CCNA 200-301 Part 3
CCNA 200-301 Part 3
CCNA 200-301 Part 3
Study Guide
1969 PDF Pages
$19.99
Buy Now
Which benefit does Cisco DNA Center provide over traditional campus management?
A. Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.
B. Cisco DNA Center leverages SNMPv3 for encrypted management, and traditional campus management uses SNMPv2.
C. Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.
D. Cisco DNA Center automates SSH access for encrypted entry, and SSH is absent from traditional campus management.
Correct Answer: C
A. The Chef Infra Server uses its configured cookbook to push the required configuration to the remote device requesting updates.
B. The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook.
C. The Chef Infra Server uses its configured cookbook to alert each remote device when it is time for the device to pull a new configuration.
D. The installed agent on the device queries the Chef Infra Server and the server responds by pushing the configuration from the cookbook.
Correct Answer: D
In Chef, a cookbook is a collection of recipes, attributes, templates, and other configuration files that define a desired configuration for a specific
device or group of devices. The Chef Infra Server stores the cookbook, and the installed agent on each device periodically checks in with the server
to see if there are any updates to the cookbook.
If an update is available, the agent pulls the updated cookbook from the server and applies the new configuration to the device. This process is
known as "pull-based" configuration management, where the devices actively request updates from the server.
Therefore, option B, "The installed agent on the device connects to the Chef Infra Server and pulls its required configuration from the cookbook", is
the correct answer.
upvoted 2 times
B. It is a nonidempotent operation.
C. It is a read-only operation.
Correct Answer: A
Create
Read
Update
Delete
it matches up
upvoted 3 times
Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?
A. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management
uses CLI exclusively.
B. Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus
management uses the data backbone.
C. Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual
comparisons.
D. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management
requires manual analysis.
Correct Answer: A
The network assurance capability of Cisco DNA Center provides an advantage over traditional campus management by automatically correlating
information from different management protocols to obtain insights into the performance, health, and security of the network. This allows for
quicker and more efficient troubleshooting and problem resolution.
upvoted 8 times
D. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires
manual analysis.
Explanation:
Network assurance refers to the process of proactively monitoring and optimizing network performance to ensure that applications and services
are delivered reliably and efficiently. Cisco DNA Center provides advanced network assurance capabilities that go beyond the capabilities of
traditional campus management systems.
upvoted 4 times
Question #1006 Topic 1
Refer to the exhibit. In which structure does the word “warning” directly reside?
A. array
B. object
C. Boolean
D. string
Correct Answer: B
Correct Answer: D
DRAG DROP
-
Drag and drop the statements about device management from the left onto the corresponding types on the right.
Correct Answer:
REST is a widely used architectural style for designing networked applications, and it is commonly used as a northbound API in SDN environments.
It provides a simple and lightweight approach for application developers to interact with the SDN controller.
NETCONF is a network management protocol that allows for the configuration and management of network devices. It is often used as a
northbound API in SDN to provide a standardized interface for applications to configure and control network elements.
OpenFlow, SOAP, and OpFlex are not typically categorized as northbound APIs. OpenFlow is a southbound API that allows communication between
the SDN controller and network switches. SOAP (Simple Object Access Protocol) is a protocol for exchanging structured information in web services
and is not specific to SDN. OpFlex is a southbound protocol used in Cisco's Application Centric Infrastructure (ACI) and is not a widely adopted
northbound API in the general SDN ecosystem.
upvoted 1 times
Which two northbound APIs are found in a software-defined network? (Choose two.)
A. REST
B. OpenFlow
C. SOAP
D. NETCONF
E. OpFlex
Correct Answer: AD
REST is a widely used architectural style for designing networked applications, and it is commonly used as a northbound API in SDN environments.
It provides a simple and lightweight approach for application developers to interact with the SDN controller.
NETCONF is a network management protocol that allows for the configuration and management of network devices. It is often used as a
northbound API in SDN to provide a standardized interface for applications to configure and control network elements.
OpenFlow, SOAP, and OpFlex are not typically categorized as northbound APIs. OpenFlow is a southbound API that allows communication between
the SDN controller and network switches. SOAP (Simple Object Access Protocol) is a protocol for exchanging structured information in web services
and is not specific to SDN. OpFlex is a southbound protocol used in Cisco's Application Centric Infrastructure (ACI) and is not a widely adopted
northbound API in the general SDN ecosystem.
upvoted 2 times
In a software-defined network (SDN), northbound APIs are used for communication between the SDN controller and higher-level applications or
management systems. Two common northbound APIs are:
A. REST (Representational State Transfer) - a lightweight, web-based API that uses standard HTTP methods for communication.
D. NETCONF (Network Configuration Protocol) - an XML-based protocol used for managing network devices, including configuration, monitoring,
and administration.
upvoted 2 times
Question #1010 Topic 1
Which function generally performed by a traditional network device is replaced by a software-defined controller?
Correct Answer: D
Correct Answer: C
Correct Answer: B
"Standard REST methods are supported on the API, which includes POST, GET, PUT, and DELETE operations through HTTP. The PUT methods are
idempotent, meaning that there is no additional effect if they are called more than once with the same input parameters. The GET method is
nullipotent, meaning that it can be called zero or more times without making any changes (or that it is a read-only operation)."
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/aci_multi-site/sw/1x/rest_api_config/b_Cisco_ACI_Multi-
Site_REST_Configuration_Guide/b_Cisco_ACI_Multi-Site_REST_Config_Guide_chapter_01.pdf
upvoted 8 times
The PUT method in HTTP is used to update or create a resource on the server. It is typically used for idempotent operations, meaning that making
the same request multiple times should have the same result as making it once. However, it's important to note that the PUT method is used for
updating resources, not read-only operations or displaying web pages. Option A is incorrect because updating a DNS server typically involves
administrative actions and may use different protocols. Option C is incorrect because displaying a web page is a read operation and would usually
involve the GET method. Option D is incorrect because the PUT method is not used for read-only operations.
upvoted 1 times
Must be "A".
upvoted 2 times
Question #1013 Topic 1
Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two.)
A. REMOVE
B. REDIRECT
C. POST
D. GET
E. POP
Correct Answer: CD
What is the advantage of separating the control plane from the data plane within an SDN network?
B. reduces cost
Correct Answer: D
Refer to the exhibit. What is missing from this output for it to be executed?
