CCNA 200-301: Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

CCNA 200-301
Number: 200-301
Passing Score: 825
Time Limit: 120 min
File Version: 1.0
Exam A
QUESTION 1
Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?
A. It towards only the VTP advertisements that it receives on its trunk ports.
B. lt processes VTP updates from any VTP clients on the network on its access ports.
C. It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.
D. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
A Cisco IP phone receives untagged data traffic from an attached PC. Which action is taken by the phone?
A. It tags the traffic with the default LAN.

B. lt tags the traffic with the native VLAN.
C. It allows the traffic to pass through unchanged.
D. It drops the traffic
Correct Answer: C
Section: (none)
Explanation
QUESTION 3
Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165?
A. Router5
B. Router4
C. Router2
D. Router3
Correct Answer: D
Section: (none)
Explanation
QUESTION 4
How will Link Aggregation be implemented on a Cisco Vlfireless LAN Controller?
A. One functional physical port is needed to pass client traffic.

B. The EtherChannel must be configured in "mode active".
C. When enabled, the WLC bandwidth drops to 500 Mbps.
D. To pass client traffic, two or more ports must be configured.
Correct Answer: A
Section: (none)
Explanation
QUESTION 5
Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. What is the reason for the problem?
A. The OSPF router IDs are mismatched.

B. Router2 is using the default hello timer.
C. The OSPF process IDs are mismatched.
D. The network statement on Router1 is misconfigured.
Correct Answer: B
Section: (none)
Explanation
QUESTION 6
Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16?
A. lt selects the OSPF route because it has the lowest cost.

B. It selects the EIGRP route because it has the lowest administrative distance.
C. lt selects the lS-IS route because it has the shortest prefix inclusive of the destination address.
D. It selects the RIP route because it has the longest prefix inclusive of the destination address.
Correct Answer: D
Section: (none)
Explanation
QUESTION 7
What event has occurred if a router sends a notice level message to a syslog server?
A. A certificate has expired.

B. A TOP connection has been torn down.
C. An lCMP connection has been built.
D. An interface line has changed status.
Correct Answer: D
Section: (none)
Explanation
QUESTION 8
A network engineer must create a diagram of a multivendor network. Which command must be configured on the Cisco devices so that the topology of the network can be mapped?
A. Device(config)# lldp run

B. Device(config)# cdp run
C. Device(config-if)# cdp enable
D. Device(config)# flow-sampler-map topology
Correct Answer: A
Section: (none)
Explanation
QUESTION 9
What is the primary purpose of a First Hop Redundancy Protocol?
A. It allows directly connected neighbors to share configuration information.

B. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric.
C. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination.
D. It reduces routing failures by allowing more than one router to represent itself as the default gateway of a network.
Correct Answer: D
Section: (none)
Explanation
QUESTION 10
A User configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, which type of OSPF network does this interface belong to?
A. nonbroadcast
B. point-to-multipoint
C. point-to-point
D. broadcast
Correct Answer: D
Section: (none)
Explanation
QUESTION 11
Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the MAC address of that interface?
A. configure a stateful DHCPV6 server on the network

B. disable the EUl-64 bit process
C. enable SLAAC on an interface
D. explicitly assign a link-local address
Correct Answer: C
Section: (none)
Explanation
QUESTION 12
Which output displays a JSON data representation?
A. {
"response", {
"taskld", {};
"url", "string"
};
"version", "string"
}
B. {
"response": {
"taskld": {};
"url": "string"
};
"version": "string"
}
C. {
"response". {
"taskld". {};
"url". "string"
}.
"version". "string"
}
D. {
"response": {
"taskld": {},
"url": "string"
},
"version": "string"
}
Correct Answer: D
Section: (none)
Explanation
QUESTION 13
Refer to the exhibit. What action establishes the OSPF neighbor relationship without forming an adjacency?
A. modify priority
B. modify network type
C. modify process ID
D. modify hello interval
Correct Answer: D
Section: (none)
Explanation
QUESTION 14
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?
A. Exchange
B. lnit
C. 2-way
D. Full
Correct Answer: D
Section: (none)
Explanation
QUESTION 15
How do TCP and UDP differ in the way they guarantee packet delivery?
A. TCP uses two~dimensional parity checks, checksums, and cyclic redundancy checks, and UDP uses retransmissions only.
B. TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only.
C. TCP uses retransmissions,acknowledgement, and parity checks, and UDP uses cyclic redundancy checks only.
D. TCP uses checksum, acknowledgements, and retransmissions, and UDP uses checksums only.
Correct Answer: D
Section: (none)
Explanation
QUESTION 16
Which IPv6 address block forwards packets to a multicast address rather than a unicast address?
A. FE80::/10
B. FC00::/7
C. FF00::/12
D. 2000:/3
Correct Answer: C
Section: (none)
Explanation
QUESTION 17
Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by the routerto forward the packet that destination IP 172.16.32.1?
A. cost
B. longest prefix
C. administrative distance
D. metric
Correct Answer: B
Section: (none)
Explanation
QUESTION 18
An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented?
A. switch(config-if)#|ldp port description

