Special Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

200-301 Questions and Answers

Question # 6

Refer to the exhibit. An engineer must translate the PC1 IP address to 10.199.77.100 and permit PC1 to ping the loopback 0 on router R2. What command set must be used?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 7

Refer to the exhibit.

If OSPF Is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

A.

It load-balances traffic out of Fa0/1 and Fa0/2.

B.

It is unreachable and discards the traffic.

C.

It sends packets out of interface FaO/2.

D.

It sends packets out of interface Fa0/1.

Full Access
Question # 8

What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency?

A.

different nonoverlapping channels

B.

different overlapping channels

C.

one overlapping channel

D.

one nonoverlapping channel

Full Access
Question # 9

What provides centralized control of authentication and roaming In an enterprise network?

A.

a lightweight access point

B.

a firewall

C.

a wireless LAN controller

D.

a LAN switch

Full Access
Question # 10

What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?

A.

initiates a ping request to the URL

B.

prompts the user to specify the desired IP address

C.

continuously attempts to resolve the URL until the command is cancelled

D.

sends a broadcast message in an attempt to resolve the URL

Full Access
Question # 11

Drag and drop the WLAN components from the left onto the correct descriptions on the right.

Full Access
Question # 12

What are two reasons lo configure PortFast on a switch port attached to an end host? (Choose two.)

A.

to enable the number of MAC addresses learned on the port to l

B.

to protect the operation of the port from topology change processes

C.

to enable the pod to enter the forwarding state immediately when the host boots up

D.

to prevent the port from participating in Spanning Tree Protocol operations

E.

to block another switch or host from communicating through the port

Full Access
Question # 13

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

A.

Add the switch in the VTP domain with a lower revision number

B.

Add the switch with DTP set to dynamic desirable

C.

Add the switch in the VTP domain with a higher revision number

D.

Add the switch with DTP set to desirable

Full Access
Question # 14

What is a function of an endpoint on a network?

A.

forwards traffic between VLANs on a network

B.

connects server and client devices to a network

C.

allows users to record data and transmit to a tile server

D.

provides wireless services to users in a building

Full Access
Question # 15

Drag and drop the virtualization concepts from the left onto the matching statements on the right.

Full Access
Question # 16

Refer to the exhibit.

Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?

A.

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

B.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

C.

Interface range G1/1 – 1/3 switchport mode trunk

channel-group 1 mode desirable

no shutdown

D.

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

Full Access
Question # 17

What is the purpose of the ip address dhcp command?

A.

to configure an Interface as a DHCP server

B.

to configure an interface as a DHCP helper

C.

to configure an interface as a DHCP relay

D.

to configure an interface as a DHCP client

Full Access
Question # 18

What is one reason to implement LAG on a Cisco WLC?

A.

to increase security and encrypt management frames

B.

to provide link redundancy and load balancing

C.

to allow for stateful and link-state failover

D.

to enable connected switch ports to failover and use different VLANs

Full Access
Question # 19

Refer to the exhibit.

A network engineer executes the show ip route command on router D. What is the next hop to network 192.168 1 0/24 and why?

A.

The next hop is 10.0.2.1 because it uses distance vector routing

B.

The next hop is 10.0.2.1 because it is a link-state routing protocol

C.

The next hop is 10.0.0.1 because it has a better administrative distance

D.

The next hop is 10.0.0.1 because it has a higher metric.

Full Access
Question # 20

What is a zero-day exploit?

A.

It is when a new network vulnerability is discovered before a fix is available

B.

It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.

C.

It is when the network is saturated with malicious traffic that overloads resources and bandwidth

D.

It is when an attacker inserts malicious code into a SOL server.

Full Access
Question # 21

Drag and drop the Ansible terms from the left onto the right.

Full Access
Question # 22

Which device performs stateful inspection of traffic?

A.

firewall

B.

switch

C.

access point

D.

wireless controller

Full Access
Question # 23

PC1 tries to send traffic to newly installed PC2. The PC2 MAC address is not listed in the MAC address table of the switch, so the switch sends the packet to all ports in the same VLAN Which switching concept does this describe?

A.

MAC address aging

B.

MAC address table

C.

frame flooding

D.

spanning-tree protocol

Full Access
Question # 24

A Cisco engineer must configure a single switch interface to meet these requirements

• accept untagged frames and place them in VLAN 20

• accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone

Which command set must the engineer apply?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 25

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?

A.

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

B.

ip route 10.1.1.0 255.255.255.0 gi0/1 125

C.

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

D.

ip route 10.1.1.10 255.255.255.255 gi0/0 125

Full Access
Question # 26

Which properly is shared by 10GBase-SR and 10GBase-LR interfaces?

A.

Both require fiber cable media for transmission.

B.

Both require UTP cable media for transmission.

C.

Both use the single-mode fiber type.

D.

Both use the multimode fiber type.

Full Access
Question # 27

Refer to the exhibit.

Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10 0.10.0/24?

A.

via next-hop 10.0.1.5

B.

via next-hop 10 0 1.4

C.

via next-hop 10.0 1.50

D.

via next-hop 10.0 1 100

Full Access
Question # 28

What is a reason to configure a trunk port that connects to a WLC distribution port?

A.

Eliminate redundancy with a link failure in the data path.

B.

Allow multiple VLAN to be used in the data path.

C.

Provide redundancy if there is a link failure for out-of-band management.

D.

Permit multiple VLANs to provide out-of-band management.

Full Access
Question # 29

Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

A.

WLAN dynamic

B.

management

C.

trunk

D.

access

Full Access
Question # 30

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Full Access
Question # 31

What are two benefits of FHRPs? (Choose two.)

A.

They enable automatic failover of the default gateway.

B.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

C.

They are able to bundle multiple ports to increase bandwidth.

D.

They prevent loops in the Layer 2 network.

E.

They allow encrypted traffic.

Full Access
Question # 32

Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used.

Full Access
Question # 33

Which enhancement is implemented in WPA3?

A.

applies 802.1x authentication

B.

usesTKIP

C.

employs PKI to identify access points

D.

protects against brute force attacks

Full Access
Question # 34

Drag and drop the WLAN components from the left onto the component details on the right.

Full Access
Question # 35

Which field within the access-request packet is encrypted by RADIUS?

A.

authorized services

B.

authenticator

C.

username

D.

password

Full Access
Question # 36

What is used to identify spurious DHCP servers?

A.

DHCPREQUEST

B.

DHCPDISCOVER

C.

DHCPACK

D.

DHCPOFFER

Full Access
Question # 37

Refer to the exhibit.

An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without negotiating the channel?

A.

Change the EtherChannel mode on the neighboring interfaces to auto.

B.

Configure the IP address of the neighboring device.

C.

Bring up the neighboring interfaces using the no shutdown command.

D.

Modify the static EtherChannel configuration of the device to passive mode.

Full Access
Question # 38

A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP.

A.

Place the AP into manual containment.

B.

Remove the AP from WLC management.

C.

Manually remove the AP from Pending state.

D.

Set the AP Class Type to Friendly.

Full Access
Question # 39

Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active?

A.

loop guard

B.

portfast

C.

uplinkfast

Full Access
Question # 40

Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP?

A.

service

B.

trunk

C.

AP-manager

D.

virtual AP connection

Full Access
Question # 41

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Full Access
Question # 42

Refer to the exhibit.

