Pruebas Encore 9

Refer to the exhibit. A network architect has partially configured static NAT. Which commands should be added to complete the configuration?. R1(config)# interface GigabitEthernet 0/0 R1(config)# ip pat inside - R1(config)# interface GigabitEthernet 0/1 R1(config)# ip pat outside -. R1(config)# interface GigabitEthernet 0/0 R1(config)# ip pat outside - R1(config)# interface GigabitEthernet 0/1 R1(config)# ip pat inside -. R1(config)# interface GigabitEthernet 0/0 R1(config-if)# ip nat inside - R1(config)# interface GigabitEthernet 0/1 R1(config-if)# ip nat outside -. R1(config)# interface GigabitEthernet 0/0 R1(config-if)# ip nat outside - R1(config)# interface GigabitEthernet 0/1 R1(config-if)# ip nat inside.

Refer to the exhibit. An engineer must allow the FTP traffic from users on 172.16.1.0 /24 to 172.16.2.0 /24 and block all other traffic. Which configuration must be applied?. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255 R1 (config)#interface giga 0/2 - R1 (config-if)#ip access-group 120 in. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 20 R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 21 R1(config)#interface giga 0/2 - R1 (config-if)#ip access-group 120 in. R1 (config)# access-list 120 deny any any R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 21 R1 (config)#interface giga 0/0 - R1(config-if)#ip access-group 120 out. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255 R1(config)# access-list 120 permit udp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255 R1 (config)#interface giga 0/2 - R1(config-if)#ip access-group 120 out.

High bandwidth utilization is occurring on interface Gig0/1 of a router. An engineer must identify the flows that are consuming the most bandwidth. Cisco DNA Center is used as a flow exporter and is configured with the IP address 192.168.23.1 and UDP port 23000. Which configuration must be applied to set NetFlow data export and capture on the router?. R1(config)#ip flow-export R1(config)#ip flow-export destination 192.168.23.1 23000 R1(config)#interface Gig0/1 R1(config-if)#-ip flow monitor. R1(config)#ip flow-export R1(config)#ip flow-export destination 192.168.23.1 R1(config)#interface Gig0/1 R1(config-if)#-collect counter bytes R1(config-if)#-collect counter packets. R1(config)#ip flow-export R1(config)#ip flow-export destination 192.168.23.1 23000 R1(config)#interface Gig0/1 R1(config-if)#-ip flow ingress R1(config-if)#-ip flow egress. R1(config)#ip flow-export R1(config)#ip flow-export destination 192.168.23.1 23000 R1(config)#interface Gig0/1 R1(config-if)#-ip flow-top-talkers.

DRAG DROP - Drag and drop the code snippets from the bottom onto the blanks in the code to construct a request that configures policy-based routing. 1. 2.

Which DNS record type is required to allow APs to discover a WLC by using DNS on IPv4?. NS. A. SOA. MX.

What is modularity in network design?. ability to bundle several functions into a single layer of the network. ability to create self-contained, repeatable sections of the network. ability to self-heal the network to prevent service outages. ability to scale and accommodate future needs of the network.

Refer to the exhibit. An engineer configured TACACS+ to authenticate remote users, but the configuration is not working as expected. Which configuration must be applied to enable access?. R1 (config)# ip tacacs source-interface Gig 0/0. R1 (config)# tacacs server prod - R1(config-server-tacacs)# port 1020. R1 (config)# aaa authorization exec default group tacacs+ local. R1 (config)# tacacs server prod - R1(config-server-tacacs)# key cisco123.

A customer has two Cisco WLCs that manage separate APs throughout a building. Each WLC advertises the same SSID but terminates on different interfaces. Users report that they drop their connections and change IP addresses when roaming. Which action resolves this issue?. Configure high availability. Enable fast roaming. Configure mobility groups. Enable client load balancing.

What is one difference between the RIB and the FIB?. The RIB keeps all routing information received from peers, and the FIB keeps the minimum information necessary to make a forwarding decision. The RIB works at the data plane, and the FIB works at the control plane. The FIB contains routing prefixes, and the RIB contains the Layer 2 and Layer 3 information necessary to make a forwarding decision. The RIB is known as the CEF table, and the FIB is known as the routing table.

