How2Pass CCNA 200-301 Online Practice Tests: Print This Page

21/02/2022 09:16 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.
4)
How2Pass CCNA 200-301 Online Practice Tests
Test #09: Random Test from all exam topics
How2Pass Test Score Report Print this page
Test Taker's Name : el_buffalo

Questions Attempted : 100
Correct Answers : 93
Your score: 93%
Passing score: 82.5%
Pass/Fail: Pass

Your time is: 1 hr 31 min 46 sec
Section Analysis

Section 0% 50% 100% Score

IP Connectivity: 100% (18/18)
Network Fundamentals: 87% (20/23)
Network Access: 93% (25/27)
Security Fundamentals: 82% (9/11)
IP Services: 100% (11/11)
Automation and Programmability: 100% (10/10)

Correct Answers/Explanations are given below
1. (QID:AN418) Refer to the exhibit. Which action must be taken to ensure that RouterA is
elected as the DR for OSPF area 0?

Exhibit

Your Answer: Configure the RouterA interfaces with the highest OSPF priority value within the area.

Correct Answer: Configure the RouterA interfaces with the highest OSPF priority value within the area.

2. (QID:AXD12) Drag-n-drop. Refer to the Exhibit. Drag and drop the routing table components
on the left onto the corresponding letter from the exhibit on the right. Not all options are used.
Exhibit
Your Answer: 1:E,2:A,3:B,4:G,5:D

Correct Answer: 1:E,2:A,3:B,4:G,5:D

Explanation:
A => route source

distance
B => administrative
C => metric
D => timestamp

E => outbound interface
Not used:
https://www.how2pass.com/emembers/ccna301/onlinetest/frame.php 1/35
21/02/2022 09:16 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.4)
subnet mask
next-hop interface
3. (QID:AN102) Refer to the exhibit. An engineer must add a subnet for a new office that will add
20 users to the network. Which IPv4 network and subnet mask combination does the engineer
assign to minimize wasting addresses?
Exhibit
Your Answer: 10.10.225.32 255.255.255.224
Correct Answer: 10.10.225.32 255.255.255.224
Explanation:
10.10.225.48 255.255.255.240
Incorrect - provides up to 14 hosts; requirement is minimum 20 hosts.
10.10.225.32 255.255.255.240
Incorrect - provides up to 14 hosts; requirement is minimum 20 hosts.
10.10.225.48 255.255.255.224
Incorrect - not a subnet; it is host address.
10.10.225.32 255.255.255.224
Correct - provides up to 30 hosts in the range 10.10.225.33 - 10.10.225.62
4. (QID:AN006) Which command automatically generates an IPv6 address from a specified IPv6
prefix and MAC address of an interface?
Your Answer: ipv6 address 2001:DB8:5:112::2/64 link-local
Correct Answer: ipv6 address 2001:DB8:5:112::/64 eui-64
Explanation:
ipv6 address ipv6-prefix/prefix-length eui-64
To configure an IPv6 address for an interface and enables IPv6 processing on the interface using an EUI-64
interface ID in the low order 64 bits of the address, use the ipv6 address eui-64 command in interface
configuration mode.
The following example assigns IPv6 address 2001:0DB8:0:1::/64 to Ethernet interface 0 and specifies an
EUI-64 interface ID in the low order 64 bits of the address:
Router(config)# interface ethernet 0

Router(config-if)# ipv6 address 2001:0DB8:0:1::/64 eui-64
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/command/ipv6-cr-book/ipv6-i1.html#wp3027933494
The ipv6 address autoconfig command causes the device to perform IPv6 stateless address auto-
configuration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface,
but the addresses are configured depending on the prefixes received in Router Advertisement (RA)
messages.
Note: The keywords "from a specified IPv6 prefix" in the question statement indicate that ipv6 address
autoconfig is NOT a correct answer. The correct answer should take IPv6 prefix as an argument.
5. (QID:AN018) Refer to the exhibit. How does SW2 interact with other switches in this VTP
domain?
Exhibit:
SW2
vtp domain test
vtp mode transparent
vtp password ccnatest
interface fastethernet0/1
description connection to SW1
switchport mode trunk
switchport trunk encapsulation dot1q
Your Answer: It forwards only the VTP advertisements that it receives on its trunk ports.
Correct Answer: It forwards only the VTP advertisements that it receives on its trunk ports.
Explanation:
A switch in VTP Transparent mode will receive the VTP advertisements but it will not process them.
However, it will forward the VTP advertisements to other switches through connected trunk links.
6. (QID:AN124) What are two differences between optical-fiber cabling and copper cabling?
(Choose two)
Your Answer: The glass core component is encased in a cladding.

Light is transmitted through the core of the fiber.
Correct Answer: Light is transmitted through the core of the fiber.

The glass core component is encased in a cladding.
7. (QID:AN350) What are network endpoints?
Your Answer: a threat to the network if they are compromised
Correct Answer: a threat to the network if they are compromised
Explanation:
Endpoint security solutions protect endpoints such as mobile devices, desktops, laptops, and even medical
and IoT devices. Endpoints are a popular attack vector, and the goal of an attacker is to not only
compromise the endpoint but also to gain access to the network and the valuable assets within.
https://www.cisco.com/c/en/us/products/security/endpoint-security/index.html
8. (QID:AN365) Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28
subnet?
Exhibit:
R1#show ip route
<output omitted>
Gateway of last resort is 192.168.30.10 to network 0.0.0.0
192.168.30.0/29 is subnetted, 2 subnets
C 192.168.30.0 is directly connected, FastEthernet0/0
C 192.168.30.8 is directly connected, Serial0/0.1
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
O IA 192.168.10.32/28 [110/193] via 192.168.30.10,
00:18:49, Serial0/0.1
O IA 192.168.10.0/27 [110/192] via 192.168.30.10, 00:18:49,
Serial0/0.1
O IA 192.168.50.0 [110/128] via 192.168.30.10, 00:18:49,
Serial0/0.1
C 192.168.50.1 is directly connected. Loopback0
O*IA 0.0.0.0/0 [110/84] via 192.168.30.10, 00:10:36,
Serial0/0.1
Your Answer: 193
Correct Answer: 193
Explanation:
Using the principle of longest prefix match, the router will use the following route for the destination
192.168.10.33/28:
O IA 192.168.10.32/28 [110/193] via 192.168.30.10, 00:18:49, Serial0/0.1
The metric of this OSPF route is shown as 193.
9. (QID:AN256) Which device controls the forwarding of authentication requests for users when
connecting to the network using a lightweight access point?
Your Answer: wireless LAN controller
Correct Answer: wireless LAN controller
10. (QID:AN308) Refer to the exhibit. Which command must be executed for Gi1/1 on SW1 to
become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode?
Exhibit
Your Answer: switchport mode dynamic desirable
Correct Answer: switchport mode dynamic desirable
11. (QID:AN134) Which function does an SNMP agent perform?
Your Answer: It sends information about MIB variables in response to requests from the NMS.
Correct Answer: It sends information about MIB variables in response to requests from the NMS.
12. (QID:AN270) Which implementation provides the strongest encryption combination for the
wireless environment?
Your Answer: WPA2 + AES
Correct Answer: WPA2 + AES

Explanation:
WPA 2 offers a higher level of security than WPA because AES offers stronger encryption than Temporal
Key Integrity Protocol (TKIP). TKIP is the encryption algorithm that WPA uses. WPA 2 creates fresh session
keys on every association. The encryption keys that are used for each client on the network are unique and
specific to that client. Ultimately, every packet that is sent over the air is encrypted with a unique key.
Security is enhanced with the use of a new and unique encryption key because there is no key reuse. WPA
is still considered secure and TKIP has not been broken. However, Cisco recommends that customers
transition to WPA 2 as soon as possible.
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2-config.html
13. (QID:AN176) Refer to the exhibit. Router R2 is configured with multiple routes to reach
network 10 1.1.0/24 from router R1. What protocol is chosen by router R2 to reach the destination
network 10.1.1.0/24?
Exhibit:
R1(config)# router eigrp 1

