corene

1. Refer to the exhibit. Router#sh run | b vty line vty 0 4 session-timeout 30 exec-timeout 120 0 session-limit 30 login local line vty 5 15 session-timeout 30 exec-timeout 30 0 session-limit 30 login local Security policy requires all idle-exec sessions to be terminated in 600 seconds. Which configuration achieves this goal?. A. line vty 0 15 no exec-timeout. B. line vty 0 4 exce-timeout 600. C. line vty 0 15 absolute-timeout 600. D. line vty 0 15 exec-timeout 10 0.

2. When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port. A. logging host 10.2.3.4 vrf mgmt transport tcp port 514. B. logging host 10.2.3.4 vrf mgmt transport udp port 514. C. logging host 10.2.3.4 vrf mgmt transport udp port 6514. D.logging host 10.2.3.4 vrf mgmt transport tcp port 6514.

3. Which outcome is achieved with this Python code? client.connect (ip, port=22, username=usr, password=pswd) stdin, stdout, stderr = client.exec_command ('show ip bgp 192.168.101.0 bestpatch\n') print (stdout). A. displays the output of the show command in a formatted way. B. connects to a Cisco device using SSH and exports the routing table information. C. connects to a Cisco device using Telnet and exports the routing table information. D. connects to a Cisco device using SSH and exports the BGP table for the prefix.

4. Refer to the exhibit. What is the required to configure a second export destination for IP address 192.168.10.1?. A. Specify a different TCP port. B. Specify a different flow ID. C. Specify a different UDP port. D. Specify a VRF. E. Configure a version 5 flow-export to the same destination.

5. What is a benefit of data modeling languages like YANG?. A. They enable programmers to change or write their own application within the device operating system. B.They make the CLI simpler and more efficient. C. They provide a standardized data structure, which results in configuration scalability and consistency. D. They create more secure and efficient SNMP OIDs.

6. What is the differences between the MAC address table and TCAM?. A. The MAC address table supports partial matches. TCAM requires an exact match. B. The MAC address table is contained in TCAM. ACL and QoS information is stored in TCAM. C. Router prefix lookups happen in TCAM. MAC address table lookups happen in CAM. D. TCAM is used to make Layer 2 forwarding decisions. CAM is used to build routing table.

7. Refer to the exhibit. Which two commands are needed to allow for full reachability between AS 1000 and AS 2000? (Choose two.). A. R1#network 192.168.0.0 mask 255.255.0.0. B. R2#network 192.168.0.0 mask 255.255.0.0. C. R2#network 209.165.201.0 mask 255.255.192.0. D. R2#no network 10.0.0.0 mask 255.255.255.0. E. R1#no network 10.0.0.0 mask 255.255.255.0.

8. Refer to the exhibit. An engineer must ensure that all traffic entering AS 200 chooseS Link 2 as an entry point. Assuming that all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers, which configuration accomplishes this task?. A. R4(config)# route-map PREPEND permit 10 R4 (config-route-map)# set as-path prepend 100 100 100 R4(config)# router bgp 200 R4(config-router)# neighbor 10.2.2.2 route-map PREPEND in. B. R3(config)# route-map PREPEND permit 10 R3(config-route-map)# set as-path prepend 200 200 200 R3(config)# router bgp 200 R3(config-router)# neighbor 10.1.1.1 route-map PREPEND out. C. R3(config)# route-map PREPEND permit 10 R3(config-route-map)#set as-path prepend 100 100 100 R3(config)# router bgp 200 R3(config-router)#neighbor 10.1.1.1 route-map PREPEND in. D. R4(config)# route-map PREPEND permit 10 R4(config-route-map)# set as-path prepend 200 200 200 R4(config)# router bgp 200 R4(config-router)# neighbor 10.2.2.2 route-map PREPEND out.

9. Refer to the exhibit. Which privilege level is assigned to VTY users? R1# sh run | begin line con line con 0 exec-timeout 0 0 privilege level 15 logging synchronous stoppbits 1 line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous stoppbits 1 line vty 0 4 password 7 045802150C2E login line vty 5 15 password 7 045802150C2E login ! end R1#sh run | include aaa | enable no aaa new-model R1#. A. 7. B. 13. C. 1. D. 15.

10. Which method does Cisco DNA Center use to allow management of non-Cisco devices through southbound protocols?. A. It uses an API call to interrogate the devices and register the returned data. B. It obtains MIBs from each vendor that details the APIs available. C. It creates device packs through the use of an SDK. D. It imports available APIs for the non-Cisco device in a CSV format.

11. Refer to the exhibit. monitor session 1 source vlan 10 -12 rx monitor session 1 destination interface gigabitethernet0/1 An engineer must configure a SPAN session. What is the effect of the configuration?. A.Traffic sent on VLANs 10 and 12 only is copied and sent to interface g0/1. B.Traffic received on VLANs 10 and 12 only is copied and sent to interface g0/1. C.Traffic received on VLANs 10, 11, and 12 is copied and sent to interface g0/1. D.Traffic sent on VLANs 10, 11, and 12 is copied and sent to interface g0/1.

12.Refer to the exhibit. MTU has been configured on the underlying physical topology, and no MTU command has been configured on the tunnel interfaces. What happens when a 1500-byte IPv4 packet traverses the GRE tunnel from host X to host Y, assuming the DF bit is cleared?. A. The packet is discarded on router A. B. The packet arrives on router C fragmented. C. The packet arrives on router C without fragmentation. D. The packet is discarded on router B.

13. Refer to the exhibit. What does the snippet of code achieve? with manager.connect(host=192.168.0.1, port=22, username='admin',password='password1',hoskey_verify=true,device_params={'name':'nexus'}} as m: A. It opens an ncclient connection to a Cisco Nexus device and maintains it for the duration of the context. B. It opens a tunnel and encapsulates the login information, if the host key is correct. C. It creates a temporary connection to a Cisco Nexus device and retrieves a token to be used for API calls. D. It creates an SSH connection using the SSH key that is stored and the password is ignored.

14. Refer to the exhibit. Which configuration establishes EBGP neighborship between these two directly connected neighbors and exchanges the loopback network of the two routers through BGP?. A. R1(config)# router bgp 1 R1(config-router)#neighbor 192.168.10.2 remote-as 2 R1(config-router)#network 10.0.0.0 mask 255.0.0.0 R2(config)#router bgp 2 R2(config-router)#neighbor 192.168.19.1 remote-as 1 R2(config-router)#neighbor 10.1.1.0 mask 255.0.0.0. B. R1(config)#router bgp 1 R1(config-router)#neighbor 10.2.2.2 remote-as 2 R1(config-router)#network 10.1.1.0 mask 255.255.255.0 R2(config)#router bgp 2 R2(config-router)#neighbor 10.1.1.1 remote-as 1 R2(config-router)#network 10.2.2.0 mask 255.255.255.0. C. R1(config)# router bgp 1 R1(config-router)#neighbor 192.168.10.2 remote-as 2 R1(config-router)#network 10.1.1.0 mask 255.255.255.0 R2(config)#router bgp 2 R2(config-router)#neighbor 192.168.10.1 remote-as 1 R2(config-router)#netowrk 10.2.2.0 mask 255.255.255.0. D. R1(config)#router bgp 1 R1(config-router)#neighbor 10.2.2.2 remote-as 2 R1(config-router)#neighbor 10.2.2.2 update-source lo0 R1(config-router)#network 10.1.1.0 mask 255.255.255.0 R2(config)#router bgp 2 R2(config-router)#neighbor 10.1.1.1 remote-as 1 R2(config-router)#neighbor 10.1.1.1 update-source lo0 R2(config-router)#network 10.2.2.0 mask 255.255.255.0.

15. Which method creates an EEM applet policy that is registered with EEM and runs on demand or manually?. A. event manager applet ondemand event none action 1.0 syslog priority critical msg 'This is a message from ondemand‘. B. event manager applet ondemand event manual action 1.0 syslog priority critical msg 'This is a message from ondemand‘. C. event manager applet ondemand action 1.0 syslog priority critical msg 'This is a message from ondemand‘. D. event manager applet ondemand event register action 1.0 syslog priority critical msg 'This is a message from ondemand‘.

16. What NTP Stratum level is a server that is connected directly to an authorization time source?. A. Stratum 14. B. Stratum 1. C. Stratum 0. D. Stratum 15.

17. An engineer is investigating why guest users are able to access other guest devices when the users are connected to the customer guest WLAN. What action resolves this issue?. A.implement Wi-Fi direct policy. B. implement P2P blocking. C. implement MFP client protection. D. implement split tunneling.

18. Which technology does VXLAN use to provide segmentation for layer 2 and layer 3 traffic?. A. VLAN. B. VNI. C. VRF. D. bridge domain.

19. How do cloud deployments differ from on-prem deployments?. A. Cloud deployments require less frequent upgrades than on-premises deployments. B. Cloud deployments require longer implementation times than on-premises deployments. C. Cloud deployments have lower upfront costs than on-premises deployments. D. Cloud deployments are more customizable than on-premises deployments.

20. A client device roams between wireless LAN controllers that are mobility peers. Both controllers have dynamic interfaces on the same client VLAN. Which type of roam is described?. A. intra-VLAN. B. intra-controller. C. inter-subnet. D. inter-controller.

21. What do Cisco DNA southbound APIs provide?. A. Interface between the controller and the consumer. B. Interface between the controller and the network devices. C. NETCONF API interface for orchestrator communication. D.RESTful API interface for orchestrator communication.

22. What is the structure of a JSON web token?. A. three parts separated by dots: header, payload, and signature. B. header and payload. C. three parts separated by dots: version, header, and signature. D. payload and signature.

23. Which command when applied to the Atlanta router reduces type 3 LSA flooding into the backbone area and summarizes the inter-area routes on the Dallas router?. A. Atlanta(config-route)#area 1 range 192.168.0.0 255.255.252.0. B. Atlanta(config-route)#area 0 range 192.168.0.0 255.255.248.0. C. Atlanta(config-route)#area 1 range 192.168.0.0 255.255.248.0. D. Atlanta(config-route)#area 0 range 192.168.0.0 255.255.252.0.

24. Refer to the exhibit. Assuming the WLC's interfaces are not in the same subnet as the RADIUS server, which interface would the WLC uses as the source for all RADIUS related traffic?. A. The controller management interface. B. Any interface configured on the WLC. C. The controller virtual interface. D. The interface specified on the WLAN configuration.

25. Which antenna type should be used for a site-to-site wireless connection?. A. Ominidirectional. B. Yagi. C. Patch. D. Dipole.

26. Refer to the exhibit. An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24. The engineer applies access control list EGRESS in the outbound direction on the GigabitEthemet0/0 interface of the router. However, the router can still ping hosts on the 209.165.200.0/24 subnet. Which explanation of this behavior is true? Extended IP access list EGRESS 10 permit ip 10.0.0.0 0.0.0.255 any ! ---output omitted--- ! interface GigabitEthernet0/0 ip address 209.165.200.255 255.255.255.0 ip access-group EGRESS out duplex auto speed auto media-type rj45 !. A. The access control list must contain an explicit deny to block traffic from the router. B. Access control lists that are applied outbound to a router interface do not affect traffic that is sourced from the route. C. Only standard access control lists can block traffic from a source IP address. D. After an access control list is applied to an interface, that interface must be shut and no shut for the access control list to take effect.

27. Refer to the exhibit. What is the JSON syntax that is formed the data? Name is Bob Johnson Age is 75 Is alive Favorite foods are: + Cereal + Mustard + Onions. A. {"Name":"Bob Johnson", "Age": Seventyfive, "Alive":true, "Favorite Foods":["Cereal", "Mustard","Onions"]}. B. {Name: Bob Johson, Age: 75, Alive:true, Favorite Foods:[ Cereal, Mustard, Onios]}. C. {"Name":"Bob Johnson","Age": 75, "Alive":true, "Favorite Foods":["Cereal", "Mustard","Onions"]}. D. {'Name':'Bob Johnson', 'Age':75, 'Alive': Trued, 'Favorite Foods':'Cereal','Mustard','Onions'}.

28. An engineer is configuring local web authentication on a WLAN. The engineer chooses the Authentication radio button under the Layer 3 Security options for Web Policy. Which device presents the web authentication for the WLAN?. A. ISE server. B. Local WLC. C. Anchor WLC. D. Radius server.