B. switch#lldp port-description
C. switch(config)#lldp port-description
D. switch(config-line)#lldp port-description
Correct Answer: C
Section: (none)
Explanation
QUESTION 19
An office has 8 floors with approximately 30-40 users per floor. What command must be configured on the router Switched Virtual Interface to use address space efficiently?
A. ip address 192.168.0.0 255.255.255.224
B. ip address 192.168.0.0 255.255.255.128
C. ip address 192.168.0.0 255.255.254.0
D. ip address 192.168.0.0 255.255.0.0
Correct Answer: C
Section: (none)
Explanation
QUESTION 20
A wireless administrator has configured a WLAN, however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?
A. enable Band Select

B. enable RX-SOP
C. enable AAA override
D. enable DTIM
Correct Answer: A
Section: (none)
Explanation
QUESTION 21
An engineer must configure an OSPF neighbor relationship between router R1 and R3. The authentication configuration has been configured and the connecting interfaces are in the same 192.168.1.0/30 subnet. What are the next two steps to
complete the configuration? (Choose two.)
A. configure the hello and dead timers to match on both sides

B. configure the interfaces as OSPF active on both sides
C. configure both interfaces with the same area ID
D. configure the same process ID for the router OSPF process
E. configure the same router ID on both routing processes
Correct Answer: BC
Section: (none)
Explanation
QUESTION 22
What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?
A. management plane
B. control plane
C. policy plane
D. data plane
Correct Answer: B
Section: (none)
Explanation
QUESTION 23
By default, how does EIGRP determine the metric of a route for the routing table?
A. It counts the number of hops between the receiving and destination routers and uses that value as the metric.
B. It uses a reference bandwidth and the actual bandwidth of the connected link to calculate the route metric.
C. It uses the bandwidth and delay values of the path to calculate the route metric.
D. It uses a default metric of 10 for all routes that are learned by the router.
Correct Answer: C
Section: (none)
Explanation
QUESTION 24
Which type of IPv6 address is publicly routable in the same way as IPv4 public addresses?
A. unique local
B. link-local
C. multicast
D. global unicast
Correct Answer: D
Section: (none)
Explanation
QUESTION 25
Which WPA3 enhancement protects against hackers viewing traffic on the \M-Fi network?
A. AES encryption
B. SAE encryption
C. TKIP encryption
D. scrambled encryption key
Correct Answer: B
Section: (none)
Explanation
QUESTION 26
Refer to the exhibit. Which two commands were used to create port channel 10? (Choose two.)
A. int range g0/0-1
channel-group 10 mode active
B. int range g0/0-1
channel-group 10 mode desirable
C. int range g0/0-1
channel-group 10 mode passive
D. int range g0/0-1
channel-group 10 mode on
E. int range g0/0-1
channel-group 10 mode auto
Correct Answer: AC
Section: (none)
Explanation
QUESTION 27
What are two fundamentals of virtualization? (Choose two.)
A. The environment must be configured with one hypervisor that serves solely las a network manager to monitor SNMP traffic.
B. It requires that some servers, virtual machines, and network gear reside on the Internet.
C. It allows logical network devices to move traffic between virtual machines and the rest of the physical network.
D. It allows a physical router to directly connect Nle from each virtual machine into the network.
E. It allows multiple operating systems and applications to run independently on one physical server.
Correct Answer: CE
Section: (none)
Explanation
QUESTION 28
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller. GUI, which two formats are available to select? (Choose two.)
A. base64
B. hexadecimal
C. binary
D. decimal
E. ASCII
Correct Answer: BE
Section: (none)
Explanation
QUESTION 29
When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of characters that is required in ASCII format?
A. 8
B. 6
C. 12
D. 18
Correct Answer: A
Section: (none)
Explanation
QUESTION 30
Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two.)
A. IP routing must be enabled on the switch.

B. Telnet mustbe disabled on the switch
C. The ip domain-name command must be configured on the switch.
D. A console password must be configured on the switch.
E. The switch must be running a k9 (crypto) IOS image.
Correct Answer: CE
Section: (none)
Explanation
QUESTION 31
What is a difference between RADIUS and TACACS+?
A. TACACS+ separates authentication and authorization, and RADIUS merges them.

