Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

CCNA（200-301）题库V1.0(2020.06.
01)
Number: 200-301
Passing Score: 825
Time Limit: 120 min
File Version: 1.0
CCNA（200-301）题库V1.0（2020.06.01）
新版CCNA 考试交流QQ群 :482070356
CCNA 最新题库/最新战报发布区： http://bbs.hh010.com/forum-261-1.html
下载官方正版题库、看最新考试战报，请随时关注鸿鹄论坛 http://bbs.hh010.com
思科华为考试报名、题库更新请联系鸿鹄全国区客服
QQ 613523101
QQ 613523103
QQ 613523105
QQ 613523107
QQ 613523108
QQ 613523109
鸿鹄论坛官方淘宝店铺：http://hh010.taobao.com/
鸿鹄论坛官方微信公众号：
Exam A
QUESTION 1
A network engineer must create a diagram of a multivendor network.which command must be configured on the Cisco devices so that the topology of the network
can be mapped?
A. Device(config)#lldp run
B. Device(config)#cdp run
C. Device(config)# cdp enable
D. Device(config)# flow-sampler-map topology
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?
A. CPU ACL
B. TACACS
C. Flex ACL
D. RADIUS
Correct Answer: A
Section: (none)
Explanation
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71978-acl-wlc.html
QUESTION 3
When a site-to-site VPN is used, which protocol is responsible for the transport of user data?
A. IKEv2
B. IKEv1
C. IPsec
D. MD5
Correct Answer: C
Section: (none)
Explanation
QUESTION 4
How do TCP and UDP differ in the way that they establish a connection between two endpoints？
A. TCP use the three-way handshake,and UDP dose no guarantee message delivery
B. TCP use synchronization packets,and UDP uses acknowledgement packets
C. UDP provides reliable message transfer,and TCP is a connectionless protocol.
D. UDP use SYN,SYN ACK,and FIN bits in the frame header while TCP uses SYN,SYN ACK,and ACK bis.
Correct Answer: A
Section: (none)
Explanation
QUESTION 5
What are two reasons that cause late collisions to increment on an Ethernet interface?(choose two)
A. when the sending device waits 15 seconds before sending the frame again
B. when the cable length limits are exceeded
C. when one side of the connection is configured for half-duplex
D. when Carner Sense Multiple Access/Collision Detection is used
E. when a collision occurs after the 32nd byte of a frame has been transmitted
Correct Answer: BD
Section: (none)
Explanation
QUESTION 6
A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?
A. It allows the traffic to pass through unchanged

B. It drops the traffic
C. It tags the traffic with the default VLAN
D. It tags the traffic with the native VLAN
Correct Answer: A
Section: (none)
Explanation
QUESTION 7
Refer to the exhibit. The show ip ospf interface command has been executed on R1 How is OSPF configured?
A. The interface is not participating in OSPF

B. A point-to-point network type is configured
C. The default Hello and Dead timers are in use
D. There are six OSPF neighbors on this interface
Correct Answer: C
Section: (none)
Explanation
QUESTION 8
What benefit does controller-based networking provide versus traditional networking?
A. provides an added layer of security to protect from DDoS attacks

B. combines control and data plane functionality on a single device to minimize latency
C. moves from a two-tier to a three-tier network architecture to provide maximum redundancy
D. allows configuration and monitoring of the network from one centralized point
Correct Answer: D
Section: (none)
Explanation
QUESTION 9
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?
A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup
B. The administrative distance must be higher on the primary route so that the backup route becomes secondary.
C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup
D. The default-information originate command must be configured for the route to be installed into the routing table
Correct Answer: A
Section: (none)
Explanation
QUESTION 10
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?
A. on
B. auto
C. active
D. desirable
Correct Answer: A
Section: (none)
Explanation
QUESTION 11
What are two descriptions of three-tier network topologies? (Choose two.)
A. The distribution layer runs Layer 2 and Layer 3 technologies.

B. The network core is designed to maintain continuous connectivity when devices fail.
C. The core layer maintains wired connections for each host.
D. The core and distribution layers perform the same functions
E. The access layer manages routing between devices in different domains.
Correct Answer: AB
Section: (none)
Explanation
QUESTION 12
Refer to the exhibit.which statement explains the configuration error message that is received?
A. it belongs to a private IP address range

B. the router dose not support /28 mask
C. it is a network IP address
D. it is a broadcast IP address
Correct Answer: D
Section: (none)
Explanation
QUESTION 13
what is the expected outcome when an EUI-64 address is generated?
A. The seventh bit of original MAC address of the interface is inverted

B. The interface ID is configured as a random 64-bit value
C. The characters FE80 are inserted at the beginning of the MAC address of the interface
D. The MAC address of the interface is used as the interface ID without modification
Correct Answer: A
Section: (none)
Explanation
QUESTION 14
Which function does an SNMP agent perform?
A. It manages routing between Layer 3 devices in a network,

B. It coordinates user authentication between a network device and a TACACS+ or RADIUS server.
C. It sends information about MIB variables in response to requests from the NMS.
D. It requests information from remote network nodes about catastrophic system events.
Correct Answer: C
Section: (none)
Explanation
QUESTION 15
Refer to the exhibit.The default-information originate command is configured under the R1 OSPF configuration.After testing,workstation on VLAN 20 at Site B
cannot reach a DNS server on the Internet.
wihch action corrects the configuration issue?
A. Add the default-information originate command on R2

B. Add the always keyword to the default-information originate command on R1
C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1
D. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2
Correct Answer: C
Section: (none)
Explanation
QUESTION 16
What are two benefits of network automation? (Choose two)
A. reduced operational costs

B. reduced hardware footprint
C. faster changes with more reliable results
D. fewer network failures
E. increased network security
Correct Answer: AC
Section: (none)
Explanation
QUESTION 17
Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an open-standard protocol?(choose two)
A. interface GigabitEthernet0/0/1
Channel-group 10 mode active
B. interface GigabitEthernet0/0/1
Channel-group 10 mode auto
C. interface GigabitEthernet0/0/1
Channel-group 10 mode on
D. interface port-channel 10
no switchport
ip address 172.16.0.1 255.255.255.0
E. interface port-channel 10
switchport
Switchport mode trunk
Correct Answer: AD
Section: (none)
Explanation
QUESTION 18
Which command prevents passwords from being stored in the configuration as plaintext on a router or switch?
A. enable secret
B. service password-encryption
C. username Cisco password encrypt
D. enable password
Correct Answer: B
Section: (none)
Explanation
QUESTION 19
R1 has learned route 10.10.10.0/24 via numerous routing protocols,which route is installed?
A. route with the lowest cost

