Professional Documents
Culture Documents
An engineer must export the contents of the devices object in JSON format. Which statement
must be use?
A. json.print(Devices)
B. json.loads(Devices)
C. json.dumps(Devices)
D. json.repr(Devices)
Answer: C
Explanation
json.loads() takes in a string and returns a json object while json.dumps() takes in a json
object and returns a string. In this question, “Devices” is a ‘list’, not a string so we have to
“dumps” it first to convert it into a string before printing it out.
Question 2
Answer: B
Question 3
An engineer troubleshoots connectivity issues with an application. Testing is performed from the
server gateway, and traffic with the DF bit set is dropped along the path after increasing packet
size. Removing the DF bit setting at the gateway prevents the packets from being dropped.
What is the cause of this issue?
A. PMTUD does not work due to ICMP Packet Too Big messages being dropped by an ACL
B. The remote router drops the traffic due to high CPU load
C. The server should not set the DF bit in any type of traffic that is sent toward the network
D. There is a CoPP policy in place protecting the WAN router CPU from this type of traffic
Answer: C
Explanation
If the DF bit is set, routers cannot fragment packets. The ping result of “MMMMM” means
“Maximum transmission unit (MTU) problem. Could not fragment.” -> In this case, packet needs
to be fragmented but we disabled fragmentation via DF bit.
Question 4
A network engineer must configure a password expiry mechanism on the gateway router for all
local passwords to expire after 60 days. What is required to complete this task?
Answer: A
Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-
17/sec-usr-aaa-xe-17-book/sec-aaa-comm-criteria-pwd.pdf
In the exhibit above, we see the policy “Administrators” satisfies the requirements of “all local
passwords to expire after 60 days” but this policy has not been applied to any user so we have
to use above command to apply to local user “admin”.
Question 5
Refer to the exhibit.
BR1 PE1
router bgp 100 router bgp 200
neighbor 172.24.109.1 remote-as 100 bgp log-neighbor-changes
neighbor 172.24.109.1 next-hop self neighbor 209.165.202.133 remote as
neighbor 209.165.202.134 remote-as 100
200
BR2 PE2
router bgp 100 router bgp 300
neighbor 172.24.109.2 remote-as 100 bgp log-neighbor-changes
neighbor 172.24.109.2 next-hop-self neighbor 209.165.200.229 remote as
neighbor 209.165.200.230 remote-as 100
300
Which configuration change will force BR2 to reach 209.165.201.0/27 via BR1?
Answer: D
Explanation
We cannot set the local preference on PE1 because local preference is only sent to iBGP
neighbors so this attribute cannot reach BR1 -> Answer B is not correct.
Weight attribute is only used locally in a router (not be exchanged between BGP neighbors) so
we cannot affect BR2 from BR1 with this attribute -> Answer C is not correct.
We cannot affect BR2 routing decision by modifying BGP advertisements from BR2 toward PE2
(inbound) -> A is not correct. Also if network 209.165.201.0/27 is advertised with “network”
statement in BGP, BR2 will match it with origin “IGP”. Please check the example in the link
below.
By default, the MED attribute is set to 0 so by increasing the MED on PE2 toward BR2, BR2
would think the metric of its direct link to PE2 is higher than the path advertised by BR1 -> BR2
would use BR1 to reach 209.165.201.0/27.
Question 6
Answer: B E
Explanation
YANG (Yet Another Next Generation) is a data modeling language for the definition of data sent
over network management protocols such as the NETCONF and RESTCONF.
Question 7
Answer: D
Explanation
We don’t have any information about the route to 10.10.1.1/32 so we cannot say if answer A is
correct or not.
Answer B is not correct because if R2 reboots, R2 only becomes the master until R1 is up again
(not until R2 reboots) because “preempt” is enabled by default with VRRP.
Answer C is not correct because R1 & R2 are authenticating via plain text, not MD5.
R1 is tracking the route to 10.10.1.1/32, if this route is removed from R1’s routing table, the
VRRP priority of R1 would be decreased by 20 (110 – 20 = 90) which is smaller than the priority
of R2 -> R2 would take the master role -> Answer D is correct.
Question 8
An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where
should the SNMP table option be added?
Answer: D
Explanation
The following example shows how to enable the periodic sending of an options table that allows
the collector to map the interface SNMP indexes provided in flow records to interface names:
Device(config)# flow exporter FLOW-EXPORTER-1
Device(config-flow-exporter)# option interface-table
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/command/fnf-xe-3se-
3850-cr-book/fnf-xe-3se-3850-cr-book_chapter_01.html
Question 9
HQ(config)#interface tunnel1
HQ(config-if)#keepalive 5 3
A. The tunnel line protocol goes down when the keepalive counter reaches 6
B. The keepalives are sent every 5 seconds and 3 retries
C. The keepalives are sent every 3 seconds and 5 retries.
D. The tunnel line protocol goes down when the keepalive counter reaches 5
Answer: B
Explanation
The syntax of keepalive command is: keepalive {seconds retries} so R1 will send keepalive
message every 5 seconds and retry 3 times. If all of the keepalive messages are failed, R1
concludes the tunnel was broken.
Question 10
A. OMP
B. BFD
C. RSVP
D. IPsec
Answer: B
Question 11
Answer: D
Explanation
Layer-3 marking is accomplished using the 8-bit Type of Service (ToS) field, part of the
IP header. A mark in this field will remain unchanged as it travels from hop-to-hop, unless a
Layer-3 device is explicitly configured to overwrite this field. There are two marking methods
that use the ToS field:
+ IP Precedence: uses the first three bits of the ToS field.
+ Differentiated Service Code Point (DSCP): uses the first six bits of the ToS field. When using
DSCP, the ToS field is often referred to as the Differentiated Services (DS) field.
Question 12
def get_token():
device_url="https://192.168.1.1/dna/sytem/api/v1/auth/token"
http_result = requests.post(device_url, auth = ("test","test34393838!"))
if http_result.status_code != requests.codes.ok:
print("Call failed!" Review get_token().")
sys.exit()
return(http_result.json()["Token"])
Which HTTP code must be returned to prevent the script from exiting?