R1(config-router)# eigrp router-id 1.1.1.1
R1(config-router)# network 10.1.1.0 0.0.0.255
R2# config t
R2(config)# interface gi1/1
R2(config-if)# ip address 192.168.0.2 255.255.255.0
R2# config t
R2(config)# router bgp 65001
R2(config-router)# neighbor 192.168.0.1 remote-as 65000
R2(config)# router ospf 1

R2(config-router)# router-id 2.2.2.2
R2(config-router)# network 192.168.1.2 0.0.0.0 area 0
R2(config)# router eigrp 1

R2(config-router)# eigrp router-id 1.1.1.1
R2(config)# ip route 10.1.1.0 255.255.255.0 192.168.0.1
Your Answer: Static
Correct Answer: Static
Explanation:
All available routes have the same prefix length. Router R2 will use the next deciding factor, Administrative
Distance (AD). The last line of the output shows a static route from R2 to R1's network 10.1.1.0/24 via the
next hop address 192.168.0.1. Router R2 will use this static route due to the least AD value of 1.
14. (QID:AND17) Drag-n-drop. Drag the descriptions of IP protocol transmissions from the left
onto the IP traffic types on the right.
Your Answer: 1:T,2:T,3:T,4:U,5:U,6:U
Correct Answer: 1:T,2:T,3:T,4:U,5:U,6:U
Explanation:
TCP
Sends transmissions in sequence.

Transmits packets individually.
Uses a lower transmission rate to ensure reliability.
UDP
Transmissions include an 8-byte header.

Transmits packets as a stream.
Uses a higher transmission rate to support latency-sensitive application.
15. (QID:AND34) Drag-n-drop. Drag and drop the lightweight access point operation modes from
the left onto the descriptions on the right.
Your Answer: 1:F,2:D,3:A,4:B,5:C,6:E
Correct Answer: 1:F,2:C,3:A,4:B,5:D,6:E
Explanation:
Sniffer mode: allows for packet captures of wireless traffic.
Flexconnect mode: allows the access point to communicate with the WLC over a WAN link.
Monitor mode: receive only mode which acts as a dedicated sensor for RFID and IDS.
Bridge mode: preferred for connecting access points in a mesh environment.
Local mode: transmits normally on one channel and monitors other channels for noise and interference.
Rogue detector mode: monitor for rogue APs, does not handle data at all.
16. (QID:AN397) Which type of organization should use a collapsed-core architecture?
Your Answer: Small and needs to reduce networking costs currently.
Correct Answer: Small and needs to reduce networking costs currently.
Explanation:
The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the
network design. Most small enterprise campus’ do not grow significantly larger over time, and most small
enterprise campus are small enough to be well served by a two-tier hierarchical design, where the core and
distribution layers are collapsed into one layer. The primary motivation for the collapsed core design is
reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model.
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_Profile/SEDP/chap2.html
17. (QID:AN137) Which two minimum parameters must be configured on an active interface to
enable OSPFv2 to operate? (Choose two)
Your Answer: OSPF area

OSPF process ID
Correct Answer: OSPF area

OSPF process ID
18. (QID:AND25) Drag-n-drop. Drag and drop the 802.11 wireless standards from the left onto the
matching statements on the right.
Your Answer: 1:E,2:D,3:B,4:C,5:A
Correct Answer: 1:E,2:D,3:B,4:C,5:A
Explanation:
802.11n: Operates in the 2.4 GHz and 5 GHz bands.

802.11g: Operates in the 2.4 GHz band only and supports a maximum data rate of 54 Mbps.
802.11ac: Operates in the 5 GHz band only and supports a maximum data rate that can exceed 100
Mbps.
802.11b: Supports a maximum data rate of 11 Mbps.
802.11a: Operates in the 5 GHz band only and supports a maximum data rate of 54 Mbps.
19. (QID:AN064) If a notice-level messaging is sent to a syslog server, which event has
occurred?
Your Answer: A network device has restarted.
Correct Answer: A network device has restarted.
Explanation:
notification: Normal but significant condition (for example, interface up/down transitions and system restart
messages).
Reference
20. (QID:AND24) Drag-n-drop. Drag and drop the characteristics of network architectures from
the left onto the type of architecture on the right.
Your Answer: 1:C,2:C,3:C,4:T,5:T
Correct Answer: 1:C,2:C,3:C,4:T,5:T
Explanation:
Collapsed Core
Single device handles the core and the distribution layer.

More cost-effective than other options.
Most appropriate for small network designs.
Three-Tier
Enhances network availability.

Separate devices handle the core and the distribution layer.
21. (QID:AN244) How does a switch process a frame received on Fa0/1 with the destination MAC
address of 0e38.7363.657b when the table is missing the address?
Your Answer: It floods the frame to all interfaces except Fa0/1.
Correct Answer: It floods the frame to all interfaces except Fa0/1.
Explanation:
Layer 2 switches maintain a table of destination MAC addresses and associated ports. When a unicast
frame is received, its destination MAC address is searched in the MAC address table. If a match is found
the frame is forwarded through the port associated with that destination MAC address. If no entry matches,
the frame is flooded out all ports except the receiving port.
22. (QID:AN406) Which two components comprise part of a PKI? (Choose two)
Your Answer: CA that grants certificates

one of more CRLs
Correct Answer: one of more CRLs

CA that grants certificates
23. (QID:AN382) Refer to the exhibit. Which two prefixes are included in this routing table entry?
(Choose two.)
Exhibit:
R2#show ip route
C 192.168.1.0/26 is directly connected, FastEthernet0/1
Your Answer: 192.168.1.61
192.168.1.17
Correct Answer: 192.168.1.17

192.168.1.61
24. (QID:AN159) Refer to the exhibit. What action establishes the OSPF neighbor relationship
without forming an adjacency?
Exhibit
Your Answer: Modify network type
Correct Answer: Modify network type
Explanation:
From the perspective of OSPF, there are a couple of things that must match for a OSPF neighborship to
establish; these include:
1. The devices must be in the same area.

2. The devices must have the same authentication configuration.
3. The devices must be on the same subnet.
4. The devices hello and dead intervals must match.
5. The devices must have matching stub flags.
But the question is asking about OSPF neighborship without forming adjacencies. The OSPF point-to-point
and point-to-multipoint nonbroadcast networks require statically defined neighbor statements without
forming DR/BDR adjacencies.
25. (QID:AN193) Which state does the switch port move to when PortFast is enabled?
Your Answer: forwarding
Correct Answer: forwarding
Explanation:
Enabling the PortFast feature causes a switch or trunk port to enter the spanning tree forwarding state
immediately, bypassing the listening and learning states.
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/stp_enha.html
26. (QID:AN412) Refer to the exhibit. Which configuration enables DHCP addressing for hosts
connected to interface FastEthernet0/1 on router R4?
Exhibit:
interface FastEthernet0/10
description WAN_INTERFACE
ip address 10.0.1.2 255.255.255.252
ip access-group 100 in
!
interface FastEthernet0/1
description LAN_INTERFACE
ip address 10.148.2.1 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
!
access-list 100 permit eigrp any any
access-list 100 permit icmp any any
access-list 100 permit tcp 10.149.3.0 0.0.0.255 host 10.0.1.2
eq 22
access-list 100 permit tcp any any eq 80
access-list 100 deny ip any any log
Your Answer: interface FastEthernet0/1

ip helper-address 10.0.1.1
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
Correct Answer: interface FastEthernet0/1