B. route with the shortest prefix length
C. route with the next hop that has the highest IP
D. route with the lowest administrative distance
Correct Answer: D
Section: (none)
Explanation
QUESTION 20
which network allows devices to communicate without the need to access the internet?
A. 172.9.0.0/16
B. 172.28.0.0/16
C. 192.0.0.0/18
D. 209.165.201.0/24
Correct Answer: B
Section: (none)
Explanation
QUESTION 21
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two
different routing protocols?
A. dual algorithm
B. metric
C. administrative distance
D. hop count
Correct Answer: C
Section: (none)
Explanation
QUESTION 22
which command must be entered when a device is configured as an NTP server?
A. ntp master
B. ntp sever
C. ntp authenticate
D. ntp peer
Correct Answer: A
Section: (none)
Explanation
QUESTION 23
When OSPF learns multiple paths to a network, how does it select a route?
A. It multiple the active K value by 256 to calculate the route with the lowest metric.
B. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest
bandwidth.
C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest
cost.
D. It count the umber of hops between the source router and the destination to determine the router with the lowest metric
Correct Answer: C
Section: (none)
Explanation
QUESTION 24
What is a characteristic of spine-and-leaf architecture?
A. It provides variable latency.

B. Each link between leaf switches allows for higher bandwidth.
C. Each device is separated by the same number of hops.
D. It provides greater predictability on STP blocked ports.
Correct Answer: B
Section: (none)
Explanation
QUESTION 25
Which two outcomes are predictable behaviors for HSRP? (Choose two)
A. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
B. The two routers negotiate one router as the active router and the other as the standby router
C. Each router has a different IP address both routers act as the default gateway on the LAN, and traffic is load balanced between
them.
D. The two routers synchronize configurations to provide consistent packet forwarding
E. The two routed share the same IP address, and default gateway traffic is load-balanced between them
Correct Answer: AB
Section: (none)
Explanation
QUESTION 26
Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface?
A. explicitly assign a link-local address

B. disable the EUI-64 bit process
C. enable SLAAC on an interface
D. configure a stateful DHCPv6 server on the network
Correct Answer: C
Section: (none)
Explanation
QUESTION 27
Refer to the exhibit. What is the effect of this configuration?
A. The switch port interface trust state becomes untrusted

B. The switch port remains administratively down until the interface is connected to another switch
C. Dynamic ARP inspection is disabled because the ARP ACL is missing
D. The switch port remains down until it is configured to trust or untrust incoming packets
Correct Answer: A
Section: (none)
Explanation
QUESTION 28
In which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required?
A. A spine switch and a leaf switch can be added with redundant connections between them
B. A spine switch can be added with at least 40 GB uplinks
C. A leaf switch can be added with connections to every spine switch
D. A leaf switch can be added with a single connection to a core spine switch
Correct Answer: C
Section: (none)
Explanation
QUESTION 29
Refer to the exhibit.Router R1 is running three different routing protocols.Which route characteristic is used by the router to forward the packet that receives for
destination IP 172.16.32.1?
A. metric
B. longest prefix
C. cost
D. administrative distance
Correct Answer: B
Section: (none)
Explanation
QUESTION 30
Which configuration is needed to generate an RSA key for SSH on a router?
A. Configure the version of SSH

B. Configure VTY access.
C. Create a user with a password
D. Assign a DNS domain name
Correct Answer: D
Section: (none)
Explanation
QUESTION 31
Which API is used in controller-based architectures to interact with edge devices?
A. overlay
B. northbound
C. underlay
D. southbound
Correct Answer: D
Section: (none)
Explanation
QUESTION 32
Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1.which configuration accomplishes this task?
A. R1# config t
R1(config)# ip routing
R1(config)# ip route default-route 192.168.1.1
B. R1# config t
R1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1
C. R1# config t
R1(config)# ip route 192.168.1.1 0.0.0.0 0.0.0.0
D. R1# config t
R1(config)# ip default-gateway 192.168.1.1
Correct Answer: B
Section: (none)
Explanation
QUESTION 33
What is a benefit of using a Cisco Wireless LAN Controller?
A. Central AP management requires more complex configurations

B. Unique SSIDs cannot use the same authentication method
C. It supports autonomous and lightweight APs
D. It eliminates the need to configure each access point individually
Correct Answer: D
Section: (none)
Explanation
QUESTION 34
An engineer must configure a /30 subnet between two routers.which usable IP address and subnet mask combination meets this criteria?
A. interface e0/0
description to HQ-A370:98968
ip address 10.2.1.3 255.255.255.252
B. interface e0/0
ip address 192.168.1.1 255.255.255.248
C. interface e0/0
ip address 172.16.1.4 255.255.255.248
D. interface e0/0
ip address 209.165.201.2 255.255.255.252
Correct Answer: D
Section: (none)
Explanation
QUESTION 35
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?
A. sniffer
B. mesh
C. flexconnect
D. local
Correct Answer: C
Section: (none)
Explanation
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/configguide/
b_cg85/flexconnect.html
QUESTION 36
Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
A. passive
B. mode on
C. auto
D. active
Correct Answer: D
Section: (none)
Explanation
QUESTION 37
which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?
A. TKIP encryption
B. SAE encryption
C. AES encryption
D. scrambled encryption key
Correct Answer: B
Section: (none)
Explanation
QUESTION 38
Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1.The new circuit
uses eBGP and teams the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route
10.10.13.0/25?
A. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces
B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
C. Traffic to 10.10.13.0/25 is a symmetrical
D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table
Correct Answer: D
Section: (none)
Explanation
QUESTION 39
Refer to the exhibit.How does router R1 handle traffic to 192.168.10.16?
A. It selects the EIGRP route because it has the lowest administrative distance
B. It selects the RIP route because it has the longest prefix inclusive of the destination address
C. It selects the OSFP route because it has the lowest cost
D. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address
Correct Answer: B
Section: (none)
Explanation
QUESTION 40
Which two actions influence the EIGRP route selection process? (Choose two)
A. The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.
B. The router calculates the best backup path to the destination route and assigns it as the feasible successor.
C. The router calculates the feasible distance of all paths to the destination route
D. The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link
E. The router must use the advertised distance as the metric for any given route
Correct Answer: BC
Section: (none)
Explanation
QUESTION 41
Refer to the exhibit.which two commands were used to create port channel 10?(choose two)
A. int range g0/0-1