A. 200
B. 201
C. 300
D. 301
Answer: A
Explanation
In order to prevent the script from exiting, the returned code must equal to “requests.codes.ok”
so that the “sys.exit()” statement does not run. “requests.codes.ok” here is 200:
Question 13
Which LISP component is required for a LISP site to communicate with a non-LISP site?
A. ETR
B. ITR
C. Proxy ETR
D. Proxy ITR
Answer: C
Explanation
The proxy egress tunnel router (PETR) allows the communication from the LISP sites to the non-
LISP sites. The PETR receives LISP encapsulated traffic from ITR.
Question 14
Answer: D
Question 15
Which technology is used as the basis for the Cisco SD-Access data plane?
A. IPsec
B. LISP
C. VXLAN
D. 802.1Q
Answer: C
Question 16
“HTTP/1.1 204 content” is returned when cur -l -x DELETE command is issued. Which situation
has occurred?
Answer: B
Explanation
The HTTP 204 No Content success status response code indicates that a request has succeeded,
but that the client doesn’t need to navigate away from its current page.
Question 17
An engineer must provide wireless converge in a square office. The engineer has only one AP
and believes that it should be placed it in the middle of the room. Which antenna type should the
engineer use?
A. directional
B. polarized
C. Yagi
D. omnidirectional
Answer: D
Explanation
Question 18
While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log
message:
Answer: B
Explanation
The local router was configured with command “standby 1 ip 10.1.1.25” while the peer HSRP
router was configured with command “standby 10 ip 10.1.1.1”
Question 19
Answer: C
Question 20
A. to send traffic to non-LISP sites when connected to a service provider that does not accept
nonroutable EIDs as packet sources
B. to connect a site to the LISP-capable part of a core network, publish the EID-to-RLOC
mappings for the site and respond to map-request messages
C. to decapsulate map-request messages from ITRs and forward the messages to the MS
D. to advertise routable non-USP traffic from one address family to LISP sites in a different
address family
Answer: C
Explanation
Map Resolver (MR): a LISP component which accepts LISP Encapsulated Map Requests,
typically from an ITR, quickly determines whether or not the destination IP address is part of the
EID namespace
Question 21
Answer: C
Question 22
Drag and drop the snippets onto the blanks within the code construct a script that configure a
loopback interface with an IP address. Not all options are used.
Answer:
1 – E
2 – F
3 – D
4 – C
Explanation
Question 23
Drag and drop the characteristics from the left onto the orchestration tools they describe on the
right.
Answer:
Ansible
+ utilizes a push model
+ primary/secondary architecture
Puppet
+ utilizes a pull model
+ multimaster architecture
Explanation
Ansible runs with a single active node, called the Primary instance. If the primary goes down,
there is a Secondary instance to take its place.
Puppet has multi-master architecture. If the active master goes down, then the other master
takes the active master place.
Reference: https://www.javatpoint.com/ansible-vs-puppet
Question 24
Answer: A
Explanation
As we see in the output, the type of this interface in all VLANs are “Edge” (which automatically
transitions the port to the spanning tree forwarding state without passing through the blocking
or learning states) so maybe this interface was configured with “portfast” command. There are
many VLANs on this single interface so we can deduce it is a trunk port. Therefore the best
answer here should be the command “spanning-tree portfast trunk” has been entered.
Question 25
An engineer is troubleshooting the AP join process using DNS. Which FQDN must be resolvable
on the network for the access points to successfully register to the WLC?
A. cisco-capwap-controller.domain.com
B. wlchostname.domain.com
C. ap-manager.domain.com
D. primary-wlc.domain.com
Answer: A
Explanation
The lightweight access points support the following controller discovery processes:
…
DNS discovery—The access point can discover controllers through your domain name server
(DNS). You must configure your DNS to return controller IP addresses in response to CISCO-
CAPWAP-CONTROLLER.localdomain, where localdomain is the access point domain name. When
an access point receives an IP address and DNS information from a DHCP server, it contacts the
DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of
controller IP addresses, the access point sends discovery requests to the controllers.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/5700/software/release/
3e/consolidated/configuration-guide/b_multi_3e_5700_cg/
b_multi_3e_5700_cg_chapter_01001011.pdf
Question 26
A. An EoIP tunnel is created between the client and the anchor controller to provide seamless
connectivity as the client is associated with the new AP
B. The client entry on the original controller is passed to the database on the new controller
C. The new controller assigns an IP address from the new subnet to the client
D. The client database on the original controller is updated the anchor entry, and the new
controller database is updated with the foreign entry.
Answer: D
Explanation
An EoIP tunnel is created between the anchor and foreign controller, not between the client and
the anchor controller -> Answer A is not correct.
In instances where the client roams between APs that are connected to different WLCs and the
WLC WLAN is connected to a different subnet, a Layer 3 roam is performed, and there is an
update between the new WLC (foreign WLC) and the old WLC (anchor WLC) mobility databases.
The client begins with a connection to AP B on WLC 1. This creates an ANCHOR entry in the WLC
client database (-> Answer D is correct as the client database is marked “ANCHOR”). As the
client moves away from AP B and makes an association with AP C, WLC 2 sends a mobility
announcement to peers in the mobility group looking for the WLC with the client MAC address.
WLC 1 responds to the announcement, handshakes, and ACKs. Next the client database entry
for the roaming client is copied to WLC 2, and marked as FOREIGN. Included PMK data (master
key data from the RADIUS server) is also copied to WLC 2. This provides fast roam times for
WPA2/802.11i clients because there is no need to re-authenticate to the RADIUS server.
After a simple key exchange between the client and AP, the client is added to the WLC 2
database and is similar, except that it is marked as FOREIGN.
Reference: https://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob30dg/
TechArch.html and https://mrncciew.com/2013/03/17/l3-inter-controller-roaming/
In Layer 3 roaming, no IP address refresh needed (although client must be re-authenticated and
new security session established) -> Answer C is not correct.
In summary, the “Mobility State” of a client is described below:
+ Before roaming: Mobility State = Local
+ After roaming: Mobility State on Old Database = Anchor; Mobility State on New Database =
Foreign
Therefore the client entry on the original controller is not passed to the database totally. The
client entry is still on the old controller but it is marked “Anchor” -> Answer B is not correct.
