350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) Question and Answers

Option A

Option B

Option C

Option D

The ping command must be executed in the global routing table.

Interface FastEthernet0/0 Is configured in VRF CUST-A, so the ARP entry is also in that VRF.

When VRFs are used. ARP protocol must be enabled In each VRF.

When VRFs are used. ARP protocol is disabled in the global routing table.

Option A

Option B

Option C

Option D

Option E

It uses a traditional routed access design to provide performance and high availability to the network.

It consists of a group of physical routers and switches that are used to maintain the network.

It provides isolation among the virtual networks and independence from the physical network.

It provides multicast support to enable Layer 2 Hooding capability in the underlay network.

Option

Option

Option

Option

detect and black ransomware in email attachments

outbound URL analysis and data transfer controls

user context analysis

blocking of fileless malware in real time

cloud-based analysis of threats

It remains in err-disabled state until the shutdown/no shutdown command is entered in the interface configuration mode.

It remains in err-disabled state until the errdisable recovery cause failed-port-state command is entered in the global configuration mode.

It remains in err-disabled state until the no shutdown command is entered in the interface configuration mode.

It remains in err-disabled state until the spanning-tree portfast bpduguard disable command is entered in the interface configuration mode.

43

52

60

82

applications

disk

VM configuration file

operating system

provides improved network security

inventories network devices

aids In the deployment network configurations

improves the user experience

separation of privilege

password hashing

confidential algorithms

OAuth

Option A

Option B

Option C

Option D

NetFlow updates to the collector are sent 50% less frequently.

Every second IPv4 packet is forwarded to the collector for inspection.

CPU and memory utilization are reduced when compared with what is required for full NetFlow.

The resolution of sampling data increases, but it requires more performance from the router.

Option A

Option B

Option C

Option D

a package that is similar to an IMG and that contains an OVA file used to build a virtual machine

an alternative form of an ISO that Is used to install the base operating system of a virtual machine

the third step in a P2V migration

a package of files that is used to describe a virtual machine or virtual appliance

Option A

Option B

Option C

Option D

Option E

13dBm

14 dBm

17dBm

20 dBm

economy of mechanism

complete mediation

separation of privilege

least common mechanism

fabric control plane node

fabric wireless controller

fabric border node

fabric edge node

Authentication Down/Switching Down

Authentication-Central/Switch-Local

Authentication- Down/Switch-Local

Authentication-Central/Switch-Central

EIRP

mW

dBm

dBi

Cisco United Wireless Network

Cisco DNA Spaces

Cisco Catalyst switch with embedded controller

Cisco Mobility Express

VXLAN

IS-IS

OSPF

LISP

thee emote spine

the next hop

the leaf switch

the remote switch

Option A

Option B

Option C

Option D

It is responsible for policy application and network segmentation in the fabric

It performs traffic encapsulation and security profiles enforcement in the fabric

It holds a comprehensive database that tracks endpoints and networks in the fabric

It provides integration with legacy nonfabric-enabled environments

primary

server

broadcast client

peer

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Ports are error disabled.

Ports are administratively down.

Ports are having an MDIX issue.

Ports are trunk ports.

with the VLAN

with the MAC address

with the IP address

with the security group tag

Print (netconf_host.get_config('show running'!)

hostkey_verify=True,

device_params={name':'ios-xe'})

port=830

(config-mon-erspan-dst-src)# origin ip address 172.16.10.10

(config-mon-erspan-dst-src)# erspan-id 172.16.10.10

(config-mon-erspan-dst-src)# no shut

(config-mon-erspan-dst-src)# erspan-id 110

SNMP

NX-API

REST

RESTCONF

The destination must be 172 30 30 2 for icmp-echo

A route back to the R1 LAN network is missing in R2.

The source-interface is configured incorrectly.

The default route has the wrong next hop IP address

The threshold value is wrong

They simplify the management of network infrastructure devices.

They enable automation of network infrastructure based on intent.

They utilize RESTCONF.

They utilize multivendor support APIs.

RPs are required only when using protocol independent multicast dense mode.

By default, the RP is needed penodically to maintain sessions with sources and receivers.

RPs are required for protocol Independent multicast sparse mode and dense mode.

By default, the RP Is needed only start new sessions with sources and receivers.

Mobility groups are established between wireless controllers.

The management VLAN is present as a dynamic VLAN on the second WLC.

WLCs use separate DHCP servers.