Channel-group 10 mode active
B. Bint range g0/0-1
Channel-group 10 mode desirable
C. int range g0/0-1
Channel-group 10 mode passive
D. int range g0/0-1
Channel-group 10 mode auto
E. int range g0/0-1
Channel-group 10 mode on
Correct Answer: AC
Section: (none)
Explanation
QUESTION 42
What is a difference between RADIUS and TACACS+?
A. TACACS+ encrypts only password information and RADIUS encrypts the entire payload
B. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands
C. RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication
D. TACACS+ separates authentication and authorization, and RADIUS merges them
Correct Answer: D
Section: (none)
Explanation
QUESTION 43
Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other
computers must be able to access the web server.Which configuration when applied to switch A accomplishes this task?
A.
B.
C.
D.
Correct Answer: D
Section: (none)
Explanation
QUESTION 44
Refer to the exhibit. How does the router manage traffic to 192.168.12.16?
A. It selects RIP route because it has the longest prefix inclusive of the destination address
B. It chooses the EIGRP route because it has the lowest administrative distance
C. It load-balances traffic between all three routes
D. It chooses the OSPF route because it has the longest prefix inclusive of the destination address
Correct Answer: A
Section: (none)
Explanation
QUESTION 45
What is an advantage of Cisco DNA Center versus traditional campus device management?
A. It supports numerous extensibility options including cross-domain adapters and third-party SDKs.
B. It supports high availability for management functions when operating in cluster mode.
C. It enables easy autodiscovery of network elements m a brownfield deployment.
D. It is designed primarily to provide network assurance
Correct Answer: A
Section: (none)
Explanation
QUESTION 46
While examining excessive traffic on the network,it is noted that all incoming packets on an interface appear to be allowed even though
an IPv4 ACL is applied to the interface. Which two misconfigurations cause this behavior? (Choose two)
A. The packets fail to match any permit statement

B. A matching permit statement is too high in the access test
C. A matching deny statement is too high in the access list
D. A matching permit statement is too broadly defined
E. The ACL is empty
Correct Answer: BD
Section: (none)
Explanation
QUESTION 47
Which design element is a best practice when deploying an 802.11b wireless infrastructure?
A. disabling TPC so that access points can negotiate signal levels with their attached wireless devices.
B. setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
C. allocating non overlapping channels to access points that are in close physical proximity to one another
D. configuring access points to provide clients with a maximum of 5 Mbps
Correct Answer: C
Section: (none)
Explanation
QUESTION 48
How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?
A. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options
B. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management.
C. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management
D. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management.
Correct Answer: C
Section: (none)
Explanation
QUESTION 49
Which two actions are performed by the Weighted Random Early Detection mechanism?(Choose two)
A. It drops lower-priority packets before it drops higher-priority packets

B. It can identify different flows with a high level of granularity
C. It guarantees the delivery of high-priority packets
D. It can mitigate congestion by preventing the queue from filling up
E. IT supports protocol discovery
Correct Answer: AD
Section: (none)
Explanation
加权随机先期检测（WRED：Weighted Random Early Detection）是将随机先期检测与优先级排队结合起来，这种结合为高优先级分组提供了优先通信处理能力。
当某个接口开始出现拥塞时，它有选择地丢弃较低优先级的通信，而不是简单地随机丢弃分组。
QUESTION 50
Which set of action satisfy the requirement for multi-factor authentication?
A. The user swipes a key fob, then clicks through an email link
B. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device
C. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login scre
D. The user enters a user name and password and then re-enters the credentials on a second screen
Correct Answer: B
Section: (none)
Explanation
QUESTION 51
How do AAA operations compare regarding user identification,user services,and access control?
A. Authorization provides access control,and authentication tracks user services

B. Accounting tracks user services,and authentication provides access control.
C. Authorization identifies users,and authentication provides access control
D. Authentication identifies users,and accounting tracks user services
Correct Answer: D
Section: (none)
Explanation
QUESTION 52
What is a difference between local AP mode and FlexConnect AP mode?
A. FlexConnect AP mode fails to function if the AP loses connectivity with the WLC.
B. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured.
C. Local AP mode creates two CAPWAP tunnels per AF to the WLC.
D. Local AP mode causes the AP to behave as if it were an autonomous AP.
Correct Answer: C
Section: (none)
Explanation
QUESTION 53
which function dose the range of private IPv4 addresses perform?
A. allow multiple companies to each use the same address without conflicts
B. provides a direct connection for hosts from outside of the enterprise network
C. ensues that NAT is not required to reach the internet with private range addressing
D. enable secure communications to the internet for all external hosts
Correct Answer: A
Section: (none)
Explanation
QUESTION 54
Refer to the exhibit.Which prefix does Router 1 use to Host A ?
A. 10.10.10.0/28
B. 10.10.13.0/25
C. 10.10.13.144/28
D. 10.10.13.208/29
Correct Answer: D
Section: (none)
Explanation
QUESTION 55
A fram that enters a switch fails the Frame Check Sequence.Which two interface counters are incremented?
A. input erros
B. frame
C. giants
D. CRC
E. runts
Correct Answer: AD
Section: (none)
Explanation
QUESTION 56
what event has occurred if a router sends a notice level message to a syslog server?
A. An interface line has changed status

B. An ICMP connection has been built
C. A certificate has expired
D. A TCP connection has been torn down
Correct Answer: D
Section: (none)
Explanation
QUESTION 57
An organization has decided to start using cloud-provided services.Which cloud service allows the organization to install its own
operating system on a virtual machine?
A. platform-as-a-service
B. software-as-a-service
C. network-as-a-service
D. infrastructure-as-a-service
Correct Answer: D
Section: (none)
Explanation
QUESTION 58
Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?
A. 192.168.16.0/21
B. 192.168.16.0/24
C. 192.168 26.0/26
D. 192.168.16.0/27
Correct Answer: D
Section: (none)
Explanation
QUESTION 59
Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)
A. The switch must be running a k9 (crypto) IOS image