Correct Answer: D
Correct Answer: D
B. file that defines the target devices upon which commands and tasks are executed
Correct Answer: B
Inventory is where Ansible only stores hosts and groups of hosts, upon which commands/modules/tasks in a playbook operate
upvoted 3 times
DRAG DROP
-
Drag and drop the Ansible features from the left to the right. Not all features are used.
Correct Answer:
Correct Answer: A
Refer to the exhibit. What does apple represent within the JSON data?
A. array
B. object
C. number
D. string
Correct Answer: B
In the given JSON data, the key "apple" represents an object. An object in JSON consists of key-value pairs where the keys are strings and the
values can be strings, numbers, booleans, arrays, or nested objects. In this case, the key "apple" is associated with an array containing the values
"red" and 1, and the key "ripe" is associated with the boolean value "true."
upvoted 1 times
In JSON, the data known as an object is one or more key/value pairs enclosed in braces { }. The syntax for a JSON object includes:
DRAG DROP
-
Drag and drop the use cases of device-management technologies from the left onto the corresponding types on the right.
Correct Answer:
Under the CRUD model, which two HTTP methods support the UPDATE operation? (Choose two.)
A. PATCH
B. DELETE
C. GET
D. POST
E. PUT
Correct Answer: AE
A network architect is considering whether to implement Cisco DNA Center to deploy devices on a new network. The organization is focused on
reducing the time it currently takes to deploy devices in a traditional campus design. For which reason would Cisco DNA Center be more
appropriate than traditional management options?
C. Cisco DNA Center reduces the need for analytics on third-party access points and devices.
D. Cisco DNA Center minimizes the level of syslog output when reporting on Cisco devices.
Correct Answer: A
The term "single pane of glass" is often used to describe a management tool that provides a unified view of multiple systems or components. In
the context of network infrastructure, this means that instead of using separate tools to manage different parts of the network, such as switches,
routers, wireless access points, and security appliances, network administrators can use Cisco DNA Center to manage them all from a single
interface.
upvoted 16 times
DRAG DROP
-
Drag and drop the statements about device management from the left onto the corresponding device-management types on the right.
Correct Answer:
Correct Answer: B
Which interface enables communication between a program on the controller and a program on the networking device?
B. tunnel interface
C. northbound interface
D. southbound interface
Correct Answer: D
Refer to the exhibit. How many arrays are present in the JSON data?
A. one
B. three
C. six
D. nine
Correct Answer: B
DRAG DROP
-
Drag and drop the configuration management terms from the left onto the descriptions on the right. Not all terms are used.
Correct Answer:
Agent
push
provision
agentless
post
upvoted 8 times
https://gayatrisajith.medium.com/beginner-fundamentals-push-pull-configuration-management-tools-85eff1b41447
upvoted 2 times
agent
pull
push
agentless
provision
upvoted 2 times
Titan_intel 6 months, 2 weeks ago
Can anyone confirm if this is correct?
upvoted 1 times
Which interface type enables an application running on a client to send data over an IP network to a server?
A. northbound interface
C. southbound interface
Correct Answer: B
An application programming interface (API) is a set of rules and protocols that allows different software applications to communicate and interact
with each other. In the context of sending data over an IP network from a client to a server, an API provides the necessary methods and functions
for the client application to establish a connection, format and send the data packets, and communicate with the server.
While northbound and southbound interfaces are also valid terms used in networking, they typically refer to the interfaces used in network
management and communication between different layers of a network architecture. The Representational State Transfer (REST) API is a specific
type of API that uses HTTP protocols and follows the principles of RESTful architecture for creating web services, but it is not the only type of API
that enables data transfer over an IP network.
upvoted 3 times
Which QoS feature drops traffic that exceeds the committed access rate?
A. policing
B. FIFO
C. shaping
Correct Answer: A
Correct Answer: A
For example, organizations may want to prioritize traffic to and from a key web application to ensure that no matter how busy the network gets,
this important traffic is forwarded normally. What this means is that other kinds of traffic may be deprioritized. When this happens, the packets are
simply held in a buffer until they can be forwarded without exceeding the total desired and configured rate.
Source: https://www.f5.com/glossary/traffic-
shaping#:~:text=Traffic%20shaping%20is%20a%20powerful,attacks%20from%20overwhelming%20network%20resources.
upvoted 2 times
Refer to the exhibit. A Cisco engineer is asked to update the configuration on switch 1 so that the EtherChannel stays up when one of the links
fails. Which configuration meets this requirement?
Correct Answer: B
A. Telnet
B. SCP
C. TACACS+
D. SSH
E. RADIUS
Correct Answer: AD
Correct Answer: B
Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two
switches with these requirements:
Correct Answer: C
Refer to the exhibit. Traffic that is flowing over interface TenGigabitEthemet0/0/0 experiences slow transfer speeds. What is the cause of this
issue?
A. speed conflict
B. queuing drops
C. duplex incompatibility
Correct Answer: C
Which two host addresses are reserved for private use within an enterprise network? (Choose two.)
A. 10.172.76.200
B. 12.17.1.20
C. 172.15.2.250
D. 172.31.255.100
E. 192.169.32.10
Correct Answer: AC
A. 10.172.76.200
D. 172.31.255.100
In IPv4 addressing, private IP address ranges are reserved for use within private networks. These addresses are not routable on the public internet.
The private IP address ranges are as follows:
10.0.0.0 to 10.255.255.255 (10.0.0.0/8) - Addresses starting with 10.x.x.x are part of the private IP address range.
172.16.0.0 to 172.31.255.255 (172.16.0.0/12) - Addresses starting with 172.16.x.x to 172.31.x.x are part of the private IP address range.
192.168.0.0 to 192.168.255.255 (192.168.0.0/16) - Addresses starting with 192.168.x.x are part of the private IP address range.
From the given options, addresses A (10.172.76.200) and D (172.31.255.100) fall within the private IP address ranges mentioned above and are
reserved for private use within an enterprise network.
upvoted 1 times
Refer to the exhibit. The iPv6 address for the LAN segment on router R2 must be configured using the EUI-64 format. Which address must be
used?
Correct Answer: A
What are two reasons to configure PortFast on a switch port attached to an end host? (Choose two.)