29. Which configuration restricts the amount of SSH traffic that a router accepts 100 kbps?. A. class-map match-all CoPP_SSH match access-group name CoPP_SSH ! policy-map CoPP_SSH class CoPP_SSH police cir 100000 exceed-action drop ! ! ! control-plane transit service-policy input CoPP_SSH ! ip access-list extended CoPP_SSH permit tcp any any eq 22. B. class-map match-all CoPP_SSH match access-group name CoPP_SSH ! policy-map CoPP_SSH class CoPP_SSH police cir 100000 exceed-action drop ! ! ! interface GigabitEthernet0/1 ip address 209.165.200.225 255.255.255.0 ip access-group CoPP_SSH out duplex auto speed auto media-type rj45 service-policy input CoPP_SSH ! ip access-list extended CoPP_SSH permit tcp any any eq 22 !. C. class-map match-all CoPP_SSH match access-group name CoPP_SSH ! policy-map CoPP_SSH class CoPP_SSH police cir 100000 exceed-action drop ! ! ! control-plane service-policy input CoPP_SSH ! ip access-list extended CoPP_SSH permit tcp any any eq 22. D. class-map match-all CoPP_SSH match access-group name CoPP_SSH ! policy-map CoPP_SSH class CoPP_SSH police cir CoPP_SSH exceed-action drop ! ! ! interface GigabitEthernet0/1 ip address 209.165.200.225 255.255.255.0 ip access-group CoPP_SSH out duplex auto speed auto media-type rj45 service-policy input CoPP_SSH ! ip access-list extended CoPP_SSH deny tcp any any eq 22 !.

30. Refer to the exhibit. Based on the configuraton in this WLAN security setting, which method can a clien use to authenticate to the network?. A. Text string. B. username and password. C. Radius token. D. certificate.

31. What is the function of the fabric control plane node in a Cisco SD-Access deployment?. A. It holds a comprehensive database that tracks endpoints and networks in the fabric. B. It performs traffic encapsulation and security profiles enforcement in the fabric. C. It is responsible for policy application and network segmentation in the fabric. D. It provides integration with legacy non-fabric-enabled environments.

32. Which benefit is offered by a cloud infrastructure deployment but is lacking in a on-premises deployment?. A. virtualization. B. supported systems. C. efficient scalability. D. storage capacity.

33. Which entity is responsible for maintaining Layer 2 isolation between segments in a VXLAN environment?. A. VNID. B. host switch. C. switch fabric. D. VTEP.

34. In a three-tier hierarchical campus network design, which action is a design best-pratctice for the core layer?. A. provide QoS prioritization services sucha as marking, queueing, and classification for critical networks. B. provide redundant layer 3 point-to-point links between the core devices for more predictable and faster convergence. C. provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP. D. provide advanced network security features such as 802.1x, DHCP snooping, VACLs, and port security.

35. Refer to the exhibit.An engineer reconfigures the port-channel between SW1 and SW2 from an access port to a trunk and immediately notices this error in SW1‘s log. *Mar 1 09:47:22.245: %PM-SP-4-ERR_DISABLE: bpduguard error detected on Gi0/0, putting Gi0/0 in err-disable state. Which command set resolves this error?. A. SW1(config-if)#interface G0/1 SW1(config-if)#spanning-tree bpduguard enable SW1(config-if)#shut SW1(config-if)#no shut. B. SW1(config-if)#interface G0/0 SW1(config-if)#no spanning-tree bpduguard enable SW1(config-if)#shut SW1(config-if)#no shut. C. SW1(config-if)#interface G0/0 SW1(config-if)#spanning-tree bpduguard enable SW1(config-if)#shut SW1(config-if)#no shut. D. SW1(config-if)#interface G0/0 SW1(config-if)#no spanning-tree bpdufilter SW1(config-if)#shut SW1(config-if)#no shut.

36. Refer to the exhibit. A network engineer is configuring OSPF between router R1 and router R2. The engineer must ensure that a DR/BDR election does not occur on the Ethernet interfaces in area 0. A. R1(config-if)interface Gi0/0 R1(config-if)ip ospf priority 1 R2(config-if)interface Gi0/0 R2(config-if)ip ospf priority 1. B. R1(config-if)interface Gi0/0 R1(config-if)ip ospf network point-to-point R2(config-if)interface Gi0/0 R2(config-if)ip ospf network point-to-point. C. R1(config-if)interface Gi0/0 R1(config-if)ip ospf database-filter all out R2(config-if)interface Gi0/0 R2(config-if)ip ospf database-filter all out. D. R1(config-if)interface Gi0/0 R1(config-if)ip ospf network broadcast R2(config-if)interface Gi0/0 R2(config-if)ip ospf network broadcast.

37. Which characteristic distinguishes Ansible from chef?. A. Ansible uses Ruby to manage configurations. Chef uses YAML to manage configurations. B. Ansible pushes the configuration to the client. Chef client pulls the configuration from the server. C. The Ansible server can run on Linux, Unix or Windows. The Chef server must run on Linux or Unix. D. Ansible lacks redundancy support for the master server. Chef runs two masters in an active/active mode.

38. What is provided by the Stealthwatch component of the Cisco Cyber Threat Defense solution?. A. real-time awareness of users, devices, and traffic on the network. B. real-time threat management to stop DDoS attacks to the core and access networks. C. dynamic threat control for web traffic. D. malware control.

39. Refer to the exhibit. On which interfaces should VRRP commands be applied to provide first hop redundancy to PC-01 and PC-02?. A. G0/0 on ASW-01. B. G0/0 on Edge-01 and G0/0 on Edge-02. C. G0/1 on Edge-01 and G0/1 on Edge-02. D. G0/0 and G0/1 on Core.

40. Refer to the exhibit. After an engineer configures an EtherChannel between switch SW1 and switch SW2, this error message is logged on switch SW2. SW2# 09:45:32: %PM-4-ERR_DISABLE: channel-misconfig error detected on Gi0/0, putting Gi0/0 in err-disable state 09:45:32: %PM-4-ERR_DISABLE: channel-misconfig error detection on Gi0/1, putting Gi0/1 in err-disable state Based on the output from SW1 and the log message received on Switch SW2, what action should the engineer take to resolve this issue?. A. Configure the same protocol on EtherChannel on switch SW1 and SW2. B. Correct the configuration error on interface Gi0/1 on switch SW1. C.Correct the configuration error on interface Gi0/0 on switch SW1. D. Define the correct port members on Etherchannel on swich SW1.

41. What is a VPN in a Cisco SD-WAN deployment?. A. virtual channel used to carry control plane information. B. common exchange point between two different services. C. virtualized environment that provides traffic isolation and segmentation in the SD-WAN fabric. D. attribute to identify a set of services offered in specific places in the SD-WAN fabric.

42. Which exhibit displays a valid JSON file?. A. { "hostname":"edge_router_1" "interfaces":{ "GigabitEthernet1/1" "GigabithEthernet1/2" "GigabithEthernet1/3" } }. B. { "hostname":"edge_router_1", "interfaces":[ "GigabithEthernet1/1", "GigabithEthernet1/2", "GigabithEthernet1/3", ] }. C. { "hostname":"edge_router_1", "interfaces":{ "GigabitEthernet1/1", "GigabitEthernet1/2", "GigabitEthernet1/3", } }. D. { "hostname":"edge_router_1" "interfaces":[ "GigabitEthernet1/1" "GigabitEthernet1/2" "GigabitEthernet1/3" ] }.

43. Refer to the exhibit. An engineer configures monitoring on SW1 and enter the show command to verify operation. What does the output confirm?. A. RSPAN session 1 is incompletely configured for monitoring. B. RSPAN session 1 monitors activity on VLAN 50 of a remote switch. C. SPAN session 2 only monitors egress traffic exiting port FastEthernet 0/14. D. SPAN session 2 monitors all traffic entering and exiting port FastEthernet 0/15.

44. An engineer configures a WLAN with fast transition enabled. Some legacy clients fail to connect to this WLAN. Which feature allows the legacy clients to connect while still allowing other clients to use fast transition based on their OUIs?. A. over the DS. B. 802.1v. C. adaptive R. D. 802.11k.

45. A network administrator is implementing a routing configuration change and enables routing debugs to track routing behavior during the change. The logging output on the terminal is interrupting the command typing process. Which two actions can the network administrator take to minimize the possibility of typing commands incorrectly? (Choose two). A. Configure the logging synchronous command under the vty. B. Increase the number of lines on the screen using the terminal length command. C. Press the TAB key to reprint the command in a new line. D. Configure the logging synchronous global configuration command. E. Configure the logging delimiter feature.

46. An engineer must create an EEM applet that sends a syslog message in the event a change happens in the network due to trouble with an OSPF process. Which action should the engineer use? event manager applet LogMessage event routing network 172.30.197.0/24 type all. A. action 1 syslog msg "OSPF ROUTING ERROR". B. action 1 syslog send "OSPF ROUTING ERROR". C. action 1 syslog write "OSPF ROUTING ERROR". D. action 1 syslog pattern "OSPF ROUTING ERROR".

47. What step resolves the authentication issue?. A. change the port to 12446. B. target 192.168.100.82 in the URI. C. use basic authentication. D. restart the vsmart host.

48. Refer to the exhibit. What are two reasons por IP SLA tracking failure?(choose two.). A. The threshold value is wrong. B. A route back to the R1 LAN network is missing in R2. C. The destination must be 172.30.30.2 for icmp-echo. D. The source-interface is configured incorrectly. E. The default route has the wrong next hop IP address.

49. The login method is configured on the VTY lines of a router with these parameters. – The first method for authentication is TACACS – If TACACS is unavailable, login is allowed without any provided credentials Which configuration accomplishes this task?. A. R1# sh run | include aaa aaa new model aaa authentication login VTY group tacacs+ none aaa session-id common R1#sh run | section vty line vty 0 4 password 7 02050D400809 R1#sh run | include username R1#. B. R1#sh run | include aaa aaa new-model aaa authentication login telnet group tacacs+ none aaa session-id common R1#sh run | section vty line vty 0 4 R1#sh run | include username R1#. C. R1#sh run | include aaa aaa new-model aaa authentication login default group tacacs+ aaa session-id common R1#sh run | section vty line vty 0 4 transport inpute none R1#. D. R1#sh run | include aaa aaa new-model aaa authentication login default group tacacs+ none aaa session-id common R1#sh run | section vty line vty 0 4 password 7 02050D400809 R1#sh run | include username R1#.

50. Refer to the exhibit. Which configuration change will force BR2 to reach 209.165.201.0/27 via BR1?. A. Set the weight attribute to 65535 on BR1 toward PE1. B. Set the MED to 1 on PE2 toward BR2 outbound. C. Set the local preference to 150 on PE1 toward BR1 outbound. D. Set the origin to igp on BR2 toward PE2 inbound.

51. Refer to the exhibit. An engineer attempts to configure a trunk between switch SW1 and SW2 using DTP, but the trunk does not form. which command should the engineer apply to switch SW2 to resolved this issue?. A. switchport mode dynamic desirable. B. switchport nonegotiate. C. no switchport. D. switchport mode access.

52.Refer to the exhibit. While troubleshooting a routing issue, an engineer issues a ping from S1 to S2. Which two actions result from initial value of the TTL? (choose two). A. R1 replies with a TTL exceeded message. B. R3 replies with a TTL exceeded message. C. The packet reaches R1, and the TTL expires. D. R2 replies with a TTL exceeded message. E. The packet reaches R3, and the TTL expires. F. The packet reaches R2, and the TTL expires.

53. Refer to the exhibit. An engineer has configured Cisco ISE to assign VLANS to clients basde on their methof od authentication, but is not working as expected. Which action will resolve this issue?. A. require a DHCP address assignment. B. utilize RADIUS profiling. C. enable AAA override. D. set a NAC state.

54. Refer to the exhibit. Which configuration must be applied to R1 to enable R1 to reach the server at 172.16.0.1?. A. interface Ethernet0/0 ip address 172.16.0.7 255.255.0.0 route ospf 44 vrf bank network 172.16.0.0 255.255.0.0. B. interface Ethernet0/0 ip address 172.16.0.7 255.255.0.0 route ospf 44 vrf hotel network 172.16.0.0 255.255.0.0. C. interface Ethernet0/0 vrf forwarding bank ip address 172.16.0.7 255.255.0.0 route ospf 44 vrf bank network 172.16.0.0 255.255.0.0 area 0. D. interface Ethernet0/0 vrf forwardin hotel ip address 172.16.0.7 255.255.0.0 route ospf 44 vrf hotel network 172.16.0.0 255.255.0.0 area 0.