B. The ip domain-name command must be configured on the switch
C. IP routing must be enabled on the switch
D. A console password must be configured on the switch
E. Telnet must be disabled on the switch
Correct Answer: AB
Section: (none)
Explanation
Reference:
https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
QUESTION 60
Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct.
Which IP address is the source IP?
A. 10.4.4.4
B. 10.4.4.5
C. 172.23.103.10
D. 172.23.104.4
Correct Answer: C
Section: (none)
Explanation
QUESTION 61
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?
A. lldp timer
B. lldp holdtime
C. lldp reinit
D. lldp tlv-select
Correct Answer: C
Section: (none)
Explanation
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-
2_37_ey/configuration/guide/scg/swlldp.pdf
QUESTION 62
Refer to the exhibit.An administrator configures four switches for local authentication using passwords that are stored as a ctyptographic hash.The four switches
must also support SSH access for administrators to manage the network infrastructure.Which switch is configured correctly to meet these requirements ?
A. SW1
B. SW2
C. SW3
D. SW4
Correct Answer: C
Section: (none)
Explanation
QUESTION 63
which statement identifies the functionality of virtual machines?
A. The hypervisor communicates on Layer 3 without the need for additional resources
B. Each hypervisor can support a single virtual machine and a single software switch
C. The hypervisor can virtual physical components including CPU,memory,and storage
D. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
Correct Answer: C
Section: (none)
Explanation
QUESTION 64
when configuring IPv6 on an interafce,which two IPv6 multicast groups are joined?(choose two)
A. 2000::/3
B. 2000::5
C. FC00::/7
D. FF02::1
E. FF02::2
Correct Answer: DE
Section: (none)
Explanation
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s-book/ip6-
multicast.html
QUESTION 65
Which option about JSON is true?
A. uses predefined tags or angle brackets () to delimit markup text

B. used to describe structured data that includes arrays
C. used for storing information
D. similar to HTML, it is more verbose than XML
Correct Answer: B
Section: (none)
Explanation
QUESTION 66
Which statement correctly compares traditional networks and controller-based networks?
A. Only traditional networks offer a centralized control plane

B. Only traditional networks natively support centralized management
C. Traditional and controller-based networks abstract policies from device configurations
D. Only controller-based networks decouple the control plane and the data plane
Correct Answer: D
Section: (none)
Explanation
QUESTION 67
What are two fundamentals of virtualization? (Choose two.)
A. It allows multiple operating systems and applications to run independently on one physical server.
B. It allows a physical router to directly connect NICs from each virtual machine into the network.
C. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic.
D. It allows logical network devices to move traffic between virtual machines and the rest of the physical network.
E. It requires that some servers, virtual machines, and network gear reside on the Internet.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 68
Refer to the exhibit.What two conclusions should be made about this configuration?(choose two)
A. The root port is FastEthernet 2/1

B. The spanning-tree mode is Rapid PVST+
C. The designated port is FastEthernet 2/1
D. The spanning-tree mode is PVST+
E. This is a root bridge
Correct Answer: AB
Section: (none)
Explanation
QUESTION 69
Which command enables a router to become a DHCP client?
A. ip address dhcp
B. ip helper-address
C. ip dhcp pool
D. ip dhcp client
Correct Answer: A
Section: (none)
Explanation
QUESTION 70
Refer to the exhibit.A router received these five routes form different routing information sources.which two routes dose the router install in the routing table?
(choose two)
A. iBGP route 10.0.0.0/30

B. RIP route 10.0.0.0/30
C. EIGRP route 10.0.0.1/32
D. OSPF route 10.0.0.0/30
E. OSPF route 10.0.0.0/16
Correct Answer: CE
Section: (none)
Explanation
QUESTION 71
what is the default behavior of a layer 2 switch when a frame with an unknown destination MAC address is received ?
A. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table
B. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning
C. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN
D. The Layer 2 switch dorps the received frame
Correct Answer: C
Section: (none)
Explanation
QUESTION 72
Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration farted to work as
intended.Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still
allowing all other traffic? (Choose two)
A. Add a "permit ip any any" statement to the beginning of ACL 101 for allowed traffic.
B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic
C. The source and destination IPs must be swapped in ACL 101
D. The ACL must be configured the Gi0/2 interface in bound on R1
E. The ACL must be moved to the Gi0/1interface outbound onR2
Correct Answer: BC
Section: (none)
Explanation
QUESTION 73
Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two)
A. Enable NTP authentication

B. Verify the time zone
C. Disable NTP broadcasts
D. Specify the IP address of the NTP server
E. Set the NTP server private key
Correct Answer: DE
Section: (none)
Explanation
QUESTION 74
A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP.By
default which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?
A. port-to-multipoint
B. broadcast
C. point-to-point
D. non-broadcast
Correct Answer: C
Section: (none)
Explanation
QUESTION 75
Refer to Exhibit. An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0
as the primary path.Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the
Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)
A. ipv6 router 2000::1/128 2012::1
B. ipv6 router 2000::1/128 2012::1 5
C. ipv6 router 2000::1/128 2012::2
D. ipv6 router 2000::1/128 2023::2 5
E. ipv6 router 2000::1/128 2023::3 5
Correct Answer: AE
Section: (none)
Explanation
QUESTION 76
The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other VLANs are to remain
tagged. Which command accomplishes this task?
A. switchport access vlan 67

B. switchport trunk allowed vlan 67
C. switchport private-vlan association host 67
D. switchport trunk native vlan 67
Correct Answer: D
Section: (none)
Explanation
QUESTION 77
What are two differences between optical-fiber cabling and copper cabling? (Choose two.)
A. Fiber connects to physical interfaces using RJ-45 connections.

B. The data can pass through the cladding.
C. Light is transmitted through the core of the fiber.
D. The glass core component is encased in a cladding.
E. A BNC connector is used for fiber connections.
Correct Answer: CD
Section: (none)
Explanation
QUESTION 78
which IPv6 address type provides communication between subnets and cannot route on the internet?
A. link-local
B. unique local
C. multicast
D. global unicast
Correct Answer: B
Section: (none)
Explanation
QUESTION 79
which 802.11 frame type is association reponse ?
A. management
B. protected frame
C. action
D. control
Correct Answer: A
Section: (none)
Explanation
QUESTION 80
which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate?(choose two)
A. IPv6 address
B. OSPF process ID
C. OSPF MD5 authentication key
D. OSPF stub flag
E. OSPF area
Correct Answer: BE
Section: (none)
Explanation
QUESTION 81
Refer to the Exhibit. After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. Which
error must be corrected?
A. There is a native VLAN mismatch