B. to enable the port to enter the forwarding state immediately when the host boots up
Correct Answer: BD
PortFast is a feature that allows a switch port to bypass the normal STP (Spanning Tree Protocol) listening and learning states and immediately
transition to the forwarding state. This is beneficial when the port is connected to an end host, as it reduces the time it takes for the host to start
sending and receiving data. Configuring PortFast on a switch port attached to an end host serves two purposes: enabling the port to enter the
forwarding state immediately when the host boots up (B), and preventing the port from participating in Spanning Tree Protocol operations (C).
upvoted 3 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window
• All necessary preconfigurations have been applied
• Do not change the enable password or hostname for any device
• Save your configurations to NVRAM before moving to the next item
• Click Next at the bottom of the screen to submit this lab and move to the next question
• When Next is clicked the lab closes and cannot be reopened
Topology
-
Tasks
-
Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured.
1. Configure an LACP EtherChannel and number it as 44; configure it between switches SW1 and SW2 using interfaces Ethemet0/0 and
Ethernet0/1 on both sides. The LACP mode must match on both ends.
2. Configure the EtherChannel as a trunk link.
3. Configure the trunk link with 802.1q tags.
4. Configure VLAN 'MONITORING' as the untagged VLAN of the EtherChannel.
Correct Answer:
<SW1>
en
conf t
int range e0/0-1
shutdown
end
copy running-config startup-config
-----------------------------
<SW2>
en
conf t
int range e0/0-1
shutdown
interface port-channel 44
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 746
S2
interface range eth0/0-1
shut
channel-group 44 mode active
no shut
interface port-channel 44
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 746
upvoted 3 times
A network administrator wants the syslog server to filter incoming messages into different files based on their importance. Which filtering criteria
must be used?
A. message body
B. level
C. facility
D. process ID
Correct Answer: B
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window
• All necessary preconfigurations have been applied
• Do not change the enable password or hostname for any device
• Save your configurations to NVRAM before moving to the next item
• Click Next at the bottom of the screen to submit this lab and move to the next question
• When Next is clicked, the lab closes and cannot be reopened
Topology
-
Tasks
-
Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the
implementation. No dynamic routing protocols are included.
1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of
209.165.200.230.
2. Configure an IPv4 default route on router R2 destined for router R4.
3. Configure an IPv6 default router on router R2 destined for router R4.
Correct Answer:
R2
ip route 0.0.0.0 0.0.0.0 209.165.202.130
ipv6 route ::/0 2001:db8:abcd::2
upvoted 1 times
config terminal
2.- on R2
config terminal
end
3.- on R2
config terminal
end
copy running start
upvoted 2 times
Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access
points?
A. console port
B. management interface
C. virtual interface
D. service port
Correct Answer: B
Refer to the exhibit. A network administrator configures the CPE to provide internet access to the company headquarters. Traffic must be load-
balanced via ISP1 and ISP2 to ensure redundancy.
Which two command sets must be configured on the CPE router? (Choose two.)
Correct Answer: C
Option B: Two default routes are configured for each ISP. The first half of the IP address space (0.0.0.0/1) goes to ISP1, and the second half
(128.0.0.0/1) goes to ISP2.
upvoted 2 times
Both of these options provide load-balancing and redundancy, ensuring that traffic is distributed across both ISPs.
upvoted 1 times
shaney67 1 month, 2 weeks ago
C and E
upvoted 1 times
Refer to the exhibit. A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an
EtherChannel by using the same group designation with another vendor switch. Which configuration must be performed to complete the process?
A. interface port-channel 2
channel-group 2 mode desirable
D. interface port-channel 2
channel-group 2 mode auto
Correct Answer: A
To establish an EtherChannel with another vendor switch, the configuration should be set to "mode on" for the interface. This means that the
EtherChannel will be formed without using any specific negotiation protocol like PAgP (Cisco proprietary) or LACP (IEEE standard). The command
for this would be:
I would go for C
upvoted 2 times
To establish an EtherChannel with another vendor switch, the configuration should be set to "mode on" for the interface. This means that the
EtherChannel will be formed without using any specific negotiation protocol like PAgP (Cisco proprietary) or LACP (IEEE standard). The command
for this would be:
Which two characteristics are representative of virtual machines (VMs)? (Choose two.)
Correct Answer: AE
A. source-destination IP address
B. destination IP address
Correct Answer: A
Explanation: For Cisco Wireless LAN Controllers (WLCs), the recommended switch load-balancing mode is typically the "source-destination MAC
address" mode. This mode considers both the source MAC address (the client device) and the destination MAC address (the access point) to make
load-balancing decisions. This helps distribute client traffic across access points while maintaining session continuity for individual client devices.
upvoted 1 times
Correct Answer: D
Refer to the exhibit. An engineer configures interface fa0/1 on SW1 and SW2 to pass traffic from two different VLANs. For security reasons,
company policy requires the native VLAN to be set to a nondefault value. Which configuration meets this requirement?
Correct Answer: A
Refer to the exhibit A new VLAN and switch are added to the network. A remote engineer configures OldSwitch and must ensure that the
configuration meets these requirements:
Which configuration on the NewSwitch side of the link meets these requirements?
C. switchport nonegotiate
no switchport trunk allowed vlan 5,10
switchport trunk allowed vlan 5,10,15,20
Correct Answer: D
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.
Topology
-
Tasks
-
Connectivity between three routers has been established, and IP services must be configured in the order presented to complete the
implementation. Tasks assigned include configuration of NAT, NTP, DHCP, and SSH services.
1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2. All source addresses must be translated from R3 to the
IP address of Ethernet0/0 on R2, while using only a standard access list named PUBNET. To verify, a ping must be successful to the R1 Loopback
address sourced from R3. Do not use NVI NAT configuration.
2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of the R1 Ethernet0/2 interface. Set the clock on the NTP
server for midnight on May 1, 2018.
3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named NETPOOL. Using a single command, exclude addresses 1 - 10 from
the range. Interface Ethernet0/2 on R3 must be issued the IP address of 10.1.3.11 via DHCP.
4. Configure SSH connectivity from R1 to R3, while excluding access via other remote connection protocols. Access for user netadmin and
password N3t4ccess must be set on router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1 using a
destination address of 10.1.3.11. Do NOT modify console.
