Midka

Refer to the exhibit. A network administrator needs to add an ACE to the TRAFFIC-CONTROL ACL that will deny IP traffic from the subnet 172.23.16.0/20. Which ACE will meet this requirement?

5 deny 172.23.16.0 0.0.15.255

Refer to the exhibit. What is the OSPF cost to reach the West LAN 172.16.2.0/24 from East?​

65

If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?

8

A network administrator modified an OSPF-enabled router to have a hello timer setting of 20 seconds. What is the new dead interval time setting by default?

80 seconds

Which two scenarios are examples of remote access VPNs? (Choose two.)

A mobile sales agent is connecting to the company network via the Internet connection at a hotel. An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.

Which two statements are characteristics of a virus? (Choose two.)

A virus can be dormant and then activate at a specific time or date. A virus typically requires end-user activation.

An attacker is redirecting traffic to a false default gateway in an attempt to intercept the data traffic of a switched network. What type of attack could achieve this?

DHCP spoofing

Which public WAN access technology utilizes copper telephone lines to provide access to subscribers that are multiplexed into a single T3 link connection?

DSL

A customer needs a metropolitan area WAN connection that provides high-speed, dedicated bandwidth between two sites. Which type of WAN connection would best fulfill this need?

Ethernet WAN

Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)

Filter unwanted traffic before it travels onto a low-bandwidth link. Place standard ACLs close to the destination IP address of the traffic. Place extended ACLs close to the source IP address of the traffic.

Which type of OSPF packet is used by a router to discover neighbor routers and establish neighbor adjacency?

Hello

Which three types of VPNs are examples of enterprise-managed site-to-site VPNs? (Choose three.)

IPsec VPN Cisco Dynamic Multipoint VPN GRE over IPsec VPN

Refer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers. The routers are unable to form a neighbor adjacency. What should be done to fix the problem on router R2?

Implement the command no passive-interface Serial0/1.

Refer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers but PC1 is unable to connect to PC2. What is the most likely problem?

Interface Fa0/0 has not been activated for OSPFv2 on router R2.

Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to access the web server. What is a possible reason that the client PC cannot access the web server?

Interface S0/0/0 should be identified as the outside NAT interface.

In an OSPF network which two statements describe the link-state database (LSDB)? (Choose two.)

It can be viewed by using the show ip ospf database command.

What are three benefits of cloud computing? (Choose three.)

It streamlines the IT operations of an organization by subscribing only to needed services. It enables access to organizational data anywhere and at any time. It eliminates or reduces the need for onsite IT equipment, maintenance, and management.

Which two IPsec protocols are used to provide data integrity?

MD5 and SHA

A network administrator is troubleshooting an OSPF problem that involves neighbor adjacency. What should the administrator do?

Make sure that the hello and dead interval timers are the same on all routers.

What is a characteristic of a Trojan horse as it relates to network security?

Malware is contained in a seemingly legitimate executable program.

In setting up a small office network, the network administrator decides to assign private IP addresses dynamically to workstations and mobile devices. Which feature must be enabled on the company router in order for office devices to access the internet?

NAT

Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration?

NAT-POOL2 is not bound to ACL 1.

Match the HTTP method with the RESTful operation.

POST ->> Create GET ->> Read PUT/PATCH ->> Update/Replace?Modify Delete ->> Delete

Refer to the exhibit. An administrator first configured an extended ACL as shown by the output of the show access-lists command. The administrator then edited this access-list by issuing the commands below. Router(config)# ip access-list extended 101 Router(config-ext-nacl)# no 20 Router(config-ext-nacl)# 5 permit tcp any any eq 22 Router(config-ext-nacl)# 20 deny udp any any Which two conclusions can be drawn from this new configuration?​

Ping packets will be permitted. SSH packets will be permitted.

Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?

R1(config)# interface gi0/0R1(config-if)# no ip access-group 105 outR1(config)# no access-list 105R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21R1(config)# access-list 105 deny ip any anyR1(config)# interface gi0/0R1(config-if)# ip access-group 105 out

Refer to the exhibit. A network administrator has configured a standard ACL to permit only the two LAN networks attached to R1 to access the network that connects to R2 G0/1 interface, but not the G0/0 interface. When following the best practices, in what location should the standard ACL be applied?

R2 G0/0 outbound

Refer to the exhibit. A network administrator has configured a standard ACL to permit only the two LAN networks attached to R1 to access the network that connects to R2 G0/1 interface. When following the best practices, in what location should the standard ACL be applied?

R2 G0/1 outbound

In which OSPF state is the DR/BDR election conducted?