B. Access mode is configured on the switch ports.
C. The PCs are m the incorrect VLAN
D. All VLANs are not enabled on the trunk
Correct Answer: A
Section: (none)
Explanation
QUESTION 82
Which action is taken by a switch port enabled for PoE power classification override?
A. When a powered device begins drawing power from a PoE switch port a syslog message is generated
B. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused
C. If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and
disconnects
D. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled
Correct Answer: D
Section: (none)
Explanation
The IEEE 802.3af standard contains no provision for adjustment of the power allocation. 802.3af-compliant PDs that support CDP can use CDP to override the
IEEE 802.3af power classification.
The WS-F6K-48-AF PoE daughtercard or the PoE daughtercard on the WS-X6148E-GE-45AT switching module support these inline power IEEE 802.3af power
classification override features:
•Power use measurement—The ability to accurately measure the power provided by the port to the powered device.
•Power policing—The ability to monitor power usage on a port.
With power measurement and policing, you can safely override the IEEE 802.3af power classification of a device that requires a power level at the lower end of its
IEEE power classification range.
PoE monitoring and policing compares the power consumption on ports with the administrative maximum value (either a configured maximum value or the port's
default value). If the power consumption on a monitored port exceeds the administrative maximum value, the following actions occur:
•A syslog message is issued.
•The monitored port is shut down and error-disabled.
•The allocated power is freed.
QUESTION 83
What are two characteristics of a controller-based network? (Choose two)
A. The administrator can make configuration updates from the CLI
B. It uses northbound and southbound APIs to communicate between architectural layers
C. It moves the control plane to a central point
D. It decentralizes the control plane, which allows each device to make its own forwarding decisions
E. It uses Telnet to report system issues
Correct Answer: BC
Section: (none)
Explanation
QUESTION 84
Refer to the exhibit. Which password must an engineer use to enter the enable mode?
A. adminadmin123
B. default
C. testing 1234
D. cisco123
Correct Answer: C
Section: (none)
Explanation
QUESTION 85
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?
A. Bronze
B. Platinum
C. Silver
D. Gold
Correct Answer: B
Section: (none)
Explanation
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/81831-qos-wlclap.
html
QUESTION 86
A router running EIGRP has learned the same route from two different paths.Which parameter does the router use to select the best
path?
A. cost
B. administrative distance
C. metric
D. as-path
Correct Answer: C
Section: (none)
Explanation
QUESTION 87
Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the
reason for the problem?
A. The OSPF router IDs are mismatched.

B. Router2 is using the default hello timer.
C. The network statement on Router1 is misconfigured.
D. The OSPF process IDs are mismatched
Correct Answer: B
Section: (none)
Explanation
QUESTION 88
How do TCP and UDP differ in the way they provide reliability for delivery of packets?
A. TCP does not guarantee delivery or error checking to ensure that there is no corruption of data; UDP provides message acknowledgement and retransmits data
if lost.
B. TCP provides flow control to avoid overwhelming a receiver by sending too many packets at once; UDP sends packets to the receiver in a continuous stream
without checking for sequencing.
C. TCP uses windowing to deliver packets reliably; UDP provides reliable message transfer between hosts by establishing a three-way handshake
D. TCP is a connectionless protocol that does not provide reliable delivery of data; UDP is a connection-oriented protocol that uses sequencing to provide reliable
delivery.
Correct Answer: B
Section: (none)
Explanation
QUESTION 89
Which output displays a JSON data representation?
A.
B.
C.
D.
Correct Answer: C
Section: (none)
Explanation
QUESTION 90
Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?
A. 0
B. 110
C. 38443
D. 3184439
Correct Answer: C
Section: (none)
Explanation
QUESTION 91
A packet is destined for 10.10.1.22 .which static route does the router choose to forward the packet ?
A. ip route 10.10.1.0 255.255.255.240 10.10.255.1

B. ip route 10.10.1.20 255.255.255.252 10.10.255.1
C. ip route 10.10.1.20 255.255.255.254 10.10.255.1
D. ip route 10.10.1.16 255.255.255.252 10.10.255.1
Correct Answer: B
Section: (none)
Explanation
QUESTION 92
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens
reports that it was safe but the link could have contained malicious code.
Which type of security program is in place?
A. Physical access control

B. Social engineering attack
C. brute force attack
D. user awareness
Correct Answer: D
Section: (none)
Explanation
QUESTION 93
Refer to the exhibit.Router R1 Fa0/0 cannot ping router R3 Fa0/1.Which action must be taken in router R1 to help resolve the
configuration issue?
A. set the default network as 20.20.20.0/24
B. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network
C. set the default gateway as 20.20.20.2
D. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network
Correct Answer: D
Section: (none)
Explanation
QUESTION 94
Refer to Exhibit. Which action do the switches take on the trunk link?
A. The trunk does not form and the ports go into an err-disabled status.
B. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.
C. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
D. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.
Correct Answer: B
Section: (none)
Explanation
QUESTION 95
which IPv6 address block sends packets to a group address rather than a single address ?
A. 2000::/3
B. FC00::/7
C. FE80::/10
D. FF00::/8
Correct Answer: D
Section: (none)
Explanation
QUESTION 96
Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable What is the result of this
configuration?
A. The link is in a downstate.

B. The link is in an error disables state
C. The link is becomes an access port.
D. The link becomes a trunk port.
Correct Answer: D
Section: (none)
Explanation
QUESTION 97
Refer to the exhibit. Which command provides this output?
A. show ip route
B. show ip interface
C. show interface
D. show cdp neighbor
Correct Answer: D
Section: (none)
Explanation
QUESTION 98
Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how
does the router respond?
A. It ignores the new static route until the existing OSPF default route is removed
B. It immediately replaces the existing OSPF route in the routing table with the newly configured static route
C. It starts load-balancing traffic between the two default routes
D. It starts sending traffic without a specific matching entry in the routing table to Gigabit Ethernet0/1
Correct Answer: A
Section: (none)
Explanation
QUESTION 99
Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and
subnet mask combination does the engineer assign to minimize wasting addresses?
A. 10.10.225.48 255.255.255.240
B. 10.10.225.32 255.255.255.240
C. 10.10.225.48 255.255.255.224
D. 10.10.225.32 255.255.255.224
Correct Answer: D
Section: (none)
Explanation
QUESTION 100
An engineer must configure a WLAN using the strongest encryption type for WPA2- PSK. Which cipher fulfills the configuration
requirement?
A. WEP
B. RC4
C. AES
D. TKIP
Correct Answer: C
Section: (none)
Explanation
QUESTION 101
which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?
A. ipv6 address dhcp

B. ipv6 address 2001:DB8:5:112::/64 eui-64
C. ipv6 address autoconfig
D. ipv6 address 2001:DB8:5:112::2/64 link-local
Correct Answer: C
Section: (none)
Explanation
QUESTION 102
A corporate office uses four floors in a building
>Floor 1 has 24 users
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?
A. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor

B. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor
C. 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor
D. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor
Correct Answer: A
Section: (none)
Explanation
QUESTION 103
By default, how does EIGRP determine the metric of a route for the routing table?
A. It uses the bandwidth and delay values of the path to calculate the route metric.
B. It uses a default metric of 10 for all routes that are learned by the router
C. It counts the number of hops between the receiving and destination routers and uses that value as the metric.
D. It uses a reference bandwidth and the actual bandwidth of the connected link to calculate the route metric.
Correct Answer: A
Section: (none)
Explanation
QUESTION 104
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select?
(Choose two)
A. ASCII
B. base64
C. binary
D. decimal
E. hexadecimal
Correct Answer: AE
Section: (none)
Explanation
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-
4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_010
10001.html
QUESTION 105
What is the primary different between AAA authentication and authorization?
A. Authentication verifies a username and password, and authorization handles the communication between the authentication agent
and the user database
B. Authentication identifies a user who is attempting to access a system, and authorization validates the users password
C. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can
perform.
D. Authentication controls the system processes a user can access and authorization logs the activities the user initiates
Correct Answer: C
Section: (none)
Explanation
QUESTION 106
Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?
A. R2 is using the passive-interface default command
B. R1 has an incorrect network command for interface Gi1/0
C. R2 should have its network command in area 1
D. R1 interface Gi1/0 has a larger MTU size
Correct Answer: D
Section: (none)
Explanation
QUESTION 107
Refer to the exhibit. What does router R1 use as its OSPF router-ID?
A. 10.10.1.10
B. 10.10.10.20
C. 172.16.15.10
D. 192.168.0.1
Correct Answer: C
Section: (none)
Explanation
QUESTION 108
Which type of address is the public IP address of a NAT device?
A. outside global
B. outside local
C. inside global
D. inside local
E. outside public
F. inside public
Correct Answer: C
Section: (none)
Explanation
QUESTION 109
What makes Cisco DNA Center different from traditional network management applications and their management of networks?
A. It only supports auto-discovery of network elements in a green field deployment.

B. It modular design allows someone to implement different versions to meet the specific needs of an organization
C. It abstracts policy from the actual device configuration
D. It does not support high availability of management functions when operating in cluster mode
Correct Answer: C
Section: (none)
Explanation
QUESTION 110
What are two southbound APIs? (Choose two )
A. OpenFlow
B. NETCONF
C. Thrift
D. CORBA
E. DSC
Correct Answer: AB
Section: (none)
Explanation
QUESTION 111
Refer to the exhibit. What is the effect of this configuration?
A. All ARP packets are dropped by the switch

B. Egress traffic is passed only if the destination is a DHCP server.
C. All ingress and egress traffic is dropped because the interface is untrusted
D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.
Correct Answer: D
Section: (none)
Explanation
QUESTION 112
What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two.)
A. The DHCP client maintains a pool of IP addresses it can assign
B. The DHCP server assigns IP addresses without requiring the client to renew them.
C. The DHCP client can request up to four DNS server addresses.
D. The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses
E. The DHCP server leases client IP addresses dynamically
Correct Answer: DE
Section: (none)
Explanation
QUESTION 113
Which type of wireless encryption is used for WPA2 in preshared key mode?
A. TKIP with RC4

B. RC4
C. AES-128
D. AES-256
Correct Answer: D
Section: (none)
Explanation
QUESTION 114
How does CAPWAP communicate between an access point in local mode and a WLC?
A. The access point must not be connected to the wired network, as it would create a loop
B. The access point must directly connect to the WLC using a copper cable.
C. The access point must be connected to the same switch as the WLC.
D. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC.
Correct Answer: D
Section: (none)
Explanation
QUESTION 115
Refer to the exhibit which action is expected from SW1 when the untagged from is received on the GigabitEthernet0/1 interface ?
A. The frame is dropped

B. The frame is processed in VLAN 5
C. The frame is processed in VLAN 11
D. The frame is processed in VLAN 1
Correct Answer: B
Section: (none)
Explanation
QUESTION 116
Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?
A. To pass client traffic two or more ports must be configured.

B. The EtherChannel must be configured in "mode active"
C. When enabled the WLC bandwidth drops to 500 Mbps
D. One functional physical port is needed to pass client traffic
Correct Answer: D
Section: (none)
Explanation
Reference:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-2/configguide/
b_cg82/b_cg82_chapter_010101011.html
QUESTION 117
R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP and Internal EIGRP Under normal operating conditions, which routing
protocol is installed in the routing table?
A. IS-IS
B. RIP
C. Internal EIGRP
D. OSPF
Correct Answer: C
Section: (none)
Explanation
QUESTION 118
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)
A. management interface settings

B. QoS settings
C. Ip address of one or more access points
D. SSID
E. Profile name
Correct Answer: DE
Section: (none)
Explanation
QUESTION 119
What are two reasons for an engineer to configure a floating static route? (Choose two.)
A. to route traffic differently based on the source IP of the packet

B. to enable fallback static routing when the dynamic routing protocol fails
C. to automatically route traffic on a secondary path when the primary path goes down
D. to control the return path of traffic that is sent from the router
E. to support load balancing via static routing
Correct Answer: BC
Section: (none)
Explanation
QUESTION 120
A network engineer must back up 20 network router configurations globally within a customer environment.Which protocol allows the
engineer to perform this function using the Cisco IOS MIB?
A. ARP
B. SNMP
C. SMTP
D. CDP
Correct Answer: B
Section: (none)
Explanation
QUESTION 121
Which two encoding methods are supported by REST APIs? (Choose two)
A. YAML
B. JSON
C. EBCDIC
D. SGML
E. XML
Correct Answer: BE
Section: (none)
Explanation
QUESTION 122
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?
A. Exchange
B. 2-way
C. Full
D. Init
Correct Answer: C
Section: (none)
Explanation
QUESTION 123
Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites.
Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another?
(Choose two.)
A. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router
B. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.
C. Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router
D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router
E. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router
Correct Answer: DE
Section: (none)
Explanation
QUESTION 124
Which two capacities of Cisco DNA Center make it more extensible? (Choose two)
A. adapters that support all families of Cisco IOS software

B. SDKs that support interaction with third-party network equipment
C. customized versions for small, medium, and large enterprises
D. REST APIs that allow for external applications to interact natively with Cisco DNA Center
E. modular design that is upgradable as needed
Correct Answer: BD
Section: (none)
Explanation
QUESTION 125
Refer to Exhibit. How does SW2 interact with other switches in this VTP domain?
A. It processes VTP updates from any VTP clients on the network on its access ports.
B. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports
C. It forwards only the VTP advertisements that it receives on its trunk ports.
D. It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports
Correct Answer: C
Section: (none)
Explanation
QUESTION 126
Which mode allows access points to be managed by Cisco Wireless LAN Controllers?
A. autonomous
B. lightweight
C. bridge
D. mobility express
Correct Answer: B
Section: (none)
Explanation
QUESTION 127
Which result occurs when PortFast is enabled on an interface that is connected to another switch?
A. Spanning tree may fail to detect a switching loop in the network that causes broadcast storms
B. VTP is allowed to propagate VLAN configuration information from switch to switch automatically
C. Root port choice and spanning tree recalculation are accelerated when a switch link goes down
D. After spanning tree converges PortFast shuts down any port that receives BPDUs.
Correct Answer: A
Section: (none)
Explanation
QUESTION 128
Refer to the exhibit. If OSPF is running on this network,how does Router 2 handle traffic from Site B to 10.10.13.128/25 at Site A?
A. It sends packets out of interface Fa0/2 only.

