - stores a list of IP addresses mapped to names

499. Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28subnet? A. 84 B. 110 C. 128 D. 192 E. 193

E. 193

8. Drag and drop the descriptions of file transfer protocols from the left onto the correct protocols on the right.

FTP: - provides reliability when loading an IOS image upon boot up - uses ports 20 and 21 - uses TCP TFTP: - does not require user authentication - uses port 69 - uses UDP

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.

Layer 2 Security Mechanisms: - WPA+WPA2 - 802.1X Layer 3 Security Mechanisms (for WLAN): - web policy - Passthrough

29. Drag and drop the SNMP components from the left onto the descriptions on the right

MIB: collection of variables that can be monitored SNMP agent: responds to status requests and requests for information about a device SNMP manager: resides in the NMS SNMP trap: unsolicited messages

1. A network engineer is configuring an OSPFv2 neighbor adjacency. Drag and drop the parameters from the left onto their required categories on the right. No all parameters are used.

Must be unique: - router ID - IP address Must match: - netmask - area ID - timers

Drag and drop the networking parameters from the left onto the correct values on the right.

NIC vendor OUI -> 00:0C:22 NIC MAC address -> 00:0C:22:83:79:A3 default gateway -> 192.168.1.193 host IP address -> 192.168.1.200 subnet mask -> 255.255.255.192

36. Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right

Operates in the 2.4GHz and 5 GHz bands-------802.11n Operates in the 2.4GHz band only and supports a maximum data rate of 54 Mbps-------802.11g Operates in the 5 GHz band only and supports a maximum data rate that can exceed 100Mbps-------80211ac Supports a maximum data rate of 11Mbps-------802.11b Operates in the 5GHz band only and supports a maximum data rate of 54 Mbps-----802.11a

14. An interface has been configured with the access list that is shown below. access-list 107 deny tcp 207.16.12.0.0.0.3.255 any eq http access-list 107 permit ip any any On the basis of that access list, drag each information packet on the left to the appropriate category on the right.

Permitted: - source IP:207.16.32.14, destination application: http - source IP:207.16.15.9, destination port: 23 - source IP:207.16.16.14, destination port: 53 Denied: - source IP:207.16.14.7, destination port: 80 - source IP:207.16.13.14, destination application: http

25. Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right

TCP _ 1. Sends tranmissions in sequence _ 3. Transmits packets as a stream _ 6. Uses a lower transmission rate to ensure relability UDP _ 2. Transmissions include an 8-byte header _ 4. Transmits packets individually _ 5. Uses a higher transmission rate to support latency-sensitive application

30. Drag and drop the QoS congestion management terms from the left onto the description on the right.

_ CBWGQ : provides guaranteed bandwidth to a specified class of traffic _ CQ : services a specified number of bytes in one queue before continuing to the next queue _ FIFO : uses store-and-forward queuing _ PQ : places packets into one of four priority-based queues _ WFQ : provides minimum guaranteed bandwidth to one or more flows

23. Match the functions to the corresponding layers. (Not all options are used.)

access layer _ provides network access to the user _ represents the network edge distribution layer _ implements network access policy _ establishes Layer 3 routing boundaries core layer _ provides high-speed backbone connectivity _ functions as an aggregator for all the campus blocks

42. Drag and drop the AAA terms from the left onto the description on the right.

tracks activity--------accounting updates session attributes------COA verifies access rights--------authorization verifies identity-----authentication

10. Drag and drop the WLAN components from the left onto the correct descriptions on the right.

wireless LAN controller -> device that manages access points access point -> device that provides Wi-Fi devices with a connection to a wired network service port -> used for out of band management of a WLC virtual interface -> used to support mobility management of the WLC dynamic interface -> applied to the WLAN for wireless client communication


Set pelajaran terkait

Brain Structure and Nervous System

View Set

Chapter: 44 Written Communication and Mail

View Set

4.01 workshop: independent, dependent, and noun clauses

View Set

HESI & NCLEX PASSPOINT: Fluid & Electrolyte Balance

View Set

Extensor muscles in the hand/wrist

View Set