WLCs have the same IP addresses configured on their interfaces.

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

with IP SLA

ARP probing

using BFD

with OMP

provide QoS prioritization services such as marking, queueing, and classification for critical network traffic

provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence

provide advanced network security features such as 802. IX, DHCP snooping, VACLs, and port security

provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP

provides fabric extension to nonfabric devices through remote registration and configuration

performs tunneling between fabric and nonfabric devices to route traffic over unknown networks

used to extend the fabric connecting to downstream nonfabric enabled Layer 2 switches

in charge of establishing Layer 3 adjacencies with nonfabric unmanaged node

R1(config)# aaa authentication login enable

R1(config)# aaa authorization exec default local if-authenticated

R1(config)# aaa authorization exec default group tacacs+

R1(config)# aaa accounting commands 15 default start-stop group tacacs+

view the configuration of all GigabitEthernet interfaces.

Discover the IP address of interface GigabitEthernet.

Set the description of interface GigabitEthernet1 to *1*.

Remove the IP address from interface GigabitEthernet1.

action 2.0 cli command "write_backup.tcl tcl"

action 2.0 cli command "flash:write_backup.tcl"

action 2.0 cli command "write_backup.tcl"

action 2.0 cli command "telsh flash:write_backup.tcl"

using built-in protocols known as Web Services Security

using a combination of XML encryption and XML signatures

using a MD5 hash to verify the integrity

using HTTPS and TLS encryption

Command Runner

Template Editor

Application Policies

Authentication Template

R1(config)#router bgp 65001

R1(config-router)#neighbor 192.168.50.2 shutdown

R1(config)#router bgp 65002

R1(config-router)#neighbor 192.168.50.2 shutdown

R1(config)#no ip route 192.168.50.2 255.255.255.255 Gi0/0

R1(config)#ip route 2.2.2.2 255.255.255.255 192.168.50.2

arp

traceroute

nslookup

ping

angle of arrival

hyperlocation

trilateration

presence

SSL certificates

biometric authentication

password hash

non repudiotion feature

aaa authorization exec default radius local

aaa authorization exec default radius

aaa authentication exec default radius local

aaa authentication exec default radius

a key-value pair in tuple type

a key-value pair in list type

a key-value pair in string type

an error

The border node is required for communication between fabric and nonfabric devices.

Traffic within the fabric always goes through the control plane node.

Fabric endpoints are connected directly to the border node.

The control plane node has the full RLOC-to-EID mapping database.

The border node has the full RLOC-to-EID mapping database.

Configure SW1 with dynamic auto mode on interface FastEthernet0/1.

Configure the native VLAN to be the same VLAN on both switches on interface FastEthernet0/1.

Configure SW2 with encapsulation dot1q on interface FastEthernet0/1.

Configure FastEthernet0/1 on both switches for static trunking.

supplicant

NAC device

authenticator

policy enforcement point

vBond

cSmart

vManage

WAN Edge

R2(config-applel)# event oir

R2(config-apple)#action 4 cli command "ip add 172.16.1.1 0.0.0.255"

R2(config)# event manager session cli username

R2(config-apple)# event none sync yes

Configure the interface bandwidth to handle TCP and UDP traffic between the LDP peers

Configure a Cisco MPLS TE tunnel on both ends of the session

Configure an access list on the interface to permit TCP and UDP traffic

Configure a targeted neighbor session.

It shares the traffic load of the LAPs with the primary controller.

It avoids congestion on the primary controller by sharing the registration load on the LAPs.

It registers the LAPs if the primary controller fails.

It enables Layer 2 and Layer 3 roaming between Itself and the primary controller.

HTTP return codes

rpc statements

JSON schema

container statements

XML schema

MPLS EXP bits

bandwidth

DSCP

ToS

packet size

uses flexible NetFlow

assigns a VLAN to the endpoint

classifies traffic based an the contextual identity of the endpoint rather than its IP address

classifies traffic based on advanced application recognition

Option A

Option B

Option C

Option D

The peer router interface is configured as Level 1 only, and the R2 interface is configured as Level 2 only

The R2 interface is configured as Level 1 only, and the Peer router interface is configured as Level 2 only

The R2 interface is configured as point-to-point, and the peer router interface is configured as multipoint.

The peer router interface is configured as point-as-point, and the R2 interface is configured as multipoint.

