========================= New Questions (added on 30th-Jan-2021)

=========================

Question 31

What is a characteristic of a SOHO network?

A. connects each switch to every other switch in the network

B. enables multiple users to share a single broadband connection
C. provides high throughput access for 1000 or more users
D. includes at least three tiers of devices to provide load balancing and redundancy

Answer: B

Explanation

SOHO is the abbreviation for Small Office/Home Office network.

These days, many budding entrepreneurs and small business owners prefer to work from home or to
maintain only a small office. Budding entrepreneurs and small business owners need small network
and access to the Internet for their daily work. SOHO network is a solution for this type of network
requirement. SOHO network is meant for use in small businesses. Most cases, SOHO networks are
configured for privately owned business or individuals who are self-employed.
SOHO networks are small LANs (Local Area Networks). Typically, SOHO networks consists of less than
10 computers. Network service servers like DNS server, email server, web server etc., are typically
configured outside SOHO network.

Question 32

Which resource is able to be shared among virtual machines deployed on the same physical server?

A. applications
B. operating system
C. VM configuration file
D. disk

Answer: D

Question 33

Which implementation provides the strongest encryption combination for the wireless environment?

A. WPA2 + AES
B. WPA + AES
C. WEP
D. WPA + TKIP

Answer: A

Explanation

AES is a more secure encryption protocol introduced with WPA2 and it is currently the strongest
encryption type for WPA2-PSK.

Question 34

Refer to the exhibit.

After running the code in the exhibit, which step reduces the amount of data that the NETCONF server
returns to the NETCONF client, to only the interface’s configuration?

A. Use the xml library to parse the data returned by the NETCONF server for the interface’s
configuration.
B. Create an XML filter as a string and pass it to get_config() method as an argument.
C. Create a JSON filter as a string and pass it to the get_config() method as an argument.
D. Use the JSON library to parse the data returned by the NETCONF server for the interface’s
configuration.

Answer: D

Explanation

In the exhibit above, we are getting the running config of the device then we can use JSON library to
filter the data later.

========================== New Questions (added on 5th-Feb-2021)

==========================

Question 35

What are two functions of an SDN controller? (Choose two)

A. coordinating VTNs
B. Layer 2 forwarding
C. tracking hosts
D. managing the topology
E. protecting against DDoS attacks

Answer: A D

Explanation

Software-defined networking (SDN) and network function virtualization (NFV) have emerged as the
most promising candidates for improving network function and protocol programmability and dynamic
adjustment of network resources. On the one hand, SDN is responsible for providing an abstraction of
network resources through well-defined application programming interfaces. This abstraction enables
SDN to perform network virtualization, that is, to slice the physical infrastructure and create multiple
coexisting application-specific virtual tenant networks (VTNs) with specific quality-of-service and
service-levelagreement requirements, independent of the underlying optical transport technology and
network protocols.

Reference: https://ieeexplore.ieee.org/abstract/document/7331131

Question 36

If a switch port receives a new frame while it is actively transmitting a previous frame, how does it
process the frames?

A. The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.
B. The new frame is delivered first, the previous frame is dropped, and a retransmission request is
sent.
C. The two frames are processed and delivered at the same time.
D. The new frame is placed in a queue for transmission after the previous frame.

Answer: B

Question 37

Which WAN topology provides a combination of simplicity quality, and availability?

A. partial mesh
B. full mesh
C. point-to-point
D. hub-and-spoke

Answer: C

Explanation

Advantages/Disadvantages of Leased Lines

Advantages 

Simplicity: Point-to-point communication links require minimal expertise to install and maintain.

Quality: Point-to-point communication links usually offer high service quality, if they have adequate
bandwidth. The dedicated capacity removes latency or jitter between the endpoints.

Availability: Constant availability is essential for some applications, such as e-commerce. Point-to-
point communication links provide permanent, dedicated capacity, which is required for VoIP or Video
over IP.

Disadvantages

Cost: Point-to-point links are generally the most expensive type of WAN access. The cost of leased-
line solutions can become significant when they are used to connect many sites over increasing
distances. In addition, each endpoint requires an interface on the router, which increases equipment
costs.

Limited flexibility: WAN traffic is often variable, and leased lines have a fixed capacity, so the
bandwidth of the line seldom matches the need exactly. Any change to the leased line generally
requires a site visit by ISP personnel to adjust capacity.