B. It sends packets out of interface Fa0/1 only.
C. It cannot send packets to 10.10.13 128/25
D. It load-balances traffic out of Fa0/1 and Fa0/2
Correct Answer: C
Section: (none)
Explanation
QUESTION 129
Refer to the exhibit.Which type of route does R1 use to reach host 10.10.13.10/32?
A. default route
B. network route
C. host route
D. floating static route
Correct Answer: B
Section: (none)
Explanation
QUESTION 130
Refer to the exhibit.which route type is configured to reach the internet?
A. network route
B. floating static route
C. host route
D. default route
Correct Answer: D
Section: (none)
Explanation
QUESTION 131
Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an
EIGRP neighbor.What is the administrative distance of the route that will be installed in the routing table?
A. 20
B. 90
C. 110
D. 115
Correct Answer: B
Section: (none)
Explanation
QUESTION 132
Which MAC address is recognized as a VRRP virtual address?
A. 0000.5E00.010a
B. 0005.3711.0975
C. 0000.0C07.AC99
D. 0007.C070/AB01
Correct Answer: A
Section: (none)
Explanation
QUESTION 133
How does Cisco DNA Center gather data from the network?
A. Devices establish an IPsec tunnel to exchange data with the controller

B. Devices use the call-home protocol to periodically send data to the controller.
C. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller.
D. The Cisco CLI Analyzer tool gathers data from each licensed network device .and streams it to the controller.
Correct Answer: C
Section: (none)
Explanation
QUESTION 134
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this
interface belong to?
A. point-to-multipoint
B. point-to-point
C. broadcast
D. nonbroadcast
Correct Answer: C
Section: (none)
Explanation
QUESTION 135
what is the difference regrading reliability and communication type between TCP and UDP?
A. TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol.
B. TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol.
C. TCP is reliable and is a connection-oriented protocol; UDP is not reliable and is a connectionless protocol.
D. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol.
Correct Answer: C
Section: (none)
Explanation
QUESTION 136
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the
request? (Choose two)
A. Configure the ports in an EtherChannel.

B. Administratively shut down the ports
C. Configure the port type as access and place in VLAN 99
D. Configure the ports as trunk ports
E. Enable the Cisco Discovery Protocol
Correct Answer: BC
Section: (none)
Explanation
QUESTION 137
If a notice-level messaging is sent to a syslog server, which event has occurred?
A. A network device has restarted

B. An ARP inspection has failed
C. A routing instance has flapped
D. A debug operation is running
Correct Answer: C
Section: (none)
Explanation
QUESTION 138
How does HSRP provide first hop redundancy?
A. It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table.
B. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.
C. It forwards multiple packets to the same destination over different routed links n the data path
D. It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN
Correct Answer: D
Section: (none)
Explanation
QUESTION 139
What is the primary effect of the spanning-tree portfast command?
A. it enables BPDU messages

B. It minimizes spanning-tree convergence time
C. It immediately puts the port into the forwarding state when the switch is reloaded
D. It immediately enables the port in the listening state
Correct Answer: B
Section: (none)
Explanation
QUESTION 140
which IPv6 address block forwards packets to a multicast address rather than a unicast address?
A. 2000::/3
B. FC00::/7
C. FE80::/10
D. FF00::/12
Correct Answer: D
Section: (none)
Explanation
QUESTION 141
which purpose does a northbound API serve in a controller-based networking architecture?
A. communicates between the controller and the physical network hardware

B. reports device errors to a controller
C. generates statistics for network hardware and traffic
D. facilitates communication between the controller and the applications
Correct Answer: D
Section: (none)
Explanation
QUESTION 142
Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the
GigabitEfriemet3/1/4 port on a switch?
A. The phone and a workstation that is connected to the phone do not have VLAN connectivity
B. The phone and a workstation that is connected to the phone send and receive data in VLAN 50.
C. The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity
D. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1
Correct Answer: D
Section: (none)
Explanation
QUESTION 143
Refer to the exhibit.which path is used by the router for internet traffic ?
A. 209.165.200.0/27
B. 10.10.10.0/28
C. 0.0.0.0/0
D. 10.10.13.0/24
Correct Answer: C
Section: (none)
Explanation
QUESTION 144
Refer to the exhibit,if the network environment is operating normally,which type of device must be connected to interface fastethernet0/1?
A. DHCP client
B. PC
C. router
D. access point
Correct Answer: D
Section: (none)
Explanation
QUESTION 145
Refer to the exhibit.An engineer deploys a topology in which R1 obtains its IP configuration from DHCP.if the switch and DHCP server configuration are complete
and correct,which two sets of commands must be configured on R1 and R2 to complete the task?(choose two)
A. R1(config)# interface fa0/0

R1(config-if)#ip address dhcp
R1(config-if)# no shutsown
B. R1(config)# interface fa0/0
R1(config-if)#ip helper-address 192.0.2.2
C. R2(config)# interface gi0/0
R2(config-if)#ip address dhcp
D. R1(config)# interface fa0/0
E. R2(config)# interface gi0/0
Correct Answer: AE
Section: (none)
Explanation
QUESTION 146
In which two ways does a password manager reduce the chance of a hacker stealing a users password? (Choose two.)
A. It automatically provides a second authentication factor that is unknown to the original user.
B. It uses an internal firewall to protect the password repository from unauthorized access.
C. It protects against keystroke logging on a compromised device or web site.
D. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality
E. It encourages users to create stronger passwords.
Correct Answer: CE
Section: (none)
Explanation
QUESTION 147
Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard designs are recommended? (choose two.)
A. 5GHz provides increased network capacity with up to 23 nonoveriapping channels.