DSW2(config-if)#spanning-tree port-priority 16

DSW2(config)#interface gi1/3

DSW1(config-if)#spanning-tree port-priority 0

DSW1(config) #interface gi1/3

DSW2(config-if)#spanning-tree port-priority 128

The tunnel line protocol goes down when the keepalive counter reaches 6

The keepalives are sent every 5 seconds and 3 retries

The keepalives are sent every 3 seconds and 5 retries

The tunnel line protocol goes down when the keepalive counter reaches 5

192.168.101.18

192.168.101.6

192.168.101.10

192.168.101.14

Stratum 0

Stratum 1

Stratum 14

Stratum 15

in a greenfield deployment, with no existing infrastructure

in a greenfield or brownfield deployment, to wipe out existing data

in a brownfield deployment, to modify configuration of existing devices in the network

in a brownfield deployment, to provision and onboard new network devices

Administrators are able to load portable virtual machine packages in OVA or QCOW2 formats.

Network engineers are able to create virtual networks o interconnect virtual machines in Layer 2 topologies

Operators are able to leverage orchestrators to manage workloads that run on multiple Type 1 hypervisors

Storage engineers are able to leverage VMDK files to provide storage to virtual machine.

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

R3(config)#router bgp 200

R3(config-router)#neighbor 10.4.4.4 remote-as 100

R3(config-router)# neighbor 10.4.4.4 update-source Loopback0

R4(config)#router bgp 100

R4(config-router)#neighbor 10.3.3.3 remote-as 200

R4(config-router)#network 10.3.3.3 update-source Loopback0

R3(config)#router bgp 200

R3(config-router)#neighbor 10.24.24.4 remote-as 100

R3(config-router)#neighbor 10.24.24.4 update-source Loopback0

R4(config)#router bgp 100

R4(config-router)#neighbor 10.24.24.3 remote-as 200

R4(config-router)#neighbor 10.24.24.3 update-source Loopback0

R3(config)#router bgp 200

R3(config-router)#neighbor 10.4.4.4 remote-as 100

R3(config-router)#bgp router-id 10.3.3.3

R4(config)#router bgp 100

R4(config-router)#neighbor 10.3.3.3 remote-as 200

R4(config-router)#bgp router-id 10.4.4.4

R3(config)#router bgp 200

R3(config-router)#neighbor 10.24.24.4 remote-as 100

R3(config-router)#bgp router-id 10.3.3.3

R4(config)#router bgp 100

R4(config-router)#neighbor 10.24.24.3 remote-as 200

R4(config-router)#bgp router-id 10.4.4.4

Option A

Option B

Option C

Option D

DSW2 operates in Rapid PVST+ and the new switch operates in PVST+

Both switches operate in the PVST+ mode

Spanning tree is disabled automatically on the network

Both switches operate in the Rapid PVST+ mode.

R1#sh run | include aaa

aaa new-model

aaa authentication login VTY group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

password 7 0202039485748

R1#sh run | include username

R1#

R1#sh run | include aaa

aaa new-model

aaa authentication login telnet group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

R1#sh run | include username

R1#

R1#sh run | include aaa

aaa new-model

aaa authentication login default group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

password 7 0202039485748

R1#sh run | include aaa

aaa new-model

aaa authentication login default group tacacs+

aaa session-id common

R1#sh run | section vty

line vty 0 4

transport input none

R1#

action 1 syslog msg "OSPF ROUTING ERROR"

action 1 syslog send "OSPF ROUTING ERROR"

action 1 syslog pattern "OSPF ROUTING ERROR"

action 1syslog write "OSPF ROUTING ERROR"

Include a permit statement as the first entry

Include at least one explicit deny statement

Remove the implicit deny entry

Include a permit statement as the last entry

R1(config)#interface GigabitEthernet0/0 R1(config)#ip pat outside

R1(config)#interface GigabitEthernet0/1 R1(config)#ip pat inside

R1(config)#interface GigabitEthernet0/0 R1(config)#ip nat outside

R1(config)#interface GigabitEthernet0/1 R1(config)#ip nat inside

R1(config)#interface GigabitEthernet0/0 R1(config)#ip nat inside

R1(config)#interface GigabitEthernet0/1 R1(config)#ip nat outside

R1(config)#interface GigabitEthernet0/0 R1(config)#ip pat inside

R1(config)#interface GigabitEthernet0/1 R1(config)#ip pat outside

egress tunnel routers to map resolvers to determine the appropriate egress tunnel router

ingress tunnel routers to map servers to determine the appropriate egress tunnel router

egress tunnel routers to map servers to determine the appropriate egress tunnel router

ingress tunnel routers to map resolvers to determine the appropnate egress tunnel router