Reference: https://www.ciscopress.com/articles/article.asp?p=2832405&seqNum=5

Question 38

Refer to the exhibit.

The ntp server 192.168.0.3 command has been configured on Router1 to make it an NTP client of
router 2. Which command must be configured on Router2 so that it operates in server-only mode and
relies only on its internal clock?

A. Router2(config)#ntp passive
B. Router2(config)#ntp master 4
C. Router2(config)#ntp server 172.17.0.1
D. Router2(config)#ntp server 192.168.0.2

Answer: B

Explanation

An Authoritative NTP Server can distribute time even when it is not synchronized to an existing time
server. To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum]
command.

Question 39

Refer to the exhibit.

A network engineer must configured communication between PC A and the File Server. To prevent
interruption for any other  communications, which command must be configured?

A. Switch trunk allowed vlan 12

B. Switchport trunk allowed vlan none
C. Switchport trunk allowed vlan add 13
D. Switchport trunk allowed vlan remove 10-11

Answer: C

Explanation

Switch A does not allow VLAN 13 to go through so we must add VLAN 13 to the allowed list of
interface Gi0/1 of SwitchA by the command “switchport trunk allowed vlan add 13”.

Question 40
Why does a switch flood a frame to all ports?

A. The destination MAC address of the frame is unknown

B. The source MAC address of the frame is unknown
C. The source and destination MAC addresses of the frame are the same
D. The frame has zero destination MAC addresses

Answer: A

Explanation

If the destination MAC address is not in the CAM table (that is, unknown unicast), the switch sends the
frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It
does not flood the frame out the same port on which the frame was received.

Question 41

When DHCP is configured on a router, which command must be entered so the default gateway is
automatically distributed?

A. default-router
B. default-gateway
C. ip helper-address
D. dns-server

Answer: A

Explanation

The following example shows how to configure a DHCP Server on a Cisco router:

Configuration Description

Router(config)#ip dhcp pool Create a DHCP Pool named CLIENTS

CLIENTS

Router(dhcp- Specifies the subnet and mask of the DHCP address pool
config)#network 10.1.1.0 /
24

Router(dhcp- Set the default gateway of the DHCP Clients

config)#default-router 10.
1.1.1

Router(dhcp-config)#dns- Configure a Domain Name Server (DNS)

server 10.1.1.1

Router(dhcp- Configure a domain-name

config)#domain-name
9tut.com

Router(dhcp-config)#lease Duration of the lease (the time during which a client computer can
0 12 use an assigned IP address). The syntax is “lease {days[hours]
[minutes] | infinite}”. In this case the lease is 12 hours. The
default is a one-day lease.
 Before the lease expires, the client typically needs to renew its
address lease assignment with the server

Router(dhcp-config)#exit  

Router(config)# ip dhcp The IP range that a DHCP Server should not assign to DHCP
excluded-address 10.1.1.1 Clients. Notice this command is configured under global
10.1.1.10 configuration mode

Question 42

What is a network appliance that checks the state of a packet to determine whether the packet is
legitimate?

A. Layer 2 switch
B. LAN controller
C. load balancer
D. firewall

Answer: D

Question 43

How is the native VLAN secured in a network?

A. separate from other VLANs within the administrative domain

B. give it a value in the private VLAN range
C. assign it as VLAN 1
D. configure it as a different VLAN ID on each end of the link

Answer: D

Question 44

Which command on a port enters the forwarding state immediately when a PC is connected to it?

A. switch(config)#spanning-tree portfast default

B. switch(config)#spanning-tree portfast bpduguard default
C. switch(config-if)#spanning-tree portfast trunk
D. switch(config-if)#no spanning-tree portfast

Answer: C

Explanation

Although this question said “which command on a port” but it gave two answers in global configuration
mode so it is a bit unclear. But we believe the correct answer should be “spanning-tree portfast
default”, which enables PortFast on all non-trunking interfaces.

Note: The command “spanning-tree portfast trunk” enables portfast on a trunk port. The trunk port
enters the STP forwarding-state immediately or upon a linkup event, thus bypassing the listening and
learning states.

==================== New Questions (added on 8th-Feb-2021)

====================

Question 45
What is the purpose of a southbound API in a control based networking architecture?