55. Refer to the exhibit. A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?. A. The tunnel keepalive is configured incorrectly because they must match on both sites. B. The default MTU of the tunnel interface is 1500 bytes. C. The tunnel will be established and work as expected. D. The tunnel destination will be known via the tunnel interface.

56. Refer to the exhibit. How was spanning-tree configured on this interface?. A. By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration mode. B. By entering the command spanning-tree portfast in the interface configuration mode. C. By entering the command spanning-tree portfast trunk in the interface configuration mode. D. By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode.

57. Refer to the exhibit. Which set of commands on router R1 allow deterministic trasnlation of private host PC1, PC2 and PC3 to adresses in the public space?. A. RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101 RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102 RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103. B. RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255 RouterR1(config)#ip nat pool POOL 155.1.1.101 155.1.1.103 netmask 255.255.255.0 RouterR1(config)#ip nat inside source list 1 pool POOL. C. RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255 RouterR1(config)#ip nat inside source list 1 interface f0/1 overload. D. RouterR1(config)#int f0/0 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101 RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102 RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103.

58. Refer to the exhibit. An engineer must permi traffic from these networks and block all other traffic. An informational log message should be triggered when traffic enters from these prefixes. Which access list must be used? 10.0.32.0/24 10.0.33.0/24 10.0.34.0/24 10.0.35.0/24 10.0.36.0/24 10.0.37.0/24 10.0.38.0/24 10.0.39.0/24. A. access-list acl_subnets permite ip 10.0.32.0 0.0.7.255 access-list acl_subnets deny ip any log. B. access-list acl_subnets permit ip 10.0.32.0 255.255.248.0 log. C. access-list acl_subnets permit ip 10.0.32.0 0.0.0.255 log. D. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 log.

59. Refer to the exhibit. Cisco DNA center has obtained the username of the client and the multiple devices that the client is using on the network. How is Cisco DNA center getting these context details?. A. User entered those details in the Assurance app available on IOS and Android devices. B. The administrator had to assign the username to the IP address manually in the user database tool on Cisco DNA center. C. Cisco DNA center pulled those details directly from the edge node where the user connected. D. Those details are provided to the Cisco DNA center by the identify Services Engine.

60. Under which network conditions is an outbound QoS policy is applied on a router WAN interface most beneficial?. A. under interface saturation conditions. B. under traffic classification and marking conditions. C. under network convergence conditions. D. under all network conditions.

61. What is a characteristic of YANG?. A. It allows model developers to create custom data types. B. It provides loops and conditionals to control flow within models. C. It structures data in an object-oriented fashion to promote model reuse. D. It is a Cisco proprietary language that models NETCONF data.

62. Which entity is a Type 1 Hypervisor?. A. Microsoft virtual PC. B. VMware server. C. Oracle VM virtualbox. D. Citrix XenServer.

63. A network engineer configures BGP between R1 and R2. Both routers use BGP peer group CORP and are set up to use MD5 authentication. This message is logged to the console of router R1: *May : %TCP-6-BADAUTH: Invalid MD5 digest from 10.10.10.1 (29832) to 10.120.10.1 (179) tableid -0 Which two configurations allow a peering session to form between R1 and R2? (Choose two). A. R1(config-router)#neighbor 10.120.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco. B. R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor PEER password Cisco. C. R2(config-router)#neighbor 10.120.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco. D. R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco. E. R1(config-router)#neighbor 10.10.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco.

64. What is required for a virtual machine to run?. A. only a Type 2 hypervisor. B. a hypervisor and physical server hardware. C. only a Type 1 hypervisor. D. a Type 1 hypervisor and a host operating system.

65. A network administrator has designed a network with two multilayer switches on the distribution layer, which act as default gateway for the end hosts. Which two technologies allow every end host in a VLAN to use both gateways? (choose two.). A. GLBP. B. MHSRP. C. VRRP. D. HSRP. E. VSS.

66. In Cisco SD-WAN, which protocol is used to measure link quality?. A. IPsec. B. OMP. C. RSVP. D. BFD.

67. What is the wireless Received Signal Strenght indicator?. A. the value of how strong a wireless signal is received, measured in dBm. B. the value of how strong the wireless signal is leaving the antenna using transmit power, cable loss, and antenna gain. C. The value given to the strenght of the wireless signal received compared to the noise level. D. the value of how much wireless signal is lost over a defined amount of distance.

68. An engineer runs the code against an API of Cisco DNA center, and the platforms returns this output. What does the response indicate?. A. The URI string is incorrect. B. The Cisco DNA center API port is incorrect. C. The HTTP method is incorrect. D. The authentication credentials are incorrect.

69. A network administrator applies the following configuration to an IOS device. aaa new-model aaa authentication login default local group tacacs+ What is the process of password checks when a login attempt is made to the device?. A. A local database is checked first. If that fails, a TACACS+server is checked, if that check fails, a RADIUS server is checked. B. A TACACS+ server is checked first. If that check fails, a local database is checked. C. A TACACS+ server is checked first. If that check fail, a RADIUS server is checked. If that check fail, a local database is checked. D. A local database is checked first. If that check fails, a TACACS+server is checked.

70. What does the Cisco DNA Center use the enable the delivery of applications through a network and to yield analytics for innovation?. A. process adapters. B. intent-based APIs. C. Command Runner. D. domain adapters.

71.Refer to the exhibit. Router# show run | b vty line vty 0 4 session-timeout 30 exec-timeout 120 0 session-limit 30 login local line vty 5 15 session-timeout 30 exec-timeout 30 0 session-limit 30 login local Only administrators from the subnet 10.10.10.0/24 are permitted to have access to the router. A secure protocol must be used for the remote access and management of the router instead of clear-text protocols. Which configuration achieves this goal?. A. access-list 23 permit 10.10.10.0 265.255.255.0 line vty 0 15 access-class 23 in transport input ssh. B. access-list 23 permite 10.10.10.0 0.0.0.255 line vty 0 4 access-class 23 in transport input ssh. C. access-list 23 permit 10.10.10.0 0.0.0.255 line vty 0 15 access-class 23 in transport input ssh. D. access-list 23 permit 10.10.10.0 0.0.0.255 line vty 0 15 access-class 23 out transport input all.

72. An engineer must configure a GRE tunnel interface in the default mode. The engineer has assigned an IPv4 address on the tunnel and sourced the tunnel from an Ethernet interface. Which additional configuration must be made on the tunnerl interface?. A. (config-if)#tunnel destination <ip address>. B. (config-if)# ip mtu <value>. C. (config-ig)# ip tcp adjust-mss <value>. D. (config-if)# keepalive <seconds retries>.

73. Why is an AP joining a different WLC than the one specified through option 43. A. The WLC is running a different software version. B. The AP multicast traffic is unable to reach the WLC through Layer 3. C. The AP is joining a primed WLC. D. The APs broadcast traffic is unable to reach the WLC through Layer 2.

74. Which JSON syntax is valid?. A. {"switch":"name":"dist1":"interfaces":["gig1","gig2", "gig3"]}. B. {'switch':{'name':'dist1','interfaces':['gig1','gig2','gig3])}. C. {/"switch/":{/"name/":"dist1",/"interfaces/":["gig1":"gig2","gig3"]}}. D. {"switch":{"name":"dist1", "interfaces":["gig1","gig2", "gig3"]}}.

75. Which configuration change ensures that R1 is the active gateway whenever it is in a functional state for the 172.30.110.0/24 network?. A. R1 standby 1 preempt R2 standby 1 priority 90. B. R2 standby 1 priority 90 standby 1 preempt. C. R2 standby 1 priority 100 standby 1 preempt. D. R1 standby 1 preempt R2 standby 1 priority 100.

76. What function does VXLAN perform in a Cisco SD-Access deployment?. A. Systems management and orchestration. B. control plane forwarding. C. data plane forwarding. D. policy plane forwarding.

77. An engineer is describing QoS to a client. Which two facts apply to traffic policing? (Choose two). A. Policing should be performed as close to the source as possible. B. Policing typically delays the traffic, rather than drops it. C. Policing adapts to network congestion by queuing excess traffic. D. Policing should be performed as close to the destination as possible. E. Policing drops traffic that exceeds the defined rate.

78.Refer to the exhibit. Person#1: First Name is Johnny Last Name is Table Hobbies are: • Running • Video games Person#2 First Name is Billy Last Name is Smith Hobbies are: • Napping • Reading Which JSON syntax is derived from this data?. A. { Person‘: [{ 'First Name': 'Johnny‘, 'Last Name‘: 'Table‘,' Hobbies‘: ['Running‘,'Video games‘]}, { 'First Name‘: 'Billy‘, 'Last Name‘: 'Smith‘, 'Hobbies‘: [ 'Napping‘, Reading‘]}]}. B. {[{ First Name‘: Johnny‘, Last Name‘: Table‘, Hobbies‘: [ Running‘, Video games‘]}, { First Name‘: Billy‘, Last Name‘: Smith‘, Hobbies‘:[ Napping‘,‘Reading‘]}]}. C.{[{First Name‘: Johnny‘, Last Name‘: Table‘, Hobbies‘: Running‘,‘Hobbies‘: Video games‘},{ First Name‘: Billy‘, Last Name‘: Smith‘, Hobbies‘: Napping‘, Hobbies‘: Reading‘}]}. D. { Person‘: [{ First Name‘:‘Johnny‘, Last Name‘: Table‘, Hobbies‘: Running‘,Video games‘}, { First Name‘: Billy‘, Last Name‘: Smith‘, Hobbies‘: Napping‘, Reading‘}]}.

79. What is the role of the RP in PIM sparse mode?. A. The RP maintains default aging timeouts for all multicast streams requested by the receivers. B. The RP responds to the PIM join messages with the source of a requested multicast group. C. The RP is the multicast router that is the root of the PIM-SM shared multicast distribution tree. D. The RP act as a control-plane node only and does not receive or forward multicast packets.

80. An engineer uses the Design workflow to create a new insfrastructure in Cisco DNA center. How is the physical network device hierarchy structured?. A. by the hostname naming convention. B. by role. C. by location. D. by organization.

81.Refer to the exhibit. event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.3 get-type next entry-op gt entry-val 80 poll-interval 5 ! action 1.0 cli command ―"enable" action 2.0 syslog msg ―"high cpu" action 3.0 cli command ―"term length 0" An engineer must create a script that appends the output of the show process cpu sorted command to a file. Which action completes the configuration. A. action 4.0 publish-event "show process cpu sorted | append flash:high-cpu-file". B. action 4.0 cli command "show process cpu sorted | append flash:high-cpu-file". C. action 4.0 syslog command "show process cpu sorted | append flash:high-cpu-file". D. action 4.0 cns-event "show process cpu sorted | append flash:high-cpu-file".

82. What is a type 2 hypervisor?. A. Installed as an application on an already installed operating system. B. supports over allocation on physical resources. C. also referred to as a bare metal hypervisor because it sits directly on the physical server. D. runs directly on a physical server and includes its own operating system.

83. How does Cisco TrustSec enable more flexible access controls for dynamic networking environment and data centers?. A. classifies traffic based on advanced application recognition. B. uses flexible Netflow. C. assigns a VLAN to the endpoint. D. classifies traffic based on the contextual identity of the endpoint rather that its IP address.

84. Which two characteristics define the Intent API provided by Cisco DNA Center? (Choose two). A. procedural. B. southbound API. C. business outcome oriented. D. northbound API. E. device-oriented.

85. Which two actions, when applied in the LAN network segment, will facilitate Layer 3 CAPWAP discovery lightweight AP? (choose two). A. Configure an ip helper-address on the router interface. B. Utilize DHCP option 17. C. Utilize DHCP option 43. D. Configure WLC IP address on LAN switch. E. Enable port security on the switch port.

86. When a wired cliend connects to an edge switch in an SDA fabric, which component decides whether the client has access to the network?. A. edge node. B. Identity Service Engine. C. control-plane node. D. Radius server.