Correct Answer:
NTP :
R1 :
enable
clock set 00:00:00 1 may 2018
configure terminal
ntp master 1
end
copy running-config startup-config
R2 :
enable
configure terminal
ntp server 10.1.3.1
end
copy running-config startup-config
DHCP :
R1 :
enable
configure terminal
ip dhcp exluded-address 10.1.3.1 10.1.3.10
ip dhcp pool NETPOOL
network 10.1.3.0 255.255.255.0
end
copy running-config startup-config
R3 :
enable
configure terminal
interface e0/2
ip address dhcp
end
copy running-config startup-config
SSH :
R3 :
enable
configure terminal
username netadmin secret N3t4ccess
ip domain-name ccna-lab.com
crypto key generate rsa general-keys modulus 1024
line vty 0 15
login local
transport input ssh
end
upvoted 3 times
Refer to the exhibit. A network engineer is adding another physical interface as a new member to the existing Port-Channel1 bundle. Which
command set must be configured on the new interface to complete the process?
A. no switchport
channel group 1 mode active
B. no switchport
channel-group 1 mode on
D. switchport
switchport mode trunk
Correct Answer: A
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.
Topology
-
Tasks
-
All physical cabling between the two switches is installed. Configure the network connectivity between the switches using the designated VLANs
and interfaces.
1. Configure VLAN 12 named Compute and VLAN 34 named Telephony where required for each task.
2. Configure Ethernet0/1 on SW2 to use the existing VLAN named Available.
3. Configure the connection between the switches using access ports.
4. Configure Ethernet0/1 on SW1 using data and voice VLANs.
5. Configure Ethernet0/1 on SW2 so that the Cisco proprietary neighbor discovery protocol is turned off for the designated interface only.
Correct Answer:
#4 int e0/1
sw mo acc
sw acc vl 34
sw voice vl 12
#5 on SW2:
sh vlan to see "Available #) and if its allready assignet to int, if not:
int e0/1
sw mo acc
sw acc vl "#Available"
no cdp enable
on allsw wr mem
upvoted 8 times
task 3: configuring the port into access mode, without assigning a vlan is just ... incomplete
sw mode acc
sw acc vl 12
task 5:
no cdp enable (under the e0/1 interface)
upvoted 7 times
vlan 34
name Telephony
int e0/1
switchport mode access
switchport access vlan 12
switchport voice vlan 34
no shutdown
int e0/0
switchport mode access
switchport access vlan 12
no shutdown
end
wr
# SW2 Configuration
enable
conf t
vlan 12
name Computer
vlan 34
name Telephony
int e0/1
switchport mode access
switchport access vlan Available
no cdp enable
no shutdown
int e0/0
switchport mode access
switchport access vlan 12
no shutdown
end
wr
upvoted 1 times
4Lucky711 1 month, 3 weeks ago
I'm a beginner and I'm not sure the answer....
SW1:
en
conf t
vlan 12
name Compute
vlan 34
name Telephony
int e0/0
switchport mode access
switchport access vlan 12
int e0/1
switchport mode access
switchport access vlan 12
switchport voice vlan 34
end
copy running-config startup-config
-------------------------------------
SW2:
en
conf t
int e0/1
switchport mode access
switchport access vlan Available
no cdp enable
end
copy running-config startup-config
upvoted 1 times
SW1)
vlan 12
name Compute
vlan 34
name Telephony
int e0/0
switchport mode access
switchport access vlan 12
int e0/1
switchport mode access
switchport access vlan 12
switchport voice vlan 34
copy run start
SW2)
int e0/1
switchport mode access
switchport access vlan Available
no cdp enable
copy run start
upvoted 1 times
Correct Answer: A
Refer to the exhibit SW_1 and SW_12 represent two companies that are merging. They use separate network vendors. The VLANs on both sides
have been migrated to share IP subnets. Which command sequence must be issued on both sides to join the two companies and pass all VLANs
between the companies?
Correct Answer: C
An engineer is configuring a switch port that is connected to a VoIP handset. Which command must the engineer configure to enable port security
with a manually assigned MAC address of abcd.abcd.abcd on voice VLAN 4?
Correct Answer: C
To enable port security with a manually assigned MAC address, the engineer would use the "switchport port-security mac-address abcd.abcd.abcd"
command. This command sets the allowed MAC address for the port. The VLAN assignment for the VoIP handset is separate and not included in
the port-security command.
upvoted 9 times
Example:
https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_gu
ide_3850_chapter_011111.html#ID437
and since in the questionit stated vlan 4 and you can have multiple Voice Vlans , A is more accurate than B
upvoted 1 times
Example:
I go for C
upvoted 1 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.
Topology
-
Tasks
-
Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.180.0/24 private range. For IPv6, use the
first /64 subnet from the 2001:0db8:acca::/48 subnet.
1. Using Ethernet0/1 on routers R1 and R2, configure the next usable /28 from the 192.168.180.0/24 range. The network 192.168.180.0/28 is
unavailable.
2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.
3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.
4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.
5. A ping must work between the routers on the IPv4 and IPv6 address ranges.
Correct Answer:
on R1
config terminal
ipv6 unicast-routing
inter eth0/1
ip address 192.168.180.17 255.255.255.240
ipv6 addre 2001:db8:acca::1/64
not shut
end
copy running start
on R2
config terminal
ipv6 unicast-routing
inter eth0/1
ip address 192.168.1.30 255.255.255.240
ipv6 address 2001:db8:acca::2/64
not shut
end
copy running start
upvoted 7 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.
Topology
-
Tasks
-
Three switches must be configured for Layer 2 connectivity. The company requires only the designated VLANs to be configured on their respective
switches and permitted across any links between switches for security purposes. Do not modify or delete VTP configurations.
1. Configure the VLANs on the designated switches and assign them as access ports to the interfaces connected to the PCs.
2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the required VLANs permitted.
3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the required VLANs permitted.