ip helper-address 10.0.1.1
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
27. (QID:AN014) Which wireless access point (AP) operates in a standalone, independent
manner?
Your Answer: Autonomous
Correct Answer: Autonomous
Explanation:
Autonomous AP, now called Mobility Express, is used when you do not have a Wireless LAN Controller
(WLC). It has its own operating system just like any Cisco device. It is configured independently.
Lightweight AP is a special type of AP that needs a Wireless LAN Controller (WLC) to work. It has a limited
firmware on it and gets the configuration from the WLC.
28. (QID:AN131) Refer to the exhibit. The network administrator wants VLAN 67 traffic to be
untagged between Switch 1 and Switch 2 while all other VLANs are to remain tagged. Which
command accomplishes this task?
Exhibit
Your Answer: switchport trunk native vlan 67
Correct Answer: switchport trunk native vlan 67
Explanation:
Native VLAN
The native VLAN is used to carry untagged traffic across an 802.1Q trunk. The default native VLAN is set to
VLAN 1, but can be changed on each trunk interface. The native VLAN must be the same on both sides of a
trunk interface.
The switchport trunk native vlan command specifies the native VLAN number for the trunk.
An 802.1Q native VLAN is defined as one of the following:
The VLAN that a port is associated with when not in trunking operational mode.
The VLAN that is associated with untagged frames that are received on a switch port.
The VLAN to which Layer 2 frames will be forwarded if received untagged on an 802.1Q trunk port.
29. (QID:AN026) Which mode allows access points to be managed by Cisco Wireless LAN
Controllers?
Your Answer: Lightweight
Correct Answer: Lightweight
Explanation:
Cisco Lightweight Access Point (LAP)
The Cisco LAP is part of the Cisco Unified Wireless Network architecture. A LAP is an AP that is designed
to be connected to a wireless LAN (WLAN) controller (WLC). The LAP provides dual band support for IEEE
802.11a, 802.11b, and 802.11g and simultaneous air monitoring for dynamic, real-time radio frequency (RF)
management. In addition, Cisco LAPs handle time-sensitive functions, such as Layer 2 encryption, that
enable Cisco WLANs to securely support voice, video, and data applications.
APs are "lightweight", which means that they cannot act independently of a wireless LAN controller (WLC).
The WLC manages the AP configurations and firmware. The APs are "zero touch" deployed, and individual
configuration of APs is not necessary. The APs are also lightweight in the sense that they handle only real-
time MAC functionality. The APs leave all the non-real-time MAC functionality to be processed by the WLC.
This architecture is referred to as the "split MAC" architecture.
https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200-series/70278-lap-faq.html
Note: Autonomous AP, now called Mobility Express, is used when you do not have a Wireless LAN
Controller (WLC).
30. (QID:AND20) Drag-n-drop. Drag and drop the QoS congestion management terms from the
left onto the description on the right.
Your Answer: 1:D,2:B,3:E,4:A,5:C
Correct Answer: 1:D,2:B,3:E,4:A,5:C
Explanation:
PQ: places packets into one of four priority-based queues.
CQ: provides guaranteed bandwidth to a specific class of traffic.
WFQ: provides minimum guaranteed bandwidth to one or more flows.
CBWFQ: services a specified number of bytes in one queue before continuing to the next queue.
FIFO: uses store-and-forwarding queueing.
With Priority Queueing (PQ), traffic is classified into high, medium, normal, and low priority queues. The
high priority traffic is serviced first, then medium priority traffic, followed by normal and low priority traffic.
31. (QID:AN297) An engineer needs to add an old switch back into a network. To prevent the
switch from corrupting the VLAN database which action must be taken?
Your Answer: Add the switch in the VTP domain with a lower revision number.
Correct Answer: Add the switch in the VTP domain with a lower revision number.
Explanation:
VTP Configuration Revision Number
One of the most critical components of VTP advertisements is the configuration revision number. Each time
a VTP server modifies its VLAN information, it increments the configuration revision number by one. It then
sends out a VTP advertisement with the new configuration revision number. If the configuration revision
number being advertised is higher than the number stored locally on the other switches in the same VTP
domain, they will overwrite their VLAN configurations with the new information being advertised, otherwise
will ignore the VTP advertisements.
Therefore, you must add a new switch in the VTP domain with a lower revision number. In order to reset the
configuration revision of a switch, change the VTP domain name, and then change the name back to the
original name.
https://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/10558-21.html
32. (QID:AX028) What will happen if you configure the logging trap debug command on a router?
Your Answer: It causes the router to send all messages to the syslog server.
Correct Answer: It causes the router to send all messages to the syslog server.
Explanation:
logging trap
You can configure the kind of messages, by severity level, to be sent to the syslog server. The default is
informational and lower.
Router(config)# logging traplevel
The possible values for level are as follows:
Level Severity
Emergency: 0
Alert: 1
Critical: 2
Error: 3
Warning: 4
Notice: 5
Informational: 6
Debug: 7
When a level is specified in the logging trap level command, the router is configured to send messages
with lower severity levels as well. For example, the logging trap warning command configures the router
to send all messages with the severity warning, error, critical, and emergency. Similarly, the logging trap
debug command causes the router to send all messages to the syslog server. Exercise caution while
enabling the debug level. Because the debug process is assigned a high CPU priority, using it in a busy
network can cause the router to crash.
Note: The Debug level message displays the output of debug commands. The Notice level message
displays interface up or down transitions and system restart messages. The Informational level includes
reload requests and low-process stack messages.
33. (QID:AND15) Drag-n-drop. Refer to the exhibit. An engineer is tasked with verifying network
configuration parameters on a client workstation to report back to the team lead. Drag and drop the
node identifiers from the left onto the network parameters on the right.
Exhibit:
Your Answer: 1:D,2:A,3:B,4:C,5:E
Correct Answer: 1:D,2:A,3:B,4:C,5:E
Explanation:
Broadcast Address: 192.168.1.255

Default gateway: 192.168.1.1
Host IP address: 192.168.1.20
Last assignable IP address in the subnet: 192.168.1.254
MAC address:B8-76-3F-7C-57-DF
34. (QID:AX005) Which of the following is true about access point?
Your Answer: It is a layer 2 device used to extend the LAN coverage to wireless devices.
Correct Answer: It is a layer 2 device used to extend the LAN coverage to wireless devices.
35. (QID:AN082) Refer to the exhibit. A network engineer must block access for all computers on
VLAN 20 to the web server via HTTP. All other computers must be able to access the web server.
Which configuration when applied to switch A accomplishes this task?
Exhibit
Your Answer: config t
ip access-list extended wwwblock
deny tcp any host 10.30.0.100 eq 80
permit ip any any
int vlan 20
ip access-group wwwblock in
Correct Answer: config t

permit ip any any
int vlan 20
Explanation:
SwitchA
config t
permit ip any any
int vlan 20
36. (QID:AN227) What is the purpose of traffic shaping?
Your Answer: to mitigate delays over slow links
Correct Answer: to mitigate delays over slow links
37. (QID:AN247) What is recommended for the wireless infrastructure design of an organization?
Your Answer: Group access points together to increase throughput on a given channel.
Correct Answer: Group access points together to increase throughput on a given channel.
38. (QID:AN103) Refer to the exhibit. After the configuration is applied, the two routers fail to
establish an OSPF neighbor relationship. What is the reason for the problem?
Exhibit
Your Answer: Router2 is using the default hello timer.
Correct Answer: Router2 is using the default hello timer.
Explanation:
The OSPF Hello and Dead intervals must match between neighbors to establish OSPF adjacency.
Router1 is configured with the ip ospf hello-interval 5 command, that sets Hello interval to 5 seconds, but
Router2 is using the default OSPF Hello interval of 10 seconds.
OSPF Hello and Dead Interval
OSPF uses hello packets and two timers to check if a neighbor is still alive or not:
Hello interval: this defines how often we send the hello packet.
Dead interval: this defines how long we should wait for hello packets before we declare the neighbor
dead.
The hello and dead interval values can be different depending on the OSPF network type. On Ethernet
interfaces you will see a 10 second hello interval and a 40 second dead interval.
39. (QID:AN166) A device detects two stations transmitting frames at the same time. This
condition occurs after the first 64 bytes of the frame is received. Which interface counter
increments?
Your Answer: Late collision
Correct Answer: Late collision
Explanation:
The subset of all collisions that happen after the 64th byte (512th bit) of the frame has been transmitted, are
called late collisions.
Typical causes of late collisions are segment cable lengths in excess of the maximum permitted for the
cable type. A collision wave is not detected by the transmitting stations until after the 64 byte slot time since
it has to travel an excessive distance.
When a late collision wave is detected, the frame is not retransmitted automatically by the MAC sublayer.
Upper layer protocols must deduce that something went wrong and implement retransmission of the frame.
This takes times and so late transmissions can cause excessive delays.
40. (QID:AN217) What is the same for both copper and fiber interfaces when using SFP
modules?
Your Answer: They provide minimal interruption to services by being hot-swappable.
Correct Answer: They provide minimal interruption to services by being hot-swappable.
Explanation:
https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/gigabit-ethernet-gbic-sfp-
modules/datasheet-c78-366584.html
41. (QID:AN415) Refer to the exhibit. An administrator must connect SW_1 and the printer to the
network. SW_2 requires DTP to be used for the connection to SW_1. The printer is configured as an
access port with VLAN 5. Which set of commands completes the connectivity?
Exhibit
Your Answer: switchport mode dynamic desirable

switchport trunk allowed vlan add 5
Correct Answer: switchport mode dynamic desirable

switchport trunk allowed vlan add 5
42. (QID:AN184) Refer to the exhibit. A packet is being sent across router R1 to host
172.163.3.14. To which destination does the router send the packet?
Exhibit
Your Answer: 209.165.200.246 via Serial0/1/0
Correct Answer: 209.165.200.246 via Serial0/1/0
Explanation:
There is no dynamic or connected route to the destination address 172.163.3.14. Therefore, R1 will use the
default route via 209.165.200.246, Serial0/1/0.
43. (QID:AN311) What are two improvements provided by automation for network management
in an SDN environment? (Choose two.)
Your Answer: Artificial intelligence identifies and prevents potential design failures.