87. Refer to the exhibit. flow monitor FLOW-MONITOR-1 record netflow ipv6 original-input exit ! sampler SAMPLER-1 mode deterministic 1 out-of 2 exit ! ip cef ipv6 cef ! interface GigabitEthernet0/0/0 ipv6 address 2001:DB8:2:ABCD::2/48 ipv6 flow monitor FLOW-MONITOR-1 sampler SAMPLER-1 input What is the effect of introducing the sampler feature into the Flexible NetFlow configuration on the router?. A. CPU and memory utilization are reduced when compared with what is required for full netflow. B. Every second IPv4 packet is fowarded to the collector for inspection. C. NetFlow updates to the collector are sent 50% less frequently. D. The resolution sampling data increases, but it requires more performance from the router.

88. Refer to the exhibit. Communication between London and New York is down. Which command set must be applied to resolve this issue?. A. NewYork(config)#int f0/1 NewYork(config)#switchport nonegotiate NewYork(config)#end NewYork#. B. NewYork(config)#int f0/1 NewYork(config)#switchport mode trunk NewYork(config)#end NewYork#. C. NewYork(config)#int f0/1 NewYork(config)#switchport mode dynamic desirable NewYork(config)#end NewYork#. D. NewYork(config)#int f0/1 NewYork(config)#switchport trunk encap dot1q NewYork(config)#end NewYork#.

89. Which deployment option of Cisco NGFW provides scalability?. A. high availability. B. inline tap. C. Tap. D. clustering.

90. What is the centralized control policy in a Cisco SD-WAN deployment?. A. list of enabled services for all nodes within the cloud. B. lis of ordered statements that define user access policies. C. set of statements that defines how routing is performed. D. set of rules that governs nodes authentication within the cloud.

91. Which element enables communication between guest VMs within a virtualized environment?. A. pNIC. B. virtual router. C. vSwitch. D. hypervisor.

92. Refer to exhibit. VLANs 50 and 60 exist on the trunk links between all switches. All access ports on SW3 are configured for VLAN 50 and SW1 is the VTP server. Which command ensures that SW3 receives frames only from VLAN 50?. A. SW1(config)#vtp mode transparent. B. SW1 (config)#vtp pruning. C. SW3(config)#vtp mode transparent. D. SW2(config)#vtp pruning.

93. When a wireless client roams between two different wireless controllers, a network connectivity outage is experienced for a period of time. Which configuration issue would cause this problem?. A. Not all of the controllers within the mobility group are using the same virtual interface IP address. B. All of the controllers within the mobility group are using the same virtual interface IP address. C. Not all of the controllers in the mobility group are using the same mobility group name. D. All of the controllers in the mobility group are using the same mobility group name.

94. Which protocol does REST API rely on to secure the communication channel?. A. SSH. B. HTTP. C. HTTPS. D. TCP.

95. Refer to the exhibit. Which router is the designated router on the segment 192.168.0.0/24?. A. Router NewYork because it has a higher router ID. B. This segment has no designated router because it is a nonbroadcast network type. C. Router Chicago because it has a lower router ID. D. This segment has no designated router because it is a p2p network type.

96. Which protocol infers a YANG data model is being used?. A. NX-API. B. REST. C. SNMP. D. RESTCONF.

97. Which control plane protocol is used between Cisco SD-WAN routers and vSmart controllers?. A. TCP. B. OMP. C. BGP. D. UDP.

98. An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times. Which command accomplish this task?. A. R1(config)#time-range WEEKEND R1(config-time-range)#periodic Friday Sunday 00:00 to 00:00 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface Gi0/1 R1(config-if)#ip access-group 150 in. B. R1(config)#time-range WEEKEND R1(config-time-range)#periodic weekend 00:00 to 23:59 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface Gi0/1 R1(config-if)#ip access-group 150 in. C. R3(config)#time-range WEEKEND R3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface Gi0/1 R3(config-if)#ip access-group 150 out. D. R3(config)#time-range WEEKEND R3(config-time-range)#periodic weekend 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface Gi0/1 R3(config-if)#ip access-group 150 out.

99. Refer to the exhibit. An engineer is troubleshooting a connectivity issue and executes a traceroute. What does the result confirm?. A. The protocol is unreachable. B. The destination port is unreachable. C. The destination server reported it is too busy. D. The probe timed out.

100. Which HTTP code must be returned to prevent the script from existing?. A. 301. B. 201. C. 300. D. 200.

101. When is an external antenna used inside a building?. A. only when using 5GHZ. B. only when using Mobility Express. C. Only when using 2.4 GHz. D. When it provides the required coverage.

102. Refer to the exhibit. An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2. What is the cause of the message?. A. The HSRP configuration has caused a spanning-tree loop. B. The HSRP configuration has caused a routing loop. C. The same virtual IP address has been configured for two HSRP groups. D. A PC is on the network using the IP address 10.10.1.1.

103. Refer to the exhibit. Running the script causes the output in the exhibit. What should be the first line of the script?. A. from ncclient import. B. nnclient manager import. C. from nnclient import manage. D. import manager.

104. What is a consideration when designing a Cisco SD-Access underlay network?. A. The underlay switches provide endpoint physical connectivity for users. B. End user subnets and endpoints are part of the underlay network. C. Static routing is a requirement. D. It must support IPv4 and IPv6 underlay networks.

105. Which congestion queuing method on Cisco IOS based routers uses four static queues?. A. low latency. B. weighted fair. C. custom. D. Priority.

106. Which measure is used by an NTP server to indicate its closeness to the authoritative time source?. A. stratum. B. time zone. C. Latency. D. hop count.

107. Which two threats does AMP4E have the ability to block? (choose two.). A. DDoS. B. Microsoft word macro attack. C. email phishing. D. ransomware. E. SQL injection.

108. Which command set configures RSPAN to capture outgoing traffic from VLAN 3 on interface GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface?. A. monitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 1-2,4-4094. B. monitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 3. C. monitor session 2 source interface gigabitethernet0/3 rx monitor session 2 filter vlan 1-2,4-4094. D. monitor session 2 source interface gigabitethernet0/3 rx monitor session 2 filter vlan 3.

109. What are two characteristics of VXLAN?. A. It lacks support for host mobility. B. It extends layer 2 and layer 3 overlay networks over a layer 2 underlay. C. It allows for up to 16 million VXLAN segments. D. It uses VTEPs to encapsulate and decapsulate frames. E. It has a 12-bit network identifier.

110. What are two benefits of YANG?. A. It enforces configuration constraints. B. It collects statistical constraint analysis information. C. It enables multiple leaf statements to exist within a leaf list. D. It enforces configuration semantics. E. It enforces the use of a specific encoding format for NETCONF.

111. A customer has recently implemented a new wireless infrastructure using WLC-5520S at a site directly next to a large commercial airport. Users report that they intermittently lose Wi-Fi connectivity, and troubleshooting reveals it is due to frequent channel changes. Which two actions fix this issue? (Choose two). A. Disable DFS channels to prevent interference with Doppler radar. B. Restore the DCA default settings because this automatically avoids channel interference. C. Remove UNII-2 and Extended UNII-2 channels from the 5 GHz channel list. D. Configure channels on the UNII-2 and the Extended UNII-2 sub-bands of the 5 GHz band only. D. Enable DFS channels because they are immune to radar interference.

112. Refer to the exhibit. POSTMAN is showing an attempt to retrieve network device information from Cisco DNA center API. What is the issue?. A. Authentication has failed. B. The URI string is incorrect. C. The JSON payload contains the incorrect UUID. D. The token has expired.

113. After a redundant route processor failure occurs on a Layer 3 device, which mechanism allows for packets to be forwarded from a neighboring router based on the most recent tables?. A. RPVST+. B. RP failover. C. BFD. D. NSF.

114. An engineer must provide wireless coverage in a square office. The engineer has only one AP and believes that it should be placed in the middle of the room. Which antenna type should the engineer use?. A. Polarized. B. Omnidirectional. C. Yagi. D. Directional.

115. Which three elements determine Air Time efficiency?(choose three). A. event-driven RRM. B. RF group leader. C. data rate (modulation density) or QAM. D. number of spatial streams and spatial reuse. E. channel bandwidth. F. dynamic channel assignment.

116. How is Layer 3 roaming accomplished in a unified wireless deployment?. A. An EoIP tunnel is created between the client and the anchor controller to provide seamless connectivity as the client is associated with the new AP. B. The client entry on the original controller is passed to the database on the new controller. C. The client database on the original controller is updated with the anchor entry, an the new controller database is updated with the foreign entry. D. The new controller assigns an IP address from the new subnet to the client.

117. Which two results occur if Cisco DNA center loses connectivity to devices in the SD-Access fabric? (choose two). A. User connectivity is unaffected. B. All devices reload after detecting loss of connection to Cisco DNA center. C. Cisco DNA center is unable to collect monitoring data in Assurance. D. Users lose connectivity. E. Already connected users are unaffected, but new users cannot connect.

118. In a Cisco SD-Access solution, what is the role of the Identity Services Engine?. A. It is leveraged for dynamic endpoint to group mapping and policy definition. B. It is used to analyze endpoint to app flows and monitor fabric status. C. It provides GUI management and abstraction via apps that share context. D.It manages the LISP EID database.

119. What are two difference between the RIB and the FIB? (choose two). A. FIB is a database of routing prefixes, and the RIB is the inforation used to choose the egress interface for each packet. B. The RIB is a database of routing prefixes, and the FIB is the information used to choose the egress interface for each packet. C. The FIB is denved from the control plane, and the RIB is derived from the FIB. D. The RIB is derived from the control plane, and the FIB is derived from the RIB. E. The FIB is derived from the data plane and the RIB is derived from the FIB.

120. Which devices does Cisco DNA Center configure when deploying an IP-based access control policy?. A. selected individual devices. B. all wired devices. C. all devices in selected sites. D. all devices integrating with ISE.

121. Which encryption hashing algorithm does NTP use for authentication?. A. MD5. B. AES128. C. AES256. D. SSL.

122. Refer to the exhibit. An engineer is configuring an Etherchannel between Switch1 and Switch2 and notices the console message on Switch2. Based on the output, which action resolves this issue?. A. Configure the same port channel interface number on both switches. B. Configure less member ports on Switch2. C. Configure more member ports on Switch1. D. Configure the same Etherchannel protocol on both switches.

123. Refer to the exhibit. What does the error message relay to the administrator who is trying to configure a Cisco IOS device?. A. The NETCONF running datastore is currently locked. B. The device received a valid NETCONF request and service it without error. C. A NETCONF request was made for a data model that does not exist. D. NETCONF message with valid content based on the YANG data models was made but the request failed.

124. In a Cisco SD-Access solution, what is the role of a fabric edge node?. A. to connect the fusion router to the SD-Access fabric. B. to connect external Layer 3 networks to the SD-Access fabric. C. to advertise fabric IP address space to external networks. D. to connect wired endpoints to the SD-Access fabric.

125. At which layer does Cisco DNA Center support REST control?. A. Session layer. B. YAML output from responses to API calls. C. EEM applets or scripts. D. northbound APIs.

126. Which method of account authentication does OAuth 2.9 use within REST APIs?. A. username/role combination. B. cookie authentication. C. access tokens. D. basic signature workflow.

127. Refer to the exhibit. What are two effects of this configuration? (choose two.). A. R1 becomes standby router. B. R1 becomes the active router. C. If R1 goes down, R2 becomes active and remains the active when R1 comes back online. D. If R2 goes down, R1 becomes active but reverts to standby when R2 comes back online. E. If R1 goes down, R2 becomes active but reverts to standby when R1 comes back online.

128. Refer to the exhibit. Which configuration allows Customer2 host to access the FTP server of Customer1 that has the IP address of 192.168.1.200?. A. ip route vrf Customer1 172.16.1.0.255 255.255.255.0 172.16.1.1 Customer1 ip route vrf Customer2 192.168.1.200 255.255.255.255 192.168.1.1 Customer 2. B. ip route vrf Customer1 172.16.1.1 255.255.255.255 172.16.1.1 global ip route vrf Customer2 192.168.1.200 255.255.255.0 192.168.1.1 global ip route 192.168.1.0 255.255.255.0 Vlan10 ip route 172.16.1.0 255.255.255.0 Vlan20. C. ip route vrf Customer1 172.16.1.0 255.255.255.0 172.16.1.1 global ip route vrf Customer2 192.168.1.200 255.255.255.255 192.168.1.1 global ip route 192.168.1.0 255.255.255.0 Vlan10 ip route 172.16.1.0 255.255.255.0 Vlan20. D. ip route vrf Customer1 172.16.1.0 255.255.255.0 172.16.1.1 Customer2 ip route vrf Customer2 168.1.200 255.255.255.255 192.168.1.1 Customer1.