A. facilities communication between the controller and the applications

B. integrates a controller with other automation and orchestration tools
C. allows application developers to interact with the network
D. facilities communication between the controller and the networking hardware

Answer: D

Question 46

Which switch technology establishes a network connection immediately when it is plugged in?

A. UplinkFast
B. PortFast
C. BPDU guard
D. BackboneFast

Answer: B

Explanation

Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast enabled will
go to forwarding state immediately without passing the listening and learning state. Therefore it can
save about 30 to 45 seconds to transition through these states.

UplinkFast is a Cisco specific feature that improves the convergence time of the Spanning-Tree
Protocol (STP) in the event of the failure of an uplink.

Question 47

What causes a port to be placed in the err-disabled state?

A. latency
B. nothing plugged into the port
C. shutdown command issued on the port
D. port security violation

Answer: D

Explanation

When a port security is violated, that port can be put into errdisable state.

Question 48

Which technology is appropriate for communication between an SDN controller and applications
running over the network?

A. OpenFlow
B. Southbound API
C. NETCONF
D. REST API

Answer: D

Explanation
Software-defined northbound application program interfaces (SDN northbound APIs) are usually SDN
RESTful APIs used to communicate between the SDN Controller and the services and applications
running over the network.

Note: OpenFlow and NETCONF are Southbound APIs used for most SDN implementations.

==================== New Questions (added on 14th-Feb-2021)

====================

Question 49

Which security program element involves installing badge readers on data-center doors to allow
workers to enter and exit based on their job roles?

A. physical access control

B. biometrics
C. role-based access control
D. multifactor authentication

Answer: C

Explanation

Badge reader is a small, inexpensive reader connected to the USB port of any PC, which can read the
information encoded on a badge (barcode, microchip or RFID, magnetic stripe) and restore it on any
computer software. An example of badge reader is shown below:

The purpose of access control is to grant entrance to a building or office only to those who are
authorized to be there.

Question 50

What is a characteristic of private IPv4 addressing?

A. used without tracking or registration

B. issued by IANA in conjunction with an autonomous system number
C. traverse the Internet when an outbound ACL is applied
D. composed of up to 65,536 available addresses

Answer: A

Explanation

Only private address of class A (10.0.0.0 – 10.255.255.255) includes 16,777,216 so answer D is not
correct.

Question 51
Which network action occurs within the data plane?

A. compare the destination IP address to the IP routing table

B. make a configuration change from an incoming NETCONF RPC
C. run routing protocols (OSPF, EIGRP, RIP, BGP)
D. reply to an incoming ICMP echo request

Answer: D

Question 1

What are two improvements provided by automation for network management in an SDN
environment? (Choose two)

A. Artificial intelligence identifies and prevents potential design failures

B. Data collection and analysis tools establish a baseline for the network
C. New devices are onboarded with minimal effort
D. Machine learning minimizes the overall error rate when automating troubleshooting processes
E. Proprietary Cisco APIs leverage multiple network management tools

Answer: A E

Question 2

A network administrator must to configure SSH for remote access to router R1. The requirement is to
use a public and private key pair to encrypt management traffic to and from the connecting client.
Which configuration, when applied, meets the requirements?

A.
R1#enable
R1#configure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate ec keysize 1024

B.
R1#enable
R1#configure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate rsa modulus 1024

C.
R1#enable
R1#configure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate ec keysize 2048

D.
R1#enable
R1#configure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key encrypt rsa name myKey

A. Option A
B. Option B
C. Option C
D. Option D

 
Answer: B

Explanation

Both RSA, elliptic curve cryptography (ECC) are asymmetrical encryption so it satisfies the
requirement of this question (to use a public and private key pair). Asymmetrical encryption is
different from symmetrical encryption in that to send data in a single direction, two associated keys
are needed. One of these keys is known as the private key, while the other is called the public key.

To generate an Elliptic Curve (EC) key pair, use the crypto key generate ec keysize command in global
configuration mode.
crypto key generate ec keysize {256 | 384} [exportable] [label key-label]

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-
c4.html

-> EC only supports 256 or 384 bit key size -> Answer A and answer C are not correct.

The command “crypto key generate rsa modulus 1024” generate a 1024 bit RSA key pair. Although
1024-bit or smaller key pair should not be used but it is the only correct answer in this question.

Note: The command “crypto key encrypt rsa name …” is used to encrypt the RSA key.