Question 27
A network administrator has designed a network with two multilayer switches on the distribution
layer, which act as default gateways for the end hosts. Which two technologies allow every end
host in a VLAN to use both gateways? (Choose two)
A. HSRP
B. GLBP
C. MHSRP
D. VRRP
E. VSS
Answer: B C
Explanation
We can load share traffic in HSRP by using feature set called as Multiple HSRP wherein for a
particular Group first path will be active and second as backup and for other group second path
with be active and first the backup.
Question 28
Which measurement is used from a post wireless survey to depict the cell edge of the access
points?
A. CCI
B. Noise
C. SNR
D. RSSI
Answer: D
Explanation
The following are elements that you should consider when performing a post assessment of the
environment.
Analyze and define the cell edge: This requires the use of AirMagnet Survey, although there
are simple tools like Omnipeek or Wireshark that can be used to measure wireless traffic as a
client roams from one AP to another. According to design best practices that revolve around the
Cell Edge Design, a wireless handset should roam before the RSSI reaches -67 dBm. You can
analyze signal strength and determine the approximate cell edge by measuring the signal
strength in a beacon frame as you move from the center of one cell towards the edge of that
cell.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/technology/vowlan/
troubleshooting/vowlan_troubleshoot/8_Site_Survey_RF_Design_Valid.pdf
Question 29
Explanation
“Routers decrement the TTL by 1 every time they forward a packet; if a router decrements the
TTL to 0, it throws away the packet. This prevents packets from rotating forever.” We want to
make it clear that before the router forwards a packet, the TTL is still remain the same.
For example in the topology below, pings to S0/1 and S0/0 of Router 2 have the same TTL.
If a router finds a TTL value of 1 or 0, it drops the datagram and sends an Internet Control
Message Protocol (ICMP) time-to-live-exceeded message to the sender.
Reference: https://www.cisco.com/c/en/us/td/docs/routers/ir910/software/release/1_1/
configuration/guide/ir910scg/swtrbl.pdf
The picture below shows TTL values for each interface of each router and for Host B. Notice that
Host A initializes ICMP packet with a TTL of 255:
Therefore in this question, if the initial TTL is 2, then R1 receives the packet with TTL of 2, then
it decreases the TTL before forwarding to R2. R2 receives packet with TTL of 1 then decreases
the TTL to 0 so R2 drops the packet ( -> Answer D is correct). R2 also replies back to the source
with an ICMPv4 Type 11, Code 0 Time Exceeded message -> Answer B is correct.
Question 30
Router#show access-list
Extended IP access list 100
10 permit ip 192.168.0.0 0.0.255.255 any
20 permit ip 172.16.0.0 0.0.15.255 any
Which command set must be added to permit and log all traffic that comes from 172.20.10.1 in
interface GigabitEthernet0/1 without impacting the functionality of the access list?
Option A
Option B
Option C
Option D
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Explanation
Option A logs the whole subnet 172.20.10.0/24, not only host 172.20.10.1 so it is not correct.
Option B does not log traffic coming from 172.20.10.1 so it is not correct.
We tested option D but the command “access-list 100 seq 5 permit ip host 172.20.10.1 any log”
is not accepted as shown below:
Option C would append the access-list (statement 30 in the above figure) so it is the best
answer.
Question 31
A. To connect the Cisco SD-Access fabric to another fabric or external Layer 3 networks
B. To collect traffic flow information toward external networks
C. To attach and register clients to the fabric
D. To handle an ordered list of IP addresses and locations for endpoints in the fabric.
Answer: A
Explanation
Question 32
Answer: A
Explanation
IGMPv3 is backward compatible with previous versions of the IGMP protocol. In order to remain
backward compatible with older IGMP
systems, IGMPv3 multicast routers MUST also implement versions 1 and 2 of the protocol.
Reference: https://datatracker.ietf.org/doc/html/rfc3376
Note: When saying “compatible”, we only mention about older version, not newer version. For
example, we cannot say “IGMPv2 is compatible with IGMPv3” because IGMPv3 is newer. But we
can say “IGMPv3 is compatible with IGMPv2”.
Question 33
Answer: B
Explanation
VSS increases operational efficiency by reducing switch management overhead and simplifying
the network. It provides a single point of management, IP address, and routing instance.
VSS can be managed with single management point from which you configure and manage the
VSS. Neighbors see the VSS as a single Layer 2 switching or Layer 3 routing node, thus reducing
the control protocol traffic. VSS provides a single VLAN gateway IP address, removing the need
for the first-hop redundancy protocol (HSRP, VRRP, GLBP). Multichannel EtherChannel (MEC)
allows you to bundle links to two physical switches in VSS, creating a loop-free redundant
topology without the need for STP.
Question 34
A. Oracle VM VirtualBox
B. VMware server
C. Citrix XenServer
D. Microsoft Virtual PC
Answer: C
Explanation
Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient
than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi,
Oracle VM Server, KVM and Microsoft Hyper-V. Xen/Citrix XenServer is also a type 1 hypervisor.
Question 35
An engineer runs the code against an API of Cisco DNA Center, and the platform returns this
output.
What does the response indicate?
Answer: D
Explanation
From the output, we learn that a “Response [405]” was returned. The 405 Method Not
Allowed is an HTTP response status code indicating that the specified request HTTP method was
received and recognized by the server, but the server has rejected that particular method for the
requested resource. Therefore answer B is not correct.
Therefore the most suitable reason for this issue is we have to use “POST” instead of “GET” (in
requests.get) -> Answer D is the best choice.
Question 36
Answer: B
Explanation
In SD-Access, the underlay switches (edge nodes) support the physical connectivity for users
and endpoints. However, end-user subnets and endpoints are not part of the underlay network—
they are part of the automated overlay network.