Correct Answer:
SW1
enable
configure terminal
vlan 303
name FINANCE
interface e0/1
switchport mode access
switchport access vlan 303
interface e0/2
switchport mode trunk
switchport trunk allowed vlan 303
end
copy running-config startup-config
SW2
enable
configure terminal
vlan 202
name MARKETING
vlan 303
name FINANCE
interface e0/1
switchport mode access
switchport access vlan 202
interface e0/2
switchport mode trunk
switchport trunk allowed vlan 303
interface e0/3
switchport mode trunk
switchport trunk allowed vlan 202,303
end
copy running-config startup-config
SW3
enable
configure terminal
vlan 202
name MARKETING
vlan 303
name FINANCE
interface e0/0
switchport mode access
switchport access vlan 202
interface e0/1
switchport mode access
switchport access vlan 303
interface e0/3
switchport mode trunk
switchport trunk allowed vlan 202,203
end
copy running-config startup-config
upvoted 3 times
Dunedrifter 2 months, 3 weeks ago
**I tested this in cisco Packet tracer
int e0/1
switchport mode access
switchport access vlan 303
int e0/2
switchport mode trunk
switchport trunk allowed vlan 202,303
SW2:
en
conf t
vlan 202
name marketing
int e0/1
switchport mode access
switchport access vlan 202
int e0/2
switchport mode trunk
switchport trunk allowed vlan 203, 303
SW3:
en
conf t
vlan 303
name FINANCE
vlan 202
name MARKETING
int e0/0
switchport mode access
switchport access vlan 202
int e0/3
switchport mode trunk
switchport trunk allowed vlan 202, 203
int e0/1
switchport mode access
switchport access vlan 303
int e0/3
switchport mode trunk
switchport trunk allowed vlan 202,303
upvoted 1 times
no_blink404 3 months ago
I am no expert but this is what I got:
SW1):
vlan 303
name FINANCE
vlan 202
name MARKETING
int e0/1
switchport mode access
switchport access vlan 303
int e0/2
switchport mode trunk
switchport encapsulation dot1q
switchport trunk allowed vlan 303, 202
SW2):
vlan 303
name FINANCE
vlan 202
name MARKETING
int e0/1
switchport mode access
switchport access vlan 202
int e0/2
switchport mode trunk
switchport encapsulation dot1q
switchport trunk allowed vlan 303, 202
int e0/3
switchport mode trunk
switchport encapsulation dot1q
switchport access vlan 303, 202
SW3):
vlan 303
name FINANCE
vlan 202
name MARKETING
int e0/0
switchport mode access
switchport access vlan 202
int e0/1
switchport mode access
switchport access vlan 303
int e0/3
switchport mode trunk
switchport encapsulation dot1q
switchport trunk allowed vlan 303, 202
upvoted 3 times
Since Switch 3 has hosts in both VLAN 110 & VLAN 210 and the requirement is for L2 connectivity both VLANS will need to traverse the link
between SW2 & SW3.
upvoted 1 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.
Topology
-
Tasks
-
Refer to the topology. All physical cabling is in place. Configure a local user account, a Named ACL (NACL), and security.
Task 1
-
Configure a local account on Sw101 with telnet access only on virtual ports 0-4. Use the following information:
• Username: support
• Password: max2learn
• Privilege level: Exec mode
Task 2
-
• Name: ENT_ACL
• Restrict only PC2 on VLAN 200 from pinging PC1
• Allow only PC2 on VLAN 200 to telnet to Sw101
• Prevent all other devices from telnetting from VLAN 200
• Allow all other network traffic from VLAN 200
Task 3
-
wr mem
upvoted 2 times
Task 1
username support password max2learn
line vty 0 4
login local
transport input telnet
Task 2
ip access-list extended ENT_ACL
deny icmp host 192.168.200.10 192.168.100.10
permit tcp host 192.168.200.10 any eq 23
deny tcp any any eq 23
permit ip any any
int vlan 200
ip access-group ENT_ACL in
Task 3
int e0/0
switchport port-security
switchport port-security maximum 4
switchport port-security voilation protect
upvoted 6 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.
Topology
-
Tasks
-
Refer to the topology. All physical cabling is in place. Configure local users accounts, modify the Named ACL (NACL), and configure DHCP
Snooping. The current contents of the NACL must remain intact.
Task 1
-
Configure a local account on Gw1 with telnet access only on virtual ports 0-4. Use the following information:
• Username: wheel
• Password: lock3path
• Algorithm type: Scrypt
• Privilege level: Exec mode
Task 2
-
Configure and apply a NACL on Gw1 to control network traffic from VLAN 10:
• Name: CORP_ACL
• Allow BOOTP and HTTPS
• Restrict all other traffic and log the ingress interface, source MAC address, the packet’s source and destination IP addresses, and ports
Task 3
-
Configure Sw1:
on the router Gw1 find the gateway-subinterface for Vlan10 (router ont the stick) and apply ACL
Gw1(config-subif)#ip access-group CORP_ACL in
A. value
B. array
C. object
D. key
Correct Answer: A
Question #1063 Topic 1
What is represented beginning with line 1 and ending with line 5 within this JSON schema?
A. key
B. object
C. array
D. value
Correct Answer: D
A. object
B. value
C. array
D. key
Correct Answer: D
A. object
B. array
C. key
D. value
Correct Answer: A
Question #1066 Topic 1
A. key
B. value
C. array
D. object
Correct Answer: A
Within this JSON schema, the word "port" is a key within the objects represented by the curly braces {}. Each object in the schema has two key-
value pairs, where "port" is one of the keys.
upvoted 5 times
What provides connection redundancy, increased bandwidth, and load sharing between a wireless LAN controller and a Layer 2 switch?
B. VLAN trunking
C. tunneling
D. link aggregation
Correct Answer: D
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
A. F0/5
B. F0/6
C. F0/12
D. F0/9
Correct Answer: C
D. It identifies a WLAN.
Correct Answer: D
Which two types of attack are categorized as social engineering? (Choose two.)
A. phoning
B. malvertising
C. probing
D. pharming
E. phishing
Correct Answer: DE
https://contenthub.netacad.com/legacy/CyberOps/1.1/en/index.html#6.2.2.7
upvoted 1 times
Phishing is a type of attack that involves sending fraudulent emails or messages that appear to come from a trusted source, with the goal of
tricking the recipient into providing sensitive information or clicking on a malicious link.
Phoning, also known as "vishing", is a social engineering attack that involves calling a victim on the phone and using various tactics to convince
them to provide sensitive information or perform a specific action.
Malvertising, probing, and pharming are not considered social engineering attacks. Malvertising is a type of attack where malicious advertisements
are used to spread malware. Probing refers to the act of scanning a network or system for vulnerabilities or weaknesses. Pharming is a type of
attack where a victim is redirected to a fake website in order to steal their personal information.
upvoted 1 times
studying_1 3 months, 4 weeks ago
check volume 2 page 80, it is there in the table, answer is correct, phishing and pharming
upvoted 2 times
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked the lab closes and cannot be reopened.