In which structure does the word "warning" directly reside?

A.

array

B.

object

C.

Boolean

D.

string

Full Access
Question # 43

What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?

A.

authorizing potentially compromised wireless traffic

B.

inspecting specific files and file types for malware

C.

authenticating end users

D.

URL filtering

Full Access
Question # 44

Refer to the exhibit. Drag and drop the learned prefixes from the left onto the preferred route methods from which they were learned on the right.

Full Access
Question # 45

Refer to Exhibit.

Rotor to the exhibit. The IP address configurations must be completed on the DC-1 and HQ-1 routers based on these requirements:

DC-1 Gi1/0 must be the last usable address on a /30

DC-1 Gi1/1 must be the first usable address on a /29

DC-1 Gi1/2 must be the last usable address on a /28

HQ-1 Gil/3 must be the last usable address on a /29

Drag and drop the commands from the left onto the destination interfaces on the right. Not all commands are used

Full Access
Question # 46

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 47

Which type of hypervisor operates without an underlying OS to host virtual machines?

A.

Type 1

B.

Type 2

C.

Type 3

D.

Type 12

Full Access
Question # 48

Refer to the exhibit.

A network engineer is configuring a WLAN to connect with the 172.16.10.0/24 network on VLAN 20. The engineer wants to limit the number of devices that connect to the WLAN on the USERWL SSID to 125. Which configuration must the engineer perform on the WLC?

A.

In the Management Software activation configuration, set the Clients value to 125.

B.

In the Controller IPv6 configuration, set the Throttle value to 125.

C.

In the WLAN configuration, set the Maximum Allowed Clients value to 125.

D.

In the Advanced configuration, set the DTIM value to 125.

Full Access
Question # 49

Refer to the exhibit.

Router R1 receives static routing updates from routers A. B, C, and D. The network engineer wants R1 to advertise static routes in OSPF area 1. Which nary address must be advertised in OSPF?

A.

10.1.40.0/25

B.

10.1.40.0/24

C.

10.1.40.0/23

D.

10.1.41.0/25

Full Access
Question # 50

What is the RFC 4627 default encoding for JSON text?

A.

UCS-2

B.

UTF-8

C.

Hex

D.

GB18030

Full Access
Question # 51

Drag and drop the TCP and UDP characteristics from the left onto the supporting protocols on the right. Not all options are used.

Full Access
Question # 52

What is the main difference between traditional networks and controller-based networking?

A.

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.

Controller-based networks are open for application requests, and traditional networks operate manually.

D.

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

Full Access
Question # 53

What is an Ansible inventory?

A.

file that defines the target devices upon which commands and tasks are executed

B.

unit of Python code to be executed within Ansible

C.

collection of actions to perform on target devices, expressed in YAML format

D.

device with Ansible installed that manages target devices

Full Access
Question # 54

Which alternative to password authentication Is Implemented to allow enterprise devices to log in to the corporate network?

A.

magic links

B.

one-time passwords

C.

digital certificates

D.

90-day renewal policies

Full Access
Question # 55

What does the term "spirt MAC” refer to in a wireless architecture?

A.

divides data link layer functions between the AP and WLC

B.

combines the management and control functions from the data-forwarding functions

C.

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

D.

leverages two APs to handle control and data traffic

Full Access
Question # 56

Which WLC management connection type is vulnerable to man-in-the-middIe attacks?

A.

Telnet

B.

console

C.

HTTPS

D.

SSH

Full Access
Question # 57

A network administrator wants the syslog server to filter incoming messages into different files based on their Importance. Which filtering criteria must be used?

A.

level

B.

message body

C.

process ID

D.

facility

Full Access
Question # 58

Refer to the exhibit.

Which plan must be Implemented to ensure optimal QoS marking practices on this network?

A.

As traffic traverses MLS1 remark the traffic, but trust all markings at the access layer.

B.

Trust the IP phone markings on SW1 and mark traffic entering SW2 at SW2.

C.

Remark traffic as it traverses R1 and trust all markings at the access layer.

D.

As traffic enters from the access layer on SW1 and SW2. trust all traffic markings.

Full Access
Question # 59

Which CRUD operation corresponds to me HTTP GET method?

A.

delete

B.

create

C.

update

D.

read

Full Access
Question # 60

Refer to the exhibit Routers R1 R2 and R3 use a protocol to identify their neighbors' IP addresses hardware platforms, and software versions. A network engineer must configure R2 to avoid sharing any neighbor information with R3, and maintain its relationship with R1. What action meets this requirement?

A.

Configure the no cdp enable command on gO/2.

B.

Configure the no cdp run command globally.

C.

Configure the no lldp run command globally.

D.

Configure the no lldp receive command on gQV1.

Full Access
Question # 61

A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network. Which type of IPv6 address must the engineer assign?

A.

unique local address

B.

link-local address

C.

aggregatable global address

D.

IPv4-compatible IPv6 address

Full Access
Question # 62

Refer to the exhibit.

Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )

A.

username CNAC secret R!41!4319115@

B.

ip ssh version 2

C.

line vty 0 4

D.

crypto key generate rsa 1024

E.

transport input ssh

Full Access
Question # 63

Which action implements physical access control as part of the security program of an organization?

A.

configuring a password for the console port

B.

backing up syslogs at a remote location

C.

configuring enable passwords on network devices

D.

setting up IP cameras to monitor key infrastructure

Full Access
Question # 64

All physical cabling is in place. A company plans to deploy 32 new sites.

The sites will utilize both IPv4 and IPv6 networks.

1 . Subnet 172.25.0.0/16 to meet the subnet requirements and maximize

the number of hosts

Using the second subnet

• Assign the first usable IP address to e0/0 on Sw1O1

• Assign the last usable IP address to e0/0 on Sw102

2. Subnet to meet the subnet requirements and maximize

the number of hosts

c Using the second subnet

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on e0/0 on Sw101

• Assign an IPv6 GUA using a unique 64-Bit interface identifier

on eO/O on swi02

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 65

Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic routing protocols are included.

1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.

2. Configure an IPv4 default route on router R2 destined for router R4.

3. Configure an IPv6 default router on router R2 destined for router R4.

Full Access
Question # 66

Refer to the exhibit.

Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF information between routers?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 67

Refer to the exhibit.

All routers in the network are configured correctly, and the expected routes are being exchanged among the routeis. Which set or routes are learned from neighbors and Installed on router 2?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 68

Drag and drop the characteristic from the left onto the IPv6 address type on the right.

Full Access
Question # 69

Refer to the exhibit. An engineer just installed network 10.120.10.0/24. Which configuration must be applied to the R14 router to add the new network to its OSPF routing table?

A.

router ospf 100

network 10.120.10.0 255.255.255.0 area 0

B.

router ospf 120

network 10.120.10.0 255.255.255.0 area 0

ip route 10.120.10.0 255.255.255.0 fa0/1

C.

router ospf 100 area 0

network 10.120.10.0 0.0.0.255

Full Access
Question # 70

Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the configured maximum bandwidth has been surpassed?

A.

weighted random early detection

B.

traffic policing

C.

traffic shaping

D.

traffic prioritization

Full Access
Question # 71

Refer to the exhibit.

All interfaces are in the same VLAN. All switches are configured with the default STP priorities. During the STP electronics, which switch becomes the root bridge?