129. Which action is function of VTEP in VXLAN?. A. allowing encrypted communication on the local VXLAN Ethernet segment. B. tunneling traffic from IPv4 to IPv6 VXLANs. C. tunneling traffic from IPv6 to IPv4 VXLANs. D. encapsulating and de-encapsulating VXLAN Ethernet frames.

130. Which TCP setting is tuned to minimize the risk of fragmentation on a GRE/IP tunnel?. A. window size. B. MSS. C. MRU. D. MTU.

131. Wireless users report frequent disconnections from the wireless network. While troubleshooting a network engineer finds that after the user a disconnect, the connection reestablishes automatically without any input required. The engineer also notices these message logs. AP 'AP2' is down Reason: Radio channel set. 6:54:04 PM AP 'AP4' is down Reason: Radio channel set. 6:44:49 PM AP 'AP7' is down Reason: Radio channel set. 6:34:32 PM Which action reduces the user impact?. A. Increase the dynamic channel assignment interval. B. enable coverage hole detection. C. Increase the AP hearbeat timeout. D. enable BandSelect.

132. Refer to the exhibit. aaa new-model aaa authentication login default local-case enable aaa authentication login ADMIN local-case username CCNP secret Str0ngP@ssw0rd! line 0 4 login authentication ADMIN An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP logs in. Which configuration change is required?. A. Add the autocommand keyword to the aaa authentication command. B. Add the access-class keyword to the aaa authentication command. C. Add the access-class keyword to the username command. D. Add the autocommand keyword to the username command.

133. Which two network problems indicate a need to implement QoS in a campus network? (choose two). A. misrouted network packets. B. port flapping. C. bandwidth-related packet loss. D. duplicate IP addresses. E. excess jitter.

134. Which technology provides a secure communication channel for all traffic at layer 2 of the OSI model?. A. MACsec. B. IPsec. C. SSL. D. Cisco TrustSec.

135. What is a fact about Cisco EAP-FAST. A.It is an IETF standard. B. It requires a client certificate. C. It operates in transparent mode. D. It does not require a RADIUS server certificate.

136. Which three methods does Cisco DNA Center use to discover devices?(choose three). A. CDP. B. SNMP. C. LLPD. D. NETCONF. E. a specified range of IP addresses. F. ping.

137. What does the Cisco DNA REST response indicate?. A. Cisco DNA Center has the incorrect credentials for RouterASR-1. B. Cisco DNA Center is unable to communicate with cat9000-1. C. Cisco DNA Center has the incorrect credentials for cat3850-1. D. Cisco DNA Center has the incorret credentials for cat9000-1.

138. Refer to the exhibit. Which single security feature is recommended to provide Network Access Control in the enterprise?. A. WebAuth. B. port security sticky MAC. C. MAB. D. 802.1x.

139. Refer to the exhibit. After running the code in the exhibit which step reduces the amount of data that the NETCONF server returns to the NETCONF CLIENT, to only interface's configuration?. A. Use the lxml library to parse the data returned by the NETCONF server for the interface's configuration. B. Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration. C. Create a JSON filter as a string and pass it to the get_config() method as argument. D.Create an XML filter as a string and pass it to get_config() method as argument.

140. Refer to the exhibit. ip sla 10 icmp-echo 192.168.10.20 timeout 500 frequency 3 ip sla schedule 10 life forever start-time now track 10 ip sla 10 reachability The IP SLA is configured in a router. An engineer must configure an EEM applet to shut down the interface and bring it back up when there is a problem with the IP SLA. Which configuration should the engineer use?. A. event manager applet EEM_IP_SLA event sla 10 state down. B. event manager applet EEMP_IP_SLA event sla 10 state unreachable. C. event manager applet EEMP_IP_SLA event track 10 state unreachable. D. event manager applet EEMP_IP_SLA event track 10 state down.

141. Refer to the exhibit. Rapid PVST+ is enabled on all switches. Which command set must be configured on Switch1 to achieve the following results on port fa0/1? + When a device is connected, the port transitions immediately to a forwarding state + The interface should not send or receive BPDUs. + If a BPDU is received, it continues operating normally. A. Switch1(config)#interface f0/1 Switch1(config-if)#spanning-tree portfast. B. Switch1(config)#interface f0/1 Switch1(config-if)#spanning-tree portfast Switch1(config-if)#spanning-tree bpduguard enable. C. Switch1(config-if)#spanning-tree portfast bpdufilter default Switch1(config)#interface f0/1 Switch1(config-if)#spanning-tree portfast. D. Switch1(config-if)#spanning-tree portfast bpduguard default Switch1(config)#interface f0/1 Switch1(config-if)#spanning-tree portfast.

142. Refer to the exhibit. What is the cause of the log messages?. A. MTU mismatch. B. hello packet mismatch. C. IP address mismatch. D. OSPF area change.

143. Refer to the exhibit. The trunk does not work over the back-to-back link between Switch1 interface Gig1/0/20 and Switch2 interface Gig1/0/20. Which configuration fixes the problem?. A. Switch1(config)#interface gig1/0/20 Switch1(config-if)#switchport mode dynamic auto. B. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic desirable. C. Switch1(config)#interface gig1/0/20 Switch1(config-if)#switchport trunk native vlan 1 Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport trunk native vlan 1. D. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic auto.

144. Which measurement is used from a post wireless survey to depict the cell edge of the access points?. A. Noise. B. SNR. C. RSSI. D. CCI.

145. An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the active HSRP router. The peer router has been configured using the default priority value. Which command set is required?. A. standby version 2 standby 300 priority 110 standby 300 preemt. B. standby 300 priority 90 standby 300 preempt. C. standby 300 priority 110 standby 300 timers 1 110. D. standby version 2 standby 300 priority 90 standby 300 preempt.

146. How are the different versions of IGMP compatible?. A. IGMPv2 is compatible only with IGMPv2. B. IGMPv3 is compatible only with IGMPv3. C.IGMPv2 is compatible only with IGMPv1. D. IGMPv3 is compatible only with IGMPv1.

147. how is 802.11 traffic handled in a fabric-enabled SSID?. A. Converted by the AP into 802.3 and encapsulated into a VLAN. B. converted by the AP into 802.3 and encapsulated into VXLAN. C. centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC. D. centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC.

148. What is a benefit of a virtual machine when compared with a physical server?. A. The CPU and RMA resources on a virtual machine cannot be affected by other virtual machines. B. Deploying a virtual machine is technically less complex than deploying a physical server. C. Multiple virtual servers can be deployed on the same physical server without having to buy additional hardware. D. Virtual machines increase server processing performance.

149. An engineer is troubleshooting the AP join process using DNS. Which FQDN must be resolvable on the network for the access points to succesfully register to the WLC?. A. Cisco-capwap-controller.domain.com. B. wlchostname.domain.com. C. primary-wlc.domain.com. D. ap-manager.domain.com.

150. Which LISP component is required for a LISP site to communicate with a non-LISP site?. A. ITR. B. Proxy ITR. C. ETR. D. Proxy ETR.

151. What is used to perform QoS packet classification?. A. the flags field in the Layer 3 header. B. the Type field in the Layer 2 frame. C. the TOS field in the Layer 3 header. D. the options field in the Layer 3 header.

152. A customer requests a network design that supports these requirements: +FHRP redundancy +multivendor router environment +IPv4 and IPv6 host Which protocol does the design include?. A. VRRP version 3. B. GLBP. C. HSRP version 2. D. VRRP version 2.

153. Which DHCP option provides the CAPWAP APs with the address of the wireless controller(s)?. A. 43. B. 69. C. 150. D. 66.

154. Which function does a fabric edge node perform in an Cisco SD- Access deployment?. A. encapsulates end-user data traffic into LISP. B. connects endpoint to the fabric and forwards their traffic. C. provides reachability between border nodes in the fabric underlay. D. connects the SD-Access fabric to another fabric or external Layer 3 networks.

155. Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied on SW2 port G0/0 in the inbound direction?. A. permit tcp host 192.168.0.5 eq 8080 host 172.16.0.2. B. permit tcp host 192.168.0.5 it 8080 host 172.16.0.2. C. permit tcp host 172.16.0.2 host 192.168.0.5 eq 8080. D. permit tcp host 192.168.0.5 host 172.16.0.2 eq 8080.

156. Which HTTP status code is the correct response for a request with an incorrect password applied to a REST API session?. A. HTTP Status Code: 200. B. HTTP Status Code: 302. C. HTTP Status Code: 401. D. HTTP Status Code: 504.

157. Which outbound access list, applied to the WAN interface of a router, permits all traffic except for HTTP traffic sourced from the workstation with IP address 10.10.10.1?. A. ip access-list extended 200 deny tcp host 10.10.10.1 eq 80 any permit ip any any. B. ip access-list extended 10 deny tcp host 10.10.10.1 any eq 80 permit ip any any. C. ip access-list extended 100 deny tcp host 10.10.10.1 any eq 80 permit ip any any. D. ip access-list extended NO_HTTP deny tcp host 10.10.10.1 any eq 80.

158. Which data is properly formatted with JSON?. A. { "name":"Peter" "age":"25" "likesJson": true "characteristics":["small","strong",18] }. B. { "name":"Peter", "age":"25", "likesJson": true, "characteristics":["small","strong","18] }. C. { "name":"Peter", "age":"25", "likesJson": true, "characteristics":["small","strong",18], }. D. { "name":Peter, "age":25 "likesJson": true, "characteristics":["small","strong","18"], }.

159. When configuration WPA2 Enterprise on a WLAN, which additional security component configuration is required?. A. TACACS server. B. PKI server. C. NTP server. D. RADIUS server.

160. Which statement about TLS is true when using RESTCONF to write configurations on network devices ?. A. It requires certificates for authentication. B. It is provided using NGINX acting as a proxy web server. C. It is no supported on Cisco devices. D. It is used for HTTP and HTTPs requests.

161. Which feature does Cisco TrustSec use to provide scalable, secure communication throughout a network?. A. Security group tag number assigned to each user on a switch. B. Security group tag number assigned to each port on a network. C. Security group tag ACL assigned to each port on a switch. D. Security group tag ACL assigned to each router on a network.

162.Which two operations are valid for RESTCONF? (Choose two). A. REMOVE. B. PUSH. C. ADD. D. PATCH. E. HEAD. F. PULL.

163. What is one fact about Cisco SD-Access wireless network deployments?. A. The WLC is part of the fabric underlay. B. The access points is part of the fabric underlay. C. The wireless client is part of the fabric overlay. D. The access point is part of the fabric overlay.

164. What is the difference between a RIB and a FIB?. A. The FIB is populated based on RIB content. B. The FIB is where all IP routing information is stored. C. The RIB is used to make IP source prefix-based switching decisions. D.The RIB maintains a mirror image of the FIB.

165. Which two GRE features are configured to prevent fragmentation?. A. MTU ignore. B. TCP MSS. C. IP MTU. D. TCP window size. E. DF bit clear.

166. An engineer must protect their company against ransom ware attacks. Which solution allows the engineer to block the execution stage and prevent file encryption?. A. Use Cisco Firepower and block traffic to TOR networks. B. Use Cisco AMP deployment with the Exploit Prevention engine enabled. C. Use Cisco Firepower with Intrusion Policy and snort rules blocking SMB exploitation. D. Use Cisco AMP deployment with the Malicious Activity Protection engine enabled.

167. What is the responsibility of a seconday WLC?. A. It shares the traffic load of the LAPs with the primary controller. B. It registers the LAPs if the primary controller fails. C. It enables Layer 2 and Layer 3 roaming between itself and the primary controller. D. It avoids congestion on the primary controller by sharing the registration load on the LAPs.

168. A customer has several small branches and wants to deploy a Wi-fi solution with local management using CAPWAP. Which deployment model meets this requirement?. A. Mobility Express. B. autonomous. C. SD-Access wireless. D. local mode.