B. For maximum throughput, the WLC is configured to dynamically set adjacent access points to the same channel.
C. 5GHz channel selection requires an autonomous access point.
D. Adjacent cells with overlapping channels use a repeater access point.
E. Cells that overlap one another are configured to use nonoveriapping channels.
Correct Answer: BD
Section: (none)
Explanation
QUESTION 148
The SW1 interface g0/1 is in the down/down state.which two configurations are valid reasons for the interface conditions?(choose two)
A. There is a duplex mismatch

B. There is a speed mismatch
C. There is a protocol mismatch
D. The interface is shut down
E. The interface is error-disabled
Correct Answer: DE
Section: (none)
Explanation
QUESTION 149
which type of IPv6 address is publicly routable in the same way as IPv4 public address?
A. global unicast
B. link-local
C. unique local
D. multicast
Correct Answer: A
Section: (none)
Explanation
QUESTION 150
Refer to the exhibit.which configuration on RTR-1 denies SSH access from PC-1 to any RTP-1 interface and allows all other traffic?
A. access-list 100 deny tcp host 172.16.1.33 any eq 22
access-list 100 permit ip any any
interface GigabitEthernet0/0
ip access-group 100 in
B. access-list 100 deny tcp host 172.16.1.33 any eq 22
line vty 0 15
C. access-list 100 deny tcp host 172.16.1.33 any eq 23
interface GigabitEthernet0/0
D. access-list 100 deny tcp host 172.16.1.33 any eq 23
line vty 0 15
Correct Answer: B
Section: (none)
Explanation
QUESTION 151
The service password-encryption command is entered on a router. What is the effect of this configuration?
A. restricts unauthorized users from viewing clear-text passwords in the running configuration
B. encrypts the password exchange when a VPN tunnel is established
C. prevents network administrators from configuring clear-text passwords
D. protects the VLAN database from unauthorized PC connections on the switch
Correct Answer: A
Section: (none)
Explanation
QUESTION 152
what occurs to frames during the process of frame flooding?
A. Frames are sent to every port on the switch in the same VLAN except from the originating port
B. Frames are sent to every port on the switch that has a matching entry in the MAC address table.
C. Frames are sent to all ports, including those that are assigned to other VLANs.
D. Frames are sent to every port on the switch in the same VLAN.
Correct Answer: A
Section: (none)
Explanation
QUESTION 153
What is the primary purpose of a First Hop Redundancy Protocol?
A. It allows directly connected neighbors to share configuration information.

B. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.
C. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.
D. It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.
Correct Answer: D
Section: (none)
Explanation
QUESTION 154
Refer to the exhibit,what commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20.with IP address 10.20.20.1/24?
A. R(config)#interface ethernet0/0
R(config)#encapsulation dot1q 20
R(config)#ip address 10.20.20.1 255.255.255.0
B. R(config)#interface ethernet0/0.20
R(config)#encapsulation dot1q 20
C. R(config)#interface ethernet0/0
D. R(config)#interface ethernet0/0.20
Correct Answer: B
Section: (none)
Explanation
QUESTION 155
Refer to the exhibit.To which device does Router 1 send packets that are destined to host 10.10.13.165?
A. Router2
B. Router3
C. Router4
D. Router5
Correct Answer: B
Section: (none)
Explanation
QUESTION 156
Drap and drop AAA functions from the left onto the correct AAA services on the right
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 157
Drag and drop to the characteristics of networking from the left onto the correct networking types on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 158
Drog and drop the Cisco Wireless LAN Controller security setting from the left onto the correct security mechanism categories on the right.
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 159
Drap and drop the functions from the left onto the correct network components on the right.
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 160
A network engineer is configuring an OSPFv2 neighbor adjacency.Drag and drop the parameters from the left onto their required categories on the right.No all
parameters are used.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 161
Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 162
Drag and drop the WLAN components from the left onto the correct description on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 163
Refer to the exhibit.Drag and drop the networking parameters from the left onto the correct values on the right
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 164
Drag and drop the descriptions from the left onto the correct configuration-management technologies on the right
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 165
Drag and drop the descriptions of file-tranfer protocols from the left on to the correct protocols on the right
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 166
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 167
Drag and drop the network protocols from the left onto the correct transport services on the right
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 168
drag and drag the IPV4 network subnets from the left onto the correct usable host ranges on the right
Select and Place:
Correct Answer:
Section: (none)
Explanation

Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Copyright:

Available Formats

Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Copyright:

Available Formats

What are the main topics covered in the document?

What are the main topics covered in the document?

What are some example questions and answers in the document?

What are some example questions and answers in the document?

CCNA（200-301）题库V1.0(2020.06.

A. It allows the traffic to pass through unchanged

A. The interface is not participating in OSPF

A. provides an added layer of security to protect from DDoS attacks

A. The distribution layer runs Layer 2 and Layer 3 technologies.

A. it belongs to a private IP address range

A. The seventh bit of original MAC address of the interface is inverted

A. It manages routing between Layer 3 devices in a network,

A. Add the default-information originate command on R2

A. reduced operational costs

A. route with the lowest cost

A. It provides variable latency.

A. explicitly assign a link-local address

A. The switch port interface trust state becomes untrusted

A. Configure the version of SSH

A. Central AP management requires more complex configurations

A. int range g0/0-1

A. The packets fail to match any permit statement

A. It drops lower-priority packets before it drops higher-priority packets

A. Authorization provides access control,and authentication tracks user services

A. An interface line has changed status

A. The switch must be running a k9 (crypto) IOS image

A. uses predefined tags or angle brackets () to delimit markup text

A. Only traditional networks offer a centralized control plane

A. The root port is FastEthernet 2/1

A. iBGP route 10.0.0.0/30

A. Enable NTP authentication

A. switchport access vlan 67

A. Fiber connects to physical interfaces using RJ-45 connections.

A. There is a native VLAN mismatch

A. The OSPF router IDs are mismatched.

A. ip route 10.10.1.0 255.255.255.240 10.10.255.1

A. Physical access control

A. The link is in a downstate.

A. ipv6 address dhcp

A. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor

A. It only supports auto-discovery of network elements in a green field deployment.

Refer to the exhibit. What is the effect of this configuration?

A. All ARP packets are dropped by the switch

A. TKIP with RC4

A. The frame is dropped

A. To pass client traffic two or more ports must be configured.

A. management interface settings

A. to route traffic differently based on the source IP of the packet

A. adapters that support all families of Cisco IOS software

A. It sends packets out of interface Fa0/2 only.

A. Devices establish an IPsec tunnel to exchange data with the controller

A. Configure the ports in an EtherChannel.

A. A network device has restarted

A. it enables BPDU messages

A. communicates between the controller and the physical network hardware

A. R1(config)# interface fa0/0

A. 5GHz provides increased network capacity with up to 23 nonoveriapping channels.

A. There is a duplex mismatch

A. It allows directly connected neighbors to share configuration information.