Proprietary Cisco APIs leverage multiple network management tools.
Correct Answer: Artificial intelligence identifies and prevents potential design failures.
Proprietary Cisco APIs leverage multiple network management tools.
44. (QID:AN316) Which technology allows for multiple operating systems to be run on a single
host computer?
Your Answer: server virtualization
Correct Answer: server virtualization
45. (QID:AN009) What are two reasons that cause late collisions to increment on an Ethernet
interface (Choose two)
Your Answer: when one side of the connection is configured for half-duplex.

when the cable length limits are exceeded.
Correct Answer: when the cable length limits are exceeded.

when one side of the connection is configured for half-duplex.
Explanation:
Late Collisions
The subset of all collisions that happen after the 64th byte (512th bit) of the frame has been transmitted, are
called late collisions. In a properly working Ethernet LAN, collisions should occur within the first 64 bytes;
late collisions today often point to a duplex mismatch.
Late collisions are also caused by excessive media lengths (greater than 100 meter in case of
10/100BaseT).
46. (QID:AN266) Refer to the exhibit. A network engineer must configure communication
between PC A and the File Server. To prevent interruption for any other communications, which
command must be configured?
Exhibit
Your Answer: Switchport trunk allowed vlan add 13
Correct Answer: Switchport trunk allowed vlan add 13
Explanation:
PC A and File Server are both configured in VLAN 13. Switch B (by default) allows all VLANs to traverse the
trunk but Switch A is configured to allow only VLANs 10, 11 and 12 (due to the switchport trunk allowed
vlan 10-12 command) to traverse the trunk Gi0/1.
To correct this, we can either remove this command and add new command allowing VLANs 10-13 or use
the switchport trunk allowed vlan add 13 command to add VLAN 13 to the existing list of allowed VLANs.
47. (QID:AN187) An engineer must configure an OSPF neighbor relationship between router R1
and R3. The authentication configuration has been configured and the connecting interfaces are in
the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose
two.)
Your Answer: Configure both interfaces with the same area ID.

Configure the interfaces as OSPF active on both sides.
Correct Answer: Configure the interfaces as OSPF active on both sides.

Configure both interfaces with the same area ID.
Explanation:
Hello and dead timers must match but with default settings these are already same on both routers.
OSPF process ID is only locally significant.
OSPF router ID must be different on two neighbors.
Both routers should have the same area ID.
We have to enable OSPF on active interfaces on both ends.
48. (QID:AN378) Which mode must be set for APs to communicate to a Wireless LAN Controller
using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol?
Your Answer: lightweight
Correct Answer: lightweight
Explanation:
Cisco Access Points (APs) can operate in two modes:
Autonomous: These are self-sufficient and standalone APs, used for small wireless networks.
Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP
and WLC communicate with each other via a logical pair of CAPWAP tunnels.
49. (QID:AN241) Refer to the exhibit. A network administrator has been tasked with securing
VTY access to a router. Which access-list entry accomplishes this task?
Exhibit:
access-list 101 permit ospf any any

access-list 101 permit tcp any eq 179 any
access-list 101 permit gre any any
access-list 101 permit esp any any
access-list 101 deny ospf any any

access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0
0.0.0.255 eq telnet
access-list 101 permit udp 10.1.1.0 0.0.0.255 172.16.1.0
0.0.0.255 eq 500
access-list 101 permit udp 10.1.1.0 0.0.0.255 172.16.1.0
0.0.0.255 eq 4500
access-list 101 deny ip any any log
interface Ethernet0/0
ip address 10.1.1.25 255.255.255.0
ip access-group 101 in
Your Answer: access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
Correct Answer: access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
Explanation:
Securing the vty lines means to allow access to required hosts and disallow all others.
The given answer allows telnet access, through VTY lines, only from IP address 10.1.1.0/24 to the
destination host 172.16.1.0/24. All other hosts are denied and failed attempts are logged.
50. (QID:AN416) Refer to the exhibit. Traffic sourced from the loopback0 interface is trying to
connect via ssh to the host at 10.0.1.15. What is the next hop to the destination address?
Exhibit:
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF Inter
area
N1 - OSPF NSSA external type 1. N2 - OSPF NSSA external type
2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-
IS level-2
la - IS-IS inter area," - candidate default, U - per-user
static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set