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html
Question 37
Answer: A
Question 38
A. SaltStack uses an API proxy agent to program Cisco boxes on agent mode, whereas Ansible
uses a Telnet connection
B. SaltStack uses the Ansible agent on the box, whereas Ansible uses a Telnet server on the box
C. SaltStack is constructed with minion, whereas Ansible is constructed with YAML
D. SaltStack uses SSH to interact with Cisco devices, whereas Ansible uses an event bus
Answer: C
Explanation
In SaltStack architecture, there is a core component called Salt-minion, which is a system that is
being controlled by a Salt master.
Question 39
Answer: D
Explanation
In Cisco SD-WAN, there are two types of Centralized Control Policies that fulfill different
objectives:
+ Topology – Topology policies control the route information such as omp, tloc, and service
routes that are being redistributed to a list of sites. As the name implies, they are typically used
for limiting the number of overlay tunnels between sites and controlling the overlay topology.
+ VPN Membership – VPN Membership policies are used to control the distribution of routing
information for specific VPNs to a list of sites. A typical use-case is for creating guest networks
that have Internet access but site-to-site communication is restricted.
Reference: https://www.networkacademy.io/ccie-enterprise/sdwan/what-is-a-centralized-
control-policy
Question 40
Which command set configures RSPAN to capture outgoing traffic from VLAN 3 on interface
GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface?
Option A
Option B
Option C
Option D
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation
To “capture outgoing traffic” we have to use “tx” (transmitted) keyword. To only monitor VLAN 3
we have to use “monitor session 2 filter vlan 3”.
Question 41
Answer: B
Explanation
The “show crypto isakmp sa” command displays all current Internet Key Exchange (IKE) security
associations (SAs) at a peer.
QM_IDLE state means this tunnel is UP and the IKE SA key exchange was successful
(authenticated), but is idle and may be used for subsequent quick mode exchanges. It is in a
quiescent state (QM)
Question 42
An engineer attempts to create a configuration to allow the Blue VRF to leak into the global
routing table, but the configuration does not function as expected. Which action resolves this
issue?
Answer: D
Explanation
We have to change the “10.10.1.0 255.255.255.0” to “10.10.1.0 0.0.0.255” in the ACL
statement.
Question 43
POSTMAN is showing an attempt to retrieve network device information from Cisco DNA Center
API. What is the issue?
Answer: B
Explanation
Question 44
Running the script causes the output in the exhibit. Which change to the first line of the script
resolves the error?
A. from ncclient import *
B. import manager
C. from ncclient import
D. import ncclient manager
Answer: A
Explanation
Importing a module (“ncclient” in this case) does not automatically import submodules/functions
(“manager” in this case) so the above script causes error.
Answer C is not correct as we did not specify anything after keyword “import”.
Answer D is not correct as it is missing a dot “.” (it should be “import ncclient.manager).
We tested both answer ‘from ncclient import *’ and answer ‘import ncclient.manager’ in Python
and both of them worked well.
Question 45
An engineer configures HSRP group 37. The configuration does not modify the default virtual
MAC address. Which virtual MAC address does the group use?
A. 00:00:0c:07:ac:25
B. 00:00:0c:07:ac:37
C. C0:39:83:25:258:5
D. C0.00:00:25:00:00
Answer: A
Explanation
The last two-digit hex value in the MAC address presents the HSRP group number. In this case
37 in decimal is 25 in hexadecimal -> Answer A is correct.
Question 46
Which Cisco DNA center application is responsible for group-based access control permissions?
A. Design
B. Provision
C. Assurance
D. Policy
Answer: D
Question 47
An engineer attempts to configure a trunk between switch SW1 and switch SW2 using DTP, but
the trunk does not form. Which command should the engineer apply to switch SW2 to resolve
this issue?
Answer: D
Question 48
Which set of commands on router R1 allow deterministic translation of private hosts PC1, PC2,
and PC3 to addresses in the public space?
Option A
RouterR1(config)#int f0/0
RouterR1(config)#ip nat inside
RouterR1(config-if)#exit
RouterR1(config)#int f0/1
RouterR1(config)#ip nat outside
RouterR1(config-if)#exit
RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255
RouterR1(config)#ip nat pool POOL 155.1.1.101 155.1.1.103 netmask 255.255.255.0
RouterR1(config)#ip nat inside source list 1 pool POOL
Option B
RouterR1(config)#int f0/0
RouterR1(config)#ip nat outside
RouterR1(config-if)#exit
RouterR1(config)#int f0/1
RouterR1(config)#ip nat inside
RouterR1(config-if)#exit
RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101
RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102
RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103
Option C
RouterR1(config)#int f0/0
RouterR1(config)#ip nat inside
RouterR1(config-if)#exit
RouterR1(config)#int f0/1
RouterR1(config)#ip nat outside
RouterR1(config-if)#exit
RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101
RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102
RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103
Option D
RouterR1(config)#int f0/0
RouterR1(config)#ip nat inside
RouterR1(config-if)#exit
RouterR1(config)#int f0/1
RouterR1(config)#ip nat outside
RouterR1(config-if)#exit
RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255
RouterR1(config)#ip nat inside source list 1 interface f0/1 overload
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Question 49
A client device roams between wireless LAN controllers that are mobility peers. Both controllers
have dynamic interface on the same client VLAN. Which type of roam is described?
A. intra-VLAN
B. intra-controller
C. inter-controller
D. inter-subnet
Answer: C
Explanation
Inter Controller-L2 Roaming: Inter-Controller (normally layer 2) roaming occurs when a client
roam between two APs registered to two different controllers, where each controller has an
interface in the client subnet.
Question 50
Which line must be added in the Python function to return the JSON object
{“cat_9k”:”FXS193202SE”)?
Answer: A
Explanation
Our first variable test_json is a string which we cannot loop through so we have to convert it
into a dictionary type first with json.loads() function -> Therefore we must use
“json.loads(test_json)[‘response’]”, not json.dumps(…) in the for loop. Then we can use
the for loop to iterate through the dictionary. The script below is an example:
import json
json_string = '{"key1": "value1", "key2": "value2"}'
#Load JSON string to a dictionary
json_dictionary = json.loads(json_string)
OUTPUT:
key1 : value1
key2 : value2
We also tested both of the answers in Atom, only the first answer is correct:
Note:
+ json.dumps() function converts a Python object into a json string. For example:
json.dumps({‘name’: ‘John’,’age’: ’20’})
+ json.loads() method parses a valid JSON string and convert it into a Python Dictionary.