B. TACACS+ encrypts only password information, and RADIUS encrypts the entire payload.
C. RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands.
D. RADIUS is most appropriate for dial authentication, bUt TACACS+ can be used for multiple types of authentication.
Correct Answer: A
Section: (none)
Explanation
QUESTION 32
What are two benefits of network automation? (Choose two.)
A. faster changes with more reliable results

B. fewer network failures
C. reduced hardware footprint
D. reduced operational costs
E. increased network security
Correct Answer: AD
Section: (none)
Explanation
QUESTION 33
Which two capabilities of Cisco DNA Center make it more extensible? (Choose two-)
A. customized versions for small, medium, and large enterprises

B. REST APIS that allow for external applications to interact natively with Cisco DNA Center
C. SDKs that support interaction with third-party network equipment
D. adapters that support all families of Cisco IOS software
E. modular design that is upgradable as needed
Correct Answer: BC
Section: (none)
Explanation
QUESTION 34
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two.)
A. FF02::2
B. FC00::/7
C. FF02::1
D. 2002::5
E. 2000::/3
Correct Answer: AC
Section: (none)
Explanation
QUESTION 35
An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK Which cipher fulfills the configuration requirement?
A. WEP
B. TKIP
C. RC4
D. AES
Correct Answer: D
Section: (none)
Explanation
QUESTION 36
Which goal is achieved by the implementation of private IPv4 addressing on a network?
A. allows servers and workstations to communicate across public network boundaries

B. allows communication across the Internet to other private networks
C. provides a reduction in size of the forwarding table on network routers
D. provides an added level of protection against Internet exposure
Correct Answer: C
Section: (none)
Explanation
QUESTION 37
A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received. Which interface counter increments?
A. late collision
B. Runt
C. CRC
D. Collision
Correct Answer: A
Section: (none)
Explanation
QUESTION 38
How does CAPWAP communicate between an access point in local mode and a WLC?
A. The access point has the ability to link to any switch in the network, assuming connectivity to the WLC.
B. The access point must be connected to the same switch as the WLC.
C. The access point must directly connect to the WLC using a copper cable.
D. The access point must not be connected to the wired network, as it would create a loop.
Correct Answer: A
Section: (none)
Explanation
QUESTION 39
An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any one of three addresses:192.168.3.1, 192.168.3.2, or 192.168.3.3. Which configuration should be used?
A. enable
configure terminal
ip nat pool mypool 192168.3.1 192.168.3.3 prefix-length30
access-list 1 permit 10.10.0.0 0.0.0.255
ip nat inside source list 1 pool mypool
interface g1/1
ip nat inside
interface g1/2
ip nat outside
B. enable
configure terminal
ip nat pool mypool 192,168.3.1 192.168.3.3 prefix-length 30
ip nat outside destination list 1 pool mypool
interface g1/1
ip nat inside
interface g1/2
ip nat outside
C. enable
configure terminal
ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30
route-map permit 10.10.0.0 255.255.255.0
ip nat outside destination list 1 pool mypool
interface g1/1
ip nat inside
interface g1/2
ip nat outside
D. enable
configure terminal
ip nat pool mypool 192.168.3.1 192.168.3.3 prefix-length 30
ip nat inside source list 1 pool mypool
interface g1/1
ip nat inside
interface g1/2
ip nat outside .
Correct Answer: A
Section: (none)
Explanation
QUESTION 40
Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server configurations are complete and correct, which two sets of commands must be configured on R1 and R2 to
complete the task? (Choose two.)
A. R1 (config)# interface fa0/0

R1 (config-if)# ip address dhcp
R1 (config-if)# no shutdown
B. R1 (config)# interface fa0/0
R1 (config-if)# ip helper-address 192.0.2.2
C. R2(config)# interface gi0/0
R2(config-if)# ip helper-address 198.51.100.100
D. R2(config)# interface gi0/0
R2(config-if)# ip address dhcp
E. R1 (confi9)# interface fa0/0
R1 (config-if)# ip helper-address 198.51.100.100
Correct Answer: AC
Section: (none)
Explanation
QUESTION 41
Which command must be entered when a device is configured as an NTP server?
A. ntp peer
B. ntp server
C. ntp master
D. ntp authenticate
Correct Answer: C
Section: (none)
Explanation
QUESTION 42
Which 802.11 frame type is Association Response?
A. control
B. protected frame
C. management
D. action
Correct Answer: C
Section: (none)
Explanation
QUESTION 43
The service password-encryption command is entered on a router. What is the effect of this configuration?
A. protects the VLAN database from unauthorized PC connections on the switch