Question 3

An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels.
What must be configured to allow clients to preferentially use 5GHz access points?

A. Client Band Select

B. OEAP Split Tunnel
C. 11ac MU-MIMO
D. Re-Anchor Roamed Clients

Answer: A

Explanation

Band selection works by regulating probe responses to clients and it can be enabled on a per-WLAN
basis. It makes 5-GHz channels more attractive to clients by delaying probe responses to clients on
2.4-GHz channels.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-3/config-
guide/b_cg83/b_cg83_chapter_011100.html

Question 4

When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is
supported?

A. Unicode
B. base64
C. ASCII
D. decimal

Answer: C

Explanation

When configuring a WLAN with WPA2 Preshared Key (PSK), we can choose the encryption key format
as either ASCII or HEX.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-
guide/b_wl_16_10_cg/multi-preshared-key.pdf

Question 5

Which networking function occurs on the data plane?

A. facilitates spanning-tree elections

B. processing inbound SSH management traffic
C. forwarding remote client/server traffic
D. sending and receiving OSPF Hello packets

Answer: C

Question 6

What does an SDN controller use as a communication protocol to relay forwarding changes to a
southbound API?

A. XML
B. Java
C. REST
D. OpenFlow

Answer: D

Explanation

OpenFlow and NETCONF are Southbound APIs used for most SDN implementations.

Note: SDN northbound APIs are usually RESTful APIs used to communicate between the SDN
Controller and the services and applications running over the network.

Question 7

A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router
R2 GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the
address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the
interface?

A. ipv6 address 2001:db8::500:a:400F:583B

B. ipv6 address 2001 db8:0::500:a:4F:583B
C. ipv6 address 2001:0db8::5:a:4F:583B
D. ipv6 address 2001::db8:0000::500:a:400F:583B

Answer: A

Question 8

An administrator must secure the WLC from receiving spoofed association requests. Which steps must
be taken to configure the WLC to restrict the requests and force the user to wait 10 ms to retry an
association request?

A. Enable Security Association Teardown Protection and set the SA Query timeout to 10
B. Enable the Protected Management Frame service and set the Comeback timer to 10
C. Enable 802.1x Layer 2 security and set the Comeback timer to 10
D. Enable MAC filtering and set the SA Query timeout to 10

 
Answer: B

Explanation

Comeback timer specifies the time which an associated client must wait before the association can be
tried again when first denied with a status code 30.

SA query timeout specifies the amount of time the WLC waits for a response from the client for the
query process.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/212576-
configure-802-11w-management-frame-prote.html

Note: We can use either 802.1x or PSK as the authentication key management method so answer C is
not correct.

Question 9

What is the benefit of using FHRP?

A. balancing traffic across multiple gateways in proportion to their loads

B. reduced management overhead on network routers
C. reduced ARP traffic on the network
D. higher degree of availability

Answer: D

Question 10

Which 802.11 management frame type is sent when a client roams between access points on the
same SSID?
A. Authentication Request
B. Probe Request
C. Reassociation Request
D. Association Request

Answer: C

Explanation

Association request frame – (0x00) Sent from a wireless client, it enables the AP to allocate
resources and synchronize. The frame carries information about the wireless connection including
supported data rates and SSID of the network to the wireless client that wants to associate. If the
request is accepted, the AP reserves memory and establishes an association ID for the device.

Association response frame – (0x01) Sent from an AP to a wireless client containing the acceptance
or rejection to an association request. If it is an acceptance, the frame contains information, such as
an association ID and supported data rates.

Reassociation request frame – (0x02) A device sends a reassociation request when it drops from
range of the currently associated AP and finds another AP with a stronger signal. The new AP
coordinates the forwarding of any information that may still be contained in the buffer of the previous
AP.

Reassociation response frame – (0x03) Sent from an AP containing the acceptance or rejection to a

device reassociation request frame. The frame includes information required for association, such as
the association ID and supported data rates.

Probe request frame – (0x04) Sent from a wireless client when it requires information from another
wireless client.

Authentication frame – (0x0B) The sending device sends an authentication frame to the AP

containing its identity.

Reference: https://www.ii.pwr.edu.pl/~kano/course/module8/8.2.1.4/8.2.1.4.html

Question 11

What is a similarity between OM3 and OM4 fiber optic cable?