VLAN

VTEP

VXLAN

VRF

fail-safe defaults

password hash

adding a timestamp in requests

OAuth

Omnidirectional

dipole

patch

Yagi

PMTUD does not work due to ICMP Packet Too Big messages being dropped by an ACL

The remote router drops the traffic due to high CPU load

The server should not set the DF bit in any type of traffic that is sent toward the network

There is a CoPP policy in place protecting the WAN router CPU from this type of traffic

security group tag ACL assigned to each port on a switch

security group tag number assigned to each port on a network

security group tag number assigned to each user on a switch

security group tag ACL assigned to each router on a network

high availability

disaster recovery

live migration

multisite replication

Option A

Option B

Option C

Option D

installed as an application on an already installed operating system

runs directly on a physical server and includes its own operating system

supports over-allocation of physical resources

also referred to as a "bare metal hypervisor" because it sits directly on the physical server

Wi-Fi Protected Access 3

4096 Quadrature Amplitude Modulation Mode

Channel bonding

Uplink and Downlink Orthogonal Frequency Division Multiple Access

Option A

Option B

Option C

Option D

permit host 172.16.0.2 host 192.168.0.5 eq 8080

permit host 192.168.0.5 host 172.16.0.2 eq 8080

permit host 192.168.0.5 eq 8080 host 172.16.0.2

permit host 192.168.0.5 it 8080 host 172.16.0.2

require a DHCP address assignment

utilize RADIUS profiling

set a NAC state

enable AAA override

event manager applet EEM_IP_SLA

event track 10 state down

event manager applet EEM_IP_SLA

event track 10 state unreachable

event manager applet EEM_IP_SLA

event sla 10 state unreachable

event manager applet EEM_IP_SLA

event sla 10 state down

hello packet mismatch

OSPF area change

MTU mismatch

IP address mismatch

CEF processes packets that are too complex for process switching to manage.

CEF is more CPU-intensive than process switching.

CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet.

Process switching is faster than CEF.

the Options field in the Layer 3 header

the Type field in the Layer 2 frame

the Flags field in the Layer 3 header

the TOS field in the Layer 3 header

Autonomous

Mobility Express

SD-Access wireless

Local mode

This segment has no designated router because it is a nonbroadcast network type.

This segment has no designated router because it is a p2p network type.

Router Chicago because it has a lower router ID

Router NewYork because it has a higher router ID

The MAC address table is contained in TCAM ACL and QoS information is stored in TCAM

The MAC address table supports partial matches. TCAM requires an exact match

Router prefix lookups happens in CAM. MAC address table lookups happen in TCAM.

TCAM is used to make Layer 2 forwarding decisions CAM is used to build routing tables

A TACACS+server is checked first. If that check fail, a database is checked?

A TACACS+server is checked first. If that check fail, a RADIUS server is checked. If that check fail. a local database is checked.

A local database is checked first. If that fails, a TACACS+server is checked, if that check fails, a RADUIS server is checked.

A local database is checked first. If that check fails, a TACACS+server is checked.

Multiple virtual servers can be deployed on the same physical server without having to buy additional hardware.

Virtual machines increase server processing performance.

The CPU and RAM resources on a virtual machine cannot be affected by other virtual machines.

Deploying a virtual machine is technically less complex than deploying a physical server.

EEM applets or scripts

Session layer

YMAL output from responses to API calls

Northbound APIs

to connect external Layer 3- network to the SD-Access fabric

to connect wired endpoint to the SD-Access fabric

to advertise fabric IP address space to external network

to connect the fusion router to the SD-Access fabric

DNA Center

control plane node

wireless controller

Cisco CMX

1

0

7

7.5

It eliminates the need for an underlying operating system.

Its main task is to manage hardware resources between different operating systems

Problems in the base operating system can affect the entire system.

It is completely independent of the operating system

It facilitates software upgrades lo network devices from a central point.

It facilitates a vulnerability assessment of the network devices.

It provides a high-level overview of the health of every network device.

It uses a predefined configuration through parameterized elements or variables.

It enables HSRP to elect another switch in the group as the active HSRP switch.

It ensures fast failover in the case of link failure.

It enables data forwarding along known routes following a switchover, white the routing protocol reconverges.