What is a characteristic of an AP operating in FlexConnect mode?. All traffic traverses the WLC to ensure policy enforcement on client traffic. Forwarding for locally switched traffic continues when the AP loses connectivity to the WLC. APs connect in a mesh topology and elect a root AP. FlexConnect enables an AP to connect to multiple WLCs.

What is the benefit of using TCAM for IP forwarding decisions versus using the CAM table?. TCAM finds results based on binary, and CAM uses the longest match to find results. TCAM processes lookups in a hardware CPU. and CAM relies on binary masks to find results. TCAM finds results based on masks, and CAM finds results basing on exact match. TCAM uses low cost hardware memory to store addresses, and CAM uses expensive hardware memory.

Refer to the exhibit. Two indirectly connected routers fail to form an OSPF neighborship. What is the cause of the issue?. failing hello packets between the two routers. DR/BDR selection dispute. MTU mismatch. OSPF network type mismatch.

Which feature is provided by Cisco Mobility Services Engine in a Cisco Wireless Unified Network architecture?. It adds client packet capturing. It enables NetFlow data collection. It adds client tracking and location API. It identifies authentication problems.

Which unit of measure is used to measure wireless RF SNR?. dBi. dB. dBm. mW.

Drag and drop the components of the Cisco SD-Access fabric architecture from the left onto the correct descriptions on the right. Not all options are used. CP node. border node. edge node.

In a campus network design, what are two benefits of using BFD for failure detection? (Choose two.). BFD speeds up routing convergence time. BFD is an efficient way to reduce memory and CPU usage. BFD provides fault tolerance by enabling multiple routers to appear as a single virtual router. BFD provides path failure detection in less than a second. BFD enables network peers to continue forwarding packets in the event of a restart.

Refer to the exhibit. A network engineer issues the debug command while troubleshooting a network issue. What does the output confirm?. ACL 100 is tracking ICMP traffic from 10.1.1.1 destined for 1.1.1.1. ACL100 is tracking all traffic from 10.1.1.1 destined for 1.1.1.1. ACL100 is tracking ICMP traffic from Serial1/0 destined for Serial3/0. ACL100 is tracking ICMP traffic from 1.1.1.1 destined for 10.1.1.1.

Refer to the exhibit. An engineer must update the existing configuration to achieve these results: • Only administrators from the 192.168.1.0/24 subnet can access the vty lines. • Access to the vty lines using clear-text protocols is prohibited. Which command set should be applied?. acces-list 1 permit 192.168.1.0 0.0.0.255 line vty 0 15 access-class 1 in transport input none. acces-list 1 permit 192.168.1.0 0.0.0.255 line vty 0 15 access-class 1 in transport input telnet ssh. acces-list 1 permit 192.168.1.0 0.0.0.255 line vty 0 15 access-class 1 in transport input ssh. acces-list 1 permit 192.168.1.0 255.255.255.0 line vty 0 15 access-class 1 in transport input telnet rlogin.

Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?. NBAR2. IPFIX. 8. flexible.

Refer to the exhibit. What is printed to the console when this script is run?. a key-value pair in tuple type. an error. a key-value pair in list type. a key-value pair in string type.

What is a difference between Chef and other automation tools?. Chef is an agentless tool that uses playbooks, and Ansible is an agent-based tool that uses cookbooks. Chef is an agentless tool that uses a primary/minion architecture, and SaltStack is an agent-based tool that uses a primary/secondary architecture. Chef is an agent-based tool that uses cookbooks, and Ansible is an agentless tool that uses playbooks. Chef uses Domain Specific Language, and Puppet uses Ruby.

An engineer must configure a new WLAN that supports 802.11r and requires users to enter a passphrase. What must be configured to support this requirement?. 802.1X and Fast Transition. FT PSK and Fast Transition. 802.1X and SUITEB-1X. FT PSK and SUITEB-1X.