A. Both have a 50 micron core diameter

B. Both have a 9 micron core diameter
C. Both have a 62.5 micron core diameter
D. Both have a 100 micron core diameter

Answer: A

Explanation

At present, there are four kinds of c: OM1, OM2, OM3 and OM4. The letters “OM” stand for optical
multi-mode. OM3 and OM4 fibers will support upcoming 40 and 100 Gb/s speeds. OM2, OM3, OM4 and
OM5 have 50 micron core diameter.

Question 12

Which protocol does an access point use to draw power from a connected switch?

A. Internet Group Management Protocol

B. Cisco Discovery Protocol
C. Adaptive Wireless Path Protocol
D. Neighbor Discovery Protocol
 

Answer: B

Question 13

When deploying syslog, which severity level logs informational message?

A. 0
B. 2
C. 4
D. 6

Answer: D

Syslog levels are listed below

Leve Keyword Description

l

0 emergencies System is unusable

1 alerts Immediate action is needed

2 critical Critical conditions exist

3 errors Error conditions exist

4 warnings Warning conditions exist

5 notification Normal, but significant, conditions exist

6 informational Informational messages

7 debugging Debugging messages

The highest level is level 0 (emergencies). The lowest level is level 7. By default, the router will send
informational messages (level 6). That means it will send all the syslog messages from level 0 to 6.

Question 14

Refer to the exhibit.

Which command must be executed for Gi1/1 on SW1 to become a trunk port if Gi1/1 on SW2 is
configured in desirable or trunk mode?

A. switchport mode trunk

B. switchport mode dot1-tunnel
C. switchport mode dynamic auto
D. switchport mode dynamic desirable
 

Answer: D

Explanation

According to the trunking condition table below, we can use either (dynamic) “auto” or (dynamic)
“desirable” mode or even “trunk” mode so in fact this question has three correct answers.

Question 15

Refer to the exhibit.

An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic. Which
configuration accomplishes this task?
 Option A Option B
interface interface
gigabitethernet1/1 gigabitethernet1/1
switchport mode access switchport mode access
switchport access vlan switchport access vlan
300 400
switchport voice vlan switchport voice vlan
400 300

Option C Option D
interface interface
gigabitethernet1/1 gigabitethernet1/1
switchport mode trunk switchport mode trunk
switchport access vlan switchport trunk vlan
300 300
switchport voice vlan switchport trunk vlan
400 400

A. Option A
B. Option B
C. Option C
D. Option D

Answer: A

Question 16

What describes the operation of virtual machines?

A. Virtual machines are responsible for managing and allocating host hardware resources
B. Virtual machines are operating system instances that are decoupled from server hardware
C. Virtual machines are the physical hardware that support a virtual environment
D. In a virtual machine environment, physical servers must run one operating system at a time

Answer: A

Question 17

What is a role of access points in an enterprise network?

A. connect wireless devices to a wired network

B. support secure user logins to devices or the network
C. integrate with SNMP in preventing DDoS attacks
D. serve as a first line of defense in an enterprise network

Answer: A
Question 18

Refer to the exhibit.

SiteA#show interface TenGigabitEthernet0/1/0

TenGigabitEthernet0/1/0 is up, line protocol is up
Hardware is BUILT-IN-EPA-8x10G, address is aabb.cc00.0100 (bia aabb.cc00.0100)
Description: Connection to SiteB
Internet address is 10.10.10.1/30
MTU 8146 bytes, BW 10000000 Kbit/sec, DLY 10 usec,
reliability 166/255, txload 1/255, rxload 1/255
Full Duplex, 10000Mbps, link type is force-up, media type is SFP-LR
5 minute input rate 265746000 bits/sec, 24343 packets/sec
5 minute output rate 123245000 bits/sec, 12453 packets/sec

SiteB#show interface TenGigabitEthernet0/1/0

TenGigabitEthernet0/1/0 is up, line protocol is up
Hardware is BUILT-IN-EPA-8x10G, address is 0000.0c00.750c (bia 0000.0c00.750c)
Description: Connection to SiteA
Internet address is 10.10.10.2/30
MTU 8146 bytes, BW 10000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Full Duplex, 10000Mbps, link type is force-up, media type is SFP-LR
5 minute input rate 123245000 bits/sec, 15343 packets/sec
5 minute output rate 265746000 bits/sec, 12453 packets/sec

Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report
intermittent connectivity issues with applications hosted at SiteB. What is the cause of the intermittent
connectivity issue?