C 192.168.3.5 is directly connected. Loopback0
10.0.0.078 is variably subnetted, 4 subnets, 2 masks
O 10.0.1.3/32 [110/100] via 192.168.0.40, 00.33:32,
Serial0
C 10.0.1.0/24 is directly connected, Serial0
O 10.0.1.190/32 [110/5] via 192.168.0.35, 00:33:32,
Serial0
O 10.0.1.0/24 [110/10] via 192.168.0.4, 00:33:32,
GigabitEthernet0/0
D 10.0.1.0/28 [90/10] via 192.168 0.7, 00:33:32,
GigabitEthernet0/0
Your Answer: 192.168.0.7
Correct Answer: 192.168.0.7
51. (QID:AN047) Router A learns the same route from two different neighbors, one of the
neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the
administrative distance of the route that will be installed in the routing table?
Your Answer: 90
Correct Answer: 90
Explanation:
Cisco routers prefer the route, advertised by a routing protocol, with lower Administrative Distance. EIGRP
routes have lower AD than those of OSPF routes, hence preferred by Cisco routers.
The administrative distances of some common dynamic routing protocols are:
EIGRP = 90
IGRP = 100
OSPF = 110
IS-IS = 115
RIP = 120
52. (QID:AN381) Which communication interaction takes place when a southbound API is used?
Your Answer: Between the SDN controller and switches and routers on the network.
Correct Answer: Between the SDN controller and switches and routers on the network.
Explanation:
SDN Southbound APIs
Software-defined southbound application program interfaces (SDN southbound APIs) are used to
communicate between the SDN Controller and the switches and routers of the network. They can be open-
source or proprietary.
Southbound APIs facilitate control over the network and enable the SDN Controller to dynamically make
changes according to real-time demands and needs.
OpenFlow, which was developed by the Open Networking Foundation (ONF), is the first and probably the
most well-known southbound interface.
53. (QID:AN222) What is a DHCP client?
Your Answer: A host that is configured to request an IP address automatically.
Correct Answer: A host that is configured to request an IP address automatically.
Explanation:
DHCP stands for dynamic host configuration protocol and is a network protocol used on IP networks where
a DHCP server automatically assigns an IP address and other information to each host on the network so
they can communicate efficiently with other endpoints.
In addition to the IP address, DHCP also assigns the subnet mask, default gateway address, domain name
server (DNS) address and other pertinent configuration parameters.
A DHCP client is a host using DHCP to obtain configuration parameters such as an IP address from a
DHCP server.
A DHCP server is a networked device running the DCHP service that holds IP addresses and related
configuration information. This is most typically a server or a router but could be anything that acts as a
host, such as an SD-WAN appliance.
54. (QID:AND13) Drag and drop the characteristics of networking from the left onto the correct
networking types on the right.
Your Answer: 1:C,2:C,3:C,4:T,5:T,6:T
Correct Answer: 1:C,2:C,3:C,4:T,5:T,6:T
Explanation:
Controller-Based Networking
Focused on network
User input is a policy
Uses white list security modal
Traditional Networking
Focused on devices
User input is a configuration
Uses black list security modal
55. (QID:AN360) What is the function of a controller in controller-based networking?
Your Answer: It serves as the centralized management point of an SDN architecture.
Correct Answer: It serves as the centralized management point of an SDN architecture.
Explanation:
Software-defined networking (SDN)
SDN technology is an approach to network management that enables dynamic, programmatically efficient
network configuration in order to improve network performance and monitoring making it more like cloud
computing than traditional network management.
In conventional networks, control traffic and data traffic are tightly coupled in network devices. Additionally,
in conventional networks most control functions are distributed over many devices.
In contrast, the SDN paradigm attempts to pull control functions out of the network devices and consolidate
them into a centralized location. With this model, once a centralized controller derives the desired
forwarding behavior, forwarding instructions for packets are downloaded to the appropriate network devices.
The communication between the controller and the network devices can use some form of standardized
protocol such as OpenFlow to facilitate standardized network device programming.
56. (QID:AN315) Refer to the exhibit. The entire contents of the MAC address table are shown.
Sales-4 sends a data frame to Sales-1. What does the switch do as it receives the frame from Sales-
4?
Exhibit
Your Answer: Insert the source MAC address and port into the forwarding table and forward the frame to
Sales-1.
Correct Answer: Insert the source MAC address and port into the forwarding table and forward the frame
to Sales-1.
57. (QID:AND22) Drag-n-drop. Drag and drop the DHCP snooping terms from the left onto the
descriptions on the right.
Your Answer: 1:C,2:B,3:D,4:A,5:E
Correct Answer: 1:B,2:A,3:D,4:C,5:E
Explanation:
Snooping binding database: List of hosts on the network that are unknown to the administrative domain.
DHCP server: Network component that propagates IP addresses to hosts on the network.
Trusted: Internal device under the control of the network administrator.
Spurious DHCP server: Unknown DHCP server within an administrative domain.
Untrusted: Default state of all interfaces.
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-
2SY/configuration/guide/sy_swcg/dhcp_snooping.pdf
58. (QID:AN072) Which command prevents passwords from being stored in the configuration as
plain text on a router or switch?
Your Answer: service password-encryption
Correct Answer: service password-encryption
Explanation:
service password-encryption
Many configuration commands used to configure passwords store the passwords in clear text in the
running-config file, for example the simple passwords configured on the console and vty lines, with the
password command, plus the password in the username command. The enable secret command
automatically encrypts the password value, but enable password command shows it in clear text.
These clear text passwords in a printed version of the configuration file, or in a backup copy of the
configuration file stored on a server, are vulnerable. A relatively weaker encryption of the passwords can be
obtained using the service password-encryption global configuration command. The presence or
absence of the service password-encryption global configuration command dictates whether the passwords
are encrypted as follows:
When the service password-encryption command is configured, all existing console, vty, and
username command passwords are immediately encrypted.
If the service password-encryption command has already been configured, any future changes to
these passwords (and new passwords) are encrypted.
If the no service password-encryption command is used later, the passwords remain encrypted, until
they are changed - at which point they show up in clear text.
59. (QID:AN119) Refer to the exhibit. Which action is expected from SW1 when the untagged
frame is received on the GigabitEthernet0/1 interface?
Exhibit:
SW1#show run int gig 0/1

Interface GigabitEthernet0/1
switchport access vlan 11
switchport trunk allowed vlan 1-10
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport mode trunk
speed 1000
duplex full
Your Answer: The frame is processed in VLAN 5.
Correct Answer: The frame is processed in VLAN 5.
Explanation:
The switch assigns any untagged frame that arrives on a trunk port to the native VLAN. If a frame on the
native VLAN leaves a trunk port, the switch strips the Native VLAN tag out.
Therefore, untagged frame received on this port will be processed in the Native VLAN 5.
Note: Remember the following for untagged frame and trunk port:
On input - untagged frames are considered frames of Native VLAN.

On output - The Native VLAN tag is stripped out and frames are transmitted untagged.
60. (QID:AN093) Which statement correctly compares traditional networks and controller-based
networks?
Your Answer: Only controller-based networks decouple the control plane and the data plane.
Correct Answer: Only controller-based networks decouple the control plane and the data plane.
Explanation:
Traditional networks uses a distributed architecture, in which each control plane is resided in a networking
device. Therefore they need to communicate with each other via messages to work correctly.
Software defined networking (SDN) emerges as a promising paradigm shift that decouples the control plane
from the data plane. It has the ability to centrally monitor and control the network through software, i.e.,
controller.
We gain access to the SDN solution via the Northbound Interface, which is actually similar to the
management plane.
The SDN Controller communicates with network-level devices through the Southbound Interface.
61. (QID:AN317) Refer to the exhibit. An administrator must turn off the Cisco Discovery
Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which
command set meets the requirement?
Exhibit
Your Answer: interface gi0/1

