How does HSRP provide first hop redundancy? A. It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table. B. It uses a shared virtual MAC and a virtual IP address of routers that serve as the default gateway for hosts on a LAN C. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN D. It forwards multiple packets to the same destination over different routed links in the data path.
Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16? A. It selects the OSPF route because it has the lowest cost. B. It selects the EIGRP route because it has the lowest administrative distance. C. It selects the RIP route because it has the longest prefix inclusive of the destination address. D. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.
What is the difference between local AP mode and FlexConnect AP mode? A. Local AP mode creates two CAPWAP tunnels per AP to the WLC B. FlexConnect AP mode fails to function if the AP loses connectivity with the WLC C. Local AP mode causes the AP to behave as if it were an autonomous AP D. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured.
A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped? A. Device(config)# lldp run B. Device(config)# cdp enable C. Device(config)# flow-sampler-map topology D. Device(config)# cdp run.
refer to the exhibit. What is the effect of this configuration? A. Dynamic ARP inspection is disabled because the ARP ACL is missing. B. The switch port remains down until is configured to trust or untrust incoming packets. C. The switch port remains administratively down until the interface is connected to another switch D. The switch port interface trust state becomes untrusted.
What are two benefits of controller-based networking compared to traditional networking? (Choose two) A. controller-based allows for fewer network failures, while traditional increases failure rates B. controller-based increases network bandwidth usage, while traditional lightens the load on the network C. controller-based reduces network configuration complexity, while traditional increases the potential for errors D. controller-based provides centralization of key IT functions, while traditional requires distributed management functions E. controller-based inflates software costs, while traditional decreases individual licensing costs.
An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using the cryptographic protocol? A. hostname R1
ip domain name cisco
crypto key generate rsa general-keys modulus 1024
username cisco privilege 15 password 0 cisco123
ip ssh version 2
line vty 0 15
transport input all
login local B. hostname R1
ip domain name cisco
crypto key generate rsa general-keys modulus 1024
username cisco privilege 15 password 0 cisco123
ip ssh version 2
line vty 0 15
transport input ssh
login local C. hostname R1
crypto key generate rsa general-keys modulus 1024
username cisco privilege 15 password 0 cisco123
ip ssh version 2
line vty 0 15
transport input all
login local D. hostname R1
service password-encryption
crypto key generate rsa general-keys modulus 1024
username cisco privilege 15 password 0 cisco123
ip ssh version 2
line vty 0 15
transport input ssh
login local.
Refer to the exhibit. An engineer is bringing up a new circuit on the MPLS provider on the Gi0/1 interface of Router1. The new circuit uses eBGP arms the route to VLAN 25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25? A. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table B. Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces C. Traffic to 10.10.13.0/25 is asymmethrical D. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be preformed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? A. Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router B. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router C. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router D. Configure the ipv6 route 2023::/126 2012:1 command on the Atlanta router E. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.
Refer to the exhibit. Load-balanced traffic is coming in from the WAN destined to a host at 172.16.1.190. Which next-hop is used by the router to forward the request? A. 192.168.7.4 B. 192.168.7.35 C. 192.168.7.7 D. 192.168.7.40.
Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface? A. disable the EUI-64 bit process B. enable SLAAC on an interface C. explicitly assign a link-local address D. configure a stateful DHCPv6 server on the network.
What configuration management mechanism uses TCP port 22 by default when communicating with managed nodes? A. Chef B. Python C. Ansible D. Puppet.
Refer to the exhibit. Which two commands when used together create port channel 10? (Choose two) A. int range g0/0-1
channel-group 10 mode active B. int range g0/0-1
channel-group 10 mode desirable C. int range g0/0-1
channel-group 10 mode passive D. int range g0/0-1
channel-group 10 mode on E. int range g0/0-1
channel-group 10 mode auto.
An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used? A. interface fastethernet0/1
switchport priority extend trust B. interface fastethernet0/1
switchport priority extend cos7 C. interface fastethernet0/1
switchport voice vlan dot1p D. interface fastethernet0/1
switchport voice vlan untagged.
Refer to the exhibit. The network administrator must prevent switch the Cat9K-2 IP address from being visible in LLDP without disabling the protocol. Which action must be taken to complete the task? A. Configure the no lldp transmit command on interface G10/0/21 on Cat9K-1 B. Configure the no lldp mac-phy-cfg command globally on Cat9K-2 C. Configure the no lldp receive command on interface G1/0/21 on Cat9K-1 D. Configure the no lldp tlv-select management-address command globally on Cat9K-2.
Refer to the exhibit. The administrator must configure a floating static default route that points to 2001:db8:1234:2::1 and replaces the current default route only if it fails. Which command must the engineer configure on the CPE? A. ipv6 route ::/0 2001:db8:1234:2::1 1 B. ipv6 route ::/0 2001:db8:1234:2::1 3 C. ipv6 route ::/0 2001:db8:1234:2::1 2 D. ipv6 route ::/128 2001:db8:1234:2::1 3.
When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format? A. 6 B. 12 C. 18 D. 8.
Refer to the exhibit. A packet is being sent across router R1 to host 172.16.0.14. What is the destination route for the packet? A. 209.165.200.254 via Serial0/0/0 B. 209.165.200.250 via Serial0/0/0 C. 209.165.200.246 via Serial0/1/0 D. 209.165.200.254 via Srial0/0/1.
A user configured OSPF in a single area between two routers. A serial interface connecting R1 and R2 is running encapsulation PPP. By default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2? A. broadcast B. point-to-multipoint C. point-to-point D. nonbroadcast.
Which two practices are recommended for an acceptable security posture in a network? (Choose two.) A. Use a cryptographic keychain to authenticate to network devices B. Maintain network equipment in a secure location C. Disable unused or unnecessary ports, interfaces and services. D. Back up device configurations to encrypted USB driver for secure retrieval E. Place internal email and file servers in a designated DMZ.
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. auto B. on C. active D. desirable.
Which protocol is used for secure remote CLI access? A. HTTP B. SSH C. HTTPS D. Telnet.
Refer to the exhibit. An access list is created to deny Telnet access from host to PC-1 to RTR-1 and allow access from all other hosts. A Telnet attempt from PC-2 gives this message “% Connection refused by remote host.” Without allowing Telnet access from PC-1, which action must be taken to permit the traffic? A. Add the access-list 10 permit any command to the configuration B. Remove the access-class 10 in command from line vty 0 4 C. add the ip access-group 10 out command to interface g0/0 D. remove the password command from line vty 0 4.
Which port type supports the spanning-tree portfast command without additional configuration? A. Layer 3 main interfaces B. Layer 3 subinterfaces C. access ports D. trunk ports.
Refer to the exhibit. R1 has taken the DROTHER role in the OSPF DR/BDR election process. Which configuration must an engineer implement so that R1 is elected as the DR? A. R2(config)#interface Fastethernet0/2
R2(config-if)#ip ospf priority 1
R2#clear ip ospf process B. R1(config)#interface Fastethernet0/0
R1(config-if)#ip ospf priority 200
R1#clear ip ospf process C. R3(config)#interface Fastethernet0/1
R3(config-if)#ip ospf priority 200
R3#clear ip ospf process D. R1(config)#interface Fastethernet0/0
R1(config-if)#ip ospf priority 1
R1#clear ip ospf process.
Refer to exhibit. Between which zones do wireless users expect to experience intermittent connectivity? A. between zones 2 and 5 B. between zones 3 and 4 C. between zones 3 and 6 D. between zones 1 and 2.
Which WAN topology has the highest degree of reliability? A. hub-and-spoke B. full mesh C. point-to-point D. router-on-a-stick.
Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in hcrage of receiving the packet from PC-A, verifying the IP address, and forwarding the packet to PC-B? A. Layer 2 switch B. Firewall C. load balancer D. Router.
What is an expected outcome when network management automation is deployed? A. Custom applications are needed to configure network devices. B. Software upgrades are performed from a central controller. C. Complexity increases when new device configurations are added. D. A distributed management plane must be used.
How does CAPWAP communicate between an access point in a local mode and a WLC? A. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC. B. The access point must be connected to the same switch as the WLC. C. The access point must directly connect to the WLC using a copper cable. D. The access point must not be connected to the wired network as it would create a loop.
Which REST method updates an object in the Cisco DNA Center Intent API? A. CHANGE B. PUT C. POST D. UPDATE.
An engineer requires a scratch interface to actively attempt to stablish a trunk link with a neighbor switch. What command must be configured? A. switchport mode trunk B. switchport mode dynamic auto C. switchport mode dynamic desirable D. switchport nonegotiate.
Which interface mode must be configured to connect the lightweight APs in a centralized architecture? A. WLAN dynamic B. management C. access D. trunk.
Which characteristic differentiates the concept of authentication from authorization and accounting? A. identify verification B. user-activity logging C. consumption-based billing D. service limitations.
Refer to the exhibit. Routers R1 and R3 have the default configuration. The router R2 priority is set to 99. Which commands on R3 configure it as the DR in the 10.0.4.0/24 network? A. R3(config)# interface Gig0/0
R3(config-if)# ip ospf priority 100 B. R3(config)# interface Gig0/1
R3(config-if)# ip ospf priority 0 C. R3(config)# interface Gig0/0
R3(config-if)# ip ospf priority 1 D. R3(config)# interface Gig0/1
R3(config-if)# ip ospf priority 100.
An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001:/64. The next hop must be 2019:C15C:0CAF:E002:1. The route must be reachable via the R1 Gigabit 0/0 interface. which command configures the designated route? A. R1(config-if)#ip route 2019:C15C:0CAF:E001:/64 GigabitEthernet 0/0 B. R1(config)#ip route 2019:C15C:0CAF:E001:/64 GigabitEthernet 0/0 C. R1(config-if)#ipv6 route 2019:C15C:0CAF:E001:/64 2019:C15C:0CAF:E002::1 D. R1(config)#ipv6 route 2019:C15C:0CAF:E001:/64 2019:C15C:0CAF:E002::1.
Which protocol prompts the Wireless Lan Controller to generate its own local web administration SSL certificate for GUI access? A. HTTP B. HTTPS C. TACACS+ D. RADIUS.
What makes Cisco DNA Center different from traditional network management applications and their management of networks? A. It only supports auto-discovery of network elements in a greenfield deployment B. It does not support high availability of management functions when operating in cluster mode C. It abstract policy from the actual device configuration D. Its modular design allows someone to implement different versions to meet the specific of an organization.
What is a function of TFTP in network operations? A. transfers files between file systems on a router B. transfers a configuration files from a server to a router on a congested link C. transfers a backup configuration file from a server to a switch using a username and password D. transfers IOS images from a server to a router for firmware upgrades.
Refer to the exhibit. Which configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and allow all other traffic? A. access-list 100 deny tcp host 172.16.1.33 any eq 22
access-list 100 permit ip any any B. interface GigabitEthernet0/0
ip access-group 100 in
access-list 100 deny tcp host 172.16.1.33 any eq 23
access-list 100 permit ip any any C. line vty 0 15
access-class 100 in
access-list 100 deny tcp host 172.16.1.33 any eq 23
access-list 100 permit ip any any D. interface GigabitEthernet 0/0
ip access-group 100 in
access-list 100 deny tcp host 172.16.1.33 any eq 22
access-list 100 permit ip any any.
An organization secures its network with multi-factor authentication using an authenticator app on employee smartphones. How is the application secured in the case of a user's smartphone being lost or stolen? A. The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted. B. The application requires the user to enter a PIN before it provides the second factor C. The application requires an administrator password to reactivate after a configured interval. D. The application verifies that the user is in a specific location before it provides the second factor.
Refer to the exhibit. The following must be considred:
. SW1 is fully configured for all traffic.
. The SW4 and SW9 links to SW1 have been configured
. The SW4 interface Gi0/1 and Gi0/0 on Sw9 have been configured
. The remaining switches have had all VLANs added to their VLAN database
Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs? A. SW4
interface Gi0/7
switchport mode trunk
switchport trunk allowed vlan 108
!
interface Gi0/2
switchport mode access
switchport access vlan 14
SW11#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 14,108
!
interface Gi0/1
switchport mode trunk
switchport trunk allowed vlan 14,108
SW9#
interface Gi0/2
switchport mode access
switchport access vlan 14 B. SW4#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 14
SW11#
interface Gi0/1
switchport mode trunk
switchport trunk allowed vlan 14
SW9#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 108
C. SW4#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 14,108
SW11#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 14,108
interface Gi0/1
switchport mode trunk
switchport trunk allowed vlan 14,108
SW9#
interface Gi0/2
switchport mode trunk
switchport trunk allowed vlan 14 D. SW4#
interface Gi0/2
switchport mode access
switchport access vlan 14
SW11#
interface Gi0/2
switchport mode access
switchport access vlan 14
!
interface Gi0/0
switchport mode access
switchport access vlan 14
!
interface Gi0/1
switchport mode trunk
SW9#
interface Gi0/2
switchport mode access
switchport access vlan 14.
Which networking function occurs on the data plane? A. sending and receiving OSPF Hello packets B. forwarding remote client/server traffic C. facilitates spanning-tree elections D. processing inbound SSH management traffic.
A cisco engineer must configure single switch interface to meet these requirements:
1. accept untagged frames and place them in VLAN 20
2. accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone
Which command set must the engineer apply? A. switchport mode trunk
switchport access vlan 20
switchport voice vlan 30 B. switchport mode dynamic auto
switchport trunk native vlan 20
switchport trunk allowed vlan 30
switchport voice vlan 30 C. switchport mode dynamic desirable
switchport access vlan 20
switchport trunk allowed vlan 30
switchport voice vlan 30 D. switchport mode access
switchport access vlan 20
switchport voice vlan 30.
What us a DHCP client? A. a router that statically assigns IP addresses to hosts B. a host that is configured to request an IP address automatically C. a server that dynamically assigns IP addresses to hosts D. a workstation that requests a domain name associated with its IP address.
Refer to the exhibit. What is a reason for poor performance on the network interface? A. The cable connection between the two devices is faulty B. The bandwidth setting of the interface is misconfigured C. The interface is receiving excessive broadcast traffic D. The interface is operating at a different speed than the connected device.
An office has 8 floors with approximately 30-40 users per floor. what command must be configured on the router Switched Virtual Interface to use address space efficiently? A. ip address 192.168.0.0 255.255.244.224 B. ip address 192.168.0.0 255.255.255.128 C. ip address 192.168.0.0 255.255.0.0 D. ip address 192.168.0.0 255.255.254.0.
Which two outcomes are predictable behaviors for HSRP? (Choose two) A. each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them. B. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN C. The two routers share the same interface IP address, and default gateway traffic is load-balanced between them D. The two routers negotiate one router as the active and the other as the standby router E. The two routers synchronize configurations to provide consistent packet forwarding.
Which command entered on a switch configured with Rapid PVST+ listens and learns for a specific time period? A. switch(config)#spanning-tree vlan 1 max-age6 B. switch(config)#spanning-tree vlan 1 forward-time 20 C. switch(config)#spanning-tree vlan 1 priority 4096 D. switch(config)#spanning-tree vlan 1 hello-time 10.
A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment security-violation count and forward an SNMP trap? A. switchport port-security violation access B. switchport port-security violation shutdown C. switchport port-security violation protect D. switchport port-security violation restrict.
Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18? A. R17#
!
no ip domain lookup
ip cef
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:3::201/64
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:2::201/64
!
no cdp log mismatch duplex
ipv6 route 2001:DB8:4::/64 2001:DB8:5::101 B. R17#
!
no ip domain lookup
ip cef
ipv6 unicast-routing
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:2::201/64
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:3::201/64
!
no cdp log mismatch duplex
ipv6 route 2001:DB8:4::/64 2001:DB8:2::201 C. R17#
!
no ip domain lookup
ip cef
ipv6 cef
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:2::201/64
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:3::201/64
!
no cdp log mismatch duplex
ipv6 route 2001:DB8:4::/64 2001:DB8:4::302 D. R17#
!
no ip domain lookup
ip cef
ipv6 unicast-routing
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:2::201/64
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:3::201/64
!
no cdp log mismatch duplex
ipv6 route 2001:DB8:4::/64 2001:DB8:3::301.
Which enhancement is implemented in WPA3? A. applies 802.1x authentication B. uses TKIP C. employs PKI to identify access points D. protects against brute force attacks.
Which 802.11 frame type is indicated by a probe response after a client sends a probe request? A. Action B. Control C. Data D. Management.
What are the two benefits of network automation? (Choose two) A. increased network security B. faster changes with more reliable results C. reduced operational costs D. fewer network failures E. reduced hardware footprint.
When deploying syslog, which severity level logs informational messages? A. 2 B. 4 C. 0 D. 6.
Refer to the exhibit. The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet. The requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4? A. Subnet: 10.7.54.0
Subnet mas: 255.255.254.0
Broadcast address: 10.7.54.255
Usable IP address range: 10.7.54.1 - 10.7.55.254 B. Subnet: 10.7.54.0
Subnet mas: 255.255.128.0
Broadcast address: 10.7.55.255
Usable IP address range: 10.7.54.1 - 10.7.55.254 C. Subnet: 10.7.54.0
Subnet mas: 255.255.254.0
Broadcast address: 10.7.55.255
Usable IP address range: 10.7.54.1 - 10.7.55.254 D. Subnet: 10.7.54.0
Subnet mas: 255.255.255.0
Broadcast address: 10.7.54.255
Usable IP address range: 10.7.54.1 - 10.7.55.254.
Refer to the exhibit. The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration to allow clients on VLAN 1 to receive addresses from the DHCP server? A. Configure the ip dhcp relay information option command on the interface that is connected to the DHCP server B. Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP client C. Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server D. Configure the ip dhcp relay information option conmand on the interface that is connected to the DHCP client.
What is the function of a controller in a software-defined network? A. multicast replication at the hardware level B. fragmenting and reassembling packets C. making routing decisions D. Forwarding packets.
What benefit does controller-based networking provide versus traditional networking? A. allows configuration and monitoring of the network from one centralized point B. moves from a two-tier to a three-tier network architecture to provide maximum redundancy allows C. provides an added layer of security to protect from DDoS attack D. combines control and data plane functionality on a single device to minimize latency.
When a WLAN with WPA2 PSK is configured in the Wireless LAN controller GUI, which format is supported? A. base64 B. decimal C. unicode D. ASCII.
When a switch receives a frame for a known destination MAC address, how is the frame handled? A. broadcast to all ports B. sent to the port identified for the known MAC address C. forwarded to the first available port D. flooded to all ports except the one from which it originated .
Which two protocols must be disabled to increase security for management connections to a Wireless LAN controller? (Choose two) A. Telnet B. HTTP C. TFTP D. HTTPS E. SSH.
Which protocol does an access point use to draw power from a connected switch? A. Adaptive Wireless Path Protocol B. Cisco Discovery Protocol C. Internet Group Management Protocol D. Neighbor Discovery Protocol.
Refer to the exhibit. Which route type does the routing protocol Code D represent in the output? A. route learned through EIGRP B. /24 route of a locally configured IP C. statically assigned route D. internal BGP route.
Which two capabilities of Cisco DNA center make it more extensible as compared to traditional campus device management? (Choose two) A. modular design that is upgradable as needed B. adapters that support all families of Cisco IOS software l C. REST APIS that allow for external applications to interact natively with Cisco DNA center D. customized versions for small, medium, and large enterprises E. SDKs that support interaction with third-party network equipment.
Refer to the exhibit. Which network prefix was learned via EIGRP? A. 192.168.1.0/24 B. 192.168.2.0/24 C. 207.165.200.0/24 D. 172.16.0.0/16.
When the active router in an HSRP group fails, what router assumes the role and forwards packets? A. Listening B. Standby C. Forwarding D. Backup.
Which is a fact related to FTP? A. It uses two separate connections for control and data traffic B. It uses block numbers to identify and mitigate data-transfer errors C. It always operates without user authentication D. It relies on the well-known UDP port 69.
While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this behavior? (Choose two) A. A matching deny statement is too high in the access list B. The ACL is empty C. The packets fail to match any permit statement D. A matching permit statement is too high in the access list E. A matching permit statement is too broadly defined.
Which two functions are performed by the core layer in a three-tier architecture? (Choose two) A. Inspect packets for malicious activity B. Provide direct connectivity for end user devices C. Police traffic that is sent to the edge of the network D. Provide uninterrupted forwarding service E. Ensure timely data transfer between layers.
Refer to the exhibit. R1 has just received a packet from host A that is destined to host B. Which route in the routing table is used by R1 to reach host B? A. 10.10.13.0/25 [110/2] via 10.10.10.2 B. 10.10.13.0/25 [108/0] via 10.10.10.10 C. 10.10.13.0/25 [1/0] via 10.10.10.2 D. 10.10.13.0/25 [110/2] via 10.10.10.6.
Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two) A. Recipe B. Playbook C. Cookbook D. Model E. Task.
Refer to the exhibit. How does the router manage traffic to 192.168.12.16? A. It chooses the OSPF route because it has the longest prefix inclusive of the destination address. B. It load-balances traffic between all three routes C. It selects the RIP route because it has the longest prefix inclusive of the destination address. D. It chooses the EIGRP route because it has the lowest administrative distance.
Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to the interface FastEthernet0/1 on router R4? A. interface FastEthernet0/0
ip helper-address 10.0.1.1
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1 B. interface FastEthernet0/1
ip helper-address 10.0.1.1
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1 C. interface FastEthernet0/1
ip helper-address 10.0.1.1
!
access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1 D. interface FastEthernet0/0
ip helper-address 10.0.1.1
!
access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps.
Refer to the exhibit. An engineer is configuring a new Cisco switch, NewSW, to replace SW2. The details have been provided:
1. Switches SW1 and SW2 are third-party devices without support for trunk ports.
2. The existing connections must be maintained between PC1, PC2, and PC3.
3. Allow the switch to pass traffic from future VLAN 10.
Which configuration must be applied? A. NewSW(config)# interfaces f0/0
NewSW(config-if)# switchport mode trunk
NewSW(config-if)# switchport trunk allowed vlan 10
NewSW(config-if)# switchport trunk native vlan 10 B. NewSW(config)# interfaces f0/0
NewSW(config-if)# switchport mode access
NewSW(config-if)# switchport trunk allowed vlan 2, 10
NewSW(config-if)# switchport trunk native vlan 2 C. NewSW(config)# interfaces f0/0
NewSW(config-if)# switchport mode trunk
NewSW(config-if)# switchport trunk allowed vlan 2, 10
NewSW(config-if)# switchport trunk native vlan 2 D. NewSW(config)# interfaces f0/0
NewSW(config-if)# switchport mode access
NewSW(config-if)# switchport trunk allowed vlan 2, 10
NewSW(config-if)# switchport trunk native vlan 10.
Which function does an SNMP agent perform? A. It sends information about MIB variables in response to requests from the NMS B. It manages routing between Layer 3 devices in a network. C. It requests information from remote network nodes about catastrophic system events. D. It coordinates user authentication between a network device and a TACACS+ or RADIUS server.
Which goal is achieved by the implementation of private IPv4 addressing on a network? A. allows communication across the Internet to other private networks B. provides a reduction in size of the forwarding table on network routers C. allows servers and workstations to communicate across public network boundaries D. provides an added level of protection against Internet exposure.
Refer to the exhibit Which action do the switches take on the trunk link? A. The trunk forms, but VLAN s9 and VLAN 999 are in a shutdown state B. The trunk does not form and the ports go into an err-disabled status C. The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain D. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the ink.
Which WLC interface provides out-of-band management in the Cisco Unified Wireless Network Architecture? A. Dynamic B. virtual C. service port D. AP-Manager.
Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two) A. The ip domain-name command must be configured on the switch B. IP routing must be enabled on the switch C. A console password must be configured on the switch D. Telnet must be disabled on the switch E. The switch must be running a k9 (crypto) IOS mage.
Refer to the exhibit. What is the next step to complete the implementation for the partial NAT configuration shown? A. Reconfigure the static NAT entries that overlap the NAT pool B. Configure the NAT outside interface C. Apply the ACL to the pool configuration D. Modify the access list for the internal network on e0/1.
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two) A. when one side of the connection is configured for half-duplex B. when the cable length limits are exceeded C. when the sending device waits 15 seconds before sending the frame again D. when Carrier Sense Multiple Access/Collision Detection is used E. when a collision occurs after the 32nd byte of a frame has been transmitted.
Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol? A. bridge B. lightweight C. autonomous D. route.
What are the two functions of SSIDs? (Choose two) A. used exclusively with controller-based Wi-Fi networks B. uses a maximum of 32 alphanumeric characters C. broadcasts by default D. controls the speed of the Wi-Fi network E. supports a single access point .
Refer to the exhibit. Which command must be executed for Gi1/1 on SW1 to passively become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode? A. switchport mode dynamic desirable B. switchport mode dot1 -tunnel C. switchport mode dynamic auto D. switchport mode trunk .
An engineer is configuring switch SVV1 to act as an NTP server when all upstream NTP server connectivity fails. Which configuration must be used? A. SW1# config t
SW1(config)# ntp peer 192.168.1.1
SW1(config)# ntp access-group peer accesslist1 B. SW1# config t
SW1(config)# ntp master
SW1(config}# ntp server 192.168.1.1 C. SW1# config t
SW1(config)# ntp backup
SW1(config)# ntp server 192.168.1.1 D. SW1# config t
SW1(config)# ntp server 192.168.1.1
SW1(config)# ntp access-group server accesslist1.
When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original IP packet? A. IPsec transport mode with ESP B. IPsec transport mode with AH C. IPsec tunnel mode with ESP D. IPsec tunnel mode with AH .
Refer to the exhibit. An engineer is configuring the HO router. Which IPy6 address configuration must be applied to the router fa0/1 interface for the router to assign a unique 64-bit IPv6 address to itself? A. ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64 B. ipv6 address 2001:DB8:0:1:FFFF:C601:420F:7/64 C. ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64 D. ipv6 address 2001:DB8:0:1:FE80:C601:420F:7/64 .
How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment? A. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options B. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management C. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management D. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management .
Which technology is appropriate for communication between an SDN controller and applications running over the network? A. NETCONF B. OpenFlow C. Southbound API D. RESTAPI .
After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password. Which configuration must the engineer apply to accomplish this task? A. usermame localuser secret plaintextpassword
line con 0
no login local
privilege level 15 B. aaa new-model
line con 0
password plaintextpassword
privilege level 15 C. username localuser secret plaintextpassword
line con 0
login authentication default
privilege level 15 D. aaa new-model
aaa authonzation exec default local
aaa authentication login default radius
username localuser privilege 15 secret plaintextpassword.
What are two examples of multifactor authentication? (Choose two) A. shared password repository B. unique user knowledge C. soft tokens D. passwords that expire E. single sign-on .
An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch Which action should be taken? A. configure IEEE 802.1q B. configure ISL C. configure IEEE 802.1p D. configure DSCP.
By default, how does EIGRP determine the metric of a route for the routing table? A. It uses a reference bandwidth and the actual bandwidth of the connected link to calculate the route metric B. lt uses a default metric of 10 for all routes that are learned by the router C. lt uses the bandwidth and delay values of the path to calculate the route metric D. It counts the number of hops between the receiving and destination routers and uses that value as the metric .
Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by the router to forward the packet that destination IP 172.18.32.1? A. longest prefix B. cost C. metric D. administrative distance.
How are the switches in a spine-and-leaf topology interconnected? A. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch B. Each leaf switch is connected to each spine switch C. Each leaf switch is connected to one of the spine switches. D. Each leaf switch is connected to two spine switches, making a loop.
An engineer must configure a WLAN using the strongest encryption type for WA2-PSK. Which cipher fulfills the configuration requirement? A. RC4 B. WEP C. AES D. TKIP.
Refer to the exhibit. What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP? (Choose two) A. Select WPA Policy with TKIP Encryption B. Select WPA+WPA2 on Layer 2 Security C. Select Static-WEP+802.1X on Layer 2 Security D. Select PSK under Authentication Key Management E. Select 802.1X from under Authentication Key Management.
What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration? A. The lowest IP address is incremented by 1 and selected as the router ID B. No router ID is set, and the OSPF protocol does not run C. The highest up/up physical interface IP address is selected as the router ID D. The router ID 0.0.0.0 is selected and placed in the OSPF process .
What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two) A. Both operate at a frequency of 500 MHz B. Both support runs of up to 100 meters C. Both support runs of up to 55 meters D. Both support speeds of at least 1 Gigabit E. Both support speeds up to 10 Gigabit .
R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed? A. route with the next hop that has the highest IP B. route with the lowest administrative distance C. route with the lowest cost D. route with the shortest prefix length.
What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS? A. authenticating end users B. inspecting specific files and file types for malware C. URL filtering D. authorizing potentially compromised wireless traffic.
Refer to the exhibit. Router R1 must be configured to reach the 10.0.3.0/24 network from the 10.0.1.0/24 segment. Which command must be used to configure the route? A. route add 10.0.3.0 0.255.255.255 10.0.4.2 B. ip route 10.0.3.0 0.255.255.255 10.0.4.2 C. route add 10.0.3.0 mask 255.255.255.0 10.0.4.3 D. ip route 10.0.3.0 255.255.255.0 10.0.4.3 .
Refer to the exhibit. How many JSON objects are represented? A. 1 B. 4 C. 3 D. 2.
Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are stored as a cryptographic hash. The four switches must also support SSH access for administrators to manage the network infrastructure. Which switch is configured correctly to meet these requirements? A. SW3 B. SW4 C. SW1 D. SW2.
Which level of severity must be set to get informational syslogs? A. Debug B. Notice C. Critical D. Alert.
What does a switch use to build its MAC address table? A. egress traffic B. ingress traffic C. VIP D. DTP.
An administrator must use the passwords complexity not manufacturer-name command to prevent users from adding “Cisco” as a password. Which command must be issued before this command? A. password complexity enable B. confreg 0x2142 C. service password-encryption D. login authentication my-auth-list.
A network administrator is setting up a new IPv6 network using the 64-bit address 2001:0EB8:00C1:2200:0001:0000:0000:0331/64. To simplify the configuration, the administrator has decided to compress the address. Which IP address must the administrator configure? A. ipv6 address 21:EB8:C1:2200:1::331/64 B. ipv6 address 2001:EB8:C1:2200:1::331/64 C. ipv6 address 2001:EB8:C1:2200:1:0000:331/64 D. ipv6 address 2001:EB8:C1:22:1::331/64 .
Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.1. Each route is present within the routing table. Which interface is used to forward traffic with a destination IP of 10.1.1.19? A. F0/3 B. F0/0 C. F0/1 D. F0/4.
A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the router. Which additional command must the engineer configure before entering the command to generate the RSA key? A. ip domain-name domain B. ip ssh authentication-retries 2 C. password password D. crypto key generate rsa modulus 1024 .
Refer to the exhibit. What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24? A. R1(config)# interface ethernet0/0
R1(config)# ip address 10.20.20.1 255.255.255.0 B. R1(config)# interface ethernet0/0
R1(config)# encapsulation dot1q 20
R1(config)# ip address 10.20.20.1 255.255.255.0 C. R1(config)# interface ethernet0/0.20
R1(config)# ip address 10.20.20.1 255.255.255.0 D. R1(config)# interface ethernet0/0.20
R1(config)# encapsulation dot1q 20
R1(config)# ip address 10.20.20.1 255.255.255.0 .
Refer to the exhibit. All interfaces are configured with duplex auto and ip ospf network broadcast. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency and act as a central point for exchanging OSPF information between routers? A. R14#
interface Loopback0
ip ospf 10 area 0
interface FastEthernet0/0
ip address 10.73.65.65 255.255.255.252
ip ospf 10 area 0
ip mtu 1500
router ospf 10
ip ospf priority 255
router-id 10.10.1.14
R86#
interface Loopback0
ip ospf 10 area 0
interface FastEthernet0/0
ip address 10.73.65.66 255.255.255.252
ip ospf 10 area 0
ip mtu 1500
router ospf 10
router-id 10.10.1.86 B. R14#
interface FastEthernet0/0
ip address 10.73.65.65 255.255.255.252
ip ospf priority 0
ip mtu 1500
router ospf 10
router-id 10.10.1.14
network 10.10.1.14 0.0.0.0 area 0
network 10.73.65.64 0.0.0.3 area 0
R86#
interface FastEthernet0/0
ip address 10.73.65.66 255.255.255.252
ip mtu 1500
router ospf 10
router-id 10.10.1.86
network 10.10.1.86 0.0.0.0 area 0
network 10.73.65.64 0.0.0.3 area 0 C. R14#
interface FastEthernet0/0
ip address 10.73.65.65 255.255.255.252
ip ospf priority 255
ip mtu 1500
router ospf 10
router-id 10.10.1.14
network 10.10.1.14 0.0.0.0 area 0
network 10.73.65.64 0.0.0.3 area 0
R86#
interface FastEthernet0/0
ip address 10.73.65.66 255.255.255.252
ip mtu 1400
router ospf 10
router-id 10.10.1.86
network 10.10.1.86 0.0.0.0 area 0
network 10.73.65.64 0.0.0.3 area 0 D. R14#
interface Loopback0
ip ospf 10 area 0
interface FastEthernet0/0
ip address 10.73.65.65 255.255.255.252
ip ospf priority 255
ip ospf 10 area 0
ip mtu 1500
router ospf 10
router-id 10.10.1.14
R86#
interface Loopback0
ip ospf 10 area 0
interface FastEthernet0/0
ip address 10.73.65.66 255.255.255.252
ip ospf 10 area 0
ip mtu 1500
router ospf 10
router-id 10.10.1.86.
What is a characteristic of private IPv4 addressing? A. issued by IANA in conjunction with an autonomous system number B. traverse the Internet when an outbound ACL is applied C. composed of up to 65,536 available addresses D. used without tracking or registration.
Refer to the exhibit. What is the next hop for traffic entering R1 with a destination of 10.1.2.126? A. 10.165.20.126 B. 10.165.20.166 C. 10.165.20.226 D. 10.165.20.146.
Refer to the exhibit. Which command configures OSPF on the point-to-point link between routers R1 and R2? A. neighbor 10.1.2.0 cost 180 B. network 10.0.0.0 0.0.0.255 area 0 C. ip ospf priority 100 D. router-id 10.0.0.15.
Refer to the exhibit. A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will assume traffic forwarding when the primary link goes down. Which primary route configuration must be used? A. ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating B. ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernet1/0 C. ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked D. ip route 0.0.0.0 0.0.0.0 192.168.0.2.
A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server? A. a DHCP Relay Agent B. a DHCP Pool C. DHCP Binding D. DHCP Snooping.
Refer to the exhibit. Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while allowing devices on VLAN 100 to use their own IP addresses? A. Routerl(config)#access-list 99 permit 192.168.100.0 0.0.0.255
Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload
Router1(config)#interface gi2/0/1.200
Router1(config-if)#ip nat inside
Router1(config)#interface gi1/0/0
Router1(config-if)#ip nat outside B. Routerl(config)#access-list 99 permit 192.168.100.32 0.0.0.31
Routerl(config)#ip nat inside source list 99 interface gi1/0/0 overload
Routerl(config)#interface gi2/0/1.200
Router1(config-if)#ip nat inside
Routerl(config)#interface gi1/0/0
Routerl(config-if)#ip nat outside C. Router1(config)#access-list 99 permit 209.165.201.2 0.0.0.0
Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload
Router1(config)#interface gi2/0/1.200
Router1(config-if)#ip nat inside
Router1(config)#interface g1/0/0
Router1(config-if)#ip nat outside D. Router1(config)#access-list 99 permit 209.165.201.2 255.255.255.255
Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload
Router1(config)#interface gi2/0/1.200
Router1(config-if)#ip nat inside
Router1(config)#interface gi1/0/0
Router1(config-if)#ip nat outside.
R1 as an NTP Server must have:
1. NTP authentication enabled
2. NTP packets sourced from Interface loopback 0
3. NTP stratum 2
4. NTP packets only permitted to client IP 209.165.200.225
How should R1 be configured? A. ntp authenticate
ntp authentication-key 2 md5 CISCO123
ntp source Loopback0
nnp access-group server-only 10
ntp master 2
!
access-list 10 permit 209.165.200.225 B. ntp authenticate
ntp authentication-key 2 md5 CISCO123
ntp interface Loopback 0
ntp access-group server-only 10
ntp stratum 2
!
access-list 10 permit 209.165.200.225 C. ntp authenticate
ntp authentication-key 2 md5 CISCO123
ntp source Loopback 0
ntp access-group server-only 10
ntp stratum 2
!
access-list 10 permit udp host 209.165.200.225 any eq 123 D. ntp authenticate
ntp authentication-key 2 sha1 CISCO123
ntp source Loopback0
ntp access-group server-only 10
ntp master2
!
access-list 10 permit udp host 209.165.200.225 any eq 123.
What is the MAC address used with VRRP as a virtual address? A. 00-05-00-00-00-00 B. 00-00-5E-00-01-0A C. 00-00-0C-07-AD-89 D. 00-07-C0-70-AB-01.
What is a feature of WPA? A. 802.1x authentication B. preshared key C. TKIP/IMC encryption D. small Wi-Fi application.
Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165? A. Router5 B. Router3 C. Router4 D. Router2.
A wireless administrator has configured a WLAN, however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement? A. enable Band Select B. enable AAA override C. enable RX-SOP D. enable DTIM.
Which statement compares traditional networks and controller-based networks? A. Only traditional networks offer a centralized control plane B. Traditional and controller-based networks abstract policies from device configurations C. Only traditional networks natively support centralized management D. Only controller-based networks decouple the control plane and the data plane.
Which type of traffic is sent with pure IPsec? A. multicast traffic from a server at one site to hosts at another location B. spanning-tree updates between switches that are at two different sites C. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites D. unicast messages from a host at a remote Site to a server at headquarters .
A device detects two stations transmiting frames at the same tine. This condition occurs after the first 64 bytes of the frame is received. Which interface counter increments? A. Runt B. late collision C. Collision D. CRC.
A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused ports remaining. Which action should be taken for the unused ports? A. configure in a nondefault native VLAN B. configure pons as access ports C. configure ports in the native VLAN D. configure ports in a black hole VLAN .
Which role does a hypervisor provide for each virtual machine in server virtualization? A. software-as-a-service B. control and distribution of physical resources C. services as a hardware controller D. infrastructure-as-a-service.
What is the function of "off-the-shelf" switches in a controller-based network? A. forwarding packets B. setting packet-handling policies C. making routing decisions D. providing a central view of the deployed network .
Refer to the exhibit. Which command must be issued to enable a floating static default route on router A? A. ip route 0.0.0.0 0.0.0.0 192.168.1.2 B. ip defaut-gateway 192.168.2.1 C. ip route 0.0.0.0 0.0.0.0 192.168.1.2 10 D. ip route 0.0.0.0 0.0.0.0 192 168.2.1 10.
Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.1. To which destination does the router send the packet? A. 207.165.200.254 via Serial0/0/0 B. 207.165.200.246 via Serial0/1/0 C. 207.165.200.250 via Serial0/0/0 D. 207.165.200.254 via Serial0/0/1.
Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet? A. 192.168.12.2 B. 192.168.13.3 C. 192.168.14.4 D. 192.168.15.5 .
Which output displays a JSON data representation? A. {
“response”:{
“taskId":{};
“url”:"string"
};
“version”:"string"
} B. {
"response",{
“taskId",{};
“url”,“string”
};
“version”,“string”
} C. {
“response”.{
“taskId".{};
"url"."string"
}.
"version"."string"
} D. {
“response”:{
“taskId":{},
"url"."string"
},
"version":"string"
}.
Refer to the exhibit. What is the subnet mask of the route to the 10.10.13.160 prefix? A. 255.255.248.0 B. 255.255.255.128 C. 255.255.255.240 D. 255.255.255.248.
Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured? A. There are six OSPF neighbors on this interface B. A point-to-point network type is configured C. The interface is not participating in OSPF D. The default Hello and Dead timers are in use.
Refer to the exhibit. An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11 PC-1 and PC-2 must be placed in the Data VLAN, and Phone-1 must be placed in the Voice VLAN. Which configuration meets these requirements? A. interface gigabitethernet1/1
switchport mode access
switchport access vlan 8
!
interface gigabitethernet1/3
switchport mode access
switchport access vlan 8
switchport voice vlan 9 B. interface gigabitethernet1/1
switchport mode access
switchport access vlan 9
!
interface gigabitethernet1/3
switchport mode trunk
switchport trunk vlan 8
switchport trunk vlan 9 C. interface gigabitethernet1/1
switchport mode access
switchport access vlan 8
!
interface gigabitethernet1/3
switchport mode trunk
switchport trunk vlan 8
switchport voice vlan 9 D. interface gigabitethernet1/1
switchport mode access
switchport access vlan 8
!
interface gigabitethernet1/3
switchport mode access
switchport voice vlan 8
switchport access vlan 9.
Which two command sequences must be configured on a swich to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two) A. interface GigabitEthernet0/0/1
channel-group 10 mode active B. interface GigabitEthernet0/0/1
channel-group 10 mode auto C. interface GigabitEthernet0/0/1
channel-group 10 mode on D. interface port-channel 10
no switchport
ip address 172.16.0.1 255.255.255.0 E. interface port-channel 10
switchport
switchport mode trunk .
Refer to the exhibit. For security reasons automatic neighbor discovery must be disabled on the R5 Gi0/1 interface. These tasks must be completed:
-Disable all neighbor discovery on R5 interface Gi0/1
-Permit neighbor discovery on R5 interface Gi0/2
-Verify there are no dynamically learned neighbors on R5 interface Gi0/1
-Display the IP address of R6´s interface Gi072 A. R5(config)#int Gi0/1
R5(config-if)#no cdp enable
R5(config-if)#exit
R5(config)#no lldp run
R5(config)#cdp run
R5#sh cdp neighbor
R5#sh lldp neighbor B. R5(config)#int Gi0/1
R5(config-if)#no cdp enable
R5(config-if)#exit
R5(config)#lldp run
R5(config)#no cdp run
R5#sh cdp neighbor detail
R5#sh lldp neighbor C. R5(config)#int Gi0/1
R5(config-if)#no cdp enable
R5(config-if)#exit
R5(config)#no lldp run
R5(config)#cdp run
R5#sh cdp neighbor detail
R5#sh lldp neighbor D. R5(config)#int Gi0/1
R5(config-if)#no cdp run
R5(config-if)#exit
R5(config)#lldp run
R5(config)#cdp enable
R5#sh cdp neighbor
R5#sh lldp neighbor.
Refer to the exhibit. All routers in the network are configured R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configured on R2 to be elected as the DR in the network? A. R2(config)#interface gi0/0
R2(config)#ip ospf priority 100 B. R2(config)#router ospf 1
R2(contig-router)#router-id 192.168.2.7 C. R2(config)#router ospf 1
R2(contig-router)#router-id 10.100.100.100 D. R2(config)#interface gi0/0
R2(config)#ip ospf priority 1.
What is the default port-security behavior on a trunk link? A. It disables the native VLAN configuration as soon as port security is enabled. B. It places the port in the err-disabled state after 10 MAC addresses are statically configured. C. It places the port in the err-disabled state if it learns more than one MAC address. D. It causes a network loop when a violation occurs.
Which per-hop traffic-control feature does an ISP implement to mitigate the potential negative effect of a customer exceeding its committed bandwidth? A. Shaping B. Queuing C. Marking D. Policing.
Which device separates networks by security domains? A. firewall B. access point C. intrusion protection system D. wireless controller.
Refer to the exhibit. What must be configured to enable 802.11w on the WLAN? A. Enable WPA Policy. B. Set PMF to Required. C. Set Fast Transition to Enabled. D. Enable MAC Filtering.
Which PoE mode enables powered-device detection and guarantees power when the device is detected? A. active B. dynamic C. auto D. static .
Which two characteristics describe the access layer in a three-tier network architecture? (Choose two) A. layer at which a wireless access point connects to the wired network B. physical connection point for a LAN printer C. serves as the network aggregation point D. provides a boundary between Layer 2 and Layer 3 communications E. designed to meet continuous, redundant uptime requirements .
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller? A. mesh B. sniffer C. flexconnect D. local .
The service password-encryption command is entered on a router. What is the effect of this configuration? A. encrypts the password exchange when a VPN tunnel is established. B. prevents network administrators from configuring clear-text passwords. C. protects the VLAN database from unauthorized PC connections on the switch. D. restricts unauthorized users from viewing clear-text passwords in the running configuration.
Refer to the exhibit. Traffic sourced for the Loopback0 interface is thrying to connect via ssh to the host 10.0.1.15. What is the next hop to the destination address? A. 192.168.0.7 B. 192.168.0.40 C. 192.168.0.4 D. 192.168.3.5.
Refer to the exhibit. An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured? A. interface gigabitethernet0/0
ip address 10.0.1.1 255.255.255.0
ip ospf priority 255 B. interface gigabitethernet0/0
ip address 10.0.0.34 255.255.255.248
ip ospf priority 0 C. interface gigabitethernet0/0
ip address 10.0.0.34 255.255.255.224
ip ospf priority 100 D. interface gigabitethernet0/0
ip address 10.0.1.1 255.255.255.224
ip ospf priority 98.
Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface fastethernet 0/1? A. PC B. DHCP client C. router D. access point.
Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations of VLAN 20 at Site B cannot reach a DNS server on the internet. Which action corrects the configuration issue? A. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2 B. Add the default-information originate command on R2 C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1 D. Add the always keyword to the default-information originate command on R1 .
Refer to the exhibit. Which two commands, when configured on router R1 fulfill these requirements? (Choose two)
1. Packets towards the entire network 2001:db8:23::/64 must be forwarded through router R2.
2. Packets toward host 2001:db8:23::14 preferably must be forwarded through R3. A. ipv6 route 2001:db8:23::14/64 fd00:12::2 200 B. ipv6 route 2001:db8:23::14/64 fd00:12::2 C. ipv6 route 2001:db8:23::/128 fd00:12::2 D. ipv6 route 2001:db8:23::14/128 fd00:13::3 ipv6 route 2001:db8:23::/64 fd00:12::2.
Refer to exhibit. R1 learns all routes via OSPF. Which command configures a backup static route on R1 to reach the 192.168.20.0/24 network via R3? A. R1(config)# ip route 192.168.20.0 255.255.255.0 192.168.30.2 B. R1(config)# ip route 192.168.20.0 255.255.255.0 192.168.30.2 111 C. R1(config)# ip route 192.168.20.0 255.255.255.0 192.168.30.2 90 D. R1(config)# ip route 192.168.20.0 255.255.0.0 192.168.30.2 .
refer to the exhibit. The entire contents of the MAC address table are shown Sales-4 sends a data frame to Sales-1
Sales-SW# show mac-address-table
Mac address Table
---------------------------------------------------
VLAN MAC Address Type Ports
10 000C.8590.bb7d DYNAMIC Gi1/0/1
10 3XXX.XXXX.XXXX DYNAMIC Gi1/0/2
10 00d0.d3b6.957c DYNAMIC Gi1/0/3
Sales-SW#
What does the switch do as it receives the frame from Sales-4? A. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame. B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1 C. Perform a lookup in the MAC address table and discard the frame due to a missing entry D. Flood the frame out of all ports except on the port where Sales-1 is connected.
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.) A. Qos settings B. SSID C. IP address of one or more access ports D. profile name management interface settings.
Refer to the exhibit. what two conclusions should be made about this configuration? (Choose two.) A. the designated port is FastEthernet 2/1 B. This is a root bridge C. The spanning-tree mode is Rapid PVST+ D. The root port is FastEthernet 2/1 E. The spanning-tree mode is PVST+.
refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link? A. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254 B. ip route 0.0.0.0 0.0.0.0 209.165.202.131 C. ip route 0.0.0.0 0.0.0.0 209.165.200.224 D. ip route 209.165.201.0 255.255.255.224 209.165.202.130.
Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles? A. role-based access control B. multifactor authentication C. biometrics D. physical access control.
How do AAA operations compare regarding user identification, user devices and access control? A. Authorization provides access control, and authentication tracks user services B. Authorization identifies users and authentication provides access control C. Accounting tracks user devices and authentication provides access control D. Authentication identifies users and accounting tracks user services.
Refer to the exhibit. Each router must be configured with the last usable IP address in the subnet. Which configuration fulfills this requirement? A. R7#
Interface FastEthernet1/0
ip address 10.88.31.126 255.255.255.240
R8#
Interface FastEthernet 0/0
ip address 10.19.63.94 255.255.255.192
R9#
interface FastEthernet 1/1
ip address 10.23.98.158 255.255.255.248
B. R7#
Interface FastEthernet1/0
ip address 10.88.31.126 255.255.255.192
R8#
Interface FastEthernet 0/0
ip address 10.19.63.94 255.255.255.240
R9#
interface FastEthernet 1/1
ip address 10.23.98.158 255.255.255.224 C. R7#
Interface FastEthernet1/0
ip address 10.88.31.127 255.255.255.240
R8#
Interface FastEthernet 0/0
ip address 10.19.63.95 255.255.255.192
R9#
interface FastEthernet 1/1
ip address 10.23.98.159 255.255.255.248 D. R7#
Interface FastEthernet1/0
ip address 10.88.31.127 255.255.255.192
R8#
Interface FastEthernet 0/0
ip address 10.19.63.95 255.255.255.240
R9#
interface FastEthernet 1/1
ip address 10.23.98.159 255.255.255.224.
What is the primary difference between AAA authentication and authorization? A. Authentication identifies and verifies a user who is attempting to access a system and authorization controls the tasks the user can perform. B. Authentication identifies a user who is attempting to access a system and authorization controls the tasks the user can perform. C. Authentication controls the system processes a user can access and authorization logs the activities the user initiates. D. Authentication verifies a username and password and authorization handles the communication between the authentication agent and the user database.
Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers? A. R1 interface Gi1(0 has a larger MTU size B. R2 should have its network command in area 1 C. R1 has an incorrect network command for interface Gi1/0 D. R2 is using the passive-interface default command.
An engineer is configuring remote access to a router from IP subnet 10.139.5.8.0/28. The domain name, crypto keys and SSH have been configured. Which configuration enables the traffic on the destination router? A. interface FastEthernet 0/0
ip address 10.122.49.1 255.255.255.248
ip access-group 10 in
ip access-list standard 10
permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22 B. interface FastEthernet 0/0
ip address 10.122.49.1 255.255.255.240
access-group 120 in
ip access-list extended 120
permit tcp 10.139.58.0 255.255.255.248 any eq 22 C. interface FastEthernet 0/0
ip address 10.122.49.1 255.255.255.252
ip access-group 110 in
ip access-list extended 110
permit tcp 10.139.58.0 0.0.0.15 host 10.122.49.1 eq 22 D. interface FastEthernet 0/0
ip address 10.122.49.1 255.255.255.248
ip access-group 105 in
ip access-list standard 105
permit udp 10.139.58.0 0.0.0.7 eq 22 host 10.122.49.1.
How does authentication differ form authorization? A. Authentication is used to verify a person´s identity and authorization is used to create syslog messages for logins B. Authentication is used to record what resource a user accesses and authorization is used to determine what resources a user can access C. Authentication verifies the identity of a person accessing a network and authorization determines what resource a user can access D. Authentication is used to determine what resources a user is allowed to access and authorization is used to track what equipment is allowed to access to the network.
How do servers connect to the network in a virtual environment? A. a software switch on a hypervisor that is physically connected to the network B. a virtual switch that links to an access point that is physically connected to the network C. wireless to an access point that is physically connected to the network D. a cable connected to a physical switch on the network.
refer to the exhibit. Which action is expected from the SW1 when the untagged frame is received on the GigabitEthernet0/1 interface? A. The frame is processed in the VLAN 11 B. the frame is dropped C. The frame is processed in the VLAN 5 D. the frame is processed in the VLAN 1.
Refer to the exhibit. Which prefix did router R1 learn from the internal EIGRP? A. 192.168.3.0/24 B. 172.16.1.0/24 C. 192.168.1.0/24 D. 192.168.2.0/24.
Which type of IPv6 address is publicly routable in the same way as IPv4 public addresses? A. link-local B. unique local C. multicast D. global unicast.
Refer to the exhibit. an engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server configurations are complete and correct. Which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two.) A. R2(config)# interface gi0/0
R2(config)# ip helper-address 198.51.100.100 B. R1(config)# interface fa0/0
R1(config)# ip helper-address 198.51.100.100 C. R2(config)# interface gi0/0
R2(config)# ip address dhcp D. R1(config)# interface fa0/0
R1(config)# ip address dhcp
R1(config)# no shutdown E. R2(config)# interface fa0/0
R2(config)# ip helper-address 192.0.2.2.
Which network action occurs within the data plane? A. Compare the destination IP address to the IP routing table B. Run routing protocols (OSPF, EIGRP, RIP, BGP) C. Make a configuration change from an incoming NETCONF RPC D. Reply to an incoming ICMP echo request.
How do TCP and UDP differ in the way they guarantee packet delivery? A. TCP uses a checksum, parity check and retransmissions and UDP uses acknowledgements only B. TCP uses two-dimensional parity checks, checksums and cyclic redundancy checks, and UDP uses retransmissions only C. TCP uses retransmissions, acknowledgement and parity checks, and UDP uses cyclic redundancy checks only D. TCP uses checksum, acknowledgement and retransmissions, and UDP uses checksums only.
How will Link aggregation be implemented on a Cisco Wireless LAN Controller? A. the EtherChannel must be configured in "mode active" B. One functional physical port is needed to pass client traffic C. To pass client traffic, two or more ports must be configured D. When enabled the WLC bandwidth drops to 500 Mbps.
What are two benefits of using the PortFast feature? (Choose two) A. Enabled interfaces never generate topology change notifications B. Enabled interfaces are automatically placed in the listening state C. Enabled interfaces come up and move to the forwarding state immediately D. Enabled interfaces that move to the learning state generate switch topology change notifications E. Enabled interfaces wait 50 seconds before they move to the forwarding state.
Where does the configuration reside when a helper address is configured to support DHCP? A. on the switch trunk interface B. on every router along the path C. on the router closest to the server D. on the router closest to the client.
Which WAN access technology is preferred for a small office/home office architecture? A. frame-relay packet switching B. dedicated point-to-point leased line C. Integrated Services Digital Network switching D. broadband cable access.
What is the path traffic sent from one user workstation to another workstation on a separate switch in a three-tier architecture model? A. access-core-access B. access-distribution-core-distribution-access C. access-core-distribution-access D. access-distribution-distribution-access.
Refer to the exhibit. All VLANS are present in the VLAN database. Which command sequence must be applied to complete the configuration? A. Interface FastEthernet 0/1
switchport mode trunk
switchport trunk allowed vlan 10 15 B. Interface FastEthernet 0/1
switchport trunk allowed vlan add 10
vlan 10
private-vlan isolated C. Interface FastEthernet 0/1
switchport mode access
switchport voice vlan 10 D. Interface FastEthernet 0/1
switchport trunk native vlan 10
switchport trunk allowed vlan 10 15.
Which management security process is invoked when a user logs in to a network device using their username and password? A. Authorization B. Auditing C. Authentication D. Accounting.
What prevents a workstation from receiving a DHCP address? A. DTP B. STP C. 802.1Q D. VTP.
R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP and internal EIGRP. Under normal operating conditions, which routing protocol is installed in the routing table? A. IS-IS B. OSPF C. RIP D. Internal EIGRP.
Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up, but the server still is reachable when OSPF goes down? A. ip route 10.1.1.10 255.255.255.255 gi0/0 125 B. ip route 10.1.1.10 255.255.255.255 172.16.2.2 100 C. ip route 10.1.1.0 255.255.255.0 gi0/0 125 D. ip route 10.1.1.0 255.255.255.0 172.16.2.2 100.
Which QoS forwarding per-hop behavior changes a specific value in a packet header to set the class of service for the packet? A. Policing B. Shaping C. Classification D. Marking.
What is an appropriate use for private IPv4 addressing? A. to allow hosts inside to communicate in both directions with hosts outside the organization B. on internal hosts that stream data solely to external resources C. on hosts that communicates only with other internal hosts D. on the public-facing interfaces of a firewall.
Which switching concept is used to create separate broadcast domains? A. STP B. VLAN C. VTP D. CSMA/CD.
Refer to the exhibit. An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally? A. SW1(config)# interface fa0/1
SW1(config-ip)# no switchport access vlan 2
SW1(config-ip)#switchport access vlan 3
SW1(config-ip)#switchport trunk allowed vlan 2 B. SW1(config)# interface fa0/2
SW1(config-ip)# no switchport access vlan 2
SW1(config-ip)#no switchport trunk allowed vlan 3
SW1(config-ip)#switchport trunk allowed vlan 2 C. SW1(config)# interface fa0/1
SW1(config-ip)# no switchport access vlan 2
SW1(config-ip)#switchport trunk native vlan 2
SW1(config-ip)#switchport trunk allowed vlan 3 D. SW1(config)# interface fa0/1
SW1(config-ip)# no switchport mode trunk
SW1(config-ip)#no switchport trunk allowed vlan 3
SW1(config-ip)#switchport mode access.
refer to the exhibit. The given Windows PC is requesting IP address of the host at www.cisco.com. To which IP addres is the request sent? A. 192.168.1.226 B. 192.168.1.100 C. 192.168.1.253 D. 192.168.1.254.
refer to the exhibit. When Router R1 is sending traffic to IP address 10.56.192.1, which interface or next hop address does it use to route the packet? A. VLAN57 B. 10.56.0.1 C. 10.56.128.19 D. 0.0.0.0/0.
refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the OSPF network to elect a different DR and BDR. Which set of commands must the engineer implement? A. R4(config)# interface gi0/0
R4(config)# ip ospf priority 20
R5(config)# interface gi0/0
R5(config)# ip ospf priority 10 B. R2(config)# interface gi0/0
R2(config)# ip ospf priority 259
R3(config)# interface gi0/0
R3(config)# ip ospf priority 256 C. R3(config)# interface gi0/0
R3(config)# ip ospf priority 255
R2(config)# interface gi0/0
R2(config)# ip ospf priority 240 D. R5(config)# interface gi0/0
R5(config)# ip ospf priority 120
R4(config)# interface gi0/0
R4(config)# ip ospf priority 110.
What is a feature of TFTP? A. relies on the well-known TCP port 20 to transmit date B. uses two separate connections for control and data traffic C. provides secure data transfer D. offers anonymous user login ability.
Router A learns the same route from two different neighbors; one of the neighbor is an OSPF neighbor, and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table? A. 115 B. 90 C. 110 D. 20.
Refer to the exhibit. What is represented by "R1" and "SW1" within the JSON output? A. Value B. Array C. Key D. Object.
Router R1 must send all traffic without matching routing-table entry to 192.168.1.1. Which configuration accomplished this task? A. R1#Config t
R1(config)#ip routing
R1(config)#ip route 192.168.1.1 0.0.0.0 0.0.0.0 B. R1#Config t
R1(config)#ip routing
R1(config)#ip default-gateway 192.168.1.1 C. R1#Config t
R1(config)#ip routing
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1 D. R1#Config t
R1(config)#ip routing
R1(config)#ip route default-route 192.168.1.1.
A Cisco engineer is configuring a factory-default router with these three passwords:
- The user EXEC password for console access is p4ssw0rd1.
- The user EXEC password for Telnet access is s3cr3t2.
- the password for privileged EXEC mode is priv4t3p4ss.
Which command sequence must the engineer configure? A. enable secret priv4t3p4ss
!
line con 0
password login p4ssw0rd1
!
line vty 0 15
password login s3cr3t2
login B. enable secret privilege 15 priv4t3p4ss
!
line con0
password p4ssw0rd1
login
!
line vty 0 15
password s3cr3t2
login C. enable secret priv4t3p4ss
!
line con0
password p4ssw0rd1
login
!
line vty 0 15
password s3cr3t2
login D. enable secret priv4t3p4ss
!
line con0
password p4ssw0rd1
!
line vty0 15
password s3cr3t2
.
Which command creates a static NAT binding for a PC address of 10.1.1.1 to the public routable address 209.165.200.225 assigned to the PC?
A. R1(config)# ip nat outside source static 209.165.200.225 10.1.1.1 B. R1(config)# ip nat outside source static 10.1.1.1 209.165.200.225 C. R1(config)# ip nat inside source static 209.165.200.225 10.1.1.1 D. R1(config)# ip nat inside source static 10.1.1.1 209.165.200.225.
Refer to the exhibit. An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without negotiating the channel? A. Change the EtherChannel mode on the neighboring interfaces to auto B. Bring up the neighboring interfaces using the no shutdown command C. Modify the static EtherChannel configuration of the decite to passive mode D. Configure the IP address of the neighboring device.
What event has occurred if a router send a notice level message to a syslog server? A. A certificate has expired B. An ICMP connection has been built C. A TCP connection has been torn down D. An interface line has changed status.
A network engineer must configure two new subnets using the address block 10.70.128.0/19 to meet these requirements:
- The first subnet must support 24 host
- The second subnet must support 472 hosts
- Both subnets must use the longest subnet mask possible from the address block
Which two configurations must be used to configure the new subnets and meet a requierement to use the first available address in each subnet for the router interfaces? (Choose two) A. interface vlan XXX
ip address 10.70.159.1 255.255.254.0 B. interface vlan XXX
ip address 10.70.133.17 255.255.255.192 C. interface vlan XXX
ip address 10.70.147.17 255.255.255.224 D. interface vlan XXX
ip address 10.70.155.65 255.255.255.224 E. interface vlan XXX
ip address 10.70.148.1 255.255.254.0.
Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and the File Server. Switch A and Switch B have been partially configured with VLANs 10, 11, 12 and 1. What is the next step in the configuration? A. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation B. Add PC A to VLAN 10 and the File Server to VLAN 11 for VLAN segmentation C. Add PC a to the same subnet as the File Server allowing intra-VLAN communication D. Add a router on a stick between Switch A and Switch B allowing for inter-VLAN routing.
Which port security violation mode allows traffic from valid MAC addresses to pass but blocks traffic from invalid MAC addresses? A. shutdown B. restrict C. protect D. shutdown VLAN.
When OSPF learns multiple paths to a network, how does it select a route? A. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth B. It multiplies the active K values by 256 to calculate the route with the lowest metric C. It counts the number of hops between the source router and the destination to determine the route with the lowest metric D. It divides a reference bandwidth of 100Mbps by the actual bandwidth of the exiting interface to calculate the route with the lowest cost.
What is an advantage of Cisco DNA Center versus traditional campus device management? A. It is designed primarily to provide network assurance. B. It supports numerous extendibility options including cross-domain adapters and third party SDKs C. It enables easy autodiscovery of network elements in a brownfield deployment D. It supports high availability for management functions when operating in cluster mode.
What is the purpose of the Cisco DNA Center Controller? A. to secure physical access to a data center B. to scan a network and generate a Layer 2 network diagram C. to securely manage and deploy network devices to provide Layer 3 services to autonomous access ports.
A network analyst is tasked with configuring the date and time on a router using EXEC mode. The date must be set to January 1,2020 and the time must be set to 12:00 am. What command should be used? clock timezone clock summer-time recurring clock summer-time date clock set.
What is a similarity between 1000BASE-LX and 1000BASE-T standards? Both cable types support RJ-45 connectors. Both support up to 550 meters between nodes. Both cable types support LR connectors. Both use the same data-link header and trailer formats.
An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration for a Secure Shell access RSA key? crypto key pubkey-chain rsa crypto key zeroize rsa crypto key generate rsa crypto key import rsa pem.
What are two characteristics of a controller-based network? (Choose two.) It moves the control plane to a central point. It decentralizes the control plane, which allows each device to make its own forwarding decisions It uses northbound and southbound APIs to communicate between architectural layers. The administrator can make configuration updates from the CLI It uses Telnet to report system issues.
Which two REST API status-code classes represent errors? (Choose two.) 3XX 5XX 2XX 1XX 4XX.
Which access point mode relies on a centralized controller for management, roaming, and SSID configuration? Repeater mode Lightweight mode Bridge mode Autonomous mode.
The SW1 interface g0/1 is in the down/down state. What are two reasons for the interface condition? (Choose two.) The interface is shut down The interface is error-disabled There is a speed mismatch There is a protocol mismatch There is a duplex mismatch.
Refer to the exhibit. Which route type is configured to reach the internet? network route floating static route host route default route.
Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEthernet3/1/4 port on a switch? The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1 The phone and a workstation that is connected to the phone send and receive data in VLAN 50 The phone and a workstation that is connected to the phone do not have VLAN connectivity The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity.
Which encryption method is used by WPA3? PSK TKIP SAE AES.
Refer to the exhibit. Which switch becomes the root of the spanning tree?
Switch1
BID: 32778 00XX.XXXX.XXXX
Switch2
BID: 24586 01XX.XXXX.XXXX
Switch3
BID: 28682 00XX.XXXX.XXXX
Switch4
BID: 64000 0eXX.XXXX.XXXX Switch1 Switch2 Switch4 Switch3.
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two.) ASCII hexadecimal decimal binary base64.
A corporate office uses four floors in a building.
- Floor 1 has 24 users
- Floor 2 has 29 users
- Floor 3 has 28 users
- Floor 4 has 22 users
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration? 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor.
Refer to the exhibit. A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the information sent via LLDP is refreshed every 3 minutes. Which configuration must the engineer apply? Switch2(config)# lldp timer 1
Switch2(config)# lldp tlv-select 3 Switch2(config)# lldp timer 1
Switch2(config)# lldp holdtime 3 Switch2(config)# lldp timer 60
Switch2(config)# lldp tlv-select 180 Switch2(config)# lldp timer 60
Switch2(config)# lldp holdtime 180.
Refer to the exhibit. A network engineer must configure R1 so that it sends all packets destined to the 10.0.0.0/24 network to R3, and all packets destined to PC1 to R2. Which configuration must the engineer implement? R1(config)#iproute 10.0.0.0 255.255.255.0 172.16.0.2
R1(config)#iproute 10.0.0.5 255.255.255.255 192.168.0.2 R1(config)#iproute 10.0.0.0 255.255.0.0 192.168.0.2
R1(config)#iproute 10.0.0.0 255.255.255.0 172.16.0.2 R1(config)#iproute 10.0.0.0 255.255.0.0 172.16.0.2
R1(config)#iproute 10.0.0.5 255.255.255.255 192.168.0.2 R1(config)#iproute 10.0.0.0 255.255.255.0 192.168.0.2
R1(config)#iproute 10.0.0.5 255.255.255.255 172.16.0.2.
Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computers must be able to access the web server. Which configuration when applied to switch A accomplishes this task? config t
ip access-list extended wwwblock
permit ip any any
deny tcp any host 10.30.0.100 eq 80
int vlan 20
ip access-group wwwblock in config t
ip access-list extended wwwblock
deny tcp any host 10.30.0.100 eq 80
int vlan 10
ip access-group wwwblock in config t
ip access-list extended wwwblock
deny tcp any host 10.30.0.100 eq 80
permit ip any any
int vlan 20
ip access-group wwwblock in config t
ip access-list extended wwwblock
permit ip any any
deny tcp any host 10.30.0.100 eq 80
int vlan 30
ip access-group wwwblock in.
Refer to the exhibit. An engineer is asked to configure Router 1 so that it forms an OSPF single-area neighbor relationship with R2. Which command sequence must be implemented to configure the router? router ospf 100
network 10.0.0.0 0.0.0.3 area 0
network 10.0.2.0 255.255.255.0 area 0 router ospf 10
network 10.0.0.0 0.0.0.3 area 0
network 10.0.2.0 0.0.0.255 area 0 router ospf 10
network 10.0.0.0 0.0.0.3 area 0
network 10.0.1.0 0.0.0.255 area 0 router ospf 100
network 10.0.0.0 0.0.0.255 area 0
network 10.0.1.0 0.0.0.255.
Refer to the exhibit. Web traffic is comming from the WAN interface. Which route takes precedence when the router is processing traffic destined for the LAN network at 10.0.10.0/24 via next-hop 10.0.1.5 via next-hop 10.0.1.100 via next-hop 10.0.1.4 via next-hop 10.0.1.50.
Refer to the exhibit. Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches? interface range G1/1-1/3
switchport mode access
channel-group 1 mode on
no shutdown interface range G1/1-1/3
switchport mode trunk
channel-group 1 mode desirable
no shutdown interface range G1/1-1/3
switchport mode trunk
channel-group 1 mode active
no shutdown interface range G1/1-1/3
switchport mode access
channel-group 1 mode passive
no shutdown.
Refer to the exhibit. What does router 1 use as its OSPF router-ID? 10.10.10.20 192.168.0.1 172.16.15.10 10.10.1.10.
In software defined architectures, which plane is distributed and responsible for traffic forwarding? data plane policy plane control plane management plane.
Which 802.11 frame type is Association Response? action control management protected frame.
What are two characteristics of an SSID? (Choose two.) It can be hidden or broadcast in a WLAN It uniquely identifies an access point in a WLAN It is at most 32 characters long It provides secured access to a WLAN It uniquely identifies a client in a WLAN.
Refer to the exhibit. What action establishes the OSPF neighbor relationship without forming an adjacency? modify hello interval modify process ID modify network type modify priority.
Refer to the exhibit. Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.) R3(config)# interface fastethernet 0/0
R3(config-if)# ip ospf priority 200 R1(config)# interface fastethernet 0/0
R1(config-if)# ip ospf priority 0 R3(config)# interface fastethernet 0/0
R3(config-if)# ip ospf priority 0 R1(config)# router ospf 1
R1(config-router)# router-id 192.168.100.1 R1(config)# interface fastethernet 0/0
R1(config-if)# ip ospf priority 200.
What is a difference between RADIUS and TACACS+? TACACS+ encrypts only password information, and RADIUS encrypts the entire payload RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop and interim commands TACACS+ separates authentication and authorization, and RADIUS merges them RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication.
Refer to the exhibit. What is the effect of this configuration? All ARP packets are dropped by the switch. Egress traffic is passed only if the destination is a DHCP server The switch discards all ingress ARP traffic with invalid MAC-to-IP address bindings All ingress and egress traffic is dropped because the interface is untrusted.
Which type of network attach overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted? Amplification SYN flood Teardrop Reflection.
Refer to the exhibit. Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement? Enable CCKM under Authentication Key Management Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management Set the Fast Transition option and the WPA gtk-randomize State to disable Under Protected Management Frames, set the PMF option to Required.
What is a function of a remote access VPN? used exclusively when a user is connected to a company's internal network allows the users to access company internal network resources through a secure tunnel establishes a secure tunnel between two branch sites uses cryptographic tunneling to protect the privacy of data for multiple users simultaneously.
Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned? 38443 0 3184439 110.
What is a function of Opportunistic Wireless Encryption in an environment? offer compression increase security by using a WEP connection provide authentication protect traffic on open networks.
What is the same for both copper and fiber interfaces when using SFP modules? They offer reliable bandwidth up to 100 Mbps in half duplex mode They provide minimal interruption to services by being hot-swappable They support an inline optical attenuator to enhance signal strength They accomodate single-mode and multi-mode in a single module.
Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task? access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22 access-list 2699 permit udp 10.20.1.0 0.0.0.255 no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22 no access-list 2699 deny ip any 10.20.1.0 0.0.0.255.
Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two.) blocking forwarding listening learning speaking.
What are two fundamentals of virtualization? (Choose two.) It allows multiple operating systems and applications to run independently on one physical server. The environment must be configured with one hypervisor that serves solely as network manager to monitor SNMP traffic. It requires that some servers, virtual machines, and network gear reside on the internet. It allows a physical router to directly connect NICs from each virtual machine into the network It allows logical network devices to move traffic between virtual machines and the rest of the physical network.
Refer to the exhibit. Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two.) transport input ssh crypto key generate rsa 1024 line vty 0 4 ip ssh version 2 username CNAC secret R@!.
A router running EIGRP has learned the same route from two different paths. Which parameter does the ruter use to select the best path? administrative distance cost metric as-path.
Refer to the exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the New York router? (Choose two.) ipv6 route 2000:1/128 2012::1 ipv6 route 2000:1/128 2012::2 ipv6 route 2000:1/128 s0/0/1 ipv6 route 2000:3/128 2023::3 ipv6 route 2000:3/128 s0/0/0.
Which action implements physical access control as part of the security program of an organization? backing up syslogs at a remote location configuring enable passwords on network devices setting up IP cammeras to monitor key infrastructure configuring a password for the console port.
Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report intermittent connectivity issues with applications hosted at SiteB. What is the cause of the intermittent connectivity issue? Interface errors are incrementing High usage is causing high latency The sites were connected with the wrong cable type An incorrect SFP media type was used at SiteA.
Refer to the exhibit. Which next-hop IP address does Router1 use for packets destined to host 10.10.13.158? 10.10.12.2 10.10.10.5 10.10.11.2 10.10.10.9.
Which type of organization should use a collapsed-core architecture? large and requires a flexible, scalable network design large and must minimize downtime when hardware fails small and needs to reduce networking costs currently small but is expected to grow dramatically in the near future.
Refer to the exhibit. Which prefix does Router1 use for traffic to Host A? 10.10.30.0/25 10.10.13.144/28 10.10.10.0/28 10.10.13.208/29.
What is a capability of FTP in network management operations? offers proprietary support at the session layer when transferring data devices are directly connected and use UDP to pass file information encrypts data before sending between data resources uses separate control and data connections to move files between server and client.
What is the primary effect of the spanning-tree portfast command? It minimizes spanning-tree convergence time It enables BPDU messages It immediately puts the port into the forwarding state when the switch is reloaded It immediately enables the port in the listening state.
What is a benefit of VRRP? It provides the default gateway redundancy on a LAN using two or more routers It prevents loops in a layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final forwarding decision It allows neighbors to share routing table information between each other It provides traffic load balancing to desinations that are more than two hops from the source.
Refer to the exhibit. What is expected when PC_A sends data to PC_B after the initial communication? The source and destination MAC addresses remain the same The destination MAC address is replaced with ffff.ffff.ffff The source MAC address is changed The switch rewrites the source and destination MAC addresses with its own.
Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2? 192.168.16.0/27 192.168.16.0/24 192.168.26.0/26 192.168.16.0/21.
Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? username cisco password 0 cisco crypto key generate rsa transport input telnet login console ip ssh pubkey-chain.
Refer to the exhibit. The link between PC1 and the switch is up, but it is performing poorly. Which interface condition is causing the performance problem? There is an issue with the fiber on the switch interface There is a duplex mismatch on the interface There is an interface type mismatch There is a speed mismatch on the interface.
The link between PC1 and the switch is up, but it is performing poorly. Which interface condition is causeing the performance problem? There is an issue with the fiber on the switch interface. There is a duplex mismatch on the interface There is an interface type mismatch There is a speed mismatch on the interface.
An engineer is configuring the New York router to reach the Lo1 interface of the Atlanta router using interfacce Se0/0/0 as the primary path. Which two commands must be configured on the New YOrk router so that it can reach the Lo1 interface of the Atlanta router via Washinton when the link between New York and Atlanta goes down?(Choose two.) ipv6 route 2000::1/128 2012::1 ipv6 route 2000::1/128 2012::2 ipv6 route 2000::1/128 2012::1 5 ipv6 route 2000::1/128 2023::2 5 ipv6 route 2000::1/128 2023::3 5.
Which command implies the use of SNMPv3? snmp-server user snmp-server community snmp-server host snmp-server enable traps.
Which QoS traffic handling technique retains excess packets in a queue and reschedules thse packets for later transmission when the configured maximum bandwidth has been surpassed? weighted random early detection traffic policing traffic prioritization traffic shaping.
Why was the RFC 1918 address space defined? reduce instances of overlapping IP adresses support the NAT protocol conserve public IPv4 addressing preserve public IPv6 adress space.
Which field within the access-request packet is encrypted by RADIUS? username authorized services authenticator password.
Which function is performed by the collapsed core layer in a two-tier architecture? attaching users to the edge of the network marking interesting traffic for data policies enforcing routing policies applying security policies.
What is the function of northbound API? It provides a path between and SDN controller and network applications It upgrades software and restore files It supports distributed processing for configuration It relies on global provisioning and configuration.
An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previosly configured. Which command accomplishes this task? switchport trunk allowed vlan 104 switchport trunk allowed vlan 100-104 switchport trunk allowed vlan add 104 switchport trunk allowed vlan all.
Users need to connect the wireless network with IEEE 802.11r-comptible devices. The connection must be maintained as users travel between floors or to the others areas in the building. What must be the configuration of the connection? Disable AES encryption Select the WPA Policy option with the CCKM option Enable Fast Transition and select the FT PSK option Enable Fast Transition and select the FT 802.1X option.
All traffic enters the CPE router from the interface Serial0/3 with an IP address 192.168.50.1. Web traffic from the WAN is destined for a LAN network where servers are load-balanced. An IP packet with a destination address of the HTTP virtual IP of 192.168.1.250 must be forwarded. Which routing table entry does the router use? 192.168.1.0/24 via 192.168.12.2 192.168.1.224/27 via 192.168.15.5 192.168.1.128/25 via 192.168.13.3 192.168.1.192/26 via 192.168.14.4.
In software-defined architecture, which plane handles switching for traffic through a Cisco router? Control Management application data.
Which command must be entered to configure a DHCP relay? ip dhcp relay ip address dhcp ip dhcp pool ip helper-address.
An engineer needs to configure LLDP to send the port description type length value (TLV). What command sequence must be implemented? switch(config-line)#lldp port-description switch(config)#lldp port-description switch#lldp port-description switch(config-if)#lldp port description.
An engineer must configure GigabitEthernet1/1 to accomodate voice and data traffic. Which configuration accomplishes this interface gigabitethernet1/1
switchport mode trunk
switchport trunk vlan 300
switchport voice vlan 400 interface gigabitethernet1/1
switchport mode access
switchport voice vlan 300
switchport access vlan 400 interface gigabitethernet1/1
switchport mode trunk
switchport trunk vlan 300
switchport trunk vlan 400 interface gigabitethernet1/1
switchport mode access
switchport access vlan 300
switchport voice vlan 400.
Which JSON data type is an unordered set of attribute-value pairs? String Object Array Boolean.
What differentiates device management enabled by Cisco DNA Center from traiditional campus device management? centralized CLI-oriented device per device device-by-device hands-on.
What are network endpoints? a threat to the network if they are compromised act as routers to connect a user to the service provider network support inter-VLAN connectivity enforce policies for campus-wide traffic going to the internet.
A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which commands set the configures the IP connectivity between devices located on both LANs in each site? R1
ip route 0.0.0.0 0.0.0.0 209.165.200.226
R2
ip route 0.0.0.0 0.0.0.0 209.165.200.225 R1
ip route 0.0.0.0 0.0.0.0 209.165.200.225
R2
ip route 0.0.0.0 0.0.0.0 209.165.200.226 R1
ip route 192.168.1.1 255.255.255.0 GigabitEthernet0/1
R2
ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/1 R1
ip route 192.168.1.0 255.255.255.0 GigabitEthernet0/0
R2
ip route 10.1.1.1 255.255.255.0 GigabitEthernet0/0.
Which action does the router take as it fowards a packet through the network? The router replaces the original source and destination MAC addresses with sending router MAC address as the source and neighbor MAC address as the destination The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address as the destination The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit tranparently to the destination.
Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time? link-local address anycast address multicast address global unicast address.
Which two components compromise part of a PKI?(choose two.)
one of more CRLs cleat-text password that authenticates connections preshared key that authenticates connections RSA token CA that grants certificates.
Users on existing VLAN 100 can reach sites on the internet. Which action must the administrator take to establish connectivity to the internet for users in VLAN 200? Define a NAT pool on the router Configure static NAT translations for VLAN 200 configure the *ip nat outside* command on another interface for VLAN 200 update the NAT_INSIDE_RANGES ACL.
After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN based on their credentials? Enable the Event Driven RRM Diable the LAG Mode on Next Reboot Enable the Authorize MIC APs against auth-list or AAA Enable the Allow AAA Override.
Which action must be taken to ensure that router A is elected as the DR of OSPF area 0? Configure router A with a fixed OSPF router ID Configure the OSPF priority on router A with the lowest value between the three routers Configure router B and router C as OSPF neighbors of router A Configure the router A interfaces with the highest OSPF priority value within the area.
Which switch becomes the root of a spanning tree for VLAN 20 if all links are of equal speed?
SW1=24596 0018.XXXX.XXXX
SW2=28692 004a.XXXX.XXXX
SW3=32788 0022.XXXX.XXXX
SW4=64000 0040.XXXX.XXXX SW3 SW1 SW4 SW2.
Rotuer R1 is added to the network and configured with the 10.0.0.64/26 and 10.0.20.0/24 subnets. However, traffic destined for the LAN on R3 is not accessible. Which command when executed on R1 defines a static route to rech the R3 LAN? ip route 10.0.0.64 255.255.255.192 10.0.20.3 ip route 10.0.15.0 255.255.255.0 10.0.20.1 ip route 10.0.15.0 255.255.255.192 10.0.20.1 ip route 10.0.15.0 255.255.255.0 10.0.20.3.
A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and instert it into the table automatically? enable sticky MAC addressing implement static MAC addressing enable dynamic MAC address learning implement auto MAC address learning.
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode? Full 2-way Exchange Init.
In which situations is private IPv4 addressing appropiate for a new subnet on the network of an organization? The ISP requires the new subnet to be advertised to the internet for web services There is limited unique address space, and traffic on the new subnet will stay local within the organization The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts Traffic on the subnet must traverse a site-to-site VPN to an outside organization.
Which two spanning-tree states are bypassed on an interface running PortFast? (choose two) listening learning blocking forwarding disabled.
if OSPF is running on this network, how does Router2 handle traffic from site B to 10.10.13.128/25 at Site A? It sends packets out of interface Fa0/1 It load-balances traffic out of Fa0/1 and Fa0/2 It sends packets out of interface Fa0/2 It is unreacheable and discards the traffic.
Which plane is centralized by an SDN controller? services-plane management-plane control-plane data-plane.
What is a requirement when configuring or removing LAG on a WLC? The incoming and outgoing ports for a traffic flow must be specified if LAG is enabled Multiple untagged interfaces on the same port must be supported The management interface must be reassigned if LAG is disabled The controller must be rebooted after enabling or reconfiguring LAG.
What is a function of spine-and-leaf architecture? Exclusively sneds multicast traffic between servers that are directly connected to the spine offers predictable latency of the traffic path between end devices limits payload size of traffic within the leaf layer mitigates oversubscription by adding a layer of leaf switcher.
Which Later 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic separation between the VLANs? VLAN numbering VLAN DSCP VLAN marking VLAN tagging.
Which actions is taken by the data plane within a network device? constructs a routing table based on a routing protocol looks up an egress interface in the forwarding information base forwards traffic to the next hop provides CLI access to the network device.
What are two descriptions of three-tier network topologies? (choose two.) The core and distribution layers perform the same functions The distribution layer runs Layer 2 and Layer 3 technologies The core layer maintains wired connections for each host The network core is designed to maintain continuous connectivity when devices fail The access layer manages routing between devices in different domains.
How many objects are present in the given JSON-encoded data? seven one four nine.
How does the dynamically-learned MAC address feature function? The CAM table is empty until ingress thraffic arrives at each port The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses It requires a minimum number of secure MAC addresses to be filled dynamically Switches dynamically learn MAC addresses of each connecting CAM table.
WHich value is the unique identifier that an access point used to establish and maintain wireless connectivity to wireless network devices? SSID WLAN ID VLAN ID RFID.
What are two benefits of FHRPs? (choose two) They allow encrypted traffic They are able to bundle multiple ports to increase bandwidth They allow multiple devices lo sever as a single virtual gateway for clients in the network They enable automatic failover of the default gateway They prevent loops in the Layer 2 network.
Which HTTP status code is returned after a successfull REST API request? 404 301 200 500.
A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server? DHCP Snooping a DHCP Pool DHCP Binding a DHCP Relay Agent.
A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task? access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq scp access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq https access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq ssh.
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe, but the link could have contained malicious code. Which type of security program is in place? user awareness physical access control social engineering attack brute force attack.
How does WPA3 improve security? It uses a 4-way handshake for authentication It uses TKIP for encryption It uses RC4 for encryption It uses SAE for authentication.
What is the next hop address for traffic that is destined to host 10.0.1.5? Loopback 0 10.0.1.4 10.0.1.3 10.0.1.50.
An engineer is configuring an EtherChannel using LACP between Switches 1 and 2. Which configuration must be applied so that only Switch 1 sends LACP initiation packets? Switch1(config-if)#channel-group 1 mode passive
Switch2(config-if)#channel-group 2 mode active Switch1(config-if)#channel-group 1 mode on
Switch2(config-if)#channel-group 2 mode active Switch1(config-if)#channel-group 1 mode active
Switch2(config-if)#channel-group 2 mode passive Switch1(config-if)#channel-group 1 mode on
Switch2(config-if)#channel-group 2 mode passive.
After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. What is the reason for the problem? The OSPF process IDs are mismatched The OSPF router IDs are mismatched The network statement on Router1 is misconfigured Router2 is using the default hello timer.
A port security violation has ocurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment the security-violation count and forward an SNMP trap? switchport port-security violation restrict switchport port-security violation access switchport port-security violation protect switchport port-security violation shutdown.
What is a function of a Next-Generation IPS? serves as a controller within a controller-based network integrates with a RADIUS server to enforce Layer 2 device authentication rules analyzes and mitigates observed vulnerabilities in a network makes forwarding decisions based on learned MAC addresses.
Router R2 is configured with multiple routes to reach network 10.1.1.0/24 from router R1. Which path is chosen by router R2 to reach the destination network 10.1.1.0/24? static OSPF eBGP EIGRP.
Which QoS per-hop behavior changes value of the ToS field in the IPv4 packet header? Marking Shaping Classification Policing.
An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the work. Which additional task allows the two switches to establish an LACP port channel? Change the channel-group mode on SW1 to *active* or *passive* Configure the interfaces port-channel 1 command on both switches Change the channel-group mode on SW2 to auto Change the channel-group mode on SW1 to desirable.
Which path is used by the router for internet traffic? 10.10.13.0/24 209.165.200.0/27 10.10.10.0/28 0.0.0.0/0.
What is the difference in data transmission delivery and reliability between TCP and UDP? UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmit data at a higher rate with error checking. TCP requires the connection to be established before the trasmitting data. UDP transmits data at a higher rate without ensuring packet delivery TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end. UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.
Which protocol uses the SSL? Telnet HTTPS HTTP SSH.
What is the difference between IPv6 unicast and anycast addressing? Unlike an IPv6 anycast addresses, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes IPv6 anycast nodes must be explicitly configured to a recognize the anycast address, but IPv6 unicast nodes require no special configuration IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration An individual IPv6 unicast address is supported on a single interface on one node, but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.
What causes a port to be placed in the err-disabled state? *shutdown* command issued on the port link flapping nothing plugged into the port latency.
The ntp server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock? Router2(config)#ntp server 192.168.0.2 Router2(config)#ntp server 172.168.0.1 Router2(config)#ntp master 4 Router2(config)#ntp passive.
Drag and drop Cisco IOS attack mitigation features from the left onto the types of network attack the mitigate on the right DHCP snooping Dynamic ARP inspection IP source Guard Storm control .
refer to the exhibit. The Ip address configuration must be completed on the DC-1 and HQ-1 routers based on these requirements:
DC-1 Gi1/0 must be the last usable address on a /30
DC-1 Gi1/1 must be the first usable address on a /29
DC-1 Gi/2 must be the last usable address on a /28
HQ-1 Gi1/3 must be the last usable address on a /29
Select and place Your Response
Ip address 192.168.4.9 255.255.255.248 ip address 192.168.3.14 255.255.255.240 ip address 209.165.202.129 255.255.255.252 ip address 192.168.4.13 255.255.255.240 Ip address 209.165.202.130 255.255.255.252 ip address 209.165.202.131 255.255.255.252 ip address 192.168.3.14 255.255.255.248 .
Drag and drop the TCP or UDP details from the left onto their corresponfing protocols on the right Used to reliably share files between devices appropriate for streaming operations with minimal latency provides best effort service supports reliable data transmission.
Drag and drop the Cisco Wireless LAN controller security settings from the left onto the correct security mechanism categories on the right web policy Passthrough WPA+WPA2 802.1X .
Drag and drop the descriptions of AAA services from left onto the corresponding services on the right allows the user to change to enable mode limits the user´s access permissions logs session statistics record user commands secures access to routers validates user credentials .
Refer to the exhibit. An engineer is required to verify that the network parameters are valid for the users wirelesss LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used 192.168.1.1 192.168.1.20 192.168.1.254 192.168.1.255 B8-76-3F-7C-57-DF 1A-76-3F-7C-57-DF 182.168.1.0 .
Drag and drop the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right send retransmissions sequence trnasmissions include on 8-byte header transmits packets as a stream transmits packets individually uses a higher transmission rate to support latency sensitive applications uses a lower transmissions rate ensure reliability .
Drag and drop the SNMP manager and agent identifier from the left onto the left onto the functions on the right show snmp chassis show snmp community show snmp engineID show snmp group show snmp host .
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right 2001:db8:600d:café::123 fcba:926a:e8e:7a25:b1:c6d2:1a76:6fdc fd6d:c83b:5cef:b6b2::1 3ffe:e54d:620:a87a::f00d .
Drag the descriptions of device management from the left onto the type of devices on the right Implemetns changes via an SSH terminal manages device configuration on a per device basis monitors the cloud for software updates security is managed near the perimeter of the network with the firewalls VPNs and IPS uses CLI templates to apply a consistent configuration to multiple devices at an individual location uses netflow to analyze potential security threats throughout the network and take appropriate action on that traffic .
Drag and drop the Ipv 6 address descriptions from the left onto the IPv6 address types on the right Not all options are used Ipv6 address in the format FF02::5 Ipv6 addresses that begin with FD may be used by multiple organizations at the same time private IPv6 addresses serve as next hop addresses unable to serve as destination addresses.
Drag and drop the Qos terms from the left onto the descriptions on the right class based weighted fair queueing classification congestion policing shaping .
Drag and drop the application protocols from the left onto the transport protocols that it uses on the right DHCP FTP SMTP SSH SNMP TFTP .
Drag and Drop the statements about networking from the left onto the corresponding networking types on the right Not all statements are used This type deploys a consistent configuration across multiple devices a distributed control plane is needed This type requires a distributed management plane Southbound APIs are used to apply configurations Northbound APIs interact with end devices.
Refer to the exhibit. An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and Drop the node identifiers from the left onto the network parameters on the right. Not all values are used. 192.168.1.1 1892.168.1.20 192.168.1.254 192.168.1.255 B8-76-3F-7C-57-DF .
Drag and drop the HTTP verbs from the left onto the API operations on the right DELETE GET PATCH POST PUT .
Drag And Drop (el resto de la pregunta no se ve) Provides local control for network segments using a client server scheme reduces the administrative burden for onboarding end users associates hostnames to ip addresses maintains and address pool assigns Ip addresses to local hosts for a configurable lease time offers domain name server configuration uses authoritative servers for record keeping.
Drag and drop IPv6 addresses from the left onto the corresponding address types on the right 3ffe:e54d:620:a87a:f00d fd6d:c83b:5cef:b6b2::1 fe80::a00:27ff:feeb:89aa ff05::1:3 .
Drag and Drop the IPv6 address type characteristics from the left to the right configured only once per interface equivalent to public IPv4 addresses attached to a single subnet routable and reachable via the internet .
Drag and drop the IPv6 addresses the left onto the corresponding address types on the right fe80::a00:27ff:feeb:89aa ff05::1:3 3ffe:e54d:620:a87a:f00d 2001:db8:600d:café::123 .
Drag and drop the TCP/IP protocols form the left onto their primary transmissions protocols on the right
DNS HTTP RTP SMTP SNMP Telnet .
Drag and drop the wi fi terms from the left onto the descriptions on the right distribution system extended service set independent basic service set infrastructure mode SSID.
Drag and drop the AAA terms from the left onto the descriptions on the right accounting authentication authorization CoA .
Drag and Drop the elements of a security program from the left onto the corresponding descriptions on the right awareness education security policy security standard training .
Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used configured and managed by a WLC accessible for management via Telnet, SSH, or a Web Gui supports different operational modes requires a management IP address supports automatic deployment .
Drag and drop the function of SNMP fault management from the left onto the definitions on the right event correlation and aggregation fault detection fault diagnosis and isolation problem resolution restoration of service .
Refer to the exhibit Drag and drop the networking parameters from the left onto the correct values on the right Default gateway Host IP address NIC MAC address NIC vendor OUI Subnet mask .
Drag and drop the statements about networking from the left onto the corresponding networking types on the right This type allows better control over how networks work and how networks are configured This type enables networks to integrate with applications through APIs New devices are configured using the physical infrastructure This type provisions resources from a centralized location This type requires a distributed control plane .
An engineer is tasked to configure a switch with port security to ensure devices that forward unicast multicasts and bradcasts are unable to flood the port. The port must be configured to permit only two random MAC addresses at a time. Drag and drop the required configuration commands from the left onto the sequence on the right. Not all commands are used switchport mode access switchport port security switchport port security mac address 0060.3EDD.77AB switchport port security mac address 00D0.D3ED.622A switchport port security mac address sticky switchport port security maximum 2 switchport port security violation shutdown .
Drag and drop the TCP or UDP details from the left onto their corresponfding protocols on the right transmitted based on data contained in the packet without the need for a data channel requires the client and the server to establish a connection before sending the packet provides best effort service supports reliable data transmission .
Drag and Drop the application protocols from the left onto the transport protocols that it uses on the right DHCP FTP SMTP SSH SNMP TFTP.
Drag and drop the IPv6 DNS record types from the left onto the description on the right AAAA CNAME NS PTR SOA .
Refer to the exhibit Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right. Not all prefixes are used 255.255.255.128 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252.
Drag and drop the descriptions from the left onto the correct configuration management technologies on the right fundamental configuration elements are stopped in a manifest uses TCP port 10002 for the configuration push jobs uses Ruby for fundamental configuration elements uses SSH for remote device communication uses TCP 8140 for communication uses YAML for fundamental configuration elements .
Drag and drop the IPv6 address type characteristics from the left to the right addresses with prefix FC00:/7 configured only once per interface attached to a single subnet addressing for exclusive use internally without internet routing .
|