B. encrypts the password exchange when a VPN tunnel is established
C. prevents network administrators from configuring clear-text passwords
D. restricts unauthorized users from viewing clear-text passwords in the running configuration
Correct Answer: D
Section: (none)
Explanation
QUESTION 44
A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?
A. ip route 10.10.1.0 255.255.255.240 10.10.255.1

B. ip route 10.10.1.16 255.255.255.252 10.10.255.1
C. ip route 10.10.1.20 255.255.255.252 10.10.255.1
D. ip route 10.10.1.20 255.255.255.254 10.10.255.1
Correct Answer: C
Section: (none)
Explanation
QUESTION 45
How do AAA operations compare regarding user identification, user services, and access control?
A. Authorization identifies users, and authentication provides access control.

B. Authorization provides access control, and authentication tracks user services
C. Authentication identifies users, and accounting tracks user services.
D. Accounting tracks user services, and authentication provides access control.
Correct Answer: C
Section: (none)
Explanation
QUESTION 46
Refer to the exhibit Which configuration issue is preventing the OSPF neighbor relationship from being established between the two routers?
A. R1 interface Gi1/0 has a larger MTU size.

B. R1 has an incorrect network command for interface Gi1/0.
C. R2 should have its network command in area 1.
D. R2 is using the passive-interface default command.
Correct Answer: A
Section: (none)
Explanation
QUESTION 47
What is the expected outcome when an EUl-64 address is generated?
A. The seventh bit of the original MAC address of the interface is inverted,
B. The MAC address of the interface is used as the interface ID without modification.
C. The characters FE80 are inserted at the beginning of the MAC address of the interface.
D. The interface ID is configured as a random 64-bit value.
Correct Answer: A
Section: (none)
Explanation
QUESTION 48
Referto the exhibit. What is the effect of this configuration?
A. The switch port interface trust state becomes untrusted

B. The switch port remains administratively down until the interface is connected to another switch
C. The switch port remains down until it is configured to trust or untrust incoming packets
D. Dynamic ARP Inspection is disabled because the ARP ACL is missing
Correct Answer: A
Section: (none)
Explanation
QUESTION 49
Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a
local username and password?
A. R1(confi9)#username admin .
R1 (config-if)#line vty 0 4
R1(config-line)#password p@ss1234
B. R1(config)#usemame admin
R1 (config-line)#password p@ss1234
R1 (config-Iine)#transport input telnet
C. R1 (config)#usemame admin secret p@ss1234
R1 (config-line)#login local
R1(config)#enable secret p@ss1234
D. R1(config)#usemame admin privilege 15 secret p@ss1234
R1(config-if)#line vty 0 4
R1 (config-Iine)#login local
Correct Answer: D
Section: (none)
Explanation
QUESTION 50
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.)
A. QoS settings
B. management interface settings
C. SSID
D. IP address of one or more access points
E. profile name
Correct Answer: CE
Section: (none)
Explanation
QUESTION 51
Which configuration is needed to generate an RSA key for SSH on a router?
A. Create a user with a password.

B. Configure the version of SSH
C. Configure VTY access.
D. Assign a DNS domain name
Correct Answer: D
Section: (none)
Explanation
QUESTION 52
Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome when a Cisco phone is connected to the GigabitEthernet3/1/4 port on a switch?
A. The phone sends and receives data in VLAN 50, but a workstation connected to the phone sends and receives data in VLAN 1.
B. The phone sends and receives data in VLAN 50, but a workstation connected to the phone has no VLAN connectivity.
C. The phone and a workstation that is connected to the phone do not have VLAN connectivity.
D. The phone and a workstation that is connected to the phone send and receive data in VLAN 50.
Correct Answer: A
Section: (none)
Explanation
QUESTION 53
Which state does the switch port move to when PortFast is enabled?
A. blocking
B. forwarding
C. listening
D. learning
Correct Answer: B
Section: (none)
Explanation
QUESTION 54
What are two roles of Domain Name Services (DNS)? (Choose two.)
A. builds a flat structure of DNS names for more efficient IP operations

B. allows a single host’name to be Shared across more than one IP address
C. enables applications to identify resources by name instead of IP address
D. improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs)
E. encrypts network Traffic as it travels across a WAN by default
Correct Answer: BC
Section: (none)
Explanation
QUESTION 55
What is a difference between local AP mode and FIexConnect AP mode?
A. Local AP mode causes the AP to behave as if it were an autonomous AP.

B. FIexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured.
C. Local AP mode creates two CAPWAP tunnels per AP to the WLC.
D. FIexConnect AP mode fails to function if the AP loses connectivity with the WLC.
Correct Answer: C
Section: (none)
Explanation
QUESTION 56
What configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?
A. Ansible
B. Chef
C. Puppet
D. Python
Correct Answer: A
Section: (none)
Explanation
QUESTION 57
Refer to the exhibit. An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers fromthe left onto the network parameters on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 58
Drag and drop the Cisco \Nrreless LAN Controller security settings from the left onto the correct security mechanism categories on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 59
Drag and drop the characteristics of networking from the left onto the correct networking types on the right.
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 60
Drag the descriptions of IP protocol transmissions from the left onto the IP trafic types on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 61
Drag the descriptions of device management from the left onto the types of device management on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 62
Refer to the exhibit. Drag and drop the networking parameters from the left onto the correct values on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 63
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right-
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 64
Which two outcomes are predictable behaviors for HSRP? (Choose two.)
A. The two routers negotiate one router as the active router and the other as the standby router.
B. Each router has a different IP address, both routers act as the default gateway on the LAN. and traffic is load-balanced between them.
C. The two routers synchronize configurations to provide consistent packet forwarding
D. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
E. The two routers share the same interface IP address, and default gateway traffic is load-balanced between them.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 65
Refer to the exhibit. An extended AOL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet
while still allowing all other traffic? (Choose two)
A. The ACL must be moved to the Gi0/1 interface outbound on R2.

B. Add a "permit ip any any" statement to the beginning of ACL 101 for allowed traffic.
C. The source and destination IPs must be swapped in ACL 101.
D. The ACL must be configured the GiO/2 interface inbound on R1.
E. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic.
Correct Answer: CE
Section: (none)
Explanation
QUESTION 66
Refer to the exhibit. Which action do the switches take on the trunk link?
A. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the ink.
B. The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain
C. The trunk does not form, and the ports go into an err-disabled status
D. The trunk forms, but VLAN s9 and VLAN 999 are in a shutdown state
Correct Answer: B
Section: (none)
Explanation
QUESTION 67
Which two actions influence the EIGRP route selection process? (Choose two.)
A. The router calculates the reported distance by multiplying the delay on the exiting interface by 256.
B. The router calculates the best backup path to the destination route and assigns it as the feasible successor.
C. The router calculates the feasible distance of all paths to the destination route.
D. The router must use the advertised distance as the metric for any given route
E. The advertised distance is calculated by a downstream neighborto inform the local router of the bandwidth on the link.
Correct Answer: BC
Section: (none)
Explanation
QUESTION 68
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two.)
A. when the cable length limits are exceeded

B. when the sending device waits 15 seconds before sending the frame again
C. when Carrier Sense lvlultiple Access/Collision Detection is used
D. when a collision occurs after the 32nd byte of a frame has been transmitted
E. when one side ofthe connection is configured for half-duplex
Correct Answer: AE
Section: (none)
Explanation
QUESTION 69
Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one
another? (Choose two.)
A. Configure the ipv6 route 2012:2/126 s0/0/0 command on the Atlanta router.
B. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.
C. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router
D. Configure the ipv6 route 2012:1/26 2023::2 command on the Washington router
E. Configure the ipv6 route 2012:2/126 2023::1 command on the Washington router.
Correct Answer: BD
Section: (none)
Explanation
QUESTION 70
What benefit does controller-based networking provide versus traditional networking?
A. combines control and data plane functionality on a single device to minimize latency
B. provides an added layer of security to protect from DDoS attacks
C. moves from a two-tier to a three-tier network architecture to provide maximum redundancy allows
D. allows configuration and monitoring of the network from one centralized point
Correct Answer: D
Section: (none)
Explanation
QUESTION 71
What occurs to frames during the process of frame flooding?
A. Frames are sent to all ports, including those that are assigned to other VLANs.
B. Frames are sent to every port on the switch in the same VLAN
C. Frames are sent to every port on the switch that has a matching entry in the MAC address table.
D. Frames are sent to every port on the switch in the same VLAN except from the originating port.
Correct Answer: D
Section: (none)
Explanation
QUESTION 72
A corporate office uses four floors in a building.
Floor 1 has 24 users.

Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?
A. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

B. 192.168.0.0/24 as summary and 192.168.0.0/28 for each floor
C. 192.168.0.0/25 as summary and 192.168.0.0/27 for each floor
D. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor
Correct Answer: C
Section: (none)
Explanation
QUESTION 73
Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?
A. 10.10.13.0/25
B. 10.10.10.0/28
C. 10.10.13.144/28
D. 10.10.13.208/29
Correct Answer: D
Section: (none)
Explanation
QUESTION 74
Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
A. auto .
B. active
C. passive
D. mode on
Correct Answer: B
Section: (none)
Explanation
QUESTION 75
What makes Cisco DNA Center different from traditional network management applications and their management of networks?
A. Its modular design allows someone to implement different versions to meet the specific needs of an organization.
B. It only supports auto-discovery of network elements in a greenfield deployment. .
C. It does not support high availability of management functions when operating in cluster mode.
D. It abstracts policy from the actual device configuration.
Correct Answer: A
Section: (none)
Explanation
QUESTION 76
Refer to the exhibithrth which metric was the route to host 172.16.0.202 learned?
A. 110
B. 38443
C. 0
D. 3184439
Correct Answer: B
Section: (none)
Explanation
QUESTION 77
What is a function of a remote access VPN?
A. establishes a secure tunnel between two branch sites

B. allows the users to access company internal network resources through a secure tunnel
C. uses cryptographic tUnneling to protect the privacy of data for multiple users simultaneously
D. used exclusively when a user is connected to a company's internal network
Correct Answer: B
Section: (none)
Explanation
QUESTION 78
What is the primary function of a Layer 3 device?
A. to pass traffic between different networks

B. forward traffic within the same broadcast domain
C. to transmit wireless traffic between hosts
D. to analyze traffic and drop unauthorized traffic from the Internet
Correct Answer: A
Section: (none)
Explanation
QUESTION 79
An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured?
A. switchport mode dynamic auto

B. switchport nonegotiate
C. switchport mode dynamic desirable
D. switchport mode trunk
Correct Answer: C
Section: (none)
Explanation
QUESTION 80
In software defined architectures. which plane is distributed and responsible for traffic forwarding?
A. control plane
B. data plane
C. management plane
D. policy plane
Correct Answer: B
Section: (none)
Explanation
QUESTION 81
Which two functions are performed by the core layer in a three-tier architecture? (Choose two)
A. Provide uninterrupted forwarding service.

B. Ensure timely data transfer between layers.
C. Police traffic that is sent to the edge of the network
D. Inspect packets for malicious activity.
E. Provide direct connectivity for end user devices.
Correct Answer: AB
Section: (none)
Explanation
QUESTION 82
What criteria is used first during the root port selection process?
A. lowest path cost to the root bridge

B. lowest neighbor’s bridge ID
C. local port ID
D. lowest neighbor’s port ID
Correct Answer: A
Section: (none)
Explanation
QUESTION 83
A. Switch 2
B. Switch 3
C. Switch 1
D. Switch 4
Correct Answer: B
Section: (none)
Explanation
QUESTION 84
What is used to identify spurious DHCP servers?
A. DHCPACK
B. DHCPOFFER
C. DHCPREQUEST
D. DHCPDISCOVER
Correct Answer: D
Section: (none)
Explanation
QUESTION 85
Referto the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task? .
A. access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

B. access-list 2699 permit udp 10.20.1.0 0.0.0.255
C. no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22
D. no access-list 2699 deny ip any 10.20.1.0 0.0.0.255
Correct Answer: A
Section: (none)
Explanation
QUESTION 86
What is the same for both copper and fiber interfaces when using SFP modules?
A. They support an inline optical attenuator to enhance signal strength

B. They accommodate single-mode and multi-mode in a single module
C. They provide minimal interruption to services by being hot-swappable
D. They offer reliable bandwidth up to 100 Mbps in half duplex mode
Correct Answer: C
Section: (none)
Explanation
QUESTION 87
Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?
A. TACACS+
B. HTTPS
C. RADIUS
D. HTTP
Correct Answer: B
Section: (none)
Explanation
QUESTION 88
What is a function of TFTP in network operations?
A. transfers IOS images from a server to a router for firmware upgrades

B. transfers files between file systems on a router
C. transfers a backup configuration file from a server to a switch using a username and password
D. transfers a configuration files from a server to a router on a congested link
Correct Answer: A
Section: (none)
Explanation
QUESTION 89
What are two functions of a server on a network? (Choose two)
A. handles requests from multiple workstations at the same time