no cdp enable
Correct Answer: interface gi0/1

no cdp enable
62. (QID:AN307) When deploying syslog, which severity level logs informational message?
Your Answer: 6
Correct Answer: 6
63. (QID:AN331) What must be considered when using 802.11ba?
Your Answer: It is compatible with 802.11b and 802.11-compliant wireless devices.
Correct Answer: It is compatible with 802.11b and 802.11-compliant wireless devices.
64. (QID:AN177) An engineer needs to configure LLDP to send the port description time length
value (TLV). What command sequence must be implemented?
Your Answer: Switch(config)#lldp port-description
Correct Answer: Switch(config)#lldp port-description
Explanation:
LLDP supports a set of attributes that it uses to discover neighbor devices. These attributes contain type,
length, and value descriptions and are referred to as TLVs. LLDP supported devices can use TLVs to
receive and send information to their neighbors.
Use the lldp port-description command to specify the port description TLV messages.
Switch(config)#lldp port-description
65. (QID:AN275) Which command do you enter so that a port enters the forwarding state
immediately when a PC is connected to it?
Your Answer: Switch(config)#spanning-tree portfast default
Correct Answer: Switch(config)#spanning-tree portfast default
Explanation:
Switch(config)#spanning-tree portfast ?
default Enable portfast by default on all access ports
66. (QID:AN104) A network engineer must create a diagram of a multi vendor network. Which
command must be configured on the Cisco devices so that the topology of the network can be
mapped?
Your Answer: Device(config)#lldp run
Correct Answer: Device(config)#lldp run
Explanation:
The Link Layer Discovery Protocol (LLDP)
LLDP is a link layer discovery protocol, similar to CDP. The big difference between the two is that LLDP is a
standard (vendor-neutral) while CDP is a Cisco proprietary protocol. Cisco devices support the IEEE
802.1ab version of LLDP. This allows non-Cisco devices to advertise information about themselves to our
network devices.
Use of LLDP is limited to 802.1 media types such as Ethernet, Token Ring, and Fiber Distributed Data
Interface (FDDI) networks.
Enabling LLDP Globally
LLDP is disabled globally by default on Cisco devices. It is configured in global configuration mode with the
following command:
Router(config)# lldp run
67. (QID:AN300) An engineer observes high usage on the 2.4GHz channels and lower usage on
the 5GHz channels. What must be configured to allow clients to preferentially use 5GH2 access
points?
Your Answer: Client Band Select
Correct Answer: Client Band Select
68. (QID:AN063) Which command enables a router to become a DHCP client?
Your Answer: ip address dhcp
Correct Answer: ip address dhcp
Explanation:
ip address dhcp
To acquire the IP address for an Ethernet interface on a Cisco router from the Dynamic Host Configuration
Protocol (DHCP) server, use the ip address dhcp command in interface configuration mode. To release the
acquired IP address, use the no form of this command.
https://www.cisco.com/c/en/us/td/docs/routers/nfvis/switch_command/b-nfvis-switch-command-
reference/ip_addressing_commands.html#wp9514582500
The ip helper-address command is used to make a router DHCP relay agent.
69. (QID:AN343) Where is the interface between the control plane and data plane within the
software-defined architecture?
Your Answer: Application layer and the management layer
Correct Answer: Application layer and the management layer
70. (QID:AN143) Which IPv6 address block forwards packets to a multicast address rather than a
unicast address?
Your Answer: FC00::/7
Correct Answer: FF00::/12
Explanation:
IPv6 Multicast Address
An IPv6 multicast address defines a group of devices known as a multicast group. IPv6 multicast addresses
use the prefix ff00::/8, which is equivalent to the IPv4 multicast address 224.0.0.0/4. A packet sent to a
multicast group always has a unicast source address. A multicast address can never be the source
address. Unlike IPv4, there is no broadcast address in IPv6. Instead, IPv6 uses multicast, including an all-
IPv6 devices well-known multicast address and a solicited-node multicast address.
IPv6 multicast addresses are distinguished from unicast addresses by the value of the high-order octet of
the addresses: a value of 0xFF (binary 11111111) identifies an address as a multicast address; any other
value identifies an address as a unicast address.
71. (QID:AN090) Which output displays a JSON data representation?
Exhibit
Your Answer: D
Correct Answer: D
Explanation:
All other answers are incorrect because they do not use colon (:) between the attribute-value pair.
JSON
JSON stands for JavaScript Object Notation. JSON is a lightweight data-interchange format, that uses
human-readable text to store and transmit data objects consisting of attribute-value pairs and array data
types (or any other serializable value). JSON uses JavaScript syntax, but the JSON format is text only. Text
can be read and used as a data format by any programming language.
JSON data is written as attribute-value pairs. An attribute-value pair consists of a field name (in double
quotes), followed by a colon, followed by a value, as shown below:
{
"first name": "John",
"last name": "Smith",
"age": 25,
"address": {
"street address": "21 2nd Street",
"city": "New York",
"state": "NY",
"postal code": "10021"
},
"phone numbers": [
{
"type": "home",
"number": "212 555-1234"
},
{
"type": "fax",
"number": "646 555-4567"
}
],
"sex": {
"type": "male"
}
}
72. (QID:AN269) What is a DNS lookup operation?
Your Answer: Serves requests over destination port 53.
Correct Answer: Serves requests over destination port 53.
Explanation:
A DNS lookup, in a general sense, is the process by which a DNS record is returned from a DNS server.
This is like looking up a phone number in a phone book - that is why it is referred to as a "lookup".
Interconnected computers, servers and smart phones need to know how to translate the email addresses
and domain names people use into IP addresses. A DNS lookup performs this function.
DNS uses the User Datagram Protocol (UDP) on port 53 to serve DNS queries. UDP is preferred because it
is fast and has low overhead.
73. (QID:AN135) What is a difference between RADIUS and TACACS+?
Your Answer: TACACS+ separates authentication and authorization, and RADIUS merges them.
Correct Answer: TACACS+ separates authentication and authorization, and RADIUS merges them.
74. (QID:AN151) The SW1 interface g0/1 is in the down/down state. Which two configurations are
valid reasons for the interface conditions? (Choose two)
Your Answer: There is a speed mismatch.

There is a duplex mismatch.
Correct Answer: There is a duplex mismatch.

There is a speed mismatch.
Explanation:
Gigabit Ethernet interface does not support half duplex. Also if there is a speed mismatch, the interface
might go down.
https://networklessons.com/switching/troubleshooting-interfaces
If the interface is shut down, the output shows "down/administratively down", instead of down/down.
"The interface is error-disabled" is incorrect because this is not a configuration, but the result of
configuration. The questions is asking bout two configurations that are valid reasons for interface
down/down conditions.
75. (QID:AN314) Refer to the exhibit. Only four switches are participating in the VLAN spanning-
tree process. Which switch becomes the permanent root bridge for VLAN 5?
Exhibit
Your Answer: Branch-3
Correct Answer: Branch-3
76. (QID:AN380) What prevents a workstation from receiving a DHCP address?
Your Answer: STP
Correct Answer: STP
Explanation:
STP can prevent DHCP clients from getting an IP address because the port does not start forwarding traffic
until STP goes into the forwarding state. The switch ports connecting to workstations need to be configured
as access ports and have Spanning-Tree Protocol (STP) portfast enabled, and trunking and channeling
disabled.
77. (QID:AN192) What criteria is used first during the root port selection process?
Your Answer: lowest path cost to the root bridge
Correct Answer: lowest path cost to the root bridge
Explanation:
Spanning Tree Root Port selection
If a Switch has multiple paths to reach the Root Bridge, it must select one path and the associated port as
the Root Port.
Spanning Tree Root Port selection process in a Non-Root Switch involves the following steps:
1. Select the port connected to the path with the lowest accumulated Spanning Tree Path Cost to the
Root Bridge (Root Switch) as the Root Port, when a Non-Root Switch has multiple paths to reach the
Root Switch.
2. If multiple paths are available to reach the Root Bridge (Root Switch) with the same accumulated
Spanning Tree Path Cost in a Non-Root Switch, select the port connected to the neighbor switch
which has the lowest Switch ID value as the Root Port.
3. If all the multiple paths go through the same neighboring switch to reach the Root Bridge (Root
Switch), Non-Root Switch will select the local port which receives the lowest port Spanning Tree Port
Priority value from neighbor Switch as the Root Port.
4. If the received Spanning Tree Port Priority value values are the same between the connecting ports
to reach the Root Bridge (Root Switch), Non-Root Switch will select the port which receives the
lowest physical port number from neighbor Switch as the Root Port. This is the last tie breaker.
78. (QID:AN055) A user configured OSPF in a single area between two routers. A serial interface
connecting R1 and R2 is running encapsulation PPP. By default which OSPF network type is seen
on this interface when the user types show ip ospf interface on R1 or R2?
Your Answer: point-to-point
Correct Answer: point-to-point
Explanation:
Point-to-point
An OSPF network, consisting of a serial link with PPP or HDLC encapsulation, is a point-to-point network.
Here are some characteristics of OSPF point-to-point networks:
Point-to-Point network types are intended to be used between 2 directly connected routers.
A Point-to-Point OSPF network type does not maintain a DR/BDR relationship.
The Point-to-Point network type has a 10 second hello and 40 second dead timer.
79. (QID:AX024) Which two command sequences must you configure on a switch to establish a
Layer 3 EtherChannel with an open-standard protocol? (Choose two)
Your Answer: interface GigabitEthernet0/0/1

channel-group 10 mode active
interface port-channel 10
no switchport
ip address 172.16.0.1 255.255.255.0
Correct Answer: interface port-channel 10

no switchport
ip address 172.16.0.1 255.255.255.0
interface GigabitEthernet0/0/1
channel-group 10 mode active
Explanation:
In EtherChannel technology there are two types of dynamic channel-group protocols:
Port Aggregation Protocol (PAgP) which is a Cisco proprietary protocol, and