A.

MDF-DC-4:08:E0:19: 08:B3:19

B.

MDF-DC-3:08:0E:18::1A:3C:9D

C.

MDF-DC-08:0E:18:22:05:97

D.

MDF-DC-1:DB:E:44:02:54:79

Full Access
Question # 72

Refer to the exhibit.

How does router R1 handle traffic to the 172.16.1.4/30 subnet?

A.

It sends all traffic over the path via 172.16.9.5 using 172.16.4.4 as a backup.

B.

It sends all traffic over the path via 10.0.1.100.

C.

It load-balances traffic over 172.16.9.5 and 172.16.4.4.

D.

It sends all traffic over the path via 172.16.4.4.

Full Access
Question # 73

Refer to the exhibit.

Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic, an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to reach the route?

A.

GigabitEthernet0/0

B.

GigabltEthornet0/1

C.

GigabitEthernet0/2

D.

GigabitEthernet0/3

Full Access
Question # 74

Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs?

A.

VLAN numbering

B.

VLAN DSCP

C.

VLAN tagging

D.

VLAN marking

Full Access
Question # 75

All physical cabling is in place. Router R4 and PCI are fully configured and

inaccessible. R4's WAN interfaces use .4 in the last octet for each subnet.

Configurations should ensure that connectivity is established end-to-end.

1 . Configure static routing to ensure RI prefers the path through R2 to

reach only PCI on R4's LAN

2. Configure static routing that ensures traffic sourced from RI will take

an alternate path through R3 to PCI in the event of an outage along

the primary path

3. Configure default routes on RI and R3 to the Internet using the least number of hops

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 76

Which authentication method requires the user to provide a physical attribute to authenticate successfully?

A.

password

B.

muftifactor

C.

biometric

D.

certificate

Full Access
Question # 77

Refer to the exhibit. An engineer is using the Cisco WLC GUI to configure a WLAN for WPA2 encryption with AES and preshared key Cisc0123456. After the engineer selects the WPA + WPA2 option from the Layer 2 Security drop-down list, which two tasks must they perform to complete the process? (Choose two.)

A.

Select the WPA2 Policy, AES, and TKIP check boxes.

B.

Select ASCII from the PSK Format drop-down list, enter the key, and leave the Auth Key Mgmt setting blank.

C.

Select PSK from the Auth Key Mgmt drop-down list, set the PSK Format to ASCII, and enter the key.

D.

Select the WPA2 Policy and AES check boxes.

Full Access
Question # 78

Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the DNS service. Which configuration updates the ACL efficiently?

A.

ip access-list extended Services

35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

B.

no ip access-list extended Services

ip access-list extended Services

30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

C.

ip access-list extended Services

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

D.

no ip access-list extended Services

ip access-list extended Services

permit udp 10.0.0.0 0.255.255.255 any eq 53

permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain

deny ip any any log

Full Access
Question # 79

An engineer must configure a core router with a floating static default route to the backup router at 10.200.0.2. Which command meets the requirements?

A.

ip route 0.0.0.0 0.0.0.0 10.200.0.2 1

B.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 floating

C.

ip route 0.0.0.0 0.0.0.0 10.200.0.2

D.

Ip route 0.0.0.0 0.0.0.0 10.200.0.2 10

Full Access
Question # 80

Refer to the exhibit. A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?

A.

0

B.

1

C.

2

D.

32

Full Access
Question # 81

Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?

A.

interface port-channel 2

channel-group 2 mode desirable

B.

interface fasteinernet 1/1

channel-group 2 mode active

C.

interface fasteinernet 1/1

channel-group 2 mode on

D.

interface port-channel 2

channel-group 2 mode auto

Full Access
Question # 82

Refer to the exhibit. The user has connectivity to devices on network 192.168.3 0/24 but cannot reach users on the network 10.10.1.0724.

What is the first step to verify connectivity?

A.

Is the internet reachable?

B.

Is the default gateway reachable?

C.

Is the DNS server reachable?

Full Access
Question # 83

Refer to the exhibit. Which interface does a packet take to reach the destination address of 10.10.10.147?

A.

FastEthemet 0/0

B.

Senal0/0

C.

FastEthemet 0/1

Full Access
Question # 84

Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet from the 2001:0db8:aaaa::/48 subnet.

1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.

2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.

3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.

4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.

5. A ping must work between the routers on the IPv4 and IPv6 address ranges.

Full Access
Question # 85

Refer to the exhibit.

Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as the DR in the 10.0 4.0/24 network?

A.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

B.

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

C.

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

D.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

Full Access
Question # 86

Refer to the exhibit.

An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 87

Refer to the exhibit.

All traffic enters the CPE router from interface Serial0/3 with an IP address of 192 168 50 1 Web traffic from the WAN is destined for a LAN network where servers are load-balanced An IP packet with a destination address of the HTTP virtual IP of 192 1681 250 must be forwarded Which routing table entry does the router use?

A.

192.168.1.0/24 via 192.168.12.2

B.

192.168.1.128/25 via 192.168.13.3

C.

192.168.1.192/26 via 192.168.14.4

D.

192.168.1.224/27 via 192.168.15.5

Full Access
Question # 88

Which channel-group mode must be configured when multiple distribution interfaces connected to a WLC are bundled?

A.

Channel-group mode passive.

B.

Channel-group mode on.

C.

Channel-group mode desirable.

D.

Channel-group mode active.

Full Access
Question # 89

Refer to the exhibit.

An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with neighbor 172 1 1 1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the routers to establish an adjacency?

A.

Configure router A to use the same MTU size as router B.

B.

Set the router B OSPF ID to a nonhost address.

C.

Configure a point-to-point link between router A and router B.

D.

Set the router B OSPF ID to the same value as its IP address

Full Access
Question # 90

Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.

Full Access
Question # 91

Which interface is used for out-of-band management on a WLC?

A.

dynamic

B.

service port

C.

virtual

D.

management

Full Access
Question # 92

Which characteristic differentiates the concept of authentication from authorization and accounting?

A.

user-activity logging

B.

service limitations

C.

consumption-based billing

D.

identity verification

Full Access
Question # 93

Refer to the exhibit.

Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?

A.

192.168.0.7

B.

192.168.0.4

C.

192.168.0.40

D.

192.168.3.5

Full Access
Question # 94

Refer to the exhibit.

Which two commands when used together create port channel 10? (Choose two.)

A.

int range g0/0-1

channel-group 10 mode active

B.

int range g0/0-1 chanm.l-group 10 mode desirable

C.

int range g0/0-1

channel-group 10 mode passive

D.

int range g0/0-1 channel-group 10 mode auto

E.

int range g0/0-1 channel-group 10 mode on

Full Access
Question # 95

What is a function of Opportunistic Wireless Encryption in an environment?

A.

offer compression

B.

increase security by using a WEP connection

C.

provide authentication

D.

protect traffic on open networks

Full Access
Question # 96

Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.

Full Access
Question # 97

Refer to the exhibit.

The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 98

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

A.

F0/10

B.

F0/11

C.

F0/12

D.

F0/13

Full Access
Question # 99

What is a function of a Next-Generation IPS?

