200-301 Cisco Certified Network Associate Question and Answers

The frame is processed in VLAN 5.

The frame is processed in VLAN 11

The frame is processed in VLAN 1

The frame is dropped

TCP port 443 and UDP 21 are used.

Control and data traffic encryption are enabled.

The tunnel uses the IPsec protocol for encapsulation.

The tunnel uses the EolP protocol to transmit data traffic.

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

mesh

local

bridge

point-to-point

Set the File Type to Code, set the Transfer Mode to SFTP, and specify the IP address of the WLC.

Set the File Type to Configuration, set the Transfer Mode to FTP, and specify the IP address of the file server.

Set the File Type to Code, set the Transfer Mode to SFTP, and specify the IP address of the file server.

Set the File Type to Configuration, set the Transfer Mode to SFTP, and specify the IP address of the WLC.

switchport mode trunk channel-group 1 mode active

no switchport channel-group 1 mode active

no switchport channel-group 1 mode on

switchport switchport mode trunk

distribution

service

AP-manager

virtual

0

192.168.10.2

24

1

uses dynamic IP address assignment

allows two or more routers to act as a default gateway

uses a destination IP address 224.0.0.102 for router-to-router communication

uses Cisco-proprietary First Hop Redundancy Protocol

to establish an encrypted tunnel between a remote user and a private network over the internet

to allow access to an enterprise network using any internet-enabled location via a web browser using SSL

to provide a secure link between an HTTPS server, authentication subsystem, and an end-user

to use cryptography for authentication between a device and user over a negotiated VPN gateway

Centralized cloud management platform

Central WLC

Individual AP

Client device

Uncheck the WPA Policy option check box, and check the WPA2 Policy option check box.

Uncheck the MAC Filtering option check box.

Change the WPA Encryption option from TKIP to CCMP(128AES).

Set the Security Type option to Personal.

Set the Layer 2 Security option to None.

255.255.255.224

255.255.255.248

255.255.255.0

255.255.255.252

To support DES 56-bit and 3DES (168-bit) ciphers

To enable secured access to the inbound management interface

To validate management access with username and domain name only

To allow passwords protected with HTTPS encryption to be sent

Uses routers to create collision domains

Responsible for sending data in a particular sequence

Avoids MAC address storage for faster transmission

Uses the data link layer for communications

TCP ensures ordered, reliable data delivery, and UDP offers low latency and high throughput.

TCP is used for transmitting data over the internet, and UDP is used for transmitting data over a local network.

TCP manages multicast and broadcast data transfers, and UDP only handles unicast communications.

TCP is used to ensure data integrity in a file transfer, and UDP is used to broadcast a message to multiple recipients.

It interoperates with ISE to define and manage patch and update schedules.

It performs configuration updates based on user profiles.

It improves the efficiency of system lifecycle management.

It provides a reactive support model.

They are allocated by the same organization.

They are routable on the global internet.

They use the same process for subnetting.

They are part of the multicast IPv6 group type.

The domain name server is unreachable.

LAN and WAN network segments are different.

IP address assignment is incorrect.

The default gateway should be the first usable IP address.

alleviates the shortage of IPv4 addresses

reduces the forwarding table on network routers

enables secure connectivity over the internet

used as the NAT outside global IP address

value

object

array

key

It is a type of operating system virtualization that allows the host operating system to control the different CPU memory processes.

It emulates a physical computer and enables multiple machines to run with many operating systems on a physical machine.

It separates virtual machines from each other and allocates memory, processors, and storage to compute.

It contains a guest operating system and virtual partition of hardware for OS and requires application libraries.

TCP tracks segments being transmitted or received by assigning segment numbers, and UDP adjusts data flow according to network conditions.

TCP establishes a connection with the device on the other end before transferring, and UDP transfers without establishing a connection.

TCP sends data at a constant rate with error checking on upper protocol layers, and UDP provides error-checking and sequencing.

TCP immediately transmits data without waiting for a handshake, and UDP awaits a response from the receiver before sending additional data.

Content-Type: application/json

Accept-Encoding: application/json

Accept: application/json

Accept-Language: application/json

They anticipate future traffic spikes.

They assign IP addresses to devices.

They select correct cabling types for deployment.