It enables HSRP to failover to the standby RP on the same device.

ACL100 is tracking ICMP traffic from 1.1.1.1 destined for 10.1.1.1.

ACL100 is tracking all traffic from 10.1.1.1 destined far 1.1.

ACL100 is tracking ICMP traffic from 10.1.1.1 destined for 11.1.1

ACL100 is tracking ICMP traffic from Serial 1/0 destined for Serial3/0.

Option A

Option B

Option C

Option D

00:05:0c:07:ac:30

00:00:0c:07:ac:1e

05:0c:5e:ac:07:30

00:42:18:14:05:1e

An NSF-capable device immediately updates the standby route processor RIB without churning the network.

The standby route processor immediately takes control and forwards packets along known routes.

An NSF-aware device immediately updates the standby route processor RIB without churning the network.

The standby route processor temporarily forwards packets until route convergence is complete.

TCP connect

ICMP echo

ICMP jitter

UDP jitter

operates over DTLS/TLS authenticated and secured tunnels

requires manual secure tunnel configuration

uses unique per-device feature templates

uses control connections between routers

RFC 3580-based solution to enable authenticated access leveraging RADIUS and AV pairs

TrustSec to logically group internal user environments and assign policies

802.1AE to secure communication in the network domain

ISE to automate network access control leveraging RADIUS AV pairs

Cisco DNA Center is unable to collect monitoring data in Assurance.

All devices reload after detecting loss of connection to Cisco DNA Center.

Already connected users are unaffected, but new users cannot connect

Users lose connectivity.

User connectivity is unaffected.

PIM sparse mode uses a pull model to deliver multicast traffic.

PIM dense mode uses a pull model to deliver multicast traffic.

PIM sparse mode uses receivers to register with the RP.

PIM sparse mode uses a flood and prune model to deliver multicast traffic.

Client 1 contact controller B by using an EoIP tunnel.

CAPWAP tunnel is created between controller A and controller B.

Client 1 users an EoIP tunnel to contact controller A.

The client database entry moves from controller A to controller B.

iPsec

Basic Auth

GRE

OAuth 2.0

Router(config-vrf)#ip address 192.168.1.1 255.255.255.0

Router(config-vrf)#address-family ipv4

Router(config-if)#address-family ipv4

Router(config-vrf)#address-family ipv6

Router(config-if)#ip address 192.168.1.1 255.255.255.0

Para-virtualization allows direct access between the guest OS and the hypervisor.

Para-virtualization allows the host hardware to be directly accessed.

Para-virtualization guest servers are unaware of one another.

Para-virtualization lacks support for containers.

LC

SC

ST

MPO

When encrypted helm are required between gateways h a single group.

When the traffic load needs to be shared between multiple gateways using a single virtual IP.

When the gateway routers are a mix of Cisco and non-Cisco routers

When clients need the gateway MAC address lo Be the same between multiple gateways

To enable data to be easily structured, grouped, validated, and replicated.

To represent finite and well-defined network elements that cannot be changed.

To model the flows of unstructured data within the infrastructure

To provide human readability to scripting languages

SNMPtrap

Port mirroring

Syslog collection

API integration

Option A

Option B

Option C

Option D

c0:42:01:67:05:16

c0:07:0c:ac:00:22

00:00:0c:07:ac:16

00:00:0c:07:ac:22

It uses proprietary cabling

It supports devices that are geographically separated

lt combines exactly two devices

It is supported on the Cisco 4500 series.

Option A

Option B

Option C

Option D

G0/0 and G0/1 on Core

G0/0 on Edge-01 and G0/0 on Edge-02

G0/1on Edge-01 and G0/1 on Edge-02

G0/0 and G0/1 on ASW-01

43

66

69

150

aaa authentication login CONSOLE group radius local-case enable aaa

authentication login CONSOLE group radius local enable none

aaa authentication login CONSOLE group radius local enable

aaa authentication login CONSOLE group tacacs+ local enable

The WLC is running a different software version.

The API is joining a primed WLC

The AP multicast traffic unable to reach the WLC through Layer 3.

The APs broadcast traffic is unable to reach the WLC through Layer 2.

real-time threat management to stop DDoS attacks to the core and access networks

real-time awareness of users, devices and traffic on the network

malware control

dynamic threat control for web traffic

a Type 1 hypervisor and a host operating system

a hypervisor and physical server hardware

only a Type 1 hypervisor

only a Type 2 hypervisor

The traffic uses the default MDT to transmit the data only if it isa (S,G) multicast route entry

A data MDT is created to if it is a (*, G) multicast route entries

A data and default MDT are created to flood the multicast stream out of all PIM-SM neighbors.