Refer to the exhibit. An engineer is troubleshooting an mDNS issue in an environment where Cisco ISE is used to dynamically assign mDNS roles to users. The engineer has confirmed that ISE is sending the correct values, but name resolution is not functioning as expected. Which WLC configuration change resolves the issue?. Enable AAA Override. Enable Aironet IE. Set MFP client protection to Required. Change NAC state to ISE NAC.

What is one role of the VTEP in a VXLAN environment?. to maintain VLAN configuration consistency. to forward packets to non-LISP sites. to provide EID-to-RLOC mapping. to encapsulate the tunnel.

DRAG DROP - Drag and drop the snippets onto the blanks within the code to construct a script that configures BGP according to the topology. Not all options are used, and some options may be used twice. 1. 2.

How is CAPWAP data traffic encapsulated when running an Over the Top WLAN in a Cisco SD-Access wireless environment?. LISP. VXLAN. GRE. IPsec.

Refer to the exhibit. What does the Python code accomplish?. It configures interface e1/32 to be in an admin down state. It generates a status code of 403 because the type is incorrect. It configures interface e1/32 to be in an err-disable state. It returns data in JSON-RPC format.

Refer to the exhibit. Which action must be performed to allow RESTCONF access to the device?. Enable the NETCONF service. Enable the SSH service. Enable the IOX service. Enable the HTTPS service.

Which JSON script is properly formatted?. "student":[ { "grade":"9", "ID":"7460059362", "type":"on-line", }]. { "plants": [ "name":"Fern", "color":"green", "type":"Indoor", ] }. } "class": [ { "title":"Cooking 101", "type":"elective", "session": "fall" } ] }. [ "class": { [ "title":"History", "grade":"5", "location":"Site 2" } ] ].

Which technology is used as the basis for the Cisco SD-Access data plane?. LISP. 802.1Q. VXLAN. IPsec.

How is OAuth framework used in REST API?. as a framework to hash the security information in the REST URL. by providing the external application a token that authorizes access to the account. as a framework to hide the security information in the REST URL. by providing the user credentials to the external application.

What is a characteristic of Cisco DNA southbound APIs?. implements monitoring by using the SOAP protocol. enables orchestration and automation of network devices based on intent. utilizes REST API. simplifies management of network devices.

Where is the wireless LAN controller located in a mobility express deployment?. The wireless LAN controller exists in a server that is dedicated for this purpose. The wireless LAN controller is embedded into the access point. The wireless LAN controller exists in the cloud. There is no wireless LAN controller in the network.

Refer to the exhibit. A network engineer must permit administrators to automatically authenticate if there is no response from either of the AAA servers. Which configuration achieves these results?. aaa authentication enable default group radius local. aaa authentication login default group radius. aaa authentication login default group tacacs+ line. aaa authentication login default group radius none.

Which hypervisor requires a host OS to run and is not allowed to directly access the hosts hardware and resources?. native. bare metal. type 1. type 2.

Refer to the exhibit. The NETCONF object is sent to a Cisco IOS XE switch. What is the purpose of the object?. Discover the IP address of interface GigabitEthernet1. Remove the IP address from interface GigabitEthernet1. Set the description of interface GigabitEthernet1 to "1". View the configuration of all GigabitEthernet interfaces.

Which protocol does Cisco SD-WAN use to protect control plane communication?. STUN. OMP. IPsec. DTLS.

Which security option protects credentials from sniffer attacks in a basicAPI authentication?. next-generation firewall. TLS or SSL for communication. VPN connection between client and server. AAA services to authenticate the API.

Which mechanism can be used to enforce network access authentication against an AAA server if the endpoint does not support the 802.1X supplicant functionality?. WebAuth. MACsec. private VLANs. port security.

An engineer must configure router R1 to validate user logins via RADIUS and fall back to the local user database if the RADIUS server is not available. Which configuration must be applied?. aaa authentication exec default radius local. aaa authentication exec default radius. aaa authorization exec default radius local. aaa authorization exec default radius.