A. Interface errors are incrementing

B. An incorrect SFP media type was used at SiteA
C. High usage is causing high latency
D. The sites were connected with the wrong cable type

Answer: A

Explanation

The txload and rxload on both sites are 1/255 so the interfaces are not busy in transmitting and
receiving traffic. But the reliability on SiteA is only 166/255 which indicates input and output errors
increase. Reliability is calculated by this formula: reliability = number of packets / number of total
frames.

Question 19

Refer to the exhibit.

Only four switches are participating in the VLAN spanning-tree process.
Branch-1: priority 614440
Branch-2: priority 39082416
Branch-3: priority 0
Branch-4: root primary

Which switch becomes the permanent root bridge for VLAN 5?

A. Branch-1
B. Branch-2
C. Branch-3
D. Branch-4

Answer: C

Explanation

Priority 0 is the lowest priority of a bridge so it will be elected the root bridge.

Note: The command “root primary” only checks the current root bridge priority and tries to use a
better (lower) priority value to become the new root bridge. But it does not ensure the local switch will
become the root bridge. If another switch has priority of 0 and we issue the “root primary” command
then it will inform that it cannot become root, as it cannot get a value lower than 0.

Question 20

Refer to the exhibit.

The entire contents of the MAC address table are shown. Sales-4 sends a data frame to Sales-1. What
does the switch do as it receives the frame from Sales-4?

A. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame
B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1
C. Perform a lookup in the MAC address table and discard the frame due to a missing entry
D. Flood the frame out of all ports except on the port where Sales-1 is connected

Answer: B

Explanation

The Sales-1 information was already learned by the switch so it just forwards the frames to Sales-1.
The switch also learns the information of Sales-4 because this is the first time this host communicates
to other hosts.

Question 21

Which technology allows for multiple operating systems to be run on a single host computer?

A. virtual device contexts

B. network port ID visualization
C. virtual routing and forwarding
D. server virtualization

Answer: D

Question 22

Refer to the exhibit.

An administrator must turn off the Cisco Discovery Protocol on the port configured with last usable
address in the 10.0.0.0/30 subnet. Which command set meets the requirement?

A. interface gi0/1
no cdp enable

B. interface gi0/1
clear cdp table

C. interface gi0/0
no cdp run

D. interface gi0/0
no cdp advertise-v2

Answer: A

Explanation

In order to disable CDP on an interface, we have to use the “no cdp enable” under interface mode.

Note: “no cdp run” is a global configuration command.

Question 23

Which two QoS tools provides congestion management? (Choose two)

A. FRTS
B. CAR
C. PQ
D. PBR
E. CBWFQ

Answer: C E

Question 24

What occurs when overlapping Wi-Fi channels are implemented?

A. The wireless network becomes vulnerable to unauthorized access

B. Wireless devices are unable to distinguish between different SSIDs
C. Network communications are open to eavesdropping
D. Users experience poor wireless network performance
 

Answer: D

Question 25

Which JSON data type is an unordered set of attribute-value pairs?

A. array
B. string
C. object
D. Boolean

Answer: C

Explanation

An object is an unordered collection of zero or more name/value pairs. For example {“name”:”John”}.
Objects are denoted by curly brackets, which means that the order is not guaranteed. For example, if
you send a request {“name”:”9tut”,”preferredColor”:”Blue”}, it is not always guaranteed that the
receiver receives them in the same order.

Note: In contrast to object, an array is an ordered sequence of zero or more values. For example
[“a”,”b”,”c”]. Arrays use square brackets to denote arrays. Order is guaranteed in JSON arrays.

Question 26

An engineer needs to add an old switch back into a network. To prevent the switch from corrupting
the VLAN database which action must be taken?

A. Add the switch in the VTP domain with a lower revision number
B. Add the switch in the VTP domain with a higher revision number
C. Add the switch with DTP set to dynamic desirable
D. Add the switch with DTP set to desirable

Answer: A

============================= New Questions (added on 7th-Mar-2021)

=============================

Question 28

An engineering team asks an implementer to configure syslog for warning conditions and error
conditions. Which command does the implementer configure to achieve the desired result?