B. housed solely in a data center that is dedicated to a single client
C. runs applications that send and retrieve data for workstations that make requests
D. runs the same operating system in order to communicate with other servers
E. achieves redundancy by exclusively using virtual server clustering
Correct Answer: AC
Section: (none)
Explanation
QUESTION 90
Refer to the exhibit. An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. Which command must be configured on the Atlanta and Washington routers so that both sites are able to reach
the loopback2 interface on the New York router?
A. ipv6 route ::/0 Serial 0/0/1
B. ipv6 route ::/0 2000::2
C. ipv6 route ::/0 Serial 0/0/0
D. ip route 0.0.0.0.0.0.0.0 Serial 0/0/0
E. ipv6 route 0/0 Serial 0/0/0
Correct Answer: C
Section: (none)
Explanation
QUESTION 91
Which command automatically generates an IPv6 address from a specified |PV6 prefix and MAC address of an interface?
A. ipv6 address dhcp

B. ipv6 address 2001:DB8:5:112::2/64 link-local
C. ipv6 address 2001:DB8:5:112::/64 eui-64
D. ipv6 address autoconfigure
Correct Answer: D
Section: (none)
Explanation
QUESTION 92
Which statement identifies the functionality of virtual machines?
A. The hypervisor can virtualize physical components including CPU, memory, and storage.
B. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
C. The hypervisor communicates on Layer 3 without the need for additional resources
D. Each hypervisor can support a single virtual machine and a single software switch
Correct Answer: A
Section: (none)
Explanation
QUESTION 93
Referto the exhibit. The default-information originate command is configured under the R1 OSPF configuration After testing, workstations or VLAN 20 at Site B cannot reach a DNS server on the intemet Which action corrects the configuration
issue?
A. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

B. Add the always keyword to the default-information originate command on R1
C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2
D. Add the default-information originate command on R2
Correct Answer: A
Section: (none)
Explanation
QUESTION 94
Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command. how does the router respond?
A. It ignores the new static route until the existing OSPF default route is removed.
B. It starts sending traffic without a specific matching entry in the routing table'to GigabitEthernet0/1
C. It immediately replaces the existing OSPF route in the routing table with the newly configured static route.
D. It starts load-balancing traffic between the two default routes.
Correct Answer: A
Section: (none)
Explanation
QUESTION 95
Refer to the exhibit If OSPF is running on this network, how does RouterZ handle traffic from Site B to 10.10.13.128/25 at Site A?
A. It sends packets out of interface Fa0/1 only

B. It sends packets out of interface Fa0/2 only
C. It load-balances traffic out of Fa0/1 and Fa0/2
D. It cannot send packets to 10.10.13.128/25
Correct Answer: D
Section: (none)
Explanation
QUESTION 96
In which two ways does a password manager reduce the chance of a hacker stealing a user's password? (Choose two.)
A. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality.
B. It protects against keystroke logging on a compromised device or web site.
C. It uses an internal firewall to protect the password repository from unauthorized access
D. It encourages users to create stronger passwords.
E. It automatically provides a second authentication factorthat is unknown to the original user.
Correct Answer: BD
Section: (none)
Explanation
QUESTION 97
Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 tohelp resolve the configuration issue?
A. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network
B. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network
C. set the default gateway as 20.20.20.2
D. set the default network as 20.20.20.0/24
Correct Answer: A
Section: (none)
Explanation
QUESTION 98
RouterA learns the same route from two different neighbors; one of the neighbor routers is an OSPF neighbor, and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?
A. 110
B. 90
C. 20
D. 115
Correct Answer: B
Section: (none)
Explanation
QUESTION 99
R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?
A. route with the lowest cost

B. route with the lowest administrative distance
C. route with the next hop that has the highest IP
D. route with the shortest prefix length
Correct Answer: B
Section: (none)
Explanation
QUESTION 100
Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link?
A. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

B. lp route 0.0.0.0 0.0.0.0 209.165.202.131
C. ip route 209.165.201.0 255.255.255.224 209.165.202.130
D. ip route 0.0.0.0 0.0.0.0 209.165.200.224
Correct Answer: A
Section: (none)
Explanation
QUESTION 101
What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closet? (Choose two.)
A. configure ports to a fixed speed

B. configure static ARP entries
C. shut down unused ports
D. enable the PortFast feature on ports
E. implement port-based authentication .
Correct Answer: CE
Section: (none)
Explanation
QUESTION 102
What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency?
A. one nonoverlapping channel

B. different overlapping channels
C. one overlapping channel
D. different nonoverlapping channels
Correct Answer: D
Section: (none)
Explanation
QUESTION 103
Which CRUD operation modifies an existing table or view?
A. update
B. replace
C. create
D. read
Correct Answer: A
Section: (none)
Explanation
QUESTION 104
When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?
A. spanning-tree vlan 200 priority 38572422

B. spanning-tree vlan 200 priority 0
C. spanning-tree vlan 200 priority 614440
D. spanning-tree vlan 200 root primary
Correct Answer: B
Section: (none)
Explanation
QUESTION 105
A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded Which command must be configured to increment the security-violation count and forward an SNMP trap?
A. switchport port-security violation access

B. switchport port-security violation restrict
C. switchport port-security violation shutdown
D. switchport port-security violation protect
Correct Answer: B
Section: (none)
Explanation
QUESTION 106
What is a DHCP client?
A. a router that statically assigns IP addresses to hosts.