Link Aggregation Control Protocol (LACP) which is the IEEE standard.
LACP uses two types of port modes: active and passive. LACP active mode unconditionally forms a LACP
dynamic EtherChannel whereas passive mode will only accept LACP negotiation attempts from a device set
to active mode.
80. (QID:AN043) Refer to the exhibit. If OSPF is running on this network, how does Router2
handle traffic from Site B to 10.10.13.128/25 at Site A?
Exhibit
Your Answer: It cannot send packets to 10.10.13.128/25
Correct Answer: It cannot send packets to 10.10.13.128/25
Explanation:
The destination address 10.10.13.128/25 is a subnet ID. In unicast routing, the destination address must be
a unique host address on a subnet.
81. (QID:AN387) Refer to the exhibit. Which change to the configuration on Switch1 allows the
two switches to establish an EtherChannel?
Exhibit
Your Answer: Change the LACP mode to active.
Correct Answer: Change the LACP mode to active.
Explanation:
The output shows that LACP protocol is in use and both ends of the links are configured in LACP passive
mode. At least one side of each link should be configured in LACP active mode for successful channel
creation.
LACP uses two types of port modes: active and passive. LACP active mode unconditionally forms a LACP
dynamic EtherChannel whereas passive mode will only accept LACP negotiation attempts from a device set
toactive mode.
82. (QID:AN094) How do TCP and UDP differ in the way they provide reliability for delivery of
packets?
Your Answer: TCP provides flow control to avoid overwhelming a receiver by sending too many packets
at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing.
Correct Answer: TCP provides flow control to avoid overwhelming a receiver by sending too many packets
at once, UDP sends packets to the receiver in a continuous stream without checking for sequencing.
Explanation:
TCP is a connection-oriented protocol and UDP is a connection-less protocol. TCP uses the three-way
handshake to establish connection between a sender and receiver before data can be sent. UDP does not
establish a connection before sending data.
TCP is reliable. Data sent using a TCP protocol is guaranteed to be delivered to the receiver. If data is lost
in transit it will recover the data and resend it. TCP will also check packets for errors and track packets so
that data is not lost or corrupted.
UDP is unreliable, it does not provide guaranteed delivery and a datagram packet may become corrupt or
lost in transit.
TCP uses flow control to ensure that a sender is not overwhelming a receiver by sending packets faster
than it can receive.
83. (QID:AN074) Which set of action satisfy the requirement for multifactor authentication?
Your Answer: The user enters a PIN into an RSA token, and then enters the displayed RSA key on a
login screen.
Correct Answer: The user enters a user name and password, and then clicks a notification in an
authentication app on a mobile device.
Explanation:
Multifactor Authentication
Multifactor authentication (MFA) is a security system that requires more than one method of authentication
from independent categories of credentials to verify the user's identity for a login or other transaction.
Multifactor authentication combines two or more independent credentials.
This is an example of how two-factor authentication (2FA) works:
The user logs in to the website or service with their username and password.
The password is validated by an authentication server and, if correct, the user becomes eligible for the
second factor.
The authentication server sends a unique code to the user�s second-factor method (such as a
smartphone app).
The user confirms their identity by providing the additional authentication for their second-factor method.
84. (QID:AN371) An engineer configures interface Gi1/0 on the company PE router to connect to
an ISP. Neighbor discovery is disabled. Which action is necessary to complete the configuration if
the ISP uses third-party network devices?
Exhibit:
interface Gi1/0
description HQ-DC-87752
duplex full
speed 100
negotiation auto
lldp transmit
lldp receive
Your Answer: Enable LLDP globally
Correct Answer: Enable LLDP globally
Explanation:
The Link Layer Discovery Protocol (LLDP)
LLDP is a link layer discovery protocol, similar to CDP. The big difference between the two is that LLDP is a
standard (vendor-neutral) while CDP is a Cisco proprietary protocol. Cisco devices support the IEEE
802.1ab version of LLDP. This allows non-Cisco devices to advertise information about themselves to our
network devices.
Use of LLDP is limited to 802.1 media types such as Ethernet, Token Ring, and Fiber Distributed Data
Interface (FDDI) networks.
Enabling LLDP Globally
LLDP is disabled globally by default on Cisco devices. It is configured in global configuration mode with the
following command:
Router(config)# lldp run
85. (QID:AN041) Which MAC address is recognized as a VRRP virtual address?
Your Answer: 0000.5E00.010a
Correct Answer: 0000.5E00.010a
Explanation:
The virtual MAC address for a VRRP group begins with a vendor code of 0000.5e (LANA's organizationally
unique identifier [OUI]), followed with a well-known VRRP address block of 00.01. The last two hexadecimal
digits are the hexadecimal representation of the VRID (group) number. For example, a VRRP group of 20
yields a default virtual MAC address of 0000.5e00.0114, because 20 in decimal equates to 14 in
hexadecimal.
86. (QID:AN366) Which two protocols must be disabled to increase security for management
connections to a Wireless LAN Controller? (Choose two.)
Your Answer: HTTP
Telnet
Correct Answer: Telnet

HTTP
87. (QID:AN052) Refer to the exhibit. The show ip ospf interface command has been executed on
R1. How is OSPF configured?
Exhibit:
Designated Router (ID) 10.11.11.11, Interface address

10.10.10.1
Backup Designated router (ID) 10.3.3.3, Interface address
10.10.10.3
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Retransmit 5
oob-resync timeout 40
Hello due in 00:00:08
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 6
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 3, Adjacent neighbor count is 3
Adjacent with neighbor 10.1.1.4
Adjacent with neighbor 10.2.2.2
Adjacent with neighbor 10.3.3.3 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Your Answer: The default Hello and Dead timers are in use.
Correct Answer: The default Hello and Dead timers are in use.
Explanation:
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
The default Hello and Dead timers for OSPF are in use.
"A point-to-point network type is configured" is incorrect. OSPF does not elect Designated Router (DR) and
Backup Designated Router (BDR) on point-to-point networks.
88. (QID:AN199) An engineer must establish a trunk link between two switches. The neighboring
switch is set to trunk or desirable mode. What action should be taken?
Your Answer: Configure switchport trunk dynamic desirable
Correct Answer: Configure switchport mode dynamic auto
Explanation:
Dynamic auto: Makes the Ethernet port willing to convert the link to a trunk link. The port becomes a trunk
port if the neighboring port is set to trunk or dynamic desirable mode. This is the default mode for some
switchports.
Dynamic desirable: Makes the port actively attempt to convert the link to a trunk link. The port becomes a
trunk port if the neighboring Ethernet port is set to trunk, dynamic desirable or dynamic auto mode.
89. (QID:AND11) Drag-n-drop. Drag and drop the IPv4 network subnets from the left onto the
correct usable host ranges on the right.
Your Answer: N/A
Correct Answer: 1:C,2:B,3:D,4:E,5:A
Explanation:
172.28.228.1 - 172.28.229.254: 172.28.228.144/23

172.28.224.1 - 172.28.231.254: 172.28.228.144/21
172.28.228.129 - 172.28.228.254: 172.28.228.144/25
172.28.228.145 - 172.28.228.150: 172.28.228.144/29
172.28.192.1 - 172.28.255.254: 172.28.228.144/18
90. (QID:AX019) Which two options are well-known southbound APIs? (Choose two)
Your Answer: OpFlex
OpenFlow
Correct Answer: OpenFlow

OpFlex
91. (QID:AN235) What is a role of wireless controllers in an enterprise network?
Your Answer: Centralize the management of access points in an enterprise network.
Correct Answer: Centralize the management of access points in an enterprise network.
Explanation:
A WLAN controller (also called WLC) manages wireless network access points (APs) that allow wireless
devices to connect to the network. As a centralized device in the network, the WLC is usually located at the
data center, to which all the wireless APs on the network are directly or indirectly connected. A WLAN
controller becomes the brain for the entire WLAN.
92. (QID:AN325) What are two recommendations for protecting network ports from being
exploited when located in an office space outside of an IT closer? (Choose two)
Your Answer: Shut down unused ports

Implement port-based authentication
Correct Answer: Implement port-based authentication