What does the Cisco WLC Layer 3 roaming feature allow clients to do?. maintain their IP address when roaming to an AP or controller with a different client VLAN assignment. maintain their connection between APs even when the AP management VLANs are different. maintain their connection even if the client IP address changes when roaming. roam seamlessly between controllers even when the controller management VLANs are different.

Which JSON script is properly formatted?. { "animals": { "type": "horse", "breed": "Palamino", "color": "tan" } }. { "Vendor": { "type": "wholesale", "location": "on-line", "contact": "646-168-2143" } }. { "subject": { "title": "Language", "ID": "841963", "location": "Main Campus" } }. { "plants": [ { "type": "annual", "color": "yellow", "season": "summer" } ] }.

What is the function of Cisco DNA Center in a Cisco SD-Access deployment?. It is responsible for the design, management, deployment, provisioning, and assurance of the fabric network devices. It is responsible for routing decisions inside the fabric. It provides integration and automation for all nonfabric nodes and their fabric counterparts. It possesses information about all endpoints, nodes, and external networks related to the fabric.

How do the MAC address table and TCAM differ?. TCAM is populated from the ARP file, and the MAC address table is populated from the switch configuration fil. TCAM stores Layer 2 forwarding information, and the MAC address table stores QoS information. TCAM lookups can match only 1s and 0s, and MAC address lookups can match 1s, 0s and a third "care/don't care" state. TCAM is a type of memory and the MAC address table is a logical structure.

Which technology provides an overlay fabric to connect remote locations utilizing commodity data paths and improves network performance, boosts security, and reduces costs?. InfiniBand. VTEP. SD-WAN. VXLAN.

Which two actions are recommended as security best practices to protect REST API? (Choose two.). Enable dual authentication of the session. Use a password hash. Use SSL for encryption. Use TACACS+ authentication. Enable out-of-band authentication.

Drag and drop the code snippets from the bottom onto the blanks in the PHP script to convert a PHP array into JSON format. Not all options are used. 1. 2.

Refer to the exhibit. An engineer is configuring WebAuth on a Cisco Catalyst 9800 Series WLC. The engineer has purchased a third-party certificate using the FQDN of the WLC as the CN and intends to use it on the WebAuth splash page. What must be configured so that the clients do not receive a certificate error?. Virtual IPv4 Hostname must match the CN of the certificate. Virtual IPv4 Address must be set to a routable address. Web Auth Intercept HTTPs must be enabled. Trustpoint must be set to the management certificate of the WLC.

Refer to the exhibit. Which configuration must be added to enable remote access only using SSHv1 or SSHv2 to this router?. R1(config)# ip ssh version2 R1(config)# line vty 0 15 R1(config-line)# transport input ssh R1(config-line)# transport output ssh. R1(config)#crypto key generate rsa modulus 2048 R1(config)# line vty 0 15 R1(config-line)# transport input ssh. R1(config)# line vty 0 15 R1(config-line)# transport input ssh R1(config-line)# transport output ssh. R1(config)#crypto key generate rsa modulus 2048 R1(config)#ip ssh version 2 R1(config)# line vty 0 15 R1(config-line)# transport input all.

Refer to the exhibit. What is the output of this code?. 1st_item#######: 645298791871446 2nd_item_that_must_display: jlugyydt##. 1st_item#######: 6452987918 2nd_item_that_m: jlugyydt##. 1st_item#######: 8791871446 at_must_display: jlugyydt. 645298791871446 ##jlugyydt.

Refer to the exhibit. An engineer is troubleshooting an issue with non-Wi-Fi interference on the 5-GHz band. The engineer has enabled Cisco CleanAir and set the appropriate traps, but the AP does not change the channel when it detects significant interference. Which action will resolve the issue?. Enable the Avoid Persistent Non-WiFi interference option. Change the DCA Sensitivity option to High. Enable the Event Driven Radio Resource Management option. Disable the Avoid Foreign AP Interference option.