B. a host that is configured to request an IP address automatically
C. a workstation that requests a domain name associated with its IP address
D. a server thatdynamically assigns IP addresses to hosts
Correct Answer: B
Section: (none)
Explanation
QUESTION 107
Which function is performed by the collapsed core layer in a two-tier architecture?
A. applying security policies

B. marking interesting traffic for data’polices
C. attaching users to the edge of the network
D. enforcing routing policies
Correct Answer: D
Section: (none)
Explanation
QUESTION 108
What is the purpose of traffic shaping?
A. to be a marking mechanism that identifies different flows

B. to provide fair queuing for buffered flows
C. to mitigate delays over slow links
D. to limit the bandwidth that a flow can use
Correct Answer: D
Section: (none)
Explanation
QUESTION 109
An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?
A. configure IEEE 802.1q

B. configure DSCP
C. configure ISL
D. configure IEEE 802.1p
Correct Answer: A
Section: (none)
Explanation
QUESTION 110
What are two functions of a Layer 2 switch? (Choose two)
A. selects the best route between networks on a WAN

B. makes fonrwarding decisions based on the MAC address of a packet
C. moves packets between different VLANs
D. acts as a central point for association and authentication servers
E. moves packets within a VLAN
Correct Answer: BE
Section: (none)
Explanation
QUESTION 111
Drag and drop the SNMP components from the left onto the descriptions on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 112
Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right.
Select and Place:

Correct Answer:
Section: (none)
Explanation
QUESTION 113
Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right
Select and Place:
Correct Answer:
Section: (none)
Explanation

CCNA 200-301: Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Copyright:

Available Formats

CCNA 200-301: Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA 200-301: Number: 200-301 Passing Score: 825 Time Limit: 120 Min File Version: 1.0

Uploaded by

Copyright:

Available Formats

CCNA 200-301

A. It tags the traffic with the default LAN.

A. One functional physical port is needed to pass client traffic.

A. The OSPF router IDs are mismatched.

Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16?

A. lt selects the OSPF route because it has the lowest cost.

A. A certificate has expired.

A. Device(config)# lldp run

A. It allows directly connected neighbors to share configuration information.

A. configure a stateful DHCPV6 server on the network

A. switch(config-if)#|ldp port description

A. enable Band Select

A. configure the hello and dead timers to match on both sides

A. IP routing must be enabled on the switch.

A. TACACS+ separates authentication and authorization, and RADIUS merges them.

A. faster changes with more reliable results

A. customized versions for small, medium, and large enterprises

A. allows servers and workstations to communicate across public network boundaries

A. R1 (config)# interface fa0/0

A. protects the VLAN database from unauthorized PC connections on the switch

A. ip route 10.10.1.0 255.255.255.240 10.10.255.1

A. Authorization identifies users, and authentication provides access control.

A. R1 interface Gi1/0 has a larger MTU size.

Referto the exhibit. What is the effect of this configuration?

A. The switch port interface trust state becomes untrusted

A. Create a user with a password.

A. builds a flat structure of DNS names for more efficient IP operations

A. Local AP mode causes the AP to behave as if it were an autonomous AP.

Select and Place:

Select and Place:

Select and Place:

Select and Place:

Select and Place:

Select and Place:

A. The ACL must be moved to the Gi0/1 interface outbound on R2.

A. when the cable length limits are exceeded

Floor 1 has 24 users.

A. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

A. establishes a secure tunnel between two branch sites

A. to pass traffic between different networks

A. switchport mode dynamic auto

A. Provide uninterrupted forwarding service.

A. lowest path cost to the root bridge

A. access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

A. They support an inline optical attenuator to enhance signal strength

A. transfers IOS images from a server to a router for firmware upgrades

A. handles requests from multiple workstations at the same time

A. ipv6 address dhcp

A. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1

A. It sends packets out of interface Fa0/1 only

A. route with the lowest cost

A. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254

A. configure ports to a fixed speed

A. one nonoverlapping channel

A. spanning-tree vlan 200 priority 38572422

A. switchport port-security violation access

A. a router that statically assigns IP addresses to hosts.

A. applying security policies