A. logging trap 2
B. logging trap 3
C. logging trap 4
D. logging trap 5

Answer: C

Explanation

Syslog levels are listed below

Leve Keyword Description

l
 0 emergencies System is unusable

1 alerts Immediate action is needed

2 critical Critical conditions exist

3 errors Error conditions exist

4 warnings Warning conditions exist

5 notification Normal, but significant, conditions exist

6 informational Informational messages

7 debugging Debugging messages

The highest level is level 0 (emergencies). The lowest level is level 7. If we configure syslog level 4
then it will send all the syslog messages from level 0 to 4.

Question 29

Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right.

Answer:

+ 802.11b: Supports a maximum data rate of 11 Mbps

+ 802.11a: Operates in the 5 GHz band only and supports a maximum data rate of 54 Mbps
+ 802.11ac: Operates in the 5 GHz band only and supports a maximum data rate that can exceed 100
Mbps
+ 802.11n: Operates in the 2.4 GHz and 5 GHz bands
+ 802.11g: Operates in the 2.4 GHz band only and supports a maximum data rate of 54 Mbps

Explanation

Wireless Standards
 IEEE Frequency/Medium Speed Topology Transmission Access
Standar Range Method
d

802.11 2.4GHz RF 1 to Ad 20 feet CSMA/CA

2Mbps hoc/infrastructur indoors.
e

802.11a 5GHz Up to Ad 25 to 75 feet CSMA/CA

54Mbps hoc/infrastructur indoors; range
e can be
affected by
building
materials.

802.11b 2.4GHz Up to Ad Up to 150 feet CSMA/CA

11Mbps hoc/infrastructur indoors; range
e can be
affected by
building
materials.

802.11g 2.4GHz Up to Ad Up to 150 feet CSMA/CA

54Mbps hoc/infrastructur indoors; range
e can be
affected by
building
materials.

802.11n 2.4GHz/5GHz Up to Ad 175+ feet CSMA/CA

600Mbps hoc/infrastructur indoors; range
e can be
affected by
building
materials.

802.11ac uses dual-band wireless technology, supporting simultaneous connections on both 2.4 GHz
and 5 GHz Wi-Fi devices. 802.11ac offers backward compatibility to 802.11a/b/g/n and bandwidth
rated up to 1300 Mbps on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.

Question 30

Which two protocols are supported on service-port interfaces? (Choose two)

A. RADIUS
B. TACACS+
C. Telnet
D. SCP
E. SSH

Answer: C E

Explanation

The service-port interface controls communications through and is statically mapped by the system to
the service port. The service port can be used for out-of-band management.
The service port can obtain an IPv4 address using DHCP, or it can be assigned a static IPv4 address,
but a default gateway cannot be assigned to the service-port interface. Static IPv4 routes can be
defined through the controller for remote network access to the service port.
If the service port is in use, the management interface must be on a different supernet from the
service-port interface.

The service-port interface supports the following protocols:

+ SSH and Telnet
+ HTTP and HTTPS
+ SNMP
+ FTP, TFTP, and SFTP
+ Syslog
+ ICMP (ping)
+ NTP
Note: TACACS+ and RADIUS are not supported through the service port.

Question 31

Refer to the exhibit.

How must router A be configured so that it only sends Cisco Discovery Protocol Information to router
C?

Option A Option B

conf t conf t
RouterA(config)#no cdp run RouterA(config)#cdp run
RouterA(config)#interface RouterA(config)#interface
gi0/0/1 gi0/0/1
RouterA(config)#cdp enable RouterA(config)#cdp enable

Option C Option D

conf t conf t
RouterA(config)#cdp run RouterA(config)#cdp run
RouterA(config)#interface RouterA(config)#interface
gi0/0/0 gi0/0/0
RouterA(config)#cdp enable RouterA(config)#no cdp
enable

A. Option A
B. Option B
C. Option C
D. Option D

Answer: D
============================= New Questions (added on 5th-May-2021)
=============================

Question 32

What is the function of a hub-and-spoke WAN topology?

A. supports application optimization

B. provides direct connections between subscribers
C. supports Layer 2 VPNs
D. allows access restrictions to be implemented between subscriber sites

Answer: D

Question 33

Which global command encrypt all passwords in the running configuration?

A. enable secret
B. enable password-encryption
C. service password-encryption
D. password-encrypt

Answer: C

Explanation

The service password-encryption command will encrypt all current and future passwords so any
password existed in the configuration will be encrypted.