A.

makes forwarding decisions based on learned MAC addresses

B.

serves as a controller within a controller-based network

C.

integrates with a RADIUS server to enforce Layer 2 device authentication rules

D.

correlates user activity with network events

Full Access
Question # 100

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 101

A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key?

A.

password password

B.

crypto key generate rsa modulus 1024

C.

ip domain-name domain

D.

ip ssh authentication-retries 2

Full Access
Question # 102

Refer to the exhibit.

Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B. What is the reason for the problem?

A.

Heavy usage is causing high latency.

B.

An incorrect type of transceiver has been inserted into a device on the link.

C.

physical network errors are being transmitted between the two sites.

D.

The wrong cable type was used to make the connection.

Full Access
Question # 103

Which WLC management connection type is vulnerable to man-in-the-middle attacks?

A.

SSH

B.

HTTPS

C.

Telnet

D.

console

Full Access
Question # 104

Which two components comprise part of a PKI? (Choose two.)

A.

preshared key that authenticates connections

B.

RSA token

C.

CA that grants certificates

D.

clear-text password that authenticates connections

E.

one or more CRLs

Full Access
Question # 105

Refer to the exhibit.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

A.

heavy traffic congestion

B.

a duplex incompatibility

C.

a speed conflict

D.

queuing drops

Full Access
Question # 106

Which two network actions occur within the data plane? (Choose two.)

A.

Add or remove an 802.1Q trunking header.

B.

Make a configuration change from an incoming NETCONF RPC.

C.

Run routing protocols.

D.

Match the destination MAC address to the MAC address table.

E.

Reply to an incoming ICMP echo request.

Full Access
Question # 107

Refer to the exhibit.

Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

A.

Configure the OSPF priority on router A with the lowest value between the three routers.

B.

Configure router B and router C as OSPF neighbors of router A.

C.

Configure the router A interfaces with the highest OSPF priority value within the area.

D.

Configure router A with a fixed OSPF router ID

Full Access
Question # 108

Drag and drop the Rapid PVST+ forwarding slate actions from the loft to the right. Not all actions are used.

Full Access
Question # 109

Refer to the exhibit.

An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to complete the task?

A.

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

B.

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

C.

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

D.

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

Full Access
Question # 110

Which wireless security protocol relies on Perfect Forward Secrecy?

A.

WPA3

B.

WPA

C.

WEP

D.

WPA2

Full Access
Question # 111

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts multicasts and broadcasts are unable to flood the port The port must be configured to permit only two random MAC addresses at a time Drag and drop the required configuration commands from the left onto the sequence on the right Not all commands are used.

Full Access
Question # 112

Refer to the exhibit.

The following must be considered:

• SW1 is fully configured for all traffic

• The SW4 and SW9 links to SW1 have been configured

• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

• The remaining switches have had all VLANs adde d to their VLAN database

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 113

How does Rapid PVST+ create a fast loop-free network topology?

A.

lt requires multiple links between core switches

B.

It generates one spanning-tree instance for each VLAN

C.

It maps multiple VLANs into the same spanning-tree instance

D.

It uses multiple active paths between end stations.

Full Access
Question # 114

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 115

A Cisco engineer is configuring a factory-default router with these three passwords:

• The user EXEC password for console access is p4ssw0rd1

• The user EXEC password for Telnet access is s3cr3t2

• The password for privileged EXEC mode is pnv4t3p4ss Which command sequence must the engineer configured

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 116

What is an expected outcome when network management automation is deployed?

A.

A distributed management plane must be used.

B.

Software upgrades are performed from a central controller

C.

Complexity increases when new device configurations are added

D.

Custom applications are needed to configure network devices

Full Access
Question # 117

What is a requirement when configuring or removing LAG on a WLC?

A.

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

B.

The controller must be rebooted after enabling or reconfiguring LAG.

C.

The management interface must be reassigned if LAG disabled.

D.

Multiple untagged interfaces on the same port must be supported.

Full Access
Question # 118

Which action is taken by the data plane within a network device?

A.

forwards traffic to the next hop

B.

constructs a routing table based on a routing protocol

C.

provides CLI access to the network device

D.

looks up an egress interface in the forwarding information base

Full Access
Question # 119

Refer to the exhibit.

The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance problem?

A.

There is a duplex mismatch on the interface

B.

There is an issue with the fiber on the switch interface.

C.

There is a speed mismatch on the interface.

D.

There is an interface type mismatch

Full Access
Question # 120

Refer to the exhibit.

An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?

A.

Switch 1 (config-if)#channel-group 1 mode on

Swrtch2(config-if)#channel-group 1 mode passive

B.

Switch1(config-if)#channel-group 1 mode passive

Switch2(config-if)#channel-group 1 mode active

C.

Switch1{config-if)£channel-group 1 mode active

Switch2(config-if)#channel-group 1 mode passive

D.

Switch1(config-if)#channel-group 1 mode on

Switch2(config-if)#channel-group 1 mode active

Full Access
Question # 121

Refer to the exhibit.

A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

A.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

B.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

C.

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

D.

ip route 0.0.0.0 0.0.0.0 192.168.0.2

Full Access
Question # 122

What is the difference between controller-based networks and traditional networks as they relate to control-plane and/or data-plane functions?

A.

Controller-based networks centralize all important data-plane functions, and traditional networks distribute data-plane functions.

B.

Controller-based networks centralize all important control-plane functions, and traditional networks distribute control-plane functions.

C.

Traditional networks centralize all important control-plane functions, and controller-based networks distribute control-plane functions.

D.

Traditional networks centralize all important data-plane functions, and controller-based networks distribute data-plane functions.

Full Access
Question # 123

A network engineer is configuring a new router at a branch office. The router is connected to an upstream WAN network that allows the branch to communicate with the head office. The central time server with IP address 172.24.54.8 is located behind a firewall at the head office. Which command must the engineer configure so that the software clock of the new router synchronizes with the time server?

A.

ntp master 172.24.54.8

B.

ntp client 172.24.54.8

C.

ntp peer 172.24.54.8

D.

ntp server 172.24.54.8

Full Access
Question # 124

A HCP pool has been created with the name CONTROL. The pool uses the next to last usable IP address as the default gateway for the DHCP clients. The server is located at 172.16 32.15. What is the step in the process for clients on the 192.168.52.0/24 subnet to reach the DHCP server?

A.

ip forward-protocol udp 137

B.

ip default-network 192.168.52.253

C.

ip helper-address 172.16.32.15

D.

ip default-gateway 192.168.52.253

Full Access
Question # 125

Refer to the exhibit. IPv6 is being Implemented within the enterprise. The command Ipv6 unlcast-routing is configure. Interlace GlgO/0 on R1 must be configured to provide a dynamic assignment using the assigned IPv6 block Which command accomplishes this task?

A.

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

Full Access
Question # 126

Refer to the exhibit. A network administrator is configuring a router for user access via SSH. The service-password encryption command has been issued. The configuration must meet these requirements:

• Create the username as CCUser.

• Create the password as NA!2Scc.

• Encrypt the user password.

What must be configured to meet the requirements?

A.

username CCUser privies 10 password NA!2Scc

B.

username CCUser password NA!2Scc enable password level 5 NA!2$cc

C.

username CCUser secret NA!2Scc

D.

username CCUser privilege 15 password NA!2Scc enable secret 0 NA!2$cc

Full Access
Question # 127

Refer to the exhibit. How will the device handle a packet destined to IP address 100.100.100.100?