Refer to the exhibit. What is achieved by the XML code?. It displays the access list sequence numbers from the output of the show ip access-list extended flp command on the terminal screen. It displays the output of the show ip access-list extended flp command on the terminal screen. It reads the access list sequence numbers from the output of the show ip access-list extended flp command into a dictionary list. It reads the output of the show ip access-list extended flp command into a dictionary list.

An engineer measures the Wi-Fi coverage at a customer site The RSSI values are recorded as follows: • Location A: -72 dBm • Location B: -75 dBm • Location C -65 dBm • Location D -80 dBm Which two statements does the engineer use to explain these values to the customer? (Choose two.). The signal strength at location C is too weak to support web surfing. Location D has the strongest RF signal strength. The RF signal strength at location B is 50% weaker than location A. The RF signal strength at location C is 10 times stronger than location B. The signal strength at location B is 10 dB better than location C.

DRAG DROP - Drag and drop the code snippets from the bottom onto the blanks in the script to convert a Python object into a compact JSON object by removing space characters. Not all options are used. 1. 2.

Where are operations related to software images located in the Cisco DNA Center GUI?. Services. Provisioning. Assurance. Design.

What is a difference between OSPF and EIGRP?. OSPF uses a default hello timer of 5 seconds. EIGRP uses a default hello timer of 10 seconds. OSPF uses a default hello timer of 5 seconds. EIGRP uses a default hello timer of 10 seconds. OSPF uses an administrative distance of 115. EIGRP uses an administrative distance of 160. OSPF uses IP protocol number 88. EIGRP uses IP protocol number 89.

Which type of antenna is designed to provide a 360-degree radiation pattern?. Yagi. patch. directional. omnidirectional.

Which two security mechanisms are used by Cisco Threat Defense to gain visibility into the most dangerous cyber threats? (Choose two.). virtual private networks. file reputation. VLAN segmentation. Traffic Telemetry. dynamic enforce policy.

Which action is a LISP ITR responsible for?. responding to map-request messages. forwarding user data traffic. finding EID-to-RLOC mappings. accepting registration requests from ETRs.

An engineer modifies the existing ISE guest portal URL to use a static FQDN. Users immediately report that they receive certificate errors when they are redirected to the new page. Which two additional configuration steps are needed to implement the change? (Choose two.). Add a new DNS record to resolve the FQDN to the PSN IP address. Create and sign a new CSR that contains the static FQDN entry. Manually configure the hosts file on each user device. Disable HTTPS on the WLC under the Management menu. Add the FQDN entry under the WLC virtual interface.

Which JSON script is properly formatted?. { "car": [ { "type": "Ford", "color": "red", "year": "1998" } ] }. { "book": { "title": "Engineering", "grade": "11", "edition": "4" } }. { "truck": [ { "type": "Dodge", "color": "blue", "year": "2015" } ] }. { "device": [ { "type": "switch", "model": "Catalyst", "mac": "00:46:10:04:93:6c" } ] }.

What is contained in the VXLAN header?. VXLAN network identifier. source and destination RLOC ID. endpoint ID. original Layer 2 VLAN ID.

Refer to the exhibit. Clients are reporting an issue with the voice traffic from the branch site to the central site. What is the cause of this issue?. There is a routing loop on the network. There is a high delay on the WAN links. Traffic is load-balancing over both links, causing packets to arrive out of order. The voice traffic is using the link with less available bandwidth.

Which virtualization component creates VMs and performs hardware abstraction that allows multiple VMs to run at the same time?. container. Docker. hypervisor. rkt.

Refer to the exhibit. An SSID is configured and both clients can reach their gateways on the Layer 3 switch, but they cannot communicate with each other. Which action resolves this issue?. Set the WMM Policy to Allowed. Set the P2P Blocking Action to Disabled. Set the WMM Policy to Required. Set the P2P Blocking Action to Forward-UpStream.

What is a characteristic of VXLAN?. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay. It has a 12-byte packet header. It uses TCP for transport,. It is a multi-tenant solution.

Which network devices secure API platforms?. content switches. web application firewalls. next-generation intrusion detection systems. Layer 3 transit network devices.

What does Call Admission Control require the client to send in order to reserve the bandwidth?. SIP flow information. Wi-Fi multimedia. VoIP media session awareness. traffic specification.