Shut down unused ports
93. (QID:AN345) A network analyst is tasked with configuring the date and time on a router using
EXEC mode. The date must be set to 12:00am. Which command should be used?
Your Answer: clock set
Correct Answer: clock set
Explanation:
Setting the Router's Time
The router's internal clock is set with the clock set command. This command is not a configuration
command (i.e., you must be in enable mode to give it, but you don't need to give the configure terminal
command) and is not stored in the router's configuration. The time is in military (24-hour) time. For example:
Router#clock set 13:00:00 20 jan 2021
94. (QID:AN243) What is the effect when loopback interfaces and the configured router ID are
absent during the OSPF process configuration?
Your Answer: The highest up/up physical interface IP address is selected as the router ID.
Correct Answer: The highest up/up physical interface IP address is selected as the router ID.
Explanation:
The OSPF router ID is chosen according to the following criteria:
The highest router ID configured explicitly with router-id ip address command, in OSPF router
configuration mode.
The highest IP address on its loopback interfaces (Loopback interface is a logical interface on a router).
If no loopback interface is configured then the highest IP address on one of its active physical interfaces.
If there is no active interface, the OSPF process will not start and therefore you will not have any OSPF
routes in your routing table.
95. (QID:AN105) How do traditional campus device management and Cisco DNA Center device
management differ in regards to deployment?
Your Answer: Cisco DNA Center device management can deploy a network more quickly than traditional
campus device management
Correct Answer: Cisco DNA Center device management can deploy a network more quickly than
traditional campus device management
96. (QID:AN128) What is the expected outcome when an EUI-64 address is generated?
Your Answer: The seventh bit of the original MAC address of the interface is inverted.
Correct Answer: The seventh bit of the original MAC address of the interface is inverted.
Explanation:
https://community.cisco.com/t5/networking-documents/understanding-ipv6-eui-64-bit-address/ta-p/3116953
97. (QID:AN012) Which network allows devices to communicate without the need to access the
Internet?
Your Answer: 172.28.0.0/16
Correct Answer: 172.28.0.0/16
Explanation:
You need to pick the network in private address space from the given list. Only the network 172.28.0.0/16
belongs to the private IPv4 address ranges.
The following ranges of IP addresses are considered as Private Networks by RFC 1918. These will not be
routed on the Internet:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
98. (QID:AN045) Refer to the exhibit. The New York router is configured with static routes
pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the
Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)
Exhibit
Your Answer: Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.
Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.
Correct Answer: Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.
Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.
Explanation:
The ipv6 route 2023::/126 2012::2 command on Atlanta router indicates that destination network
2023::/126 (Washington's Serial link) is reachable via the next hop address 2012::2 (New-York's Se0/0/0
address).
The ipv6 route 2012::/126 2023::2 command on Washington router indicates that destination network
2012::/126 (Atlanta's Serial link) is reachable via the next hop address 2023::2, that is Se0/0/1 address on
New-York router.
IPv6 Static Routes
Directly Attached Static Routes
In directly attached static routes, only the output interface is specified. The destination is assumed to be
directly attached to this interface, so the packet destination is used as the next-hop address. This example
shows such a definition:
ipv6 route 2001:DB8::/32 gigabitethernet1/0/0
The example specifies that all destinations with address prefix 2001:DB8::/32 are directly reachable through
interface GigabitEthernet1/0/0.
Recursive Static Routes
In a recursive static route, only the next hop is specified. The output interface is derived from the next hop.
This example shows such a definition:
ipv6 route 2001:DB8::/32 2001:DB8:3000:1
This example specifies that all destinations with address prefix 2001:DB8::/32 are reachable via the host
with address 2001:DB8:3000:1.
Floating Static Routes
A floating static route is configured with a higher administrative distance than the dynamic routing protocol it
is backing up. As a result, the dynamic route learned through the routing protocol is always used in
preference to the floating static route. If the dynamic route learned through the routing protocol is lost, the
floating static route will be used in its place. The following example defines a floating static route:
ipv6 route 2001:DB8:/32 gigabitethernet1/0/0 2001:DB8:3000:1 210
Fully Specified Static Routes
In a fully specified static route, both the output interface and the next hop are specified. This form of static
route is used when the output interface is a multi-access one and it is necessary to explicitly identify the
next hop. The next hop must be directly attached to the specified output interface. The following example
shows a definition of a fully specified static route:
ipv6 route 2001:DB8:/32 gigabitethernet1/0/0 2001:DB8:3000:1
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/ip6-route-
static-xe.html
99. (QID:AN091) Which option about JSON is true?
Your Answer: Used to describe structured data that includes arrays.
Correct Answer: Used to describe structured data that includes arrays.
Explanation:
JSON
JSON stands for JavaScript Object Notation. JSON is a lightweight data-interchange format, that uses
human-readable text to store and transmit data objects consisting of attribute-value pairs and array data
types (or any other serializable value). JSON uses JavaScript syntax, but the JSON format is text only. Text
can be read and used as a data format by any programming language.
JSON data is written as attribute-value pairs. An attribute-value pair consists of a field name (in double
quotes), followed by a colon, followed by a value, as shown below:
{
"first name": "John",
"last name": "Smith",
"age": 25,
"address": {
"street address": "21 2nd Street",
"city": "New York",
"state": "NY",
"postal code": "10021"
},
"phone numbers": [
{
"type": "home",
"number": "212 555-1234"
},
{
"type": "fax",
"number": "646 555-4567"
}
],
"sex": {
"type": "male"
}
}
JSON can use arrays. Array values must be of type string, number, object, array, boolean or null.
100. (QID:AN214) Which protocol prompts the Wireless LAN Controller to generate its own local
web administration SSL certificate for GUI access?
Your Answer: HTTPS
Correct Answer: HTTPS
Explanation:
You can protect communication with the GUI by enabling HTTPS. HTTPS protects HTTP browser sessions
by using the Secure Sockets Layer (SSL) protocol. When you enable HTTPS, the controller generates its
own local web administration SSL certificate and automatically applies it to the GUI. You also have the
option of downloading an externally generated certificate.
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-
guide/b_cg80/b_cg80_chapter_011.html#ID520
Retake this test with (7) incorrectly answered question(s)
Repeat this test with the same set of (100) question(s)
Close this window

How2Pass CCNA 200-301 Online Practice Tests: Print This Page

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

How2Pass CCNA 200-301 Online Practice Tests: Print This Page

Uploaded by

Copyright:

Available Formats

21/02/2022 09:16 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.

How2Pass CCNA 200-301 Online Practice Tests

Test #09: Random Test from all exam topics

How2Pass Test Score Report Print this page

Test Taker's Name : el_buffalo

Your score: 93%

Passing score: 82.5%

Your time is: 1 hr 31 min 46 sec

Section 0% 50% 100% Score

Correct Answers/Explanations are given below

Correct Answer: 1:E,2:A,3:B,4:G,5:D

A => route source

E => outbound interface

Your Answer: 10.10.225.32 255.255.255.224

Correct Answer: 10.10.225.32 255.255.255.224

Your Answer: ipv6 address 2001:DB8:5:112::2/64 link-local

Correct Answer: ipv6 address 2001:DB8:5:112::/64 eui-64

ipv6 address ipv6-prefix/prefix-length eui-64

Router(config)# interface ethernet 0

Your Answer: The glass core component is encased in a cladding.

Correct Answer: Light is transmitted through the core of the fiber.

7. (QID:AN350) What are network endpoints?

Your Answer: a threat to the network if they are compromised

Correct Answer: a threat to the network if they are compromised

Correct Answer: 193

O IA 192.168.10.32/28 [110/193] via 192.168.30.10, 00:18:49, Serial0/0.1

The metric of this OSPF route is shown as 193.

Your Answer: wireless LAN controller

Correct Answer: wireless LAN controller

Your Answer: switchport mode dynamic desirable

Correct Answer: switchport mode dynamic desirable

11. (QID:AN134) Which function does an SNMP agent perform?

Your Answer: WPA2 + AES

Correct Answer: WPA2 + AES

R1(config)# router eigrp 1

R2(config)# router ospf 1

R2(config)# router eigrp 1

R2(config)# ip route 10.1.1.0 255.255.255.0 192.168.0.1

Correct Answer: Static

Correct Answer: 1:T,2:T,3:T,4:U,5:U,6:U

Sends transmissions in sequence.

Transmissions include an 8-byte header.

Correct Answer: 1:F,2:C,3:A,4:B,5:D,6:E

Sniffer mode: allows for packet captures of wireless traffic.

Bridge mode: preferred for connecting access points in a mesh environment.

16. (QID:AN397) Which type of organization should use a collapsed-core architecture?

Your Answer: Small and needs to reduce networking costs currently.

Correct Answer: Small and needs to reduce networking costs currently.

Your Answer: OSPF area

Correct Answer: OSPF area

Correct Answer: 1:E,2:D,3:B,4:C,5:A

802.11n: Operates in the 2.4 GHz and 5 GHz bands.

Your Answer: A network device has restarted.

Correct Answer: A network device has restarted.

Correct Answer: 1:C,2:C,3:C,4:T,5:T

Single device handles the core and the distribution layer.

Enhances network availability.

Your Answer: It floods the frame to all interfaces except Fa0/1.

Correct Answer: It floods the frame to all interfaces except Fa0/1.

Your Answer: CA that grants certificates

Correct Answer: one of more CRLs

Correct Answer: 192.168.1.17

Your Answer: Modify network type