A.

If will choose the route with the longest match.

O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

B.

It will always prefer the static route over dynamic routes and choose the route

S 100.100.0.0/16(1/0] via 192.168.4.1.

C.

It will choose the route with the highest metric.

D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

D.

It will choose the route with the lowest metric,

R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

Full Access
Question # 128

Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured

1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both sides. The LACP mode must match on both ends

2 Configure the EtherChannel as a trunk link.

3. Configure the trunk link with 802.1 q tags.

4. Configure the native VLAN of the EtherChannel as VLAN 15.

Full Access
Question # 129

Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective switches and permitted accross any links between switches for security purposes. Do not modify or delete VTP configurations.

The network needs two user-defined VLANs configured:

VLAN 110: MARKETING

VLAN 210: FINANCE

1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.

2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.

3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.

Full Access
Question # 130

What are two facts that differentiate optical-fiber cabling from copper cabling? (Choose two.)

A.

It is less expensive when purchasing patch cables.

B.

It has a greater sensitivity to changes in temperature and moisture.

C.

It provides greater throughput options.

D.

It carries signals for longer distances.

E.

It carries electrical current further distances for PoE devices.

Full Access
Question # 131

Physical connectivity is implemented between the two Layer 2 switches,

and the network connectivity between them must be configured.

I . Configure an LACP EtherChanneI and number it as 44; configure it

between switches SWI and SW2 using interfaces EthernetO/O and

Ethernet0/1 on both sides. The LACP mode must match on both ends.

2. Configure the EtherChanneI as a trunk link.

3. Configure the trunk link with 802. Iq tags.

4. Configure VLAN 'MONITORING' as the untagged VLAN of the

EtherChannel.

==================

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

• Refer to the Tasks tab to view the tasks for this lab item.

• Refer to the Topology tab to access the device console(s) and perform the tasks.

• Console access is available for all required devices by clicking the device icon or using

the tab(s) above the console window.

• All necessary preconfigurations have been applied.

• Do not change the enable password or hostname for any device.

• Save your configurations to NVRAM before moving to the next item.

• Click Next at the bottom of the screen to submit this lab and move to the next question.

• When Next is clicked, the lab closes and cannot be reopened.

Full Access
Question # 132

IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static. Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:

1. Configure reachability to the switch SW1 LAN subnet in router R2.

2. Configure default reachability to the Internet subnet in router R1.

3. Configure a single static route in router R2 to reach to the Internet subnet considering both redundant links between routers R1 and R2. A default route is NOT allowed in router R2.

4. Configure a static route in router R1 toward the switch SW1 LAN subnet where the primary link must be through Ethernet0/1. and the backup link must be through Ethernet0/2 using a floating route. Use the minimal administrative distance value when required.

Full Access
Question # 133

Refer to the exhibit. Which type of JSON data is shown?

A.

sequence

B.

string

C.

object

D.

Boolean

Full Access
Question # 134

All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs and interfaces.

1. Configure VLAN 100 named Compute and VLAN 200 named Telephony where required for each task.

2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.

3. Configure the connection between the switches using access ports.

4. Configure Ethernet0/1 on SW1 using data and voice VLANs.

5. Configure Ethemet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.

Full Access
Question # 135

IP connectivity between the three routers is configured. OSPF adjacencies must be established.

1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.

2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.

3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.

4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.

Full Access
Question # 136

Refer to the exhibit.

Which next-hop IP address does Routed use for packets destined to host 10 10.13.158?

A.

10.10.10.5

B.

10.10.11.2

C.

10.10.12.2

D.

10.10.10.9

Full Access
Question # 137

R1 as an NTP server must have:

• NTP authentication enabled

• NTP packets sourced from Interface loopback 0

• NTP stratum 2

• NTP packets only permitted to client IP 209.165 200 225

How should R1 be configured?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 138

Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

A.

global unicast address

B.

anycast address

C.

multicast address

D.

link-local address

Full Access
Question # 139

Refer to the exhibit.

Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish connectivity to the Internet for users in VLAN 200?

A.

Define a NAT pool on the router.

B.

Configure static NAT translations for VLAN 200.

C.

Configure the ip nat outside command on another interface for VLAN 200.

D.

Update the NAT INSIDF RANGFS ACL

Full Access
Question # 140

Refer to the exhibit.

Which configuration enables DHCP addressing for hosts connected to interface FastEthernetO/1 on router R4?

A.

interface FastEthernet0/0

ip helper-address 10.0.1.1

i

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

B.

interface FastEthernot0/1

ip helper-address 10.0.1.1

!

access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

C.

interface FastEthernetO/0

ip helper-address 10.0.1.1

I

access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

D.

interface FastEthernet0/1

ip helper-address 10.0.1.1

!

access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Full Access
Question # 141

Refer to the exhibit.

Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

A.

F0/4

B.

F0/0

C.

F0/1

D.

F0/3

Full Access
Question # 142

Refer to the exhibit.

Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance configuration on the link to R3?

A.

ip route 0.0.0.0 0.0.0.0 g0/1 1

B.

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

C.

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

D.

ip route 0,0.0.0 0.0.0.0 g0/1 6

Full Access
Question # 143

What are two benefits of controller-based networking compared to traditional networking?

A.

controller-based increases network bandwidth usage, while traditional lightens the load on the network.

B.

controller-based inflates software costs, while traditional decreases individual licensing costs

C.

Controller-based reduces network configuration complexity, while traditional increases the potential for errors

D.

Controller-based provides centralization of key IT functions. While traditional requires distributes management function

E.

controller-based allows for fewer network failure, while traditional increases failure rates.

Full Access
Question # 144

What are network endpoints?

A.

act as routers to connect a user to the service prowler network

B.

a threat to the network if they are compromised

C.

support inter-VLAN connectivity

D.

enforce policies for campus-wide traffic going to the internet

Full Access
Question # 145

Refer to the exhibit.

An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set meets the requirement?

A.

interface gi0/1

no cdp enable

B.

interface gi0/1

clear cdp table

C.

interface gi0/0

no cdp advertise-v2

D.

interface gi0/0

no cdp run

Full Access
Question # 146

What is a DHCP client?

A.

a workstation that requests a domain name associated with its IP address

B.

a host that is configured to request an IP address automatically

C.

a server that dynamically assigns IP addresses to hosts.

D.

a router that statically assigns IP addresses to hosts.

Full Access
Question # 147

Which configuration ensures that the switch is always the root for VLAN 750?

A.

Switch(config)#spanning-tree vlan 750 priority 38003685

B.

Switch(config)#spanning-tree vlan 750 root primary

C.

Switch(config)#spanning-tree vlan 750 priority 614440

D.

Switch(config)#spanning-tree vlan 750 priority 0

Full Access
Question # 148

Drag the IPv6 DNS record types from the left onto the description on the right.

Full Access
Question # 149

Refer to the exhibit.

How many arrays are present in the JSON data?

A.

one

B.

three

C.

six

D.

nine

Full Access
Question # 150

Which 802.11 frame type is Association Response?

A.

management

B.

control

C.

action

D.

protected frame

Full Access
Question # 151

Refer to the exhibit.

R1 has taken the DROTHER role in the OSPF DR/BDR election process. Which configuration must an engineer implement so that R1 is elected as the DR?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 152

UESTION NO: 253

Refer to the exhibit.