169.Refer to the exhibit. A network engineer configures OSPF and reviews the router configuration. Which interface or interfaces are able to establish OSPF adjacency?. A. Gigabit Ethernet0/0 and GigabitEthemet0/1. B. GigabitEthemet0/1 and GigabitEthernet0/1.40. C. only GigabitEthernet0/0. D. only GigabitEthernet0/1.

170. Refer to the exhibit. An engineer must modify the access control list EGRESS to allow all IP traffic from subnet 10.1.10.0/24 to 10.1.2.0/24. The access control list is applied in the outbound direction on router interface GigabitEthemet 0/1. Extended IP access list EGRESS 10 permit ip 10.1.100.0 0.0.0.255 10.1.2.0 0.0.0.255 20 deny ip any any Which configuration commands can the engineer use to allow this traffic without disrupting existing traffic flows?. A. config t ip access-list extended EGRESS2 permit ip 10.1.10.0 0.0.0.295 10.1.2.0 0.0.0.299 permit ip 10.1.100.0 0.0.0.299 10.1.2.0 0.0.0.299 deny ip any any ! interface g0/1 no ip access-group EGRESS out ip access-group EGRESS2 out. B. config t ip access-list extended EGRESS permit ip 10.1.10.0 0.0.0.255 10.1.2.0 0.0.0.255. C. config t ip access-list extended EGRESS permit ip 10.1.10.0 255.255.255.0 10.1.2.0 255.255.255.0. D. config t ip access-list extended EGRESS 5 permit ip 10.1.10.0 0.0.0.255 10.1.2.0 0.0.0.255.

171. Which OSPF network types are compatible and allow communication through the two peering devices?. A. point-to-multipoint to nonbroadcast. B. broadcast to nonbroadcast. C. point-to-multipoint to broadcast. D. broadcast to point-to-point.

172. Which code results in the working python script displaying a list of network devices from the Cisco DNA center?. A. } login = dnac_login(dnac["host"], dnac["username"], dnac ["password"]) network_device_list(dnac,login) for item in dnac_devices print(dnac_devices.item). B. network_device_list(dnac["host"], dnac["username"], dnac["password"]) login = dnac login(dnac) for item in dnac_devices print(dnac_devices.item). C. network_device_list(dnac["host"], dnac["username"], dnac["password"]) login = dnac_login(dnac) print(dnac_devices). D. login = dnac_login(dnac["host"], dnac["username"], dnac["password"]) network_device_list(dnac, login) print(dnac_devices).

173. Refer to the exhibit. An engineer implemented several configuration changes and receives the logging message on switch1. Which action should the engineer take to resolve this issue?. A. change Switch1 to switch port mode dynamic auto. B. change Switch1 to switch port mode dynamic desirable. C. change Switch2 to switch port mode dynamic auto. D. change the VTP domain to match on both switches.

174. What are two benefits of virtual switching when compared to hardware switching?. A. VM-level isolation. B. increased MTU size. C. increased flexibility. D. extended 802.1Q VLAN range. E. hardware independence.

175. Which two components are supported by LISP? (choose two). A. route reflector. B. HMAC algorithms. C. egress tunnel router. D. spoke. E. proxy ETR.

176. What is the function of a fabric border node in a Cisco SD-Access environment?. A. To handle an ordered list of IP addresses and locations for endpoints in the fabric. B. To attach and register clients to the fabric. C. To connect the Cisco SD-access fabric to another fabric or external Layer 3 networks. D. To collect traffic flow information toward external networks.

177. While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message: Jan 1 12:12:14.122: %HSRP-4-DIFFVIP1: GigabitEthernet0/0 Grp 1 active routers virtual IP address 10.1.1.1 is different to the locally configured address 10.1.1.25 Which configuration change must the engineer make?. A. Change the HSRP virtual address on the local router to 10.1.1.1. B. Change the HSRP group configuration on the remote router to 1. C. Change the HSRP group configuration on the local router to 1. D. Change the HSRP virtual address on the remote router to 10.1.1.1.

178. What is a characteristic of a next-generation firewall?. A. provides intrusion prevention. B. filters traffic using Layer 3 and Layer 4 information only. C. required in each layer of the network. D. only required at the network perimeter.

179. Which two operational modes enable on AP to scan one or more wireless channels for rogue access points and at the same time provide wireless services to clients?. A. sniffer. B. Monitor. C. Local. D. rogue detector. E. Flexconnect.

180. What is the difference between CEF and process switching?. A. process switching is faster than CEF. B. CEF is more cpu-intensive than process switching. C. CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet. D. CEF processes pakcets that are too complex for process switching to manage.

181. An engineer must configure an ACL that permits packets which include an ACK in the TCP header. Which entry must be included in the ACL?. A. access-list 10 permit ip any any eq 21 tcp-ack. B. access-list 10 permit tcp any any eq 21 established. C. access-list 110 permit tcp any any eq 21 established. D. access-list 110 permit tcp any any eq 21 tcp-ack.

182. Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?. A. Cisco Web Security Appliance. B. Advanced Malware protection. C. Cisco Firepower and FireSight. D. Cisco Stealthwatch system.

183. Refer to the exhibit. R1 is able to ping the R3 fa0/1 interface. Why do the extended pings fail?. A. R2 and R3 do not have an OSPF adjacency. B. The maximum packet size accepted by the command is 1476 bytes. C. The DF bit has been set. D. R3 is missing a return route to 10.99.69.0/30.

184. How does the RIB differ from the FIB?. A. The RIB is used to create network topologies and routing tables. The FIB is a list of routes to particular network destinations. B. The FIB maintains network topologies and routing tables. The RIB is a list of routes to particular network destinations. C. The FIB includes many routes a single destination. The RIB is the best route to a single destination. D. The RIB includes many routes to the same destination prefix. The FIB contains only the best route.

185. Which solution do IaaS Service providers use to extend a Layer 2 segment accross a Layer 3 network?. A. VLAN. B. VXLAN. C.VTEP. D. VRF.

186. All switches are configured with the default port priority value. Which two commands ensure that traffic from PC1 is forwarded over Gi1/3 trunk port between DWS1 and DSW2? (Choose two). A. DSW2(config-if)#spanning-tree port-priority 128. B. DSW1(config-if)#spannin-tree port-priority 0. C. DSW2(config-if)#spanning-tree port-priority 16. D. DSW1(config)#interface gi1/3. E. DSW2(config)#interface gi1/3.

187. Refer to the exhibit. Which IP address becomes the active next hop for 192.168.102.0/24 when 192.168.101.2 fails?. A. 192.168.101.18. B. 192.168.101.6. C. 192.168.101.10. D. 192.168.101.14.

188. Refer to the exhibit. A GRE tunnel has been created between HQ and BR routers. What is the tunnel IP on the HQ router?. A. 209.165.202.130. B. 209.165.202.134. C. 10.111.111.2. D. 10.111.111.1.

189. Refer to the exhibit. External users require HTTP connectivity to an internal company web server that is listening on TCP port 8080. Which command set accomplishes this requirement?. A. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 209.165.200.226 8080 10.1.1.100 8080. B. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 10.1.1.100 8080 interface G0/0 80. C. interface G0/0 ip address 209.164.200.255 255.255.255.224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 209.165.200.225 80 10.1.1 100 8080. D. interface G0/0 ip address 209.165.200.225 255.255.255.2224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 10.1.1.1 8080 209.165.200.225. 80.

190. An engineer measures the Wi-Fi coverage at a customer site. The RSSI values are recorded as follows: Location A: -72 dBm Location B: -75 dBm Location C: -65 dBm Location D: -80 dBm Which two statements does the engineer use to explain these values to the customer? (Choose two). A. The RF signal strength at location C is 10 times stronger than location B. B. The RF signal strength at location B is 50% weaker than location A. C. The signal strength at location B is 10 dB better than location C. D. Location D has the strongest RF signal strength. E. The signal strength at location C is too weak to support web surfing.

191. Refer to the exhibit. Which result does the Python code achieve?. A. The code converts time to the Epoch LINUX time format. B. The code encrypts a base 63 decrypted password. C. The code converts time to the "year/month/day" time format. D. The code conerts time the yyyymmdd representation.

192. What is the output of this code? def get_credentials(): creds={'username':'cisco','password':'c339348dc30e3fbig3kjr93godke333'} return(creds.get('username'))print(get_credentials()). A.username. B. get_credentials. C.username: cisco. D. cisco.

193. A company has an existing Cisco 5520 HA cluster using SSO. An engineer deploys a new single Cisco Catalyst 9800 WLC to test new features. The engineer successfully configures a mobility tunnel between the 5520 cluster and 9800 WLC. Clients connected to the corporate WLAN roam seamlessly between access points on the 5520 and 9800 WLC. After a failure on the primary 5520 WLC, all WLAN services remain functional; however clients cannot roam between the 5520 and 9800 controllers without dropping their connection. Which feature must be configured to remedy the issue?. A. new mobility on the 9800 WLC. B. mobility MAC on the 5520 cluster. C. mobility MAC on the 9800 WLC. D. new mobility on the 5520 cluster.

194. Refer to the exhibit. What is the effect of this configuration?. A. The device will authenticate all users connecting to vty lines 0 through 4 against TACACS+. B. The device will allow only users at 192.168.0.202 to connect vty lines 0 through 4. C. When users attempt to connect to vty lines 0 through 4, the device will authenticate them against TACACS+ if local authentication fails. D. The device will allow users at 192.168.0.202 to connect to vty lines 0 through 4 using the password ciscotestkey.

195. Which two methos are used to reduce the AP coverage area?. A. Reduce channel width from 40 MHz to 20 MHz. B. Increase minimum mandatory data rate. C. Disable 2.4 GHz and use only 5GHz. D. Enable Fastlane. E. Reduce AP transmit power.

196. Which algorithms are used to secure REST API from brute attacks and minimize the impact?. A. SHA-512 and SHA-384. B. SHA-1, SHA-256, and SHA-512. C. MD5 algorithm-128 and SHA-384. D. PBKDF2, BCrypt, and SCrypt.

197. An engineer is concerned with the deployment of a new application that is sensitive to inter-packet delay variance. Which command configures the router to be the destination of jitter measurements?. A. Router(config)# ip sla responder tcp-connect 172.29.139.134 5000. B. Router(config)# ip sla responder udp-connect 172.29.139.134 5000. C. Router(config)# ip sla responder tcp-echo 172.29.139.134 5000. D. Router(config)# ip sla responder udp-echo 172.29.139.134 5000.

198. In a wireless Cisco SD-Access deployment, which roaming method is used when a user moves from one access point to another on a different access switch using a single WLC?. A. fast roam. B. inter-xTR. C. Layer3. D. auto anchor.

199. Refer to the exhibit. Communication between London and New York is down. Which command set must be applied to the New York switch to resolve the issue?. A. NewYork(config)# no interface po1 NewYork(config)#interface range fa0/1-2 NewYork(config-if)#channel-group 1 mode passive NewYork(config-if)#end NewYork#. B. NewYork(config)# no interface po1 NewYork(config)#interface range fa0/1-2 NewYork(config-if)#channel-group 1 mode auto NewYork(config-if)#end NewYork#. C. NewYork(config)# no interface po1 NewYork(config)#interface range fa0/1-2 NewYork(config-if)#channel-group 1 mode negotiate NewYork(config-if)#end NewYork#. D. NewYork(config)# no interface po1 NewYork(config)#interface range fa0/1-2 NewYork(config-if)#channel-group 1 mode on NewYork(config-if)#end NewYork#.

200. Refer to the exhibit. A network engineer configures NAT on R1 and enters the show command to verify the configuration. What does the output confirm?. A. R1 is configured with NAT overload parameters. B. A telnet session from 160.1.1.1 to 10.1.1.10 has been initiated. C. R1 is configured with PAT overload parameters. D. The first packet triggered NAT to add an entry to the NAT table.

201. Refer to the exhibit. After configuring an IPsec VPN, an engineer enters the show command to verify the ISAKMP SA status. What does the status show?. A. ISAKMP SA has been created but it has not continued to form. B. Peers have exchanged keys, but ISAKMP SA remains unauthenticated. C. ISAKMP SA is authenticated and can be used for Quick Mode. D. VPN peers agreed on parameters for the ISAKMP SA.

202. Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?. A. vManage. B. vSmart. C. PnP server. D. vBond.

203. What is the data policy in a Cisco SD-WAN deployment. A. group of services tested to guarantee devices and links liveliness within the SD-WAN overlay. B. list of ordered statements that define node configurations and authentication used within the SD-WAN overlay. C. detailed database mapping serveral kinds of addresses with their corresponding location. D. set of statements that defines how data is fowarded based on IP packet information and specific VPNs.

204. What is the recommended MTU size for a Cisco SD-Access fabric?. A. 4464. B. 1500. C. 9100. D. 17914.

205. What is a benefit of a virtual machine when compared with a physical server?. A. Virtual machines increase server processing performance. B. Multiple virtual servers can be deployed on the same physical server without having to buy additional hardware. C. Deploying a virtual machine is technically less complex than deploying a physical server. D. The CPU and RAM resources on a virtual machine cannot be affected by other virtual machines.

206. What is a characteristic of a virtual machine?. A. It must be aware of other virtual Machines, in order to allocate physical resources for them. B. It is deployable without a hypervisor to host it. C. It must run the same operating system as its host. D. It relies on hypervisors to allocate computing resources for it.

207. Refer to the exhibit. Which command must be applied to R2 for an OSPF neighborship to form?. A. network 20.1.1.2 255.255.255.255 area 0. B. network 20.1.1.2 0.0.0.0 area 0. C. network 20.1.1.2 0.0.255.255 area 0. D. network 20.1.1.2 255.255.0.0 area 0.

208. An engineer must configure a new loopback interface on a router and advertise the interface as a /24 in OSPF. Which command set accomplishes this task?. A. R2(config)# interface Loopback0 R2(config-if)# ip address 172.22.2.1 255.255.255.0 R2(config-if)#ip ospf 100 area 0. B. R2(config)# interface Loopback0 R2(config-if)# ip address 172.22.2.1 255.255.255.0 R2(config-if)#ip ospf network point-to-multipoint R2(config-if)#ip ospf 100 R2(config-if)#network 172.22.2.0 0.0.0.255 area 0. C. R2(config)# interface Loopback0 R2(config-if)# ip address 172.22.2.1 255.255.255.0 R2(config-if)#ip ospf network broadcast R2(config-if)#ip ospf 100 area 0. D. R2(config)# interface Loopback0 R2(config-if)# ip address 172.22.2.1 255.255.255.0 R2(config-if)#ip ospf network point-to-point R2(config-if)#ip ospf 100 area 0.

209. In which two ways does TCAM differ from CAM? (Choose two). A. The MAC address table is contained in TCAM, and ACL and QoS information is stored in CAM. B. The MAC address table is contained in CAM, and ACL and QoS information stored in TCAM. C. CAM is used by routers for IP address lookpups, and TCAM is used to make Layer 2 forwarding decisions. D. CAM is used for software switching mechanisms, and TCAM is used for hardware switching mechanisms. E. CAM is used to make Layer 2 forwarding decisions, and TCAM is used for Layer 3 address lookups.

210. What does Call Admission Control require the client to send in order to reserve the bandwidth?. A. VoIP media session awareness. B. Wi-fi multimedia. C. traffic specification. D. SIP flow information.

211. What is a characteristic of MACsec?. A. 802.1AE is built between the host and switch using the MKA protocol, which negotiates encryption keys based on the master session key from a successful 802.1X session. B. D. 802.1AE is negotiated using Cisco AnyConnect NAM and the SAP protocol. C. 802.1AE provides encryption and authentication services. D.802.1AE is built between the host and switch using the MKA protocol using keys generated via the Diffie-Hellman algorithm (anonymous encryption mode).

212. What is the result when an active route processor fails in a design that combines NSF with SSO?. A. An NSF-aware device immediately updates the standby route processor RIB without churning the network. B. An NSF-capable device immediately updates the standby route processor RIB without churning the network. C. The standby route processor temporarily forwards packets until route convergence is complete. D. The standby route processor immediately takes control and forwards packets along known routes.

213. An engineer must export the contents of the devices object in JSON format. Which statement must be use? import json from json import dumps, loads Devices = [{ 'name': 'distsw1? 'type':'Catalyst C9407R', 'user':'netadmin', 'pass0:'383847459c9484940373dc038484943' }]. A. json.loads(Devices). B. json.dumps(Devices). C. json.print(Devices). D. json.repr(Devices).

214. A network engineer must configure a password expiry mechanism on the gateway router for all local passwords to expire after 60 days. What is required to complete this task?. A. Add the aaa authentication enable default Administrators command. B. No further action is required. The configuration is complete. C. Add the username admin privilege 15 common-criteria-policy Administrators password Cisco13579! command. D. The password expiry mechanism is on the AAA server and must be configured there.

215. What is the function of the LISP map resolver?. A. to advertise routable non-USP traffic from one address family to LISP sites in a different address family. B. to decapsulate map-request messages from ITRs and forward the messages to the MS. C. to send traffic to non-LISP sites when connected to a service provider that does not accept nonroutable EIDs as packet sources. D. to connect a site to the LISP-capable part of a core network, publish the EID-to-RLOC mappings for the site and respond to map-request messages.

216. "HTTP/1.1 204 content" is returned when curl -i -x DELETE command is issued. Which situation has occurred?. A. The object could not be located at the URI path. B.The URI was invalid. C. The object was located at the URI, but it could not be deleted. D. The command succeeded in deleting the object.

217. What is one benefit of implementing a VSS architecture?. A. It provides multiple points of management for redundancy and improved support. B. It uses GLBP to balance traffic between gateways. C. It provides a single point of management for improved efficiency. D. It uses a single database to manage configuration for multiple switches.

218. Which cisco DNA center application is responsible for group-based access control permissions?. A. Policy. B. Provision. C. Assurance. D. Design.

219. An engineer configures HSRP group 37. The configuration does not modify the default virtual MAC address. Which virtual MAC address does the group use?. A. 00:00:0c:07:ac:37. B. C0.00:00:25:00.00. C. C0:XX:XX:XX:XX:XX. D. 00:00:0c:07:ac:25.

220. Which new enhancement was implemented in Wi-fi 6?. A. 4096 Quadrature Amplitude Modulation mode. B. Wi-Fi protected Access 2. C. Uplink and Downlink Orthogonal Frequency Division Muliple Access. D. Channel bonding.

221. How is MSDP used to interconnect multiple PIM-SM domains?. A. MSDP messages are use to advertise active sources in a domain. B. MSDP SA request messages are used to request a list of active sources for a specific group. C. MSDP depends on BGP or multiprotocol BGP for interdomain operation. D. MSDP allows a redenzvous point to dynamically discover active sources outside of its domain.

222. Where is radio resource management performed in a cisco SD-access wireless solution?. A. wireless controller. B. Cisco CMX. C. Control plane node. D. DNA Center.

223. If the noise floor is -90 dBm and the wireless client is receiving a signal of -75 dbm, what is the SNR?. A.15. B. 1.2. C. 83. D. -165.

224. Refer to the exhibit. An engineer configures CoPP and enters the show command to verify the implementation. What is the result of the configuration?. A. All traffic will be policed based on access-list 120. B. ICMP will be denied based on this configuration. C.Class-default traffic will be dropped. D. If traffic exceeds the specified rate, it will be transmitted and remarked.

225. An engineer has deployed a single Cisco 5520 WLC with a management IP address of 172.16.50.5/24. The engineer must register 50 new Cisco AIR-CAP2802I-E-K9 access points to the WLC using DHCP option 43.The access points are connected to a switch in VLAN 100 that uses the 172.16.100.0/24 subnet. The engineer has configured the DHCP scope on the switch as follows: Network 172.16.100.0 255.255.255.0 Default Router 172.16.100.1 Option 43 Ascii 172.16.50.5 The access points are failing to join the wireless LAN controller. Which action resolves the issue?. A. configure dns-server 172.16.100.1. B. configure option 43 Hex F104.AC10.3205. C. configure option 43 Hex F104.CA10.3205. D. configure dns-server 172.16.50.5.

226. Refer to the exhibit. Which action completes the configuration to achieve a dynamic continuous mapped NAT for all users?. A. Configure a match-host type NAT pool. B. Increase the NAT pool size to support 254 usable addresses. C. Reconfigure the pool to use the 192.168.1.0 address range. D. Configure a one-to-one type NAT pool.

227. Refer to the exhibit. An engineer is installing a new pair of routers in a redundant configuration. When checking on the standby status of each router the engineer notices that the routers are not functioning as expected. Which action will resolve the configuration error new pair of routers in a redundant configuration. Which protocol ensures that traffic is not disrupted in the event of a hardware failure?. A. Configure matching priority values. B. Configure matching hold and delay timers. C. Configure matching key-strings. D. Configure unique virtual IP adresses.

228. Refer to the exhibit. An engineer must establish eBGP peering between router R3 and router R4. Both routers should use their loopback interfaces as the BGP router ID. Which configuration set accomplishes this task?. A. R3(config)# router bgp 200 R3(config-router)# neighbor 10.4.4.4 remote-as 100 R3(config-router)# neighbor 10.4.4.4 update-source Loopback0 R4(config)# router bgp 100 R4(config-router)# neighbor 10.3.3.3 remote-as 200 R4(config-router)# neighbor 10.3.3.3 update-source Loopback0. B. R3(config)# router bgp 200 R3(config-router)# neighbor 10.24.24.4 remote-as 100 R3(config-router)# neighbor 10.24.24.4 update-source Loopback0 R4(config)# router bgp 100 R4(config-router)# neighbor 10.24.24.3 remote-as 200 R4(config-router)# neighbor 10.24.24.3 update-source Loopback0. C. R3(config)# router bgp 200 R3(config-router)# neighbor 10.24.24.4 remote-as 100 R3(config-router)# bgp router-id 10.3.3.3 R4(config)# router bgp 100 R4(config-router)# neighbor 10.24.24.3 remote-as 200 R4(config-router)# bgp router-id 10.4.4.4. D. R3(config)# router bgp 200 R3(config-router)# neighbor 10.4.4.4 remote-as 100 R3(config-router)# bgp router-id 10.3.3.3 R4(config)# router bgp 100 R4(config-router)# neighbor 10.3.3.3 remote-as 200 R4(config-router)# bgp router-id 10.4.4.4.

229. Refer to the exhibit. A network engineer must simplify the IPsec configuration by enabling IPsec over GRE using IPsec profiles.Which two configurations changes accomplish this? (choose two). A. Remove the crypto map and modify the ACL to allow traffic between 10.10.0.0/24 to 10.20.0.0/24. B. Remove all configuration related to crypto map from R1 and R2 and eliminate the ACL 100. C. Create an IPsec profile, associate the transform-set, and apply the profile to the tunnel interface. D. Create and IPsec profile, associate the transform-set ACL, adn apply the profile to the tunnel interface. E. Apply the crypto map to the tunnel interface and change the tunnel mode to tunnel mode ipsec ipv4.

230. Which function is handled by vManage in the Cisco SD-WAN fabric?. A. Establishes BFD sessions to test liveliness of links and nodes. B. Distributes policies that govern data forwarding. C. Establishes IPsec tunnels with nodes. D. Performs remote software upgrades for WAN Edge, vSmart and vBond.

231. Refer to the exhibit. SwitchC connects HR and Sales to the Core switch. However, business needs require that no traffic from the Finance VLAN traverse this switch. Which command meets this requirement?. A SwitchC(config)#vtp pruning vlan 110. B. SwitchC(config)#interface port-channel 1 SwitchC(config-if)#switchport trunk allowed vlan add 210,310. C. SwitchC(config)#interface port-channel 1 SwitchC(config-if)#switchport trunk allowed vlan remove 110. D. SwitchC(config)#vtp pruning.

232. Which two mechanisms are available to secure NTP (choose two.). A. encrypted authentication. B. IP prefix list based. C. TACACS-based authentication. D. IPsec. E. IP access list- based.

233. company plans to implement intent-based networking in its campus infrastructure. Which desing facilitates a migration from a traditional campus design to a programmable fabric design?. A. Three-tier. B. routed access. C. two-tier. D. Layer 2 access.