Which capability does a distributed virtual switch have?. use floating static routes. provide configuration consistency across the hosts. run dynamic routing protocols. use advanced IPsec encryption algorithms.

Which two methods are used to assign security group tags to the user in a Cisco TrustSec. architecture? (Choose two.). web authentication. IEEE 802.1x. DHCP. modular QoS. policy routing.

Which resource must the hypervisor make available to the virtual machines?. bandwidth. IP address. processor. secure access.

DRAG DROP - Drag and drop the automation characteristics from the left onto the corresponding tools on the right. 1. 2.

Refer to the exhibit. An engineer must configure a Cisco WLC with WPA2 Enterprise mode and avoid global server lists. Which action is required?. Enable EAP parameters. Apply CISCO ISE default settings. Select a RADIUS authentication server. Disable the RADIUS server accounting interim update.

Refer to the exhibit. An administrator must collect basic statistics about the approximate amount of IPv4 and IPv6 flows entering Gi0/0 using NetFlow. However, the administrator is concerned that NetFlow processing during periods of high utilization on Gi0/0 will overwhelm the router CPU. Which configuration minimizes CPU impact and keeps the data flows across Gi0/0 intact?. sampler R-1-1024 mode random 1 out-of 1024 ! interface Gi0/0 ip flow monitor v4Talkers sampler R-1-1024 input ipv6 flow monitor v6Talkers sampler R-1-1024 input. policy-map Talkers class class-default police cir percent 50 conform-action transmit exceed-action drop ! interface Gi0/0 service-policy input Talkers ip flow monitor v4Talkers ipv6 flow monitor v6Talkers. interface Gi0/0 load-interval 600 ip flow monitor v4Talkers ipv6 flow monitor v6Talkers. interface Gi0/0 no ip route-cache ip flow monitor v4Talkers ipv6 flow monitor v6Talkers.

Which two mechanisms are used with OAuth 2.0 for enhanced validation? (Choose two.). authorization. custom headers. request management. authentication. accounting.

Which characteristic applies to the endpoint security aspect of the Cisco Threat Defense architecture?. detect and block ransomware in email attachments. outbound URL analysis and data transfer controls. user context analysis. blocking of fileless malware in real time.

Refer to the exhibit. An administrator writes a script to fetch the list of devices that are registered with Cisco DNA Center. Why does the execution abort?. The TLS certificate of DNA Center is invalid. The username or the password is incorrect. The “dna-center” hostname cannot be resolved to an IP address. The authentication URL is incorrect.

When is GLBP preferred over HSRP?. When the gateway routers are a mix of Cisco and non-Cisco routers. When encrypted hellos are required between gateways in a single group. When the traffic load needs to be shared between multiple gateways using a single virtual IP. When clients need the gateway MAC address to be the same between multiple gateways.

Which TLV value must be added to Option 43 when DHCP is used to ensure that APs join the WLC?. 0x77. AAA. 0xf1. 642.

DRAG DROP - Drag and drop the automation characteristics from the left onto the appropriate tools on the right. Not all options are used. 1. 2.

What is a characteristic of a virtual machine?. It is more resource efficient than a container. It provides an environment completely isolated from the host OS. It is more lightweight than a container. It shares the host OS kernel, binaries, and libraries.

Refer to the Exhibit. External users require HTTP connectivity to an internal company web server that is listening on TCP port 8080. Which command set accomplishes?. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 209.165.200.225 8080 10.1.1.100 8080. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 10.1.1.1 8080 209.165.200.225 80. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 10.1.1.1 8080 209.165.200.225 80. interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 209.165.200.225 80 10.1.1.100 8080.

A network engineer must configure the VTY lines on a router to achieve these results: • Remote access should be permitted only for secure protocols. • Only a password should be required for device authentication. • All idle EXEC sessions must be terminated in 60 minutes. Which configuration should be applied?. line vty 0 15 password Cisco123 transport input ssh exec-timeout 60. line vty 0 15 login password Cisco123 transport input ssh exec-timeout 60. line vty 0 15 password Cisco123 transport input telnet ssh exec-timeout 60. line vty 0 15 password Cisco123 transport input all session-timeout 60.