Topology
-
Tasks
-
IP connectivity and OSPF are preconfigured on all devices where necessary. Do not make any changes to the IP addressing or OSPF. The company
policy uses connected interfaces and next hops when configuring static routes except for load balancing or redundancy without floating static.
Connectivity must be established between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24 connected to SW1:
2@R1:
ip route 0.0.0.0 0.0.0.0 10.10.13.3
3@R2 the key is just a SINGLE static route, so I will check the ospf if both links are involved between R1<->R2 and lear the subnet 10.10.13.0/24; if
yes then:
ip route 172.2020.128 255.255.255.128 10.10.13.1
4@R1:
ip route 192.168.0.0.255.255.255.0 10.10.12.2
ip route 192.168.0.0.255.255.255.0 10.10.130 2
wr mem @ all R
upvoted 9 times
#Task 2
#R1
ip route 0.0.0.0 0.0.0.0 10.10.13.3
#Task 3
#R2
ip route 172.20.20.128 255.255.255.128 10.10.12.1
ip route 172.20.20.128 255.255.255.128 10.10.12.129 2
#Task 4
#R1
ip route 192.168.0.0 255.255.255.0 10.10.12.2
ip route 192.168.0.0 255.255.255.0 10.10.12.130 2
The solution to task 3, configure a single static route while considering redundant links, we can use a floating static route. A floating static route is a
backup route that has a higher administrative distance than the primary route. It's how we can configure a single static route with redundancy
using a floating static route on router R2.
upvoted 1 times
R2)
R1)
A. They enable communication between the controller and the network device.
Correct Answer: A
Refer to the exhibit. A network engineer is verifying the settings on a new OSPF network. All OSPF configurations use the default values unless
otherwise indicated. Which router does the engineer expect will be elected as the DR when all devices boot up simultaneously?
A. R1
B. R2
C. R3
D. R4
Correct Answer: D
The router with the highest priority becomes the DR. If multiple routers have the same highest priority, the router with the highest Router ID (RID)
is elected as the DR.
The router with the second-highest priority becomes the BDR. If multiple routers have the same second-highest priority, the router with the highest
RID is elected as the BDR.
upvoted 5 times
Which command must be entered so that the default gateway is automatically distributed when DHCP is configured on a router?
A. dns-server
B. default-router
C. ip helper-address
D. default-gateway
Correct Answer: B
C. It provides support as an endpoint for a remote access VPN in multiple context mode.
Correct Answer: BC
A firewall within an enterprise has multiple functions, including traffic filtering based on URLs (A) and serving as an endpoint for a site-to-site VPN
in standalone mode (B). Firewalls help protect the network by inspecting and controlling incoming and outgoing traffic based on predetermined
security rules. They can also establish secure connections between networks through VPNs.
upvoted 6 times
Security contexts support only static routes. You cannot enable OSPF or RIP in multiple context mode.
•VPN
•Multicast
https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/contexts.html
upvoted 2 times
https://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/mode_contexts.html#92503
upvoted 1 times
Security contexts support only static routes. You cannot enable OSPF or RIP in multiple context mode.
•VPN
•Multicast
https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/contexts.html
upvoted 1 times
pikos1 3 months, 3 weeks ago
NGFW can filter based on URLs, but standard FW can't.
Standard FW can filter based domain, but no on URL.
upvoted 1 times
B. Endpoint for Site-to-Site VPN in Standalone Mode: A firewall can act as an endpoint for a site-to-site Virtual Private Network (VPN) connection.
In this mode, the firewall establishes secure communication tunnels between different locations or networks, ensuring the confidentiality and
integrity of data transmitted over the VPN.
upvoted 1 times
What is the maximum number of concurrent Telnet sessions that a Cisco WLC supports?
A. 3
B. 5
C. 6
D. 15
Correct Answer: B
Which 802.11 management frame type is sent when a client roams between access points on the same SSID?
A. Reassociation Request
B. Authentication Request
C. Association Request
D. Probe Request
Correct Answer: A
In WLAN network, reassociation request frame is used by mobile stations in the following scenarios:
• Moving from one basic service area to the other service area in the same extended service area.
• leaving the wifi network coverage area and comes back to the same area again
upvoted 1 times
Correct Answer: C
Refer to the exhibit. All switches are configured with the default STP priorities. During the STP elections, which switch becomes the root bridge if
all interfaces are in the same VLAN?
A. MDF-DC-1: 0d:E0:43:96:02:30
B. MDF-DC-2: 0d:0E:18:1B:05:97
C. MDF-DC-4: 0d:E0:19:A1:B3:19
D. MDF-DC-3: 0d:0E:18:2A:3C:9D
Correct Answer: B
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
A. key
B. array
C. object
D. value
Correct Answer: D
Which port type supports the spanning-tree portfast command without additional configuration?
B. Layer 3 subinterfaces
C. trunk ports
D. access ports
Correct Answer: D
A. array
B. key
C. object
D. value
Correct Answer: D
A. object
B. value
C. key
D. array
Correct Answer: A
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Question #1089 Topic 1
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Question #1092 Topic 1
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
page 21 chapter 2
https://www.cisco.com/c/dam/global/de_at/assets/docs/dwdm.pdf
upvoted 1 times
mda2h Most Recent 1 month, 1 week ago
Correct
https://www.ciena.com/insights/what-is/What-Is-WDM.html
upvoted 1 times
- In contrast to multimode, single-mode fibre cable has only one mode of propagation: a single wavelength of light in the fibre core
- Simply explained, DWDM technology is based on the combination and transmission of multiple optical signals, with dedicated wavelengths
simultaneously using the same fiber cable. This means that DWDM uses single mode fiber to carry multiple light waves of different frequencies.
upvoted 2 times
B. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization
Correct Answer: A
A. bad NIC
B. high throughput
C. queueing
D. broadcast storm
Correct Answer: C
C. queueing
The output shows information related to the interface's queuing strategy, including the input queue size, output queue size, and input/output
rates. It also mentions that the queuing strategy is "fifo," which stands for "First In, First Out." This means that packets are processed in the order
they arrive, and the interface is not experiencing any drops in the output queue (Output queue: 0/300).
upvoted 1 times
A. "bad NIC" (Network Interface Card) is not mentioned or implied in the output.
B. "high throughput" is not explicitly mentioned in the output. It only shows the bandwidth (BW) of the interface, but the current throughput is
reported as 0 bits/sec for both input and output.