A data MDT is created to allow for the best transmission through the core for (S, G) multicast route entries.

HSRP version 2

VRRP version 2

GLBP

VRRP version 3

Option A

Option B

Option C

Option D

MAB

802.1X

WebAuth

port security sticky MAC

An EoIP tunnel is created between the client and the anchor controller to provide seamless connectivity as the client is associated with the new AP.

The client entry on the original controller is passed to the database on the new controller.

The new controller assigns an IP address from the new subnet to the client

The client database on the original controller is updated the anchor entry, and the new controller database is updated with the foreign entry.

It uses VTEPs to encapsulate and decapsulate frames.

It has a 12-bit network identifier

It allows for up to 16 million VXLAN segments

It lacks support for host mobility

It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.

containment, threat intelligence, and machine learning

firewalling and intrusion prevention

container-based agents

cloud analysis and endpoint firewall controls

End user subnets and endpoints are part of the underlay network.

The underlay switches provide endpoint physical connectivity for users.

Static routing is a requirement,

It must support IPv4 and IPv6 underlay networks

line vty 0 15

absolute-timeout 600

line vty 0 15

exec-timeout

line vty 01 5

exec-timeout 10 0

line vty 0 4

exec-timeout 600

Option A

Option B

Option C

Option D

MTU

Window size

MRU

MSS

Option A

Option B

Option C

Option D

SNR

Noise

RSSI

CCI

wlcbostname.domain.com

cisco-capwap-controller.domain.com

ap-manager.domain.com

primary-wlc.domain.com

container

Type 1 hypervisor

hardware pass-thru

Type 2 hypervisor

C0:00:00:25:00:00

00:00:0c:07:ac:37

C0:39:83:25:258:5

00:00:0c:07:ac:25

By entering the command spanning-tree portfast trunk in the interface configuration mode.

By entering the command spanning-tree portfast in the interface configuration mode

By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode

By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration mode

Router(config)# ip sla responder udp-connect 172.29.139.134 5000

Router(config)# ip sla responder tcp-connect 172.29.139.134 5000

Router(config)# ip sla responder udp-echo 172.29.139.134 5000

Router(config)# ip sla responder tcp-echo 172.29.139.134 5000

The URI string is incorrect

The token has expired.

Authentication has failed

The JSON payload contains the incorrect UUID

Configure less member ports on Switch2.

Configure the same port channel interface number on both switches

Configure the same EtherChannel protocol on both switches

Configure more member ports on Switch1.

It creates two entries for each network node, one for Its identity and another for its location on the network.

It allows LISP to be applied as a network visualization overlay though encapsulation.

It allows multiple Instances of a routing table to co-exist within the same router.

It creates head-end replication used to deliver broadcast and multicast frames to the entire network.

The signal strength at location C is too weak to support web surfing

Location D has the strongest RF signal strength

The RF signal strength at location B is 50% weaker than location A

The signal strength at location B is 10 dB better than location C

The RF signal strength at location C is 10 times stronger than location B

 

vBond

vSmart

vManage

PNP server

Priority

custom

weighted fair

low latency

Option A

Option B

Option C

Option D

least privilege

fail-safe defaults

economy of mechanism

complete mediation

The destination server reported it is too busy

The protocol is unreachable

The destination port is unreachable

The probe timed out

ISAKMP SA is authenticated and can be used for Quick Mode.

Peers have exchanged keys, but ISAKMP SA remains unauthenticated.

VPN peers agreed on parameters for the ISAKMP SA

ISAKMP SA has been created, but it has not continued to form.

under interface saturation condition

under network convergence condition

under all network condition

under traffic classification and marking conditions.

Option A

Option B

Option C

Option D

increased MTU size

hardware independence

VM-level isolation

increased flexibility

extended 802.1Q VLAN range

SSL

MD5

AES128

AES256

1500

9100

4464

17914

sniffer

monitor

bridge

local

IGMPv2 is compatible only with IGMPv1.

IGMPv2 is compatible only with IGMPv2.

IGMPv3 is compatible only with IGMPv3.

IGMPv3 is compatible only with IGMPv1

Change the access-list destination mask to a wildcard.