How does NETCONF YANG represent data structures?. as strict data structures defined by RFC 6020. in an XML tree format. in an HTML format. as modules within a tree.

Refer to the exhibit. An engineer must modify the existing configuration so that R2 can take over as the primary router when serial interface 0/0.1 on R1 goes down. Which command must the engineer apply?. R2# standby 100 preempt. R2# standby 100 priority 100. R2# standby 100 track 26 decrement 10. R2# track 26 interface Serial0/0.1 line-protocol.

Refer to the exhibit. An engineer deploys a script to retrieve the running configuration from a NETCONF-capable Cisco IOS XE device that is configured with default settings. The script fails. Which configuration must be applied to retrieve the configuration using NETCONF?. print (netconf_host.get_config(‘show running’)). port=830. device_params=(‘name’:’los-xe’}). hostkey_verify=True,.

Refer to the exhibit. Which action must be taken to configure a WLAN for WPA2-AES with PSK and allow only 802.11r-capable clients to connect?. Enable Fast Transition and FT + PSK. Enable Fast Transition and PSK. Change Fast Transition to Adaptive Enabled and enable FT + PSK. Enable PSK and FT + PSK.

Refer to the exhibit. Which address type is 10.10.10.10 configured for?. outside global. inside global. outside local. inside local.

Refer to the exhibit. What is the result of the NTP configuration?. The router will use the address of loppback 0 to communicate with the NTP server. The router will advertise but not listen to NTP broadcast packets. The router will be used as an NTP authoritative server only if it synchronized with an outside source. The router will be used as an NTP authoritative server, even if it is not synchronized with an outside source.

Refer to the exhibit. An engineer must create a manually triggered EEM applet to enable the R2 router interface and assign an IP address to it. What is required to complete this configuration?. R2(config-apple)#action 4 cli command “ip add 172.16.1.1 0.0.0.255”. R2(config)# event manager session cli username. R2(config-applet)# event oir. R2(config-applet)# event none sync yes.

What is stateful switchover?. cluster protocol used to facilitate switch failover. mechanism to take control from a failed RP while maintaining connectivity. mechanism used to prevent routing protocol loops during an RP switchover. First Hop Redundancy Protocol for host gateway connectivity.

Which two features are available only in next-generation firewalls? (Choose two.). application awareness. packet filtering. stateful inspection. deep packet inspection. virtual private network.

Refer to the exhibit. Which result is achieved by the CoPP configuration?. Traffic that matches entry 10 of ACL 100 is always dropped. Class-default is dropped. Traffic that matches entry 10 of ACL 100 is always allowed with a limited CIR. Traffic that matches entry 10 of ACL 100 is always allowed.

An engineer must use flexible NetFlow on a group of switches. To prevent overloading of the flow connector, if the flow is idle for 20 seconds, the flow sample should be exported. Which command set should be applied?. flow record recordflow exporter flowexport record recordflow cache timeout active 120 cache timeout inactive 20 cache type immediate. flow monitor monitorflow exporter flowexport record recordflow cache timeout active 120 cache timeout inactive 20 cache type immediate. flow monitor monitorflow exporter recordflow cache timeout active 120 cache timeout inactive 20 cache type permanent. flow record recordflow match ipv6 destination ip-address match ipv6 source ip-address match ipv6 protocol-type view match interface input match interface output match transport destination-port collect counter bytes long.

When a branch location loses connectivity, which Cisco FlexConnect state rejects new users but allows existing users to function normally?. Authentication-Down/Switch-Local. Authentication-Down/Switching-Down. Authentication-Central/Switch-Local. Authentication-Local/Switch-Local.

Refer to the exhibit. Which action does the Python script accomplish?. connects to the device using Telnet and exports the routing table information. connects to the device using SSH and exports the routing table information. displays the output of the show command in an unformatted way. displays the output of the show command in a formatted way.