Question 51
Which two operational models enable an AP to scan one or more wireless channels for rouge
access points and at the same time provide wireless services to clients? (Choose two)
A. Sniffer
B. Rouge detector
C. Local
D. FlexConnect
E. Monitor
Answer: C D
Explanation
Although Monitor and Rogue detector mode can detect rough APs but they do not handle
data so they are not correct.
Rogue Detection
A rogue is essentially any device that shares your spectrum, but is not in your control. This
includes rogue Access Points, wireless router, rogue clients, and rogue ad-hoc networks. The
Cisco UWN uses a number of methods to detect Wi-Fi-based rogue devices such as off-channel
scanning and dedicated monitor mode capabilities. Cisco Spectrum Expert can also be used to
identify rogue devices not based on the 802.11 protocol, such as Bluetooth bridges.
Off-Channel Scanning
This operation is performed by Local and Flex-Connect (in connected mode) mode APs and
utilizes a time-slicing technique which allows client service and channel scanning with the usage
of the same radio.
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-
controllers/112045-handling-rogue-cuwn-00.html
Question 52
Answer: D
Explanation
These messages specifically indicate that the router received a data packet that was sourced
from the MAC addresses 0000.0c07.ac28, which is different from the MAC address of our HSRP
group (0000.0c07.ac32). We also notice that 0000.0c07.ac28 is the virtual MAC address of
another HSRP group (group 40 in particular; as 28 in hexadecimal equals to 40 in decimal).
Note: If the source MAC address of the error message is the same as our HSRP MAC address
then the most likely cause is STP loop as our router received its own packet back.
Question 53
Refer to the exhibit. A network engineer troubleshoots an issue with the port channel between
SW1 and SW2. Which command resolves the issue?
Answer: A
Question 54
Answer: C
Explanation
Wi-Fi 6 brings several crucial wireless enhancements for IT administrators when compared to
Wi-Fi 5. The first significant change is using 2.4 GHz. Wi-Fi 5 was limited to only using 5 GHz.
While 5 GHz is a ‘cleaner’ band of RF, it doesn’t penetrate walls and 2.4 GHz and requires more
battery life. For Wi-Fi driven IoT devices, 2.4 GHz will likely continue to be the band of choice for
the foreseeable future.
Another critical difference between the two standards is the use of Orthogonal Frequency
Division Multiple Access (OFDMA) and MU-MIMO. Wi-Fi 5 was limited to downlink only on MU-
MIMO, where Wi-Fi 6 includes downlink and uplink. OFDMA, as referenced above, is also only
available in Wi-Fi 6.
Reference: https://www.extremenetworks.com/wifi6/what-is-80211ax/
Question 55
Answer: C
Explanation
SA request messages are used to request a list of active sources for a specific group. These
messages are sent to an MSDP SA cache that maintains a list of active (S, G) pairs in its SA
cache -> Answer C is correct.
SA response messages are sent by the MSDP peer in response to an SA request message. SA
response messages contain the IP address of the originating RP and one or more (S, G) pairs of
the active sources in the originating RP’s domain that are stored in the cache -> Answer D is not
correct as it should be “SA response messages are used to advertise active sources in a domain”
(not MSDP messages).
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/xe-
16/imc-pim-xe-16-book/imc-msdp-im-pim-sim.html
But we think answer C is the better choice because it answers the question “How is MSDP used
…”.
Note:
After a large PIM-SM network is divided into multiple PIM-SM domains, a mechanism is required
to enable user hosts in a PIM-SM domain to receive multicast data from sources in another PIM-
SM domain.
Multicast Source Discovery Protocol (MSDP) provides such a mechanism. It interconnects
multiple PIM-SM domains to implement inter-domain multicast. RPs in PIM-SM domains set up
MSDP peer relationships. By sending Source Active (SA) messages, the MSDP peers send the (S,
G) information from the RP to which the source registers to the RPs in another PIM-SM domain.
Reference: https://support.huawei.com/enterprise/en/doc/EDOC1000027471?section=j009
Note: A benefit of using MSDP to interconnect multiple PIM-SM domains is to allow a rendezvous
point (RP) to dynamically discover active sources outside of its domain.
Question 56
Drag and drop the characteristics from the left onto the routing protocols they describe on the
right.
Answer:
EIGRP
+ can automatically summarize networks at the boundary
OSPF
+ supports virtual links
+ requires manual configuration of network summarization
Explanation
Unlike OSPF where we can summarize only on ABR or ASBR, in EIGRP we can summarize
anywhere.
Manual summarization can be applied anywhere in EIGRP domain, on every router, on every
interface via the ip summary-address eigrp as-number address mask [administrative-
distance ] command (for example: ip summary-address eigrp 1 192.168.16.0 255.255.248.0).
Summary route will exist in routing table as long as at least one more specific route will exist. If
the last specific route will disappear, summary route also will fade out. The metric used by
EIGRP manual summary route is the minimum metric of the specific routes.
Question 57
Drag and drop the characteristics from the left onto the protocols they apply to on the right.
Answer:
OSPF
+ uses Dijkstra’s Shortest Path First algorithm
+ uses an election process
EIGRP
+ uses Diffused Update Algorithm
+ uses bandwidth, delay, reliability and load for routing metric
Question 58
Answer: D
Explanation
For a fabric-enabled SSID, the AP converts 802.11 traffic to 802.3 and encapsulates it into
VXLAN, encoding the VNI and SGT information of the client.
Reference: https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/network-
automation-and-management/dna-center/deploy-guide/cisco-dna-center-sd-access-wl-dg.pdf
Question 59
Drag and drop the wireless elements on the left to their definitions on the right.
Answer:
Explanation
Beamwidth
The angle, in degrees, between the two half-power points (-3 dB) of an antenna beam, where
more than 90% of the energy is radiated.
A radiation pattern defines the variation of the power radiated by an antenna as a function of
the direction away from the antenna.
Polarization describes the way the electric field of the radio wave is oriented.