Change the source network that Is specified in access-list 101.

Change the route-map configuration to VRF_BLUE.

Change the access-list number in the route map

Cisco DNA Center has the Incorrect credentials for cat3850-1

Cisco DNA Center is unable to communicate with cat9000-1

Cisco DNA Center has the incorrect credentials for cat9000-1

Cisco DNA Center has the Incorrect credentials for RouterASR-1

SW1 (config)#vtp pruning

SW3(config)#vtp mode transparent

SW2(config)=vtp pruning

SW1 (config >»vtp mode transparent

sniffer

monitor

bridge

local

Remove UNII-2 and Extended UNII-2 channels from the 5 Ghz channel list

Restore the DCA default settings because this automatically avoids channel interference.

Configure channels on the UNIk2 and the Extended UNII-2 sub-bands of the 5 Ghz band only

Enable DFS channels because they are immune to radar interference.

Disable DFS channels to prevent interference with Doppler radar

only required at the network perimeter

required in each layer of the network

filters traffic using Layer 3 and Layer 4 information only

provides intrusion prevention

The FIB is derived from the data plane, and the RIB is derived from the FIB.

The RIB is a database of routing prefixes, and the FIB is the Information used to choose the egress interface for each packet.

FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.

The FIB is derived from the control plane, and the RIB is derived from the FIB.

The RIB is derived from the control plane, and the FIB is derived from the RIB.

PETR

PITR

map resolver

map server

Option A

Option B

Option C

Option D

The OSPF router ID is missing on this router.

The OSPF process is stopped on the neighbor router.

There is an MTU mismatch between the two routers.

The OSPF router ID is missing on the neighbor router.

Intrusion prevention system

Load balancer

Access logging

Endpoint encryption

The number of hops it takes to reach the master time server.

The number of hops it takes to reach the authoritative time source.

The amount of offset between the device clock and true time.

The amount of drift between the device clock and true time.

vSmart

vManage

cEdge

vBond

Option A

Option B

Option C

Option D

192.0.2.1

172.20.10.1

1.1.1.1

192.168.0.1

The "params" variable sends data fields to the network appliance.

The native interface information is read from the network appliance.

The Information for all interfaces is read from the network appliance.

The "params" variable reads data fields from the network appliance

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

ID

TTL

FCS

ToS

Cisco ISE and Enterprise Directory Services

Cisco ISE. network switches, firewalls, and routers

Cisco ISE and TACACS+

Cisco ASA and Cisco Firepower Threat Defense

15

20

25

10

Configure 172.16.20.0 as a stub network.

Apply a policy to filter OSPF packets on R2.

Configure a passive Interface on R2 toward 172.16.20.0.

Configure graceful restart on the 172.16.20.0 interface.

The translator does not use aOdress overloading

The NAT ACL does not match alt internal hosts

The NAT ACL and NAT pool share the same name

The NAT pool netmask rs excessively wide

software-defined segmentation

private VLANs

SD-WAN

modular QoS

identity services

Option

Option

Option

Option

IKF

TLS

IPsec

ESP

Option A

Option B

Option C

Option D

All controller-dependent activities stop working except the DFS.

All client roaming continues to work

Only clients on central switching WLANs stay connected.

All clients on an WLANs are disconnected

Option 42

Option 15

Option 125

Option 43

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

a predetermined string that is passed from client to server

a one-time encrypted token

a username that is stored in the local router database

a credential that is transmitted unencrypted

Option

Option

Option

Option

distribute-list prefix OFFICE in under the OSPF process

Ip prefix-list OFFICE seq 10 permit 0.0.0.0/0 Ie 32

ip prefix-list OFFICE seq 10 permit 0.0.0.0/0 ge 32

distribute-list OFFICE out under the OSPF process

distribute-list OFFICE in under the OSPF process

event manager applet boom

event syslog pattern 'UP'

action 1.0 gets 'logging directly to console'

event manager applet boom

event syslog pattern 'UP'

action 1.0 syslog priority direct msg 'log directly to console'

event manager applet boom

event syslog pattern 'UP'

action 1.0 puts 'logging directly to console'

event manager applet boom

event syslog pattern 'UP'

action 1.0 string 'logging directly to console'

ideal for data center

complicated deployment

ideal for client/end-user system

referred to as bare-metal

Option A

Option B

Option C

Option D

VRF VFN_A

VRF VPN_B