234. How does EIGRP differ from OSPF metric?. A. The EIGRP metric is calculated based on bandwidth only. The OSPF metric is calculated on delay only. B. The EIGRP metric is calculated based on delay only. The OSPF metric is calculated on bandwidth and delay. C. The EIGRP metric is calculated based on bandwidth and delay. The OSPF metric is calculated on bandwidth only. D. The EIGRP metric is calculated based on hop count and bandwidth. The OSPF metric is calculated on bandwidth and delay.

235. Refer to the exhibit. >>> netconf_data["GigabitEthernet"][0]["enabled"] u'false' >>> netconf_data["GigabitEthernet"][1]["enabled"] u'true' >>> netconf_data["GigabitEthernet"][2]["enabled"] u'false' >>> netconf_data["GigabitEthernet"][0]["description"] u'my description' Which Python code snippet prints the descriptions of disabled interfaces only?. A. for interface in netconf_data ["Gigabitethernet"] if interface ["enabled"]!='false' print(interface["description"]). B. for interface in netconf_data ["Gigabitethernet"] if interface ["enabled"]!='true' print(interface["description"]). C. for interface in netconf_data ["Gigabitethernet"] print["enabled"]!='true' print(interface["description"]). D. for interface in netconf_data ["Gigabitethernet"] print(interface["enabled"]) print(interface["description"]).

236. Refer to the exhibit. Which type of antenna does the radiation pattern represent?. A. multidirectional. B. directional patch. C. Yagi. D. omnidirectional.

237. What are two considerations when using SSO as a network redundancy feature? (choose two.). A. requires synchronization between supervisors in order to guarantee continuous connectivity. B. both supervisors must be configured separately. C. must be combined with NSF to support uninterrupted Layer 2 operations. D. the multicast state is preserved during switchover. E. must be combined with NSF to support uninterrupted Layer 3 operations.

238. Which AP mode allows a supported AP to function like a WLAN client would, associating and identifying client connectivity issues?. A. sensor mode. B. sniffer mode. C. SE-connect mode. D. client mode.

239. What is the purpose of the LISP routing and addressing architecture?. A. It creates two entries for each network node, one for its identity and another for its location on the network. B. It creates head-end replication used to deliver broadcast and multicast frames to the entire network. C. It allows multiple instances of a routing table to co-exist within the same router. D. It allows LISP to be applied as a network virtualization overlay though encapsulation.

240. A server running Linux is providing support for virtual machines along with DNS and DHCP services for a small business. Which technology does this represent?. A. container. B. hardware pass-thru. C. type 2 hypervisor. D. type 1 hypervisor.

241.Refer to the exhibit. Which HTTP JSON response does the Python code output give? PYTHON CODE import requests import json url='http://YOURIP/ins' switchuser='USERID' switchpassword='PASSWORD' myheaders={'content-type':'application/json'} payload={ "ins_api": { "version":"1.0", "type":"cli_show", "chunk":"0", "sid":"1", "input":"show version", "output_format":"json" } } response = requests.post(url,data=json.dumps(payload), headers=myheaders,auth=(switchuser,switchpassword)).json() print(response['ins_api']['outputs'][output']['body']['kickstart_ver_str']) =========================================================================== ====================================== HTTP JSON Response: { "ins_api": { "type": "cli_show", "version":"1.0", "sid":"eoc", "outputs":{ "output":{ "input":"show version", "msg":"Success", "code":"200", "body":{ "bios_ver_str":"07.61", "kickstart_ver_str":"7.0(3)I7(4)", "bios_cmpl_time":"04/08/2017", "kick_file_name":"bootflash:///nxos.7.0.3.I7.4.bin", "kick_cmpl_time":"6/14/1970 09:49:04", "chassis_id": "Nexus9000 93180YC-EX chassis", "cpu_name": "Intel(R) Xeon(R) CPU @1.80GHz", "memory": 24633488, "mem_type":"kB", "rr_usecs":134703, "rr_ctime":"Sun Mar 10 15:41:46 2019", "rr_reason": "Reset Requested by CLI command reload", "rr_sys_ver":"7.0(3)I7(4)", "rr_service":"", "manufacturer": "Cisco Systems, Inc", "TABLE_package_list": { "ROW_package_list": { "package_id": {} } } } } } } }. A. KeyError: "kickstart_ver_str". B. 7 0(3) I7(4). C. NameError:name 'json' is not defined. D. 7.61.

242. What is YANG used for?. A. processing SNMP read-only polls. B. scraping data via CLI. C. describing data models. D. providing a transport for network configuration data between client and server.

243. Refer to the exhibit. What is the result when a switch that is running PVST+ is added to this network?. A. Both switches operate in the Rapid PVST+ mode. B. Spanning tree is disabled automatically on the network. C. Both switches operate in the PVST+ mode. D. DSW2 operates in Rapid PVST+ and the new switch operates in PVST+.

244. Refer to the exhibit. What is the effect of these commands on the BR and HQ tunnel interfaces? BR(config)#interface tunnel1 BR(config-ig)#keepalive 53 HQ(config)#interface tunnel1 HQ(config-if)#keepalive 53. A. The keepalives are sent every 5 seconds and 3 retries. B. The tunneling protocol goes down when the keepalive counter reaches 5. C. The tunneling protocol goes down when the keepalive counter reaches 6. D. The keepalives are sent every 3 seconds and 5 retries.

245. Refer to the exhibit. A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line but not from show running- config. which command completes the configuration?. A. Device(config)# netconf max-message 1000. B. Device(config)#netconf lock-time 500. C. Device(config)# netconf max-sessions 100. D. Device(config)#no netconf ssh acl 1.

246. Refer to the exhibit. After implementing the configuration 172.20.20.2 stops replying to ICMP echos, but the default route fails to be removed. What is the reason of this behavior?. A. The source-interface is configured incorrectly. B. The destination must be 172.30.30.2 for icmp-echo. C. The threshold value is wrong. D. The default route is missing the track feature.

247. What is the function of Cisco DNA Center in a Cisco SD-Access deployment?. A. It possesses information about all endpoints,nodes, and extremal networks related to the fabric. B. It is responsible for routing decisions inside the fabric. C.It provides integration and automation for al non fabric nodes and their fabric counterparts. D. It is responsible for the design, management, deployment, provisioning and assurance of the fabric network devices.

248. What does the LAP send when multiple WLCs respond to the CISCO-CAPWAP-CONTROLLER local domain hostname during the CAPWAP discovery and join process?. A. unicast discovery request to each WLC. B. unicast discovery request to the first WLC that resolves the domain name. C. multicast discovery request. D. join request to all the WLCs.

249. In a Cisco SD-WAN deployment, which action is the vSmart controller responsible for?. A. gather telemetry data from WAN Edge routers. B. onboard WAN ede nodes into the Cisco SD-WAN fabric. C. distribute policies that govern data forwarding performed within the Cisco SD-WAN fabric. D. handle,maintain anf gather configuration and status for nodes within the Cisco SD-WAN fabric.

250. Which device makes the decision for a wireless client to roam?. A. access point. B. WCS location server. C. wireless LAN controller. D. wireless client.

251. Which method should an engineer use to deal with a long-standing contention issue between any two VMs on the same host?. A. live migrate the VM to another host. B. reset the VM. C. reset the host. D. adjust the resource reservation limits.

252.Which DHCP options helps lightweight APs find the IP address of a wireless LAN controller?. A. Option 67. B. Option 60. C. Option 43. D. Option 150.

253. Refer to the exhibit. Which type of antenna is shown on the radiattion patterns?. A. Yagi. B. Dipole. C. Patch. D. Ominidirectional.

254. A network engineer is configuring Flexible NetFlow and enters these commands: Sampler Netflow1 mode random one-out-of 100 interface fastethernet 1/0 flow-sampler netflow1 Which are two results of implementing this feature instead of traditional NetFlow? (Choose two). A. Only the flows of top 100 talkers are exported. B. CPU and memory utilization are reduced. C. The data exported flow is more secure. D. The number of packets to be analyzed are reduced. E. The accuracy of the data to be analyzed is improved.

255. Refer to the exhibit. An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as the exit point. Assuming that all BGP neighbor relationships have been fromed and that the attributes have not been changed on any of the routers, which configuration accomplishes this task?. A. R3(config-router) bgp default local-preference 200. B. R3(config-router) neighbor 10.1.1.1 weight 200. C. R4(config-router) neighbor 10.2.2.2 weight 200. D. R4(config-router) bgp default local-preference 200.

256. Refer to the exhibit. An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts. Drag and drop the commands into the configuration to achieve these results some commands may be used more than once. Not all commands are used. Action drop. Action forward. filter. permit. deny. match.

257. Drag and drop the descriptions from the left onto the routing protocol they describe on the right. Supports unequal cost path load balancing. link state. advanced distance vector. supports only equal cost path load balancing.

258. Drag and drop the characteristics from the left onto the orchestration tools they describe on the right. Uses playbooks. procedural. uses a pull model. declarative.

259. Drag and drop the wireless elements on the left to their definitions on the right. beamwidth. polarization. radiation patterns. gain.

260. Drag and drop the description of the VSS technology from the left to the right. Not all options are used. combines exactly two devices. supported on Cisco 3750 and 3850 devices. supported on the Cisco 4500 and 6500 series. supports devices that are geographically separated. supports up to nine devices. uses proprietary cabling.

261. Drag and drop the characteristics from the left onto the infrastructure deployment models they describe on the right. easy to scale the capacity up and down. infrastructure large and regular investment. highly agile. highly customizable.

262. Drag and drop the descriptions from the left onto the routing protocol they describe on the right. summaries can be created anywhere in the IGP topology. uses areas to segment a network. summaries can be created in specific parts of the IGP topology.

263. Drag and drop the characteristics from the left onto the orchestration tools they describe on the right. utilizes a pull model. utilizes a push model. multimaster architecture. primary/secondary architecture.

264. Drag and drop the description from the left onto the correct QoS components on the right. causes TCP retransmission when traffic is dropped. buffers excessive traffic. introduces no delay and jitter. introduces delay and jitter. drops excessive traffic. typicall delays, rather than drops traffic.

265. Drag and drop the REST API authentication method from the left to the description on the right. HTTP basic authentication. oAuth. Secure vault.

266. Drag and drop the characteristics of PIM Dense Mode from the left to the right. Not all options are used. builds source-based distribution trees. uses a push model to distribute multicast traffic. uses a pull model to distribute multicast traffic. uses prune mechanisms to stop unwanted multicast traffic. builds shared distribution trees. requires a rednezvous point to deliver multicast traffic.

267. Drag and drop the characteristics from the left onto the protocols they apply on the right. uses Dijkstra 's shortest path first algorithm. uses difused update algorithm. uses bandwidth, delay, reliability and load for routing metric. uses an election process.

268. Drag and drop the characteristics from the left onto the routing protocols they describe on the right. maintain alternative loop-free backup bath if available. quickly computes new path upon link failure. selects routes using the DUAL algorithm.

269.Drag and drop the characteristics from the left onto the correct infrastructure deployment types on the right. customizable hardware, purposes-built systems. easy to scale an upgrade. more suitable with specific regulary or security requirements. resources can be over or underutilized as requirements vary. requires a strong and stable internet connection. built-in, automated data back ups and recovery.

270. Drag and drop the threat defense solutions from the left onto their descriptions on the right. Stealwatch. ESA. AMP4E. Umbrella. FTD.

271. Drag and drop the characteristics from the left onto the correct routing protocol types on the right. supports unequal path load balancing. link state routing protocol. distance vector routing protocol. metric based on delay and reliability by default. make it easy to segment the network logically. constructs three tables as part of its operation neighbor table topology table and routing table.

272. Drag and drop the virtual components from the left onto their descriptions on the right. VNIC. OVA. VMDK. VMX.

273. Drag and drop the LISP components from the left onto the function they perform on the right. Not all options are used. LISP map resolver. LISP proxy ETR. LISP route reflector. LISP ITR. LISP map server.

274. Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right. DHCP Request. DHCP offer. DHCP Discover. DHCP ACK.

275. Drag and drop the solutions that comprise Cisco Cyber threat defense formt he left onto the objectives they accomplish on the right. Stealwatch. Identity Services Engine. Web security appliance.

276. Drag and drop the QoS mechanisms from the left to the correct descriptions on the right. service policy. policy map. DSCP.