Which command must be enable a floating default route on router A?

A.

ip route 0.0.0.0 0.0.0.0 192.168.1.2

B.

ip default-gateway 192.168.2.1

C.

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

D.

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

Full Access
Question # 153

Refer to the exhibit.

A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the configuration meets these requirements:

• accommodates current configured VLANs

• expands the range to include VLAN 20

• allows for IEEE standard support for virtual LANs

Which configuration on the NewSwitch side of the link meets these requirements?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 154

Refer to the exhibit.

Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request?

A.

192.168.7.4

B.

192.168.7.7

C.

192.168.7.35

D.

192.168.7.40

Full Access
Question # 155

Refer to the exhibit.

Router R14 is in the process of being configured. Which configuration must be used to establish a host route to PC 10?

A.

ip route 10.80.65.10 255.255.255.254 10.80.65.1

B.

ip route 10.8065.10 255.255.255.255 10.73.65.66

C.

ip route 1073.65.65 255.0.0.0 10.80.65.10

D.

ip route 10.73.65.66 0.0.0.255 10.80.65.10

Full Access
Question # 156

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

A.

site-to-site VPN

B.

IDMVPN

C.

IGETVPN

D.

IPsec remote access

E.

clientless VPN

Full Access
Question # 157

What is a specification for SSIDS?

A.

They are a Cisco proprietary security feature.

B.

They must include one number and one letter.

C.

They define the VLAN on a switch.

D.

They are case sensitive.

Full Access
Question # 158

An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security with a manually assigned MAC address of abod-bod on voice VLAN 4?

A.

switchport port-security mac-address abcd.abcd.abcd

B.

switchport port-security mac-address abed.abed.abed vlan 4

C.

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.

switchport port-security mac-address abcd.abcd.abcd vlan voice

Full Access
Question # 159

A Cisco engineer notices thai two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the FULL state?

A.

ip ospf network broadcast

B.

ip ospf dead-interval 40

C.

ip ospf network point-to-point

D.

ip ospf priority 0

Full Access
Question # 160

Drag and drop the device behaviors from the left onto the matching HSRP slate on the right.

Full Access
Question # 161

An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?

A.

crypto key Import rsa pem

B.

crypto key pubkey-chain rsa

C.

crypto key generate rsa

D.

crypto key zeroize rsa

Full Access
Question # 162

Refer to the exhibit.

Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database. The WLAN is configured for local EAP authentication. The time that users access the network must not be limited. Which action completes this configuration?

A.

Uncheck the Guest User check box

B.

Check the Guest User Role check box

C.

Set the Lifetime (seconds) value to 0

D.

Clear the Lifetime (seconds) value

Full Access
Question # 163

Why choose Cisco DNA Center for automated lifecycle management?

A.

To perform upgrades without service interruption

B.

To provide fast and accurate deployment of patches and updates

C.

To allow SSH access to all nodes in the network.

D.

To provide software redundancy in the network.

Full Access
Question # 164

Drag and drop the management connection types from the left onto the definitions on the right.

Full Access
Question # 165

What does WPA3 provide in wireless networking?

A.

safeguards against brute force attacks with SAE

B.

optional Protected Management Frame negotiation

C.

backward compatibility with WPAand WPA2

D.

increased security and requirement of a complex configuration

Full Access
Question # 166

Refer to the exhibit. User traffic originating within site 0 is failing to reach an application hosted on IP address 192.168 0 10. Which is located within site A What is determined by the routing table?

A.

The default gateway for site B is configured incorrectly

B.

The lack of a default route prevents delivery of the traffic

C.

The traffic is blocked by an implicit deny in an ACL on router2

D.

The traffic to 192 168 010 requires a static route to be configured in router 1.

Full Access
Question # 167

Refer to the exhibit. After applying this configuration to router R1, a network engineer is verifying the implementation. If all links are operating normally, and the engineer sends a series of packets from PC1 to PC3. how are the packets routed?

A.

They are routed to 172.16.20.2.

B.

They are routed to 192.168.100.2.

C.

They are distributed sent round robin to interfaces SO/0/0 and SO/0/1.

D.

They are routed to 10.0.0.2.

Full Access
Question # 168

Full Access
Question # 169

Refer to the exhibit.

A network engineer is updating the configuration on router R1 to connect a new branch office to the company network R2 has been configured correctly. Which command must the engineer configure so that devices at the new site communicate with the main office?

A.

ip route 172.25.25 0 255 255 255.0 192.168.2.1

B.

ip route 172.25.25 1 255 255 255 255 g0/1

C.

ip route 172.25.25.0.255.255.255.0.192.168.2.2

Full Access
Question # 170

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 171

Refer to the exhibit.

Which IP route command created the best path for a packet destined for 10.10.10.3?

A.

ip route 10.10.0.0 255.255.252.0 g0/0

B.

ip route 10.0.0.0 255.0.0.0 g0/0

C.

ip route 10.10.10.1 255.255.255.255 g0/0

D.

ip route 10.10.10.0 255.255.255.240 g0/0

Full Access
Question # 172

Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture?

A.

service port

B.

virtual

C.

AP-Manager

D.

dynamic

Full Access
Question # 173

: 248

Which security method is used to prevent man-in-the-middle attack?

A.

authorization

B.

authentication

C.

anti-replay

D.

accounting

Full Access
Question # 174

Refer to the exhibit.

Which type of route does R1 use to reach host 10.10.13.10/32?

A.

floating static route

B.

host route

C.

default route

D.

network route

Full Access
Question # 175

Which switch technology establishes a network connection immediately when it is plugged in?

A.

PortFast

B.

BPDU guard

C.

UplinkFast

D.

BackboneFast

Full Access
Question # 176

What is an advantage of Cisco DNA Center versus traditional campus device management?

A.

It supports numerous extensibility options including cross-domain adapters and third-party SDKs.

B.

It supports high availability for management functions when operating in cluster mode.

C.

It enables easy autodiscovery of network elements m a brownfield deployment.

D.

It is designed primarily to provide network assurance.

Full Access
Question # 177

What is the primary effect of the spanning-tree portfast command?

A.

it enables BPDU messages

B.

It minimizes spanning-tree convergence time

C.

It immediately puts the port into the forwarding state when the switch is reloaded

D.

It immediately enables the port in the listening state

Full Access
Question # 178

Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.

Full Access
Question # 179

An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 180

Refer to exhibit.

Which statement explains the configuration error message that is received?

A.

It is a broadcast IP address

B.

The router does not support /28 mask.

C.

It belongs to a private IP address range.

D.

IT is a network IP address.

Full Access
Question # 181

What is a difference between local AP mode and FiexConnet AP mode?

A.

Local AP mode creates two CAPWAP tunnels per AP to the WLC

B.

FiexConnect AP mode fails to function if the AP loses connectivity with the WLC

C.

FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured

D.

Local AP mode causes the AP to behave as if it were an autonomous AP

Full Access
Question # 182

After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials?

A.

Enable the allow AAA Override

B.

Enable the Even: Driven RRM.

C.

Disable the LAG Mode or Next Reboot.

D.

Enable the Authorized MIC APs against auth-list or AAA.

Full Access
Question # 183

Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 184

Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.