D. "broadcast storm" is not mentioned in the output. There is a line showing "Received 267 broadcasts (0 IP multicasts)," which indicates the
number of broadcast packets received, but it doesn't suggest a broadcast storm.
upvoted 1 times
A. is used when the ISP requires the new subnet to be advertised to the internet for web services
Correct Answer: D
A. is used when traffic on the subnet must traverse a site-to-site VPN to an outside organization
Correct Answer: C
C. is used when the ISP requires the new subnet to be advertised to the internet for web services
Correct Answer: B
A. broadcast storm
B. duplex mismatch
C. high throughput
D. queueing
Correct Answer: D
The values "txload 255/255, rxload 255/255", indicate that the interface has "high throughput", operating close to or at the limit of its data
transmission and reception capacity.
Also:
The output shows high rates of traffic on the interface, with an incoming rate of 200234873 bits/sec and an outgoing rate of 233830309 bits/sec for
the last 30 seconds. This indicates that the interface is handling a significant amount of data, resulting in high throughput.
upvoted 1 times
A. is used when the ISP requires the new subnet to be advertised to the internet for web services
Correct Answer: B
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
Correct Answer: D
Correct Answer: B
Correct Answer: D
Explanation: Encryption in wireless networks not only secures data by encoding it but also includes integrity checks to detect any unauthorized
alterations or forgery of the data during transmission. This helps ensure the data's integrity and authenticity.
The other options are not accurate descriptions of encryption in wireless networks:
ChatGPT:
The statement "uses integrity checks to identify forgery attacks in the frame" is incorrect because using integrity checks to identify forgery attacks
is not a characteristic of encryption in wireless networks. Integrity checks are used to verify whether data has been altered or corrupted during
transmission and are typically implemented by certain protocols or security mechanisms like IPsec. In wireless networks, encryption is primarily
used to ensure data confidentiality, not integrity.
WPA, WPA2, and WPA3 are encryption features in wireless networks. These protocols all use authentication and encryption to secure the wireless
network, ensuring that only authorized users can connect and access the network. The encryption functionality prevents unauthorized users from
eavesdropping on network communications, safeguarding users' personal information and data security.
upvoted 2 times
https://www.geeksforgeeks.org/wireless-encryption-methods-in-cisco/
upvoted 2 times
Encryption in wireless networks is a security mechanism used to protect data transmitted over wireless networks from unauthorized access.
Encryption involves converting plain text into cipher text using a cryptographic algorithm and a key. The encrypted data is then transmitted over
the wireless network and can only be decrypted by authorized recipients who possess the key. One of the features of encryption is the use of
integrity checks to identify forgery attacks in the frame, ensuring that the data has not been tampered with during transmission.
upvoted 4 times
Correct Answer: D
Correct Answer: C
Correct Answer: D
https://www.cisco.com/c/en/us/products/security/encryption-explained.html
upvoted 2 times
Encryption in wireless networks plays a crucial role in preventing unauthorized access to sensitive information by encrypting the data as it travels
between devices over the network. This encryption ensures that even if the data is intercepted by an unauthorized party, it remains unreadable and
protected. Therefore, option D accurately describes a characteristic of encryption in wireless networks.
Option A is not directly related to encryption but rather pertains to protection against spyware, which is a separate security concern. Option B
refers to user authentication rather than encryption. Option C mentions the use of ciphers to detect and prevent zero-day network attacks, which is
not a specific characteristic of encryption in wireless networks.
upvoted 1 times
Correct Answer: C
The Service Set Identifier (SSID) is a "unique" identifier or a network name that wireless clients can connect to or share among all devices in a
wireless network.
https://www.cisco.com/c/en/us/support/docs/smb/wireless/cisco-small-business-100-series-wireless-access-points/smb5305-wireless-access-
points-frequently-asked-questions.html#SSID
upvoted 2 times
The answer is D.
upvoted 1 times
The answer is D.
upvoted 1 times
Why wouldn't the same answer as in question 1108 be valid for this question?
upvoted 2 times
An SSID (Service Set Identifier) is a unique identifier that is assigned to an access point (AP) in a wireless network. It serves as the name of the
wireless network and allows devices to identify and connect to a specific access point within the WLAN. Therefore, option D accurately describes a
characteristic of an SSID in wireless networks.
Option A refers to data threat interception, which is not specifically related to the SSID. Option B mentions the encoding of connections, which is
more related to encryption rather than the SSID itself. Option C states that the SSID broadcasts a beacon signal to announce its presence by
default, which is indeed a characteristic of an SSID in wireless networks. However, the more specific and accurate characteristic is that it identifies
an access point on a WLAN. ~~chatgpt
upvoted 2 times
Refer to the exhibit. SW2 is replaced because of a hardware failure. A network engineer starts to configure SW2 by copying the fa0/1 interface
configuration from SW1. Which command must be configured on the fa0/1 interface of SW2 to enable PC1 to connect to PC2?
Correct Answer: A
DRAG DROP
-
Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.
Correct Answer:
Correct Answer: C
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Correct Answer: C
A. broadcast storm
B. collisions
C. high throughput
D. duplex mismatch
Correct Answer: C
Correct Answer: C
"This document describes how to configure authorization policies in Cisco Identity Services Engine (ISE) to distinguish between different service set
identifiers (SSIDs)."
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115734-ise-policies-ssid-00.html
upvoted 1 times
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
ff = multi
2000 = global
fc /fd = unique local
fe8 = link local
upvoted 8 times
A. SW3 -
B. SW2 -
C. SW1 -
D. SW4 -
Correct Answer: D
A. G0/9
B. G0/20
C. G0/16
D. G0/11
Correct Answer: B
A. array
B. object
C. value
D. key
Correct Answer: C
A. SW 1 -
B. SW 2 -
C. SW 3 -
D. SW 4 -
Correct Answer: C
Refer to the exhibit. A newly configured PC fails to connect to the internet by using TCP port 80 to www.cisco.com. Which setting must be
modified for the connection to work?