Antenna gain is the ability of the antenna to radiate more or less in any direction compared to a
theoretical antenna.
Question 60
R1
interface Ethernet0/0
ip address 10.1.1.10 255.255.255.0
ip nat inside
!
interface Serial0/0
ip address 209.165.201.1 255.255.255.224
ip nat outside
!
ip nat pool Busi 209.165.201.1 209.165.201.2 netmask 255.255.255.252
ip nat inside source list 1 pool Busi
!
access-list permit 10.1.1.0 0.0.0.255
!
Answer: B
Question 61
Which congestion queuing method on Cisco IOS based routers uses four static queues?
A. low latency
B. custom
C. weighted fair
D. Priority
Answer: D
Explanation
Priority Queuing (PQ): This type of queuing places traffic into one of four queues. Each queue
has a different level of priority, and higher-priority queues must be emptied before packets are
emptied from lower-priority queues. This behavior can “starve out” lower- priority traffic.
Question 62
Answer: A
Explanation
From the output, we see the following facts from top to bottom:
+ ASR1001 is reachable
+ Cat9000 (C9300) has the incorrect credentials
+ Cat3850 is unreachable
Question 63
Which AP mode allows an engineer to scan configured channels for rogue access points?
A. local
B. sniffer
C. bridge
D. monitor
Answer: D
Question 64
Answer: D
Explanation
WLC is still responsible for: AP image/config, Radio Resource Management (RRM) and client
session management and roaming.
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2018/pdf/BRKEWN-
2020.pdf
Question 65
Rapid PVST+ is enabled on all switches. Which command set must be configured on Switch1 to
achieve the following results on port fa0/1?
+ When a device is connected, the port transitions immediately to a forwarding state
+ The interface should not send or receive BPDUs.
+ If a BPDU is received, it continues operating normally.
A.
Switch1(config)# interface f0/1
Switch1(config-if)# spanning-tree portfast
Switch1(config-if)# spanning-tree bpduguard enable
B.
Switch1(config)# spanning-tree portfast bpduguard default
Switch1(config)# interface f0/1
Switch1(config-if)# spanning-tree portfast
C.
Switch1(config)#interface f0/1
Switch1(config-if)# spanning-tree portfast
D.
Switch1(config)#spanning-tree portfast bpdufilter default
Switch1(config)# interface f0/1
Switch1(config-if)# spanning-tree portfast
Answer: D
Explanation
BPDU Guard feature allows STP to shut an access port in the event of receiving a BPDU and put
that port into err-disabled state so it is not the answer we want here.
There are two ways to configure BPDU filtering feature, one in global configuration mode and
one under a specific interface:
But the effect of these two commands are different and you should remember:
+ When BPDU filtering is enabled globally; and if BPDUs are seen, the port loses its PortFast
status, BPDU filtering is disabled, the port returns to normal state
+ When BPDU filtering is enabled on a specific port, it prevents this port from sending or
receiving BPDUs (so if BPDUs are seen, they will be dropped)
Question 66
After running the code in the exhibit. Which step reduces the amount of data that NETCONF
server returns to the NETCONF client, to only the interface’s configuration?
Answer: A
Explanation
Sometimes we are only interested in a very particular part of the config. NETCONF accomodates
this with the ability to specify a filter. In below script, we will specify a filter that only shows the
information for interface GigabitEthernet3. The get_config also accepts a filter parameter
(documentation). So in below script, we will simply pass that filter to the get_config method and
see what happens.
Reference: https://blog.wimwauters.com/networkprogrammability/2020-03-30-
netconf_python_part1/
Question 67
A network engineer configures BGP between R1 and R2. Both routers use BGP peer group CORP
and are set up to use MD5 authentication. This message is logged to the console of router R1:
A.
R2(config-router)#neighbor 10.10.10.1 peer-group CORP
R2(config-router)#neighbor CORP password Cisco
B.
R2(config-router)#neighbor 10.10.10.1 peer-group CORP
R2(config-router)#neighbor PEER password Cisco
C.
R1(config-router)#neighbor 10.10.10.1 peer-group CORP
R1(config-router)#neighbor CORP password Cisco
D.
R1(config-router)#neighbor 10.120.10.1 peer-group CORP
R1(config-router)#neighbor CORP password Cisco
E.
R2(config-router)#neighbor 10.120.10.1 peer-group CORP
R2(config-router)#neighbor CORP password Cisco
Answer: C E
Explanation
The above message (“…Invalid MD5 digest from 10.10.10.1 (29832) to 10.120.10.1…”) was
received on R1 so we can deduce the IP address of R1 is 10.120.10.1 and the IP address of R2 is
10.10.10.1. Therefore on R1 we have to configure “neighbor 10.10.10.1 …” while on R2 we have
to use “neighbor 10.120.10.1 …”
Question 68
A. wireless client
B. access point
C. wireless LAN controller
D. WCS location server
Answer: A
Explanation
Roaming is a client side decision in 802.11 WiFi. Client devices listen for beacon frames or send
probe requests to discover APs advertising the preferred SSID. The clients driver uses the
received signal strength of beacons or probe responses to make decisions on whether to change
APs or remain connected to the current AP.
Question 69
Option A Option B
interface G0/1
ip address 10.1.1.1 255.255.255.0
ip nat outside
Option C Option D
ip nat inside source static tcp 10.1.1.1 8080 ip nat inside source static tcp 10.1.1.100
209.166.200.225 80 8080 interface G0/0 80
Option E
interface G0/0
ip address 209.165.200.225
255.255.255.224
ip nat outside
interface G0/1
ip address 10.1.1.1 255.255.255.0
ip nat inside
Answer: D
Explanation
We need:
We need to configure local-ip before global-ip in the command ip nat inside source
static local-ip global-ip so only Option D is correct.
Question 70
A. evert-driven RRM
B. data rate (modulation density) or QAM
C. channel bandwidth
D. number of spatial streams and spatial reuse
E. RF group leader
F. dynamic channel assignment
Answer: B C D
Explanation
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKEWN-
3010.pdf
Question 71
Which features does Cisco EDR use to provide threat detection and response protection?