Two-Way

What are two features to consider when creating a named ACL? (Choose two.)

Use alphanumeric characters if needed. Be descriptive when creating the ACL name.

Refer to the exhibit. What method can be used to enable an OSPF router to advertise a default route to neighboring OSPF routers?

Use the default-information originate command on R0-A.

Which statement describes a VPN?

VPNs use virtual connections to create a private network through a public network.

What are two characteristics of video traffic? (Choose two.)

Video traffic is unpredictable and inconsistent. Video traffic latency should not exceed 400 ms.

A data center has recently updated a physical server to host multiple operating systems on a single CPU. The data center can now provide each customer with a separate web server without having to allocate an actual discrete server for each customer. What is the networking trend that is being implemented by the data center in this situation?

Virtualization

Why is QoS an important issue in a converged network that combines voice, video, and data communications?

Voice and video communications are more sensitive to latency.

Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80access-list 103 deny tcp ​192.168.10.0 0.0.0.255 any eq 23

Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)

access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21 access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out

In an OSPF network which OSPF structure is used to create the neighbor table on a router?

adjacency database

What are two types of attacks used on DNS open resolvers? (Choose two.)

amplification and reflection resource utilization

Which step in the link-state routing process is described by a router inserting best paths into the routing table?

choosing the best route

What QoS step must occur before packets can be marked?

classifying

What command would be used as part of configuring NAT or PAT to clear dynamic entries before the timeout has expired?

clear ip nat translation *

What type of network uses one common infrastructure to carry voice, data, and video signals?

converged

Which type of QoS marking is applied to Ethernet frames?

cos

A network administrator has been tasked with creating a disaster recovery plan. As part of this plan, the administrator is looking for a backup site for all of the data on the company servers. What service or technology would support this requirement?

data center

Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?

defines which addresses can be translated

When QoS is implemented in a converged network, which two factors can be controlled to improve network performance for real-time traffic? (Choose two.)

delay jitter

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit tcp 10.1.1.0 0.0.0.255 host 10.1.3.8 eq dns . If a packet with a source address of 10.1.3.8, a destination address of 10.10.3.8, and a protocol of 53 is received on the interface, is the packet permitted or denied?

denied

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit tcp 10.1.1.0 0.0.0.255 host 192.31.7.45 eq dns . If a packet with a source address of 10.1.1.201, a destination address of 192.31.7.45, and a protocol of 23 is received on the interface, is the packet permitted or denied?

denied

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit udp 192.168.100.0 0.0.2.255 64.100.40.0 0.0.0.15 eq telnet . If a packet with a source address of 192.168.101.45, a destination address of 64.100.40.4, and a protocol of 23 is received on the interface, is the packet permitted or denied?

denied

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit udp 192.168.100.32 0.0.0.7 host 198.133.219.76 eq telnet . If a packet with a source address of 198.133.219.100, a destination address of 198.133.219.170, and a protocol of 23 is received on the interface, is the packet permitted or denied?

denied

An ACL is applied inbound on a router interface. The ACL consists of a single entry:access-list 210 permit tcp 172.18.20.0 0.0.0.31 172.18.20.32 0.0.0.31 eq ftp . If a packet with a source address of 172.18.20.55, a destination address of 172.18.20.3, and a protocol of 21 is received on the interface, is the packet permitted or denied?

denied

Which type of VPN allows multicast and broadcast traffic over a secure site-to-site VPN?

dynamic multipoint VPN

Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology?

dynamic multipoint VPN

Which step in the link-state routing process is described by a router sending Hello packets out all of the OSPF-enabled interfaces?

establishing neighbor adjacencies

Which step in the link-state routing process is described by a router running an algorithm to determine the best path to each destination?

executing the SPF algorithm

Refer to the exhibit. The company has provided IP phones to employees on the 192.168.10.0/24 network and the voice traffic will need priority over data traffic. What is the best ACL type and placement to use in this situation?

extended ACL inbound on R1 G0/0

Refer to the exhibit. Corporate policy demands that access to the server network be restricted to internal employees only. What is the best ACL type and placement to use in this situation?

extended ACL outbound on R2 S0/0/1

Refer to the exhibit. The company CEO demands that one ACL be created to permit email traffic to the internet and deny FTP access. What is the best ACL type and placement to use in this situation?

extended ACL outbound on R2 WAN interface towards the internet

Refer to the exhibit. Many employees are wasting company time accessing social media on their work computers. The company wants to stop this access. What is the best ACL type and placement to use in this situation?