A. Subnet Mask
B. DNS Servers
C. Default Gateway
D. DHCP Servers
Correct Answer: C
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Correct Answer: C
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
Correct Answer: D
https://www.cisco.com/c/en/us/support/docs/interfaces-modules/security-modules-routers-switches/116586-config-ap-00.html
upvoted 1 times
A. value
B. array
C. key
D. object
Correct Answer: C
DRAG DROP
-
Drag and drop the statements about AAA services from the left to the corresponding AAA services on the right. Not all options are used.
Correct Answer:
A. collisions
B. broadcast storm
C. duplex mismatch
D. queueing
Correct Answer: C
DRAG DROP
-
Drag and drop the IPv6 address from the left onto the type on the right.
Correct Answer:
Refer to the exhibit. An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows
the PC to obtain its IP address from a DHCP server?
Correct Answer: A
Question #1134 Topic 1
SIMULATION
-
Guidelines
-
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window
• All necessary preconfigurations have been applied
• Do not change the enable password or hostname for any device
• Save your configurations to NVRAM before moving to the next item
• Click Next at the bottom of the screen to submit this lab and move to the next question
• When Next is clicked the lab closes and cannot be reopened
Topology
-
Tasks
-
IP connectivity between the three routers is configured. OSPF adjacencies must be established.
1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is shared between them.
2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR. R1 and R3 links facing R2 must remain with the default
OSPF configuration for DR election. Verify the configuration after clearing the OSPF process.
3. Using a host wildcard mask, configure all three routers to advertise their respective Loopback1 networks.
4. Configure the link between R1 and R3 to disable their ability to add other OSPF routers.
Correct Answer:
kappi91 1 week, 4 days ago
Can somebody give me some feedback:
Step 1 --------------
R1
router ospf 1
router-id 10.10.12.1
R2
router ospf 1
router-id 10.10.12.2
Step 2 --------------
int e0/0
ip ospf priority 255
int e0/2
ip ospf priority 255
exit
clear ip ospf process
show ip ospf neighbors
Step 3 --------------
r1
router ospf 1
network 10.10.1.1 0.0.0.0 area 0
r2
router ospf 1
network 10.10.1.2 0.0.0.0 area 0
r3
router ospf 1
network 10.10.1.3 0.0.0.0 area 0
Step 4 --------------
r1
int e0/1
ip ospf network point-to-point
r3
int e0/1
ip ospf network point-to-point
upvoted 1 times
Question #1135 Topic 1
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
A. SW4 -
B. SW2 -
C. SW3 -
D. SW4 -
Correct Answer: A
Question #1137 Topic 1
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Correct Answer: D
A. G0/9
B. G0/12
C. G0/19
D. G0/1
Correct Answer: B
Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?
A. transport
B. main
C. aggressive
D. tunnel
Correct Answer: D
Question #1141 Topic 1
A network administrator is evaluating network security in the aftermath of an attempted ARP spoofing attack. If Port-channel1 is the uplink
interface of the access-layer switch toward the distribution-layer switch, which two configurations must the administrator configure on the access-
layer switch to provide adequate protection? (Choose two.)
C. ip dhcp snooping
!
interface Port-channel1
switchport port-security maximum 1
switchport port-security
Correct Answer: DE
A. Type 1
B. Type 2
C. Type 3
D. Type 12
Correct Answer: A
Question #1143 Topic 1
Correct Answer: B
DRAG DROP
-
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Correct Answer:
Question #1145 Topic 1
A. G0/10
B. G0/24
C. G0/5
D. G0/1
Correct Answer: B
Correct Answer: C
Question #1147 Topic 1
DRAG DROP
-
Drag and drop the traffic types from the left onto the QoS delivery mechanisms on the right.
Correct Answer:
A. is used when the ISP requires the new subnet to be advertised to the internet for web services
Correct Answer: D
Question #1149 Topic 1
Refer to the exhibit. The engineer configured the VLANs on the new AccSw2 switch. A router-on-a-stick is connected to both switches. How must
the ports be configured on AccSw2 to establish full connectivity between the two switches and for Server1?
A. interface GigabitEthernet1/1
switchport access vlan 11
!
interface GigabitEthernet1/24
switchport mode trunk
switchport trunk allowed vlan 10,11
B. interface GigabitEthernet1/3
switchport mode access
switchport access vlan 10
!
interface GigabitEthernet1/24
switchport mode trunk
switchport trunk allowed vlan 2,10
C. interface GigabitEthernet1/3
switchport mode access
switchport access vlan 10
!
interface GigabitEthernet1/24
switchport mode trunk
D. interface GigabitEthernet1/1
switchport mode access
switchport access vlan 11
!
interface GigabitEthernet1/24
switchport mode trunk
Correct Answer: C
kat1969 18 hours, 24 minutes ago
We don't know what VLAN the PC belongs to. So, if we restrict the VLANS that might create an issue.
upvoted 1 times
Correct Answer: A
Refer to the exhibit. Which address will the client contact to renew their IP address when the current lease expires?
A. 192.168.25.103
B. 192.168.25.1
C. 192.168.25.100
D. 192.168.25.254
Correct Answer: C
Question #1152 Topic 1
A. SW4 -
B. SW2 -
C. SW3 -
D. SW4 -
Correct Answer: B
Question #1153 Topic 1
DRAG DROP
-
Drag and drop the characteristic from the left onto the cable type on the right.
Correct Answer:
Correct Answer: B
Question #1155 Topic 1
DRAG DROP
-
Drag and drop the HTTP verbs from the left onto the API operations on the right.
Correct Answer:
Question #1156 Topic 1
A. application
B. services
C. data
D. control
Correct Answer: D
Correct Answer: B
When more than one AP-Manager interface is provisioned on a wireless LAN controller, how is the request handled by the AP?
A. The discovery response from the AP to the AP-Manager interface disables the WLAN port.
B. The AP join request fails and must be configured statically on the AP-Manager interface.
C. The AP-Manager with the fewest number of APs is used by the AP to join.
Correct Answer: C
Question #1159 Topic 1
A. object
B. value
C. key
D. array
Correct Answer: A
Correct Answer: C
A. value
B. array
C. object
D. key
Correct Answer: A
Question #1162 Topic 1
Which SNMP message type is reliable and precedes an acknowledgment response from the SNMP manager?
A. Get
B. Inform
C. Traps
D. Set
Correct Answer: B