Answer: A
Explanation
In addition to continuous file analysis, it is important to note that an EDR is only as good at
detecting files as the cyber threat intelligence that powers it. Cyber threat intelligence leverages
large-scale data, machine learning capabilities, and advanced file analysis to help detect threats.
The greater the cyber threat intelligence, the more likely it is your EDR solution will identify the
threat. Without any cyber threat intelligence, an EDR solution is ineffective.
After detecting a malicious file, an EDR solution must be able to contain the threat. Malicious
files aim to infect as many processes, applications, and users as possible. Segmentation can be a
great defense within your data center to avoid lateral movement of advanced threats.
Segmentation is helpful, but a proper EDR solution can help contain a malicious file before
testing the edges of segmented areas of the network. Ransomware is a tremendous example of
why you need to contain threats. Ransomware can be tricky to remove. Once it has encrypted
information, your EDR needs to be able to fully contain ransomware to mitigate the damages.
Reference: https://www.cisco.com/c/en/us/products/security/endpoint-security/what-is-
endpoint-detection-response-edr.html
Question 72
def get_credentials():
creds={'username':'cisco','password':'c339348dc30e3fbig3kjr93godke333'}
return(creds.get('username'))
print(get_credentials())
A. username: Cisco
B. get_credentials
C. username
D. cisco
Answer: D
Explanation
“creds” is Dictionary type in Python so we can use the method “get” to get the value of an item.
Question 73
Which two threats does AMP4E have the ability to block? (Choose two)
A. DDoS
B. ransomware
C. SQL injection
D. Microsoft Word macro attack
E. email phishing
Answer: B D
Explanation
Question 74
Which single security feature is recommended to provide Network Access Control in the
enterprise?
A. 802.1X
B. MAB
C. WebAuth
D. port security sticky MAC
Answer: A
Question 75
Answer: A
Question 76
What are two benefits of virtual switching when compared to hardware switching? (Choose two)
Answer: C D
Explanation
Virtual switches have benefits as well as virtual machines attached to them. They boost security
by leveraging isolation, control and content inspection methods between virtual machines, which
helps deter inter-switch link attacks. Moreover, with virtual switches, network administrators can
control them with a hypervisor. Additionally, virtual switches can help with the migration of
virtual machines across physical hosts by eliminating the need to reconfigure each virtual
machine. They can also enhance operational efficiency, improve communications and scale
system bandwidth capacity.
Reference: https://www.rcrwireless.com/20180328/fundamentals/physical-switches-vs-virtual-
switches
Question 77
Answer: A E
Explanation
VXLAN has a 24-bit VXLAN network identifier (VNI), which allows for up to 16 million (= 2 24)
VXLAN segments to coexist within the same infrastructure. This surely solve the small number of
traditional VLANs -> The first problem of VLAN has been resolved.
VTEPs connect between Overlay and Underlay network and they are responsible for
encapsulating frame into VXLAN packets to send across IP network (Underlay) then
decapsulating when the packets leaves the VXLAN tunnel.
VXLAN is a virtual overlay network which runs on the top of a physical underlay network.
The underlay network may use any Layer 3 routing protocol like OSPF, EIGRP, IS-IS… to route
packets so no Spanning Tree Protocol is required -> One of the major benefits of VXLAN
technology is that it allows creating virtual Layer 2 segments over Layer 3 routed networks.
Therefore answer C is not correct because “It extends Layer 2 and Layer 3 overlay networks
over a Layer 3 underlay” (not Layer 2 underlay).
Question 78
An engineer is troubleshooting a connectivity issue and executes a traceoute. What does the
result confirm?
Answer: B
Explanation
! — success
* — time out
N — network unreachable
H — host unreachable
P — protocol unreachable
A — admin denied
Q — source quench received (congestion)
? — unknown (any other ICMP message)
Reference: https://www.cisco.com/c/en/us/support/docs/ip/ip-routed-protocols/22826-
traceroute.html
Question 79
A network engineer configures a new GRE tunnel and enters the show run command. What does
the output verify?
A. The tunnel keepalive is configured incorrectly because they must match on both sites
B. The tunnel destination will be known via the tunnel interface
C. The tunnel will be established and work as expected
D. The default MTU of the tunnel interface is 1500 byte.
Answer: B
Explanation
GRE keepalive packets may be sent from both sides of a tunnel or from just one side. If they are
sent from both sides, the period and retry parameters can be different at each side of the link ->
Answer A is not correct.
Tunnel interfaces by default will have 1476 bytes MTU. 24 bytes less the physical -> Answer D is
not correct.
In this question, we turned on OSPF on all active interfaces (with the “network 0.0.0.0
255.255.255.255 area 0” command). So on SiteB the tunnel interface (192.168.100.2) is also
running OSPF. When SiteA receives the OSPF advertisement from SiteB, it realizes it can reach
the other side of the tunnel via OSPF (and it would not use the default route any more). In other
words, it reaches the tunnel destination through the tunnel itself -> This causes “recursive
routing” error.
Note: In order to avoid this error, do not advertise the tunnel destination IP address on the
tunnel interface to other side.
Question 80
An engineer has configured Cisco ISE to assign VLANs to clients based on their method of
authentication, but this is not working as expected. Which action will resolve this issue?
Answer: D
Explanation
Dynamic VLAN assignment is one such feature that places a wireless user into a specific VLAN
based on the credentials supplied by the user. This task of assigning users to a specific VLAN is
handled by a RADIUS authentication server, such as Cisco ISE. This can be used, for example, to
allow the wireless host to remain on the same VLAN as it moves within a campus network.
In order to accomplish dynamic VLAN assignment with WLCs based on ISE to AD group
mapping, these steps must be performed:
+ ISE to AD integration and configuration of authentication and authorization policies for users
on ISE
+ WLC configuration to support dot1x authentication and AAA override for correspondent SSID
+ End client supplicant configuration
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-
controllers/99121-vlan-acs-ad-config.html
Question 81
Answer: C
Question 82
If the noise floor is -90 dBm and the wireless client is receiving a signal of -75 dBm, what is the
SNR?