They solely monitor historical traffic volumes.

switchport mode dynamic desirable

switchport mode trunk

switchport nonegotiate

switchport mode dynamic auto

II exclusively predicts device malfunctions.

It enhances data packet delivery speeds.

It simplifies traffic route mapping.

It analyzes patterns for anomaly detection.

DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

F0/7

F0/5

F0/4

F0/6

QinQ

ISL

PAgP

LAG

10.56.65.56

10.56.65.65

10.65.56.56

10.65.65.65

port-to-multipoint

broadcast

point-to-point

nonbroadcast

Enable LLDP globally

Disable autonegotiation

Disable Cisco Discovery Protocol on the interface

Enable LLDP-MED on the ISP device

when the sending device waits 15 seconds before sending the frame again

when the cable length limits are exceeded

when one side of the connection is configured for half-duplex

when Carrier Sense Multiple Access/Collision Detection is used

when a collision occurs after the 32nd byte of a frame has been transmitted

CAR

CBWFQ

PQ

PBR

FRTS

It disables unused services.

It deploys network firmware updates.

It creates synthetic network configurations.

It computes optimal data storage solutions.

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

switchport mode trunk

switchport mode dynamic desirable

switchport mode dynamic auto

switchport nonegotiate

192.168.16.0/21

192.168.16.0/24

192.168 26.0/26

192.168.16.0/27

Option A

Option B

Option C

Option D

The interface is not participating in OSPF

A point-to-point network type is configured

The default Hello and Dead timers are in use

There are six OSPF neighbors on this interface

ip helper-address

ip address dhcp

ip dhcp pool

ip dhcp relay

209.165.200.254 via Serial0/0/1

209.165.200.254 via Serial0/0/0

209.165.200.246 via Serial0/1/0

209.165.200.250 via Serial0/0/0

internal BGP route

/24 route of a locally configured IP

statically assigned route

route learned through EIGRP

policy plane

management plane

control plane

data plane

802.1x

IP Source Guard

MAC Authentication Bypass

802.11n

propagates VLAN information between switches

listens to multicast traffic for packet forwarding

provides DDoS mitigation

rate-limits certain traffic

Option A

Option B

Option C

Option D

reduced operational costs

reduced hardware footprint

faster changes with more reliable results

fewer network failures

increased network security

Interface errors are incrementing

An incorrect SFP media type was used at SiteA

High usage is causing high latency

The sites were connected with the wrong cable type

to analyze traffic and drop unauthorized traffic from the Internet

to transmit wireless traffic between hosts

to pass traffic between different networks

forward traffic within the same broadcast domain

They prevent (oops in the Layer 2 network.

They allow encrypted traffic.

They are able to bundle muftlple ports to increase bandwidth

They enable automatic failover of the default gateway.

They allow multiple devices lo serve as a single virtual gateway for clients in the network

It ignores the new static route until the existing OSPF default route is removed

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

It starts load-balancing traffic between the two default routes

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

traverse the Internet when an outbound ACL is applied

issued by IANA in conjunction with an autonomous system number

composed of up to 65.536 available addresses

used without tracking or registration

large and requires a flexible, scalable network design

large and must minimize downtime when hardware fails

small and needs to reduce networking costs currently

small but is expected to grow dramatically in the near future

provides an added level of protection against Internet exposure

provides a reduction in size of the forwarding table on network routers

allows communication across the Internet to other private networks

allows servers and workstations to communicate across public network boundaries

array

string

object

Boolean

DTP

FTP

SMTP

TFTP

Host that is configured for the system to send log messages

password that authenticates a Network Management System to receive log messages

group of log messages associated with the configured severity level

set of values that represent the processes that can generate a log message

It omits supports auto-discovery of network elements in a greenfield deployment.

It modular design allows someone to implement different versions to meet the specific needs of an organization

It abstracts policy from the actual device configuration

It does not support high availability of management functions when operating in cluster mode

enable AAA override

enable RX-SOP

enable DTIM

enable Band Select

The user swipes a key fob, then clicks through an email link

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

The user enters a user name and password and then re-enters the credentials on a second screen

Perform a lookup in the MAC address table and discard the frame due to a missing entry.

Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.

Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame.

Flood the frame out of all ports except on the port where Sales-1 is connected.

modify hello interval

modify process ID

modify priority

modify network type

metric

cost

longest prefix

administrative distance

forwarding remote client/server traffic

facilitates spanning-tree elections

processing inbound SSH management traffic

sending and receiving OSPF Hello packets

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how It deploys network resources.

It provides services that are accessed over the Internet.

It Is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

The OSPF router IDs are mismatched.

Router2 is using the default hello timer.

The network statement on Router1 is misconfigured.

The OSPF process IDs are mismatched.

in the MAC address table

in the CAM table

in the binding database

in the frame forwarding database

it sends information about MIB variables in response to requests from the NMS

it requests information from remote network nodes about catastrophic system events.

it manages routing between Layer 3 devices in a network

it coordinates user authentication between a network device and a TACACS+ or RADIUS server

OpenFlow

Java

REST

XML

access - core - distribution - access

access - distribution - distribution - access

access - core - access

access -distribution - core - distribution - access

Router2

Router3

Router4

Router5

collision

CRC

runt

late collision

Place the AP into manual containment.

Remove the AP from WLC management.

Manually remove the AP from Pending state.

Set the AP Class Type to Friendly.

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

between zones 1 and 2

between zones 2 and 5

between zones 3 and 4

between zones 3 and 6

Ansible

Python

Puppet

Chef

It uses a route that is similar to the destination address

It discards the packets.

It floods packets to all learned next hops.

It Queues the packets waiting for the route to be learned.

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

The router calculates the feasible distance of all paths to the destination route

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

The router must use the advertised distance as the metric for any given route

encryption and decryption for VPN link processing

building route tables and updating the forwarding table

changing the source or destination address during NAT operations

encapsulation and decapsulation of packets in a data-link frame

delete

create

update

read

It improves real-time threat detection.

It manages firewall rule sets.

It enforces password complexity requirements.

It controls VPN access permissions.

flexibility of design

simplicity of configurator

low cost

full-mesh capability

Reduce inconsistencies in the network configuration.

Enable "box by box" configuration and deployment.

Decipher simple password policies.

Increase recurrent management costs.

An ICMP connection has been built

A certificate has expired

An interface line has changed status

A TCP connection has been torn down

REMOVE

REDIRECT

OPOST

GET

UPOP

SW1(config-line)#exitSW1(config)#aaa new-model

SW1(config-line)#login localSW1(config-line)#exitSW1(config)#enable secret test!2E

SW1(config-line)#transport input sshSW1(config-line)#exitSW1(config)#service password-encryption

SW1(config-line)#login localSW1(config-line)#exitSW1(config)#crypto key generate rsa

Option A

Option B

Option C

Option D

implemented over a dedicated WAN

located in the same data center as the users

all hosted on physical servers

accessed over the Internet

multicast replication at the hardware level

forwarding packets

fragmenting and reassembling packets

setting packet-handling policies

prevent users from assigning their own IP addresses to hosts

assign dynamic IP configurations to hosts in a network

support centralized IP management

issue DHCPDISCOVER messages when added to the network

respond to client DHCPOFFER requests by issuing an IP address

Select PSK under Authentication Key Management

Select WPA+WPA2 on Layer 2 Security

Select Static-WEP + 802.1X on Layer 2 Security

Select WPA Policy with TKIP Encryption

Select 802.1X from under Authentication Key Management

It allows for seamless connectivity to virtual machines.

It supports complex and high-scale IP addressing schemes.

It enables configuration task automation.

It provides increased scalability and management options.

It increases security against denial-of-service attacks.

Option A

Option B

Option C

Option D

Option A

Option B

Option C

option D

Automate configuration changes between a server and a switching fabric.

Use orchestration to provision a virtual server configuration from a web server.

Manage flow control between an SDN controller and a switching fabric.

Facilitate the information exchange between an SDN controller and application.

default-router192.168.20.253

network 192.168.20.254 255.255.255.0 secondary

ip default-gateway 0.0.0.0 0.0.0.0 192.168.20.253

next-server 192.168.20.254

control and monitoring of resource consumption by the tenant

automatic adjustment of capacity based on need

pooling resources in a multitenant model based on need

self-service of computing resources by the tenant

Configure the no cdp enable command on gO/2.

Configure the no cdp run command globally.

Configure the no lldp run command globally.