extended ACLs inbound on R1 G0/0 and G0/1

What are three components used in the query portion of a typical RESTful API request? (Choose three.)

format key parameters

What is the final operational state that will form between an OSPF DR and a DROTHER once the routers reach convergence?

full

What are three advantages of using private IP addresses and NAT? (Choose three.)

hides private LAN addressing from outside devices that are connected to the Internet permits LAN expansion without additional public IP addresses conserves registered public IP addresses

Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the 192.168.1.0 subnet from accessing the server at 10.1.1.5: access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5 access-list 100 permit ip any any Where should the administrator place this ACL for the most efficient use of network resources?

inbound on router A Fa0/0

What command would be used as part of configuring NAT or PAT to link the inside local addresses to the pool of addresses available for PAT translation?

ip nat inside source list 14 pool POOL-STAT overload

What command would be used as part of configuring NAT or PAT to identify an interface as part of the external global network?

ip nat outside

What command would be used as part of configuring NAT or PAT to define a pool of addresses for translation?

ip nat pool POOL-STAT 64.100.14.17 64.100.14.30 netmask 255.255.255.240

A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.)

leased line Ethernet WAN

Which OSPF database is identical on all converged routers within the same OSPF area?

link-state

Which type of OSPFv2 packet is used to forward OSPF link change information?

link-state update

What is a characteristic of the REST API?

most widely used API for web services

Refer to the exhibit. If the network administrator created a standard ACL that allows only devices that connect to the R2 G0/0 network access to the devices on the R1 G0/1 interface, how should the ACL be applied?

outbound on the R1 G0/1 interface

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 100 permit tcp 192.168.10.0 0.0.0.255 172.17.200.0 0.0.0.255 eq www . If a packet with a source address of 192.168.10.244, a destination address of 172.17.200.56, and a protocol of 80 is received on the interface, is the packet permitted or denied?

permitted

An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 210 permit tcp 172.18.20.0 0.0.0.31 172.18.20.32 0.0.0.31 eq ftp . If a packet with a source address of 172.18.20.14, a destination address of 172.18.20.40, and a protocol of 21 is received on the interface, is the packet permitted or denied?

permitted

An ACL is applied inbound on a router interface. The ACL consists of a single entry:access-list 100 permit tcp 192.168.10.0 0.0.0.255 any eq www .

permitted

An ACL is applied inbound on router interface. The ACL consists of a single entry: access-list 210 permit tcp 172.18.20.0 0.0.0.47 any eq ftp If a packet with a source address of 172.18.20.40, a destination address of 10.33.19.2, and a protocol of 21 is received on the interface, is the packet permitted or denied?

permitted

Refer to the exhibit. Which sequence of commands should be used to configure router A for OSPF?

router ospf 1network 192.168.10.64 0.0.0.63 area 0network 192.168.10.192 0.0.0.3 area 0

An OSPF router has three directly connected networks; 10.0.0.0/16, 10.1.0.0/16, and 10.2.0.0/16. Which OSPF network command would advertise only the 10.1.0.0 network to neighbors?

router(config-router)# network 10.1.0.0 0.0.255.255 area 0

Which QoS technique smooths packet output rate?

shaping

What command would be used as part of configuring NAT or PAT to display any dynamic PAT translations that have been created by traffic?

show ip nat translations

A network engineer has noted that some expected network route entries are not displayed in the routing table. Which two commands will provide additional information about the state of router adjacencies, timer intervals, and the area ID? (Choose two.)

show ip ospf neighbor show ip ospf interface

What are the two types of VPN connections? (Choose two.)

site-to-site remote access

Refer to the exhibit. Employees on 192.168.11.0/24 work on critically sensitive information and are not allowed access off their network. What is the best ACL type and placement to use in this situation?

standard ACL inbound on R1 G0/1

Refer to the exhibit. The network administrator has an IP address of 192.168.11.10 and needs access to manage R1. What is the best ACL type and placement to use in this situation?

standard ACL inbound on R1 vty lines

Refer to the exhibit. Internet privileges for an employee have been revoked because of abuse but the employee still needs access to company resources. What is the best ACL type and placement to use in this situation?

standard ACL outbound on R2 WAN interface towards the internet

Which two things should a network administrator modify on a router to perform password recovery? (Choose two.)

the configuration register value the startup configuration file

Two OSPF-enabled routers are connected over a point-to-point link. During the ExStart state, which router will be chosen as the first one to send DBD packets?

the router with the highest router ID

Which design feature will limit the size of a failure domain in an enterprise network?

the use of the building switch block approach

What is one reason to use the ip ospf priority command when the OSPF routing protocol is in use?

to influence the DR/BDR election process

A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use debuggers?

to reverse engineer binary files when writing exploits and when analyzing malware

What are two purposes of launching a reconnaissance attack on a network? (Choose two.)

to scan for accessibility to gather information about the network and devices

Which OSPF table is identical on all converged routers within the same OSPF area?

topology

Refer to the exhibit. As traffic is forwarded out an egress interface with QoS treatment, which congestion avoidance technique is used?

traffic policing

When will an OSPF-enabled router transition from the Down state to the Init state?

when the router receives a hello packet from a neighbor router

Refer to the exhibit. If no router ID was manually configured, what would router R1 use as its OSPF router ID?