Full Access
Question # 185

Which two encoding methods are supported by REST APIs? (Choose two)

A.

YAML

B.

JSON

C.

EBCDIC

D.

SGML

E.

XML

Full Access
Question # 186

Refer to the exhibit.

What two conclusions should be made about this configuration? (Choose two )

A.

The designated port is FastEthernet 2/1

B.

This is a root bridge

C.

The spanning-tree mode is Rapid PVST+

D.

The spanning-tree mode is PVST+

E.

The root port is FastEthernet 2/1

Full Access
Question # 187

What is the difference regarding reliability and communication type between TCP and UDP?

A.

TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol

B.

TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol

C.

TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol

D.

TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol

Full Access
Question # 188

What does a switch use to build its MAC address table?

A.

VTP

B.

DTP

C.

egress traffic

D.

ingress traffic

Full Access
Question # 189

A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?

A.

a DHCP Relay Agent

B.

DHCP Binding

C.

a DHCP Pool

D.

DHCP Snooping

Full Access
Question # 190

By default, how Does EIGRP determine the metric of a route for the routing table?

A.

it uses the bandwidth and delay values of the path to calculate the route metric

B.

it uses a default metric of 10 for all routes that are learned by the router

C.

it uses a reference Bandwidth and the actual bandwidth of the connected link to calculate the route metric

D.

it counts the number of hops between the receiving and destination routers and uses that value as the metric

Full Access
Question # 191

What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two.)

A.

serves as the network aggregation point

B.

provides a boundary between Layer 2 and Layer 3 communications

C.

designed to meet continuous, redundant uptime requirements

D.

is the backbone for the network topology

E.

physical connection point for a LAN printer

Full Access
Question # 192

What is the difference in data transmission delivery and reliability between TCP and UDP?

A.

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

B.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

C.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

D.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

Full Access
Question # 193

Which option about JSON is true?

A.

uses predefined tags or angle brackets () to delimit markup text

B.

used to describe structured data that includes arrays

C.

used for storing information

D.

similar to HTML, it is more verbose than XML

Full Access
Question # 194

Which type of address is the public IP address of a NAT device?

A.

outside global

B.

outsdwde local

C.

inside global

D.

insride local

E.

outside public

F.

inside public

Full Access
Question # 195

When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

A.

spanning -tree vlan 200 priority 614440

B.

spanning -tree vlan 200 priority 38572422

C.

spanning -tree vlan 200 priority 0

D.

spanning -tree vlan 200 root primary

Full Access
Question # 196

An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for easier configuration. Which command must be issued on the router interface?

A.

ipv6 address 2001:db8::700:3:400F:572B

B.

ipv6 address 2001:db8:0::700:3:4F:572B

C.

ipv6 address 2001:Odb8::7:3:4F:572B

D.

ipv6 address 2001::db8:0000::700:3:400F:572B

Full Access
Question # 197

Refer to the Exhibit.

After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. which error must be corrected?

A.

There is a native VLAN mismatch

B.

Access mode is configured on the switch ports.

C.

The PCs are m the incorrect VLAN

D.

All VLANs are not enabled on the trunk

Full Access
Question # 198

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Full Access
Question # 199

What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

A.

The Layer 2 switch drops the received frame

B.

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

C.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

D.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

Full Access
Question # 200

What is the role of a firewall in an enterprise network?

A.

Forwards packets based on stateless packet inspection

B.

Processes unauthorized packets and allows passage to less secure segments of the network

C.

determines which packets are allowed to cross from unsecured to secured networks

D.

explicitly denies all packets from entering an administrative domain

Full Access
Question # 201

Which WLC port connects to a switch to pass normal access-point traffic?

A.

redundancy

B.

console

C.

distribution system

D.

service

Full Access
Question # 202

Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

A.

It sends packets out of interface Fa0/2 only.

B.

It sends packets out of interface Fa0/1 only.

C.

It cannot send packets to 10.10.13 128/25

D.

It load-balances traffic out of Fa0/1 and Fa0/2

Full Access
Question # 203

An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to achieve the desired result?

A.

logging trap 5

B.

logging trap 2

C.

logging trap 4

D.

logging trap 3

Full Access
Question # 204

What facilitates a Telnet connection between devices by entering the device name?

A.

SNMP

B.

DNS lookup

C.

syslog

D.

NTP

Full Access
Question # 205

What is recommended for the wireless infrastructure design of an organization?

A.

group access points together to increase throughput on a given channel

B.

configure the first three access points are configured to use Channels 1, 6, and 11

C.

include a least two access points on nonoverlapping channels to support load balancing

D.

assign physically adjacent access points to the same Wi-Fi channel

Full Access
Question # 206

When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

A.

The floating static route must have a higher administrative distance than the primary route so it is used as a backup

B.

The administrative distance must be higher on the primary route so that the backup route becomes secondary.

C.

The floating static route must have a lower administrative distance than the primary route so it is used as a backup

D.

The default-information originate command must be configured for the route to be installed into the routing table

Full Access
Question # 207

Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)

A.

It drops lower-priority packets before it drops higher-priority packets

B.

It can identify different flows with a high level of granularity

C.

It guarantees the delivery of high-priority packets

D.

It can mitigate congestion by preventing the queue from filling up

E.

it supports protocol discovery

Full Access
Question # 208

Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?

A.

ipv6 address dhcp

B.

ipv6 address 2001:DB8:5:112::/64 eui-64

C.

ipv6 address autoconfig

D.

ipv6 address 2001:DB8:5:112::2/64 link-local

Full Access
Question # 209

What is a function of the Cisco DNA Center Overall Health Dashboard?

A.

It provides a summary of the top 10 global issues.

B.

It provides detailed activity logging for the 10 devices and users on the network.

C.

It summarizes the operational status of each wireless devise on the network.

D.

It summarizes daily and weekly CPU usage for servers and workstations in the network.

Full Access
Question # 210

What is a practice that protects a network from VLAN hopping attacks?

A.

Enable dynamic ARP inspection

B.

Configure an ACL to prevent traffic from changing VLANs

C.

Change native VLAN to an unused VLAN ID

D.

Implement port security on internet-facing VLANs

Full Access
Question # 211

Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.

Which IP address is the source IP?

A.

10.4.4.4

B.

10.4.4.5

C.

172.23.103.10

D.

172.23.104.4

Full Access
Question # 212

A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?

A.

infrastructure-as-a-service

B.

platform-as-a-service

C.

business process as service to support different types of service

D.

software-as-a-service

Full Access
Question # 213

Why was the RFC 1918 address space defined?

A.

conserve public IPv4 addressing

B.

preserve public IPv6 address space

C.

reduce instances of overlapping IP addresses

D.

support the NAT protocol

Full Access
Question # 214

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

A.

switchport port-security violation access

B.

switchport port-security violation protect

C.

switchport port-security violation restrict

D.

switchport port-security violation shutdown

Full Access
Question # 215

How are the switches in a spine-and-leaf topology interconnected?

A.

Each leaf switch is connected to one of the spine switches.

B.

Each leaf switch is connected to two spine switches, making a loop.

C.

Each leaf switch is connected to each spine switch.

D.

Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.

Full Access
Question # 216

What event has occurred if a router sends a notice level message to a syslog server?

A.

A TCP connection has been torn down

B.