Configure the no lldp receive command on gQV1.

Password complexity enable

confreg 0x2142

Login authentication my-auth-list

service password-encryption

reduce administration time in managing IP address ranges for clients

control the length of time an IP address is used by a network device

manually control and configure IP addresses on network devices

dynamic control over the best path to reach an IP address

access a website by name instead of by IP address

Option A

Option B

Option C

Option D

2001 :db8::5000:0004:5678:0090/64

2001 :db8:4425:5400:77ft:fe07:/64

2001 :db8::5000:00ff:fe04 0000/64

2001 :db8::5200:00ff:fe04:0000/64

One-Click

Hotspot

Enhanced Bluetooth

Whole Home

Port security

High throughput

Cable disconnect

duplex mismatch

for small networks with minimal need for growth

the access and distribution layers must be on the same device

for large networks that are connected to multiple remote sites

only when using VSS technology

It uses preshared keys for encryption

It requires both sides to have identical keys

It is a private-key encryption algorithm

It is a public-key cryptosystem

physical resources, including the NIC, RAM, disk, and CPU

configuration files backed by physical resources from the Hypervisor

applications running on the Hypervisor

processes running on the Hypervisor and a guest OS

out-of-band management

secure in-band connectivity for device administration

unencrypted in-band connectivity for file transfers

HTTP-based GUI connectivity

It uses Telnet to report system issues

It uses northbound and southbound APIs to communicate between architectural layers

It decentralizes the control plane, which allows each device to make its own forwarding decisions

It moves the control plane to a central point

The administrator can make configuration updates from the CLI

Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management

Set the Fast Transition option and the WPA gik-randomize State to disable

Under Protected Management Frames, set the PMF option to Required

Enable CCKM under Authentication Key Management

root-bridge loss

spanning-tree loops

default gateway failure

BGP neighbor flapping

core and WAN

access and WAN

distribution and access

core and distribution

CHANGE

UPDATE

POST

PUT

Option

Option

Option

Option

STP

port security

wrong cable type

shutdown command

forwards frames to a neighbor port using CDP

modifies frames that contain a known source VLAN

inspects and drops frames from unknown destinations

forwards known destinations to the destination port

They use HTTP messages to communicate.

They enable communication between the controller and the network device.

They convey information from the controller to the SDN applications.

They communicate with the management plane.

next-generation firewall to keep stateful packet inspection

multifactor authentication using two separate authentication sources

ACL to restrict incoming Telnet sessions "admin" accounts

IPS with a block list of known attack vectors

10.10.13.0/25 [108/0] via 10.10.10.10

10.10.13.0/25 [110/2] via 10.10.10.2

10.10.13.0/25 [110/2] via 10.10.10.6

10.10.13.0/25 [1/0] via 10.10.10.2

1

2

3

4

It uses block numbers to identify and mitigate data-transfer errors

It always operates without user authentication

It relies on the well-known UDP port 69.

It uses two separate connections for control and data traffic

SSH

SNMP

HTTP

STP

Option A

Option B

Option C

Option D

It allows the core and distribution layers to run as a single combined layer.

It enables the core and access layers to connect to one logical distribution device over an EtherChannel.

It enables all workstations in a SOHO environment to connect on a single switch with internet access.

It allows wireless devices to connect directly to the core layer, which enables faster data transmission.

tunnel

transport

aggressive

main

GigabitEthernet0/0

Loopback0

10.1.1.1

10.1.1.3

switchport mode trunkswitchport trunk encapsulation dot1q

switchport mode trunkswitchport trunk allowed vlan allswitchport dot1q ethertype 0800

switchport mode dynamic desirableswitchport trunk allowed vlan allswitchport trunk native vlan 7

switchport dynamic autoswitchport nonegotiate

services traffic according to its class

identifies the type of traffic that will receive a particular treatment

writes the class identifier of a packet to a dedicated field in the packet header

configures traffic-matching rules on network devices

Only authentication records the duration of a user's connection.

Only authentication supports user-activity audits.

Only authentication provides supporting information for billing users.

Only authentication challenges users for their credentials and returns a response.

Only authentication validates "who you are."

Interface range G1/1 – 1/3 switchport mode trunk channel-group 1 mode active no shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode passive no shutdown

Interface range G1/1 – 1/3 switchport mode trunkchannel-group 1 mode desirableno shutdown

Interface range G1/1 – 1/3 switchport mode access channel-group 1 mode on no shutdown

config network secureweb enable

config certificate generate web admin

config network webmode enable

config network telnet enable

string

array

number

object

Option A

Option B

Option C

Option D

no switchport  ip address 192.168.32.30 255.255.255.224

no switchport mode trunk  ip address 192.168.32.97 255.255.255.224

no switchport mode access  ip address 192.168.32.62 255.255.255.240

switchport  ip address 192.168.32.65 255.255.255.240

Enable Broadcast SSID and select data from the Interface/Interface Group drop-down list.

Enable Status and select data from the Interface/Interface Group drop-down list.

Enable Status and set the NAS-ID to data.

Enable Status and enable Broadcast SSID.

It modifies the QoS attributes of a packet

It queues excess traffic

It organizes traffic into classes.

It sets QoS attributes within a packet.

array

object

Boolean

string

OpenFlow

OpenStack

OpFlex

REST

DHCP client

access point

router

PC

achieves redundancy by exclusively using virtual server clustering

runs applications that send and retrieve data for workstations that make requests

handles requests from multiple workstations at the same time

runs the same operating system in order to communicate with other servers

housed solely in a data center that is dedicated to a single client

act as routers to connect a user to the service prowler network

a threat to the network if they are compromised

support inter-VLAN connectivity

enforce policies for campus-wide traffic going to the internet

spanning -tree vlan 200 priority 614440

spanning -tree vlan 200 priority 38572422

spanning -tree vlan 200 priority 0

spanning -tree vlan 200 root primary

firewall

switch

access point

wireless controller

interface gi0/1no cdp enable

interface gi0/1clear cdp table

interface gi0/0no cdp advertise-v2

interface gi0/0no cdp run

TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol

TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol

TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol

TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol

CPU ACL

TACACS

Flex ACL

RADIUS

Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic.

Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic

The source and destination IPs must be swapped in ACL 101

The ACL must be configured the Gi0/2 interface inbound on R1

The ACL must be moved to the Gi0/1 interface outbound on R2

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any anyinterface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 22 access-list 100 permit ip any anyline vty 0 15 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any anyinterface GigabitEthernet0/0 ip access-group 100 in

access-list 100 deny tcp host 172.16.1.33 any eq 23 access-list 100 permit ip any anyline vty 0 15 ip access-group 100 in

compare the destination IP address to the IP routing table.

run routing protocols (OSPF, EIGRP, RIP, BGP)

make a configuration change from an incoming NETCONF RPC

reply to an incoming ICMP echo request

There is a native VLAN mismatch

Access mode is configured on the switch ports.

The PCs are m the incorrect VLAN

All VLANs are not enabled on the trunk

The port transitions to STP blocking

The port transitions to the root port

The port immediately transitions to STP forwarding.

The port goes into error-disable state

sent to the port identified for the known MAC address

broadcast to all ports

forwarded to the first available port

flooded to all ports except the one from which it originated

ipv6 route 2000::1/128 2012::1

ipv6 route 2000::3/128 2023::3

ipv6 route 2000::3/128 s0/0/0

ipv6 route 2000::1/128 2012::2

ipv6 route 2000::1/128 s0/0/1

Central AP management requires more complex configurations

Unique SSIDs cannot use the same authentication method

It supports autonomous and lightweight APs

It eliminates the need to configure each access point individually

RIP route 10.0.0.0/30

iBGP route 10.0.0.0/30

OSPF route 10.0.0.0/30

EIGRP route 10.0.0.1/32

OSPF route 10.0.0.0/16

TCP uses synchronization packets, and UDP uses acknowledgment packets.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

UDP provides reliable message transfer and TCP is a connectionless protocol

TCP uses the three-way handshake and UDP does not guarantee message delivery

Option A

Option B

Option C

Option D

R1(config)#interface ethernet0/0R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0.20R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0.20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0R1(config)#ip address 10.20.20.1 255.255.255.0

data plane

control plane

policy plane

management plane

It sends packets out of interface Fa0/2 only.

It sends packets out of interface Fa0/1 only.

It cannot send packets to 10.10.13 128/25

It load-balances traffic out of Fa0/1 and Fa0/2

wireless access point

firewall

wireless LAN controller

router

reducing bandwidth usage

by reducing packet loss

by differentiating voice and video traffic

by increasing jitter

partial mesh

full mesh

point-to-point

hub-and-spoke

Switch(config)#spanning-tree vlan 750 priority 38003685

Switch(config)#spanning-tree vlan 750 root primary

Switch(config)#spanning-tree vlan 750 priority 614440

Switch(config)#spanning-tree vlan 750 priority 0

Option A

Option B

Option C

Option D

Virtual machines are responsible for managing and allocating host hardware resources

In a virtual machine environment, physical servers must run one operating system at a time.

Virtual machines are the physical hardware that support a virtual environment.

Virtual machines are operating system instances that are decoupled from server hardware

read

create

replace

update

virtual routing and forwarding

network port ID visualization

virtual device contexts

server visualization

different nonoverlapping channels

different overlapping channels

one overlapping channel

one nonoverlapping channel

runts

giants

frame

CRC

input errors

dual algorithm

metric

administrative distance

hop count

84

110

128

192

193

a workstation that requests a domain name associated with its IP address

a host that is configured to request an IP address automatically

a server that dynamically assigns IP addresses to hosts.

a router that statically assigns IP addresses to hosts.

access to spec fie networks based on business function

access to servers to prevent malicious activity

access to computer networks and file systems

access to networking equipment and facilities

WSA

Firepower

ASA

FireSIGHT

It load-balances traffic out of Fa0/1 and Fa0/2.

It is unreachable and discards the traffic.

It sends packets out of interface FaO/2.

It sends packets out of interface Fa0/1.

Both operate at a frequency of 500 MHz.

Both support runs of up to 55 meters.

Both support runs of up to 100 meters.

Both support speeds of at least 1 Gigabit.

Both support speeds up to 10 Gigabit.

separate from other VLANs within the administrative domain

give it a value in the private VLAN range

assign it as VLAN 1

configure it as a different VLAN ID on each end of the link

adapters that support all families of Cisco IOS software

SDKs that support interaction with third-party network equipment

customized versions for small, medium, and large enterprises

REST APIs that allow for external applications to interact natively with Cisco DNA Center

modular design that is upgradable as needed

ipv6 address 2001:db8::700:3:400F:572B

ipv6 address 2001:db8:0::700:3:4F:572B

ipv6 address 2001:Odb8::7:3:4F:572B

ipv6 address 2001::db8:0000::700:3:400F:572B

S1

S2

S3

S4

Option A

Option B

Option C

Option D

Bronze

Platinum

Silver

Gold

group access points together to increase throughput on a given channel

configure the first three access points are configured to use Channels 1, 6, and 11

include a least two access points on nonoverlapping channels to support load balancing

assign physically adjacent access points to the same Wi-Fi channel

1729.0.0/16

172.28.0.0/16

192.0.0.0/8

209.165.201.0/24

Use the Ixml library to parse the data returned by the NETCONF server for the interface's configuration.

Create an XML filter as a string and pass it to get_config() method as an argument.

Create a JSON filter as a string and pass it to the get_config() method as an argument.

Use the JSON library to parse the data returned by the NETCONF server for the interface's configuration.

0000.5E00.010a

0005.3711.0975

0000.0C07.AC99

0007.C070/AB01

on the router closest to the server

on the router closest to the client

on every router along the path

on the switch trunk interface

DHCP

STP

SNMP

DNS

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

SW1

SW2

SW3

SW4

The designated port is FastEthernet 2/1

This is a root bridge

The spanning-tree mode is Rapid PVST+

The spanning-tree mode is PVST+

The root port is FastEthernet 2/1

It supports numerous extensibility options including cross-domain adapters and third-party SDKs.

It supports high availability for management functions when operating in cluster mode.

It enables easy autodiscovery of network elements m a brownfield deployment.

It is designed primarily to provide network assurance.

OpenFlow

REST API

NETCONF

Southbound API

209.165.200.0/27

10.10.10.0/28

0.0.0.0/0

10.10.13.0/24

The wireless network becomes vulnerable to unauthorized access.

Wireless devices are unable to distinguish between different SSIDs

Users experience poor wireless network performance.

Network communications are open to eavesdropping.

uses predefined tags or angle brackets () to delimit markup text

used to describe structured data that includes arrays

used for storing information

similar to HTML, it is more verbose than XML

The Layer 2 switch drops the received frame

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

2000::/3

2002::5

FC00::/7

FF02::1

FF02::2

management plane

control plane

policy plane

data plane

autonomous

lightweight

bridge

mobility express

TKIP with RC4

RC4

AES-128

AES-256

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf network broadcast

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf network point-to-point

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf cost 0

router ospf 1network 192.168.1.1 0.0.0.0 area 0hello interval 15interface e1/1Ip address 192.168.1.1 255.255.255.252

offer compression

increase security by using a WEP connection

provide authentication

protect traffic on open networks

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

Configure router A to use the same MTU size as router B.

Set the router B OSPF ID to a nonhost address.

Configure a point-to-point link between router A and router B.

Set the router B OSPF ID to the same value as its IP address

WPA3

WPA

WEP

WPA2

global unicast address

anycast address

multicast address

link-local address

It drops the frame from the switch CAM table.

It floods the frame out of all ports except port Fa0/1.

It shuts down the port Fa0/1 and places it in err-disable mode.

It experiences a broadcast storm.

Modify the configured number of the second access list.

Add either the ip nat {inside|outside} command under both interfaces.

Remove the overload keyword from the ip nat inside source command.

Change the ip nat inside source command to use interface GigabitEthernet0/0.

Define a NAT pool on the router.

Configure static NAT translations for VLAN 200.

Configure the ip nat outside command on another interface for VLAN 200.

Update the NAT INSIDF RANGFS ACL

authorized services

authenticator

username

password

Switch 1 (config-if)#channel-group 1 mode onSwrtch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode passiveSwitch2(config-if)#channel-group 1 mode active

Switch1{config-if)£channel-group 1 mode activeSwitch2(config-if)#channel-group 1 mode passive

Switch1(config-if)#channel-group 1 mode onSwitch2(config-if)#channel-group 1 mode active

R1 (config)# username engineer2 algorithm-type scrypt secret test2021

R1(config)# username engineer2 secret 5 password S1$b1Ju$kZbBS1Pyh4QzwXyZ

R1(config)# username engineer2 privilege 1 password 7 test2021

R1(config)# username englneer2 secret 4 S1Sb1Ju$kZbBS1Pyh4QzwXyZ

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

F0/10

F0/11

F0/12

F0/13

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

unique local address

link-local address

aggregatable global address

IPv4-compatible IPv6 address

interface FastEthernet0/0ip helper-address 10.0.1.1iaccess-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

interface FastEthernot0/1ip helper-address 10.0.1.1!access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1

interface FastEthernetO/0ip helper-address 10.0.1.1Iaccess-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps

interface FastEthernet0/1ip helper-address 10.0.1.1!access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1

Change the channel-group mode on SW2 to auto

Change the channel-group mode on SW1 to desirable.

Configure the interface port-channel 1 command on both switches.

Change the channel-group mode on SW1 to active or passive.

Option A

Option B

Option C

Option D

switchport trunk allowed vlan 100-104

switchport trunk allowed vlan add 104

switchport trunk allowed vlan all

switchport trunk allowed vlan 104

SW1

SW2

SW3

SW4

Interface FastEthernet0/1 switchport trunk native vlan 10 switchport trunk allowed vlan 10,15

Interface FastEthernet0/1 switchport mode trunk switchport trunk allowed vlan 10,15

interface FastEthernet0/1 switchport mode access switchport voice vlan 10

Interface FastEthernet0/1 switchport trunk allowed vlan add 10 vlan 10 private-vlan isolated

Use an access list to filter out the syslog messages.

Turn off the logging monitor in global configuration mode.

Disable logging to the console.

Set the logging trap severity level to informational.

provides external internet network connectivity

provides unlimited address ranges

propagates routing information to WAN links

reuses addresses at multiple sites

conserves globally unique address space

software-defined segmentation

multifactor authentication

attribute-based access control

rule-based access control

to route traffic on the internet

to provide flexibility in the IP network design

to provide overlapping address space with another network

to limit the number of hosts on the network

10.0.0.2

110

30

2