192.168.1.100

Refer to the exhibit. Which address or addresses represent the inside global address?

209.165.20.25

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 10.27.27.0 255.255.255.0. What wildcard mask would the administrator use in the OSPF network statement?

0.0.0.255

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 172.16.91.0 255.255.255.192. What wildcard mask would the administrator use in the OSPF network statement?

0.0.0.63

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 192.168.0.0 255.255.254.0. What wildcard mask would the administrator use in the OSPF network statement?

0.0.1.255

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 172.20.0.0 255.255.252.0. What wildcard mask would the administrator use in the OSPF network statement?

0.0.3.255

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 192.168.0.0 255.255.252.0. What wildcard mask would the administrator use in the OSPF network statement?

0.0.3.255

Refer to the exhibit. If no router ID was manually configured, what would router Branch1 use as its OSPF router ID?

192.168.1.100

What is a characteristic of a single-area OSPF network?

All routers are in the backbone area.

Which type of VPN provides a flexible option to connect a central site with branch sites?

Cisco Dynamic Multipoint VPN

Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show ntp associations detail command on R2? (Choose two.)

Router R1 is the master, and R2 is the client The IP address of R1 is 192.168.1.2

Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR?

Router R3 will become the DR and router R1 will become the BDR.

A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used? (Choose two.)

Router(config)# access-list 95 permit any Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255

Which type of VPN connects using the Transport Layer Security (TLS) feature?

SSL VPN

Which type of VPN is the preferred choice for support and ease of deployment for remote access?

SSL VPN

Refer to the exhibit. A network administrator is configuring an ACL to limit the connection to R1 vty lines to only the IT group workstations in the network 192.168.22.0/28. The administrator verifies the successful Telnet connections from a workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after the ACL is applied to the interface Fa0/0, Telnet connections are denied. What is the cause of the connection failure?

The IT group network is included in the deny statement.

Refer to the exhibit. A PC at address 10.1.1.45 is unable to access the Internet. What is the most likely cause of the problem?

The NAT pool has been exhausted.

If an outside host does not have the Cisco AnyConnect client preinstalled, how would the host gain access to the client image?

The host initiates a clientless VPN connection using a compliant web browser to download the client.

Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A is unable to access the Internet. The administrator tries to ping a server on the Internet from PC-A and collects the debugs that are shown in the exhibit. Based on this output, what is most likely the cause of the problem?

The inside global address is not on the same subnet as the ISP

Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are correctly configured, but there is no connectivity between the web server and users on the Internet. What is a possible reason for this lack of connectivity?

The router NAT configuration has an incorrect inside local address.

Which statement describes a characteristic of standard IPv4 ACLs?

They filter traffic based on source IP addresses only.

Refer to the exhibit. A network administrator has deployed QoS and has configured the network to mark traffic on the VoIP phones as well as the Layer 2 and Layer 3 switches. Where should initial marking occur to establish the trust boundary?

Trust Boundary 1

Refer to the exhibit. The company has decided that no traffic initiating from any other existing or future network can be transmitted to the Research and Development network. Furthermore, no traffic that originates from the Research and Development network can be transmitted to any other existing or future networks in the company. The network administrator has decided that extended ACLs are better suited for these requirements. Based on the information given, what will the network administrator do?

Two ACLs (one in each direction) will be placed on the R2 Gi0/0 interface.

Consider the following output for an ACL that has been applied to a router via the access-class in command. What can a network administrator determine from the output that is shown?

Two devices were able to use SSH or Telnet to gain access to the router.

Refer to the exhibit. Which conclusion can be drawn from this OSPF multiaccess network?​

With an election of the DR, the number of adjacencies is reduced from 6 to 3.*

What is a WAN?

a network infrastructure that provides access to other networks over a large geographic area

What command would be used as part of configuring NAT or PAT to identify inside local addresses that are to be translated?

access-list 10 permit 172.19.89.0 0.0.0.255