An ICMP connection has been built

C.

An interface line has changed status

D.

A certificate has expired.

Full Access
Question # 217

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

A.

IPsec tunnel mode with AH

B.

IPsec transport mode with AH

C.

IPsec tunnel mode with ESP

D.

IPsec transport mode with ESP

Full Access
Question # 218

Refer to the exhibit.

After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface's configuration?

A.

Use the Ixml library to parse the data returned by the NETCONF server for the interface's configuration.

B.

Create an XML filter as a string and pass it to get_config() method as an argument.

C.

Create a JSON filter as a string and pass it to the get_config() method as an argument.

D.

Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

Full Access
Question # 219

A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap?

A.

switchport port-security violation access

B.

switchport port-security violation protect

C.

switchport port-security violation restrict

D.

switchport port-security violation shutdown

Full Access
Question # 220

Refer to the exhibit.

An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two

changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose

two )

A.

Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic.

B.

Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic

C.

The source and destination IPs must be swapped in ACL 101

D.

The ACL must be configured the Gi0/2 interface inbound on R1

E.

The ACL must be moved to the Gi0/1 interface outbound on R2

Full Access
Question # 221

Which AP feature provides a captive portal for users to authenticate register and accept terms before accessing the internet?

A.

One-Click

B.

Hotspot

C.

Enhanced Bluetooth

D.

Whole Home

Full Access
Question # 222

Which two statements distinguish authentication from accounting? (Choose two.)

A.

Only authentication records the duration of a user's connection.

B.

Only authentication supports user-activity audits.

C.

Only authentication provides supporting information for billing users.

D.

Only authentication challenges users for their credentials and returns a response.

E.

Only authentication validates "who you are."

Full Access
Question # 223

Drag and drop the common functions from the left onto the cofresponding network topology architecture layer on the right. Not all common functions are used.

Full Access
Question # 224

How does machine learning improve the detection of unauthorized network access?

A.

It monitors for outdated software.

B.

It dictates security policy updates.

C.

It identifies patterns indicating intrusions.

D.

It assigns security clearance levels.

Full Access
Question # 225

Refer to the exhibit. An engineer is creating a secure preshared key based SSID using WPA2 for a wireless network running on 2.4 GHz and 5 GHz. Which two tasks must the engineer perform to complete the process? (Choose two.)

A.

Select the 802.1 x option for Auth Key Management.

B.

Select the WPA Policy option.

C.

Select the PSK option for Auth Key Management.

D.

Select the AES option for Auth Key Management.

E.

Select the AES (CCMP128) option for WPA2/WPA3 Encryption.

Full Access
Question # 226

Why is UDP more suitable than TCP tor applications that require low latency, such as VoIP?

A.

UDP reliably guarantees delivery of all packets and TCP drops packets under heavy load.

B.

TCP sends an acknowledgment for every packet that is received and UDP operates without acknowledgments.

C.

UDP uses sequencing data for packets to arrive in order, and TCP offers the capability to receive packets in random order.

D.

TCP uses congestion control for efficient packet delivery and UDP uses flow control mechanisms for the delivery of packets.

Full Access
Question # 227

Which solution is appropriate when mitigating password attacks where the attacker was able to sniff the clear-text password of the system administrator?

A.

next-generation firewall to keep stateful packet inspection

B.

multifactor authentication using two separate authentication sources

C.

ACL to restrict incoming Telnet sessions "admin" accounts

D.

IPS with a block list of known attack vectors

Full Access
Question # 228

Which plane is centralized in software-defined networking?

A.

application

B.

services

C.

control

D.

data

Full Access
Question # 229

Which advantage does machine learning offer for network security?

A.

It improves real-time threat detection.

B.

It manages firewall rule sets.

C.

It enforces password complexity requirements.

D.

It controls VPN access permissions.

Full Access
Question # 230

Connectivity between three routers has been established, and IP services must be configured jn the order presented to complete the implementation Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.

1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2, while using only a standard access list named NAT To verify, a ping must be successful to the R1 Loopback address sourced from R3. Do not use NVI NAT configuration.

2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on January 1, 2019.

3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named TEST. Using a single command, exclude addresses 1-10 from the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.

4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user root and password Cisco must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a destination address of 10.1.3.11. Do NOT modify console access or line numbers to accomplish this task.

Full Access
Question # 231

How does the dynamically-learned MAC address feature function?

A.

The CAM table is empty until ingress traffic arrives at each port

B.

Switches dynamically learn MAC addresses of each connecting CAM table.

C.

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

D.

It requires a minimum number of secure MAC addresses to be filled dynamically

Full Access
Question # 232

Refer to the exhibit.

What is the effect of this configuration?

A.

The switch port interface trust state becomes untrusted

B.

The switch port remains administratively down until the interface is connected to another switch

C.

Dynamic ARP inspection is disabled because the ARP ACL is missing

D.

The switch port remains down until it is configured to trust or untrust incoming packets

Full Access
Question # 233

Where does a switch maintain DHCP snooping information?

A.

in the MAC address table

B.

in the CAM table

C.

in the binding database

D.

in the frame forwarding database

Full Access
Question # 234

What is the primary function of a Layer 3 device?

A.

to analyze traffic and drop unauthorized traffic from the Internet

B.

to transmit wireless traffic between hosts

C.

to pass traffic between different networks

D.

forward traffic within the same broadcast domain

Full Access
Question # 235

Which action is taken by a switch port enabled for PoE power classification override?

A.

When a powered device begins drawing power from a PoE switch port a syslog message is generated

B.

As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused

C.

If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects

D.

Should a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled

Full Access
Question # 236

Refer to the exhibit.

With which metric was the route to host 172.16.0.202 learned?

A.

0

B.

110

C.

38443

D.

3184439

Full Access
Question # 237

What is the primary different between AAA authentication and authorization?

A.

Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.

B.

Authentication identifies a user who is attempting to access a system, and authorization validates the users password

C.

Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.

D.

Authentication controls the system processes a user can access and authorization logs the activities the user initiates

Full Access
Question # 238

Refer to the exhibit.

Which two commands were used to create port channel 10? (Choose two )

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Full Access
Question # 239

TION NO: 117

Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the reason for the problem?

A.

The OSPF router IDs are mismatched.

B.

Router2 is using the default hello timer.

C.

The network statement on Router1 is misconfigured.

D.

The OSPF process IDs are mismatched.

Full Access
Question # 240

Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right

Full Access
Question # 241

Refer to the exhibit.

An engineer is required to verify that the network parameters are valid for the users wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.

Full Access
Question # 242

Which two actions influence the EIGRP route selection process? (Choose two)

A.

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

B.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

C.

The router calculates the feasible distance of all paths to the destination route

D.

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

E.

The router must use the advertised distance as the metric for any given route

Full Access
Question # 243

Refer to the exhibit.

What is the effect of this configuration?

A.

All ARP packets are dropped by the switch

B.

Egress traffic is passed only if the destination is a DHCP server.

C.

All ingress and egress traffic is dropped because the interface is untrusted

D.

The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Full Access
Question # 244

What is a capability of FTP in network management operations?

A.

encrypts data before sending between data resources

B.

devices are directly connected and use UDP to pass file information

C.

uses separate control and data connections to move files between server and client

D.

offers proprietary support at the session layer when transferring data

Full Access