A. -165
B. 83
C. 15
D. 1.2
Answer: C
Explanation
If your SNR measurements are already in decibel form, then you can subtract the noise quantity
from the desired signal: SNR = S – N. This is because when you subtract logarithms, it is the
equivalent of dividing normal numbers. Also, the difference in the numbers equals the SNR. In
this question, SNR = -75 – (-90) = 15.
Question 83
Drag and drop the snippets onto the blanks within the code to construct a script that advertises
the network prefix 192.168.5.0 session. Not all options are used.
Answer: 1-A; 2-C;3-B
Question 84
Answer: C
Question 85
Which design principle states that a user has no access by default to any resource, and unless a
resource is explicitly granted, it should be denied?
A. complete mediation
B. least privilege
C. economy of mechanism
D. fail-safe defaults
Answer: D
Explanation
The Principle of Fail-Safe Defaults states that, unless a subject is given explicit access to an
object, it should be denied access to that object.
Note: By the principle of least privilege, that administrator should only be able to access the
subjects and objects involved in mail queueing and delivery. As we saw, this minimizes the
threats if that administrator’s account is compromised. The mail system can be damaged or
destroyed, but nothing else can be.
Reference: https://us-cert.cisa.gov/bsi/articles/knowledge/principles/failing-securely
Question 86
Drag and drop the snippets into the RESTCONF request to form the request that returns this
response. Not all options are used.
Answer:
1 – interface/GigabitEthernet/1/
2 – GET
3 – Accept
Question 87
An engineer implemented several configuration changes and receives the logging message on
Switch1. Which action should the engineer take to resolve this issue?
Answer: D
Explanation
We can configure “switchport mode trunk” and “switchport mode dynamic desirable” on two
ends with no problem. But trunking can be configured only when the ports belong to the same
VTP domain.
Question 88
Answer: C
Explanation
From the output of “show run interface gigabitethernet0/0” of SW2, we see interface G0/0 is in
access mode so we have to change to trunk mode to match with the configuration of G0/1
interface of SW2.
Question 89
A network administrator applies the following configuration to an IOS device. What is the
process of password checks when a login attempt is made to the device?
aaa new-model
aaa authentication login default local group tacacs+
Answer: D
Explanation
“aaa authentication login” specifies that you want to use authentication. You need to give the
authentication parameters a list name, either default or some other name you define:
+ The ‘default’ means we want to apply for all login connections (such as tty, vty, console and
aux). If we use this keyword, we don’t need to configure anything else under tty, vty and aux
lines. If we don’t use this keyword then we have to specify which line(s) we want to apply the
authentication feature.
+ The ‘local group tacacs+” means all users are authenticated using router’s local database
first and then if required, TACACS server is tried.
Question 90
Router 1 is currently operating as the HSRP primary with a priority of 110. Router1 fails and
Router2 take over the forwarding role. Which command on Router1 causes it to take over the
forwarding role when it return to service?
A. standby 2 priority
B. standby 2 preempt
C. standby 2 track
D. standby 2 timers
Answer: B
Question 91
Drag and drop packet switching architecture from the left onto the correct positions on the right.
Answer:
Process Switching:
+ It is referred as “software” switching
+ It uses General Purpose CPU to perform that switching
Question 92
A. Switch2(config)#interface gig1/0/20
Switch2(config-if)#switchport mode dynamic desirable
B. Switch1(config)#interface gig1/0/20
Switch1(config-if)#switchport mode dynamic auto
C. Switch2(config)#interface gig1/0/20
Switch2(config-if)#switchport mode dynamic auto
D. Switch2(config)#interface gig1/0/20
Switch1(config-if)#switchport trunk native vlan 1
Switch2(config)#interface gig1/0/20
Switch2(config-if)#switchport trunk native vlan 1
Answer: A
Explanation
From the output, we learn that both interfaces are in “auto” mode so they cannot establish a
trunk. We have to change one (or both) of them to “desirable” mode.
Question 93
Answer: A
Explanation
Orchestration plane (vBond) assists in securely onboarding the SD-WAN WAN Edge routers
into the SD-WAN overlay. The vBond controller, or orchestrator, authenticates and authorizes
the SD-WAN components onto the network. The vBond orchestrator takes an added
responsibility to distribute the list of vSmart and vManage controller information to the WAN
Edge routers. vBond is the only device in SD-WAN that requires a public IP address as it is the
first point of contact and authentication for all SD-WAN components to join the SD-WAN fabric.
All other components need to know the vBond IP or DNS information.
Question 94
A. 75dBm
B. 150dBm
C. 6dBm
D. 125dBm
Answer: C
Explanation
P(dBm) = 10log10(mW)
Therefore:
Question 95
A. Postman
B. Ansible
C. Chef
D. Puppet
Answer: A
Question 96
A network engineer must configure a router to send logging messages to a syslog server based
on these requirements:
Answer: D
Question 97
Drag and drop the characteristics from the left onto the routing protocols they describe on the
right.
Answer:
EIGRP
+ It is an Advanced Distance Vector routing protocol
+ It relies on the Diffused Update Algorithm to calculate the shortest path to a destination
+ It requires an Autonomous System number to create a routing instance for exchanging routing
information
OSPF
+ The default Administrative Distance is equal to 110
+ It requires a process ID that is local to the router
+ It uses virtual links to connect two parts of a partitioned backbone through a non-backbone
area
Question 98
Refer to the exhibit. Which result does the python code achieve?
Answer: A
Explanation
date = 10000 * 2021 + 100 * 8 + 16 = 20210000 + 800 + 16 = 20210816 -> Therefore the
date is in yyyymmdd format.
Question 99
Refer to the exhibit. Which command is required to verify NETCONF capability reply messages?
A. show netconf | section rpc-reply
B. show netconf rpc-reply
C. show netconf xml rpc-reply
D. show netconf schema | section rpc-reply
Answer: D
Explanation
The output of the show netconf schema command displays the element structure for a
NETCONF request and the resulting reply. This schema can be used to construct proper
NETCONF requests and parse the resulting replies.
We tested this command under IOS-XE v16.05.01b and this is the result:
Other commands are not correct: