Make success possible with our Latest and Unique CCNA 200-301 Practice Exam!
Name: Cisco Certified Network Associate
Exam Code: 200-301
Certification: CCNA
Vendor: Cisco
Total Questions: 1005
Last Updated: April 24, 2025
585 Satisfied Customers
Success is simply the result of the efforts you put into the preparation. We at Dumpsgroup wish to make that preparation a lot easier. The Cisco Certified Network Associate 200-301 Practice Exam we offer is solely for best results. Our IT experts put in their blood and sweat into carefully selecting and compiling these unique Practice Questions. So, you can achieve your dreams of becoming a CCNA professional. Now is the time to press that big buy button and take the first step to a better and brighter future.
Passing the Cisco 200-301 exam is simpler if you have globally valid resources and Dumpsgroup provides you just that. Millions of customers come to us daily, leaving the platform happy and satisfied. Because we aim to provide you with CCNA Practice Questions aligned with the latest patterns of the Cisco Certified Network Associate Exam. And not just that, our reliable customer services are 24 hours at your beck and call to support you in every way necessary. Order now to see the 200-301 Exam results you always desired.
You must have heard about candidates failing in a large quantity and perhaps tried yourself and fail to pass Cisco Certified Network Associate. It is best to try Dumpsgroup’s 200-301 Practice Questions this time around. Dumpsgroup not only provides an authentic, valid, and accurate resource for your preparation. They simplified the training by dividing it into two different formats for ease and comfort. Now you can get the Cisco 200-301 in both PDF and Online Test Engine formats. Choose whichever or both to start your CCNA certification exam preparation.
Furthermore, Dumpsgroup gives a hefty percentage off on these Spoto 200-301 Practice Exam by applying a simple discount code; when the actual price is already so cheap. The updates for the first three months, from the date of your purchase, are FREE. Our esteemed customers cannot stop singing praises of our Cisco 200-301 Practice Questions. That is because we offer only the questions with the highest possibility of appearing in the actual exam. Download the free demo and see for yourself.
We know you have been struggling to compete with your colleagues in your workplace. That is why we provide the 200-301 Practice Questions to let you gain the upper hand that you always wanted. These questions and answers are a thorough guide in a simple and exam-like format! That makes understanding and excelling in your field way lot easier. Our aim is not just to help to pass the CCNA Exam but to make a Cisco professional out of you. For that purpose, our 200-301 Practice Exams are the best choice.
There are many resources available online for the preparation of the Cisco Certified Network Associate Exam. But that does mean that all of them are reliable. When your future as a CCNA certified is at risk, you have got to think twice while choosing Cisco 200-301 Practice Questions. Dumpsgroup is not only a verified source of training material but has been in this business for years. In those years, we researched on 200-301 Practice Exam and came up with the best solution. So, you can trust that we know what we are doing. Moreover, we have joined hands with Cisco experts and professionals who are exceptional in their skills. And these experts approved our 200-301 Practice Questions for Cisco Certified Network Associate preparation.
What are two purposes of HSRP? (Choose two.)
A. It groups two or more routers to operate as one virtual router.
B. It improves network availability by providing redundant gateways.
C. It passes configuration information to hosts in a TCP/IP network.
D. It helps hosts on the network to reach remote subnets without a default gateway.
E. It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot.
ANSWER : A,B
A wireless access point is needed and must meet these requirements: • "zero-touch" deployed and managed by a WLC• process only real-time MAC functionality • used in a split-MAC architecture. Which access point type must be used?
A. autonomous
B. lightweight
C. mesh
D. cloud-based
ANSWER : B
Which type of address is shared by routers in a HSRP implementation and used by hostson the subnet as their default gateway address?
A. multicast address
B. loopback IP address
C. virtual IP address
D. broadcast address
ANSWER : C
Refer to the exhibit.
When router R1 is sending traffic to IP address 10.56.192 1, which interface or next hopaddress does it use to route the packet?
A. 0.0.0.0.0/0
B. 10.56.0.1
C. 10.56.128.19
D. Vlan57
ANSWER : B
Refer to the exhibit.
The EtherChannel is configured with a speed of 1000 and duplex as full on both ends ofchannel group 1. What is the next step to configure the channel on switch A to respond tobut not initiate LACP communication?
A. interface range gigabitethernet0/0/0-15 channel-group 1 mode on
B. interface range gigabitethernet0/0/0-15 channel-group 1 mode desirable
C. interface port-channel 1 channel-group 1 mode auto
D. interface port-channel 1 channel-group 1 mode passive
ANSWER : D
Refer to the exhibit
All interfaces are in the same VLAN. All switches are configured with the default STPpriorities. During the STP electronics, which switch becomes the root bridge?
A. MDF-DC-4:08:E0:19: 08:B3:19
B. MDF-DC-3:08:0E:18::1A:3C:9D
C. MDF-DC-08:0E:18:22:05:97
D. MDF-DC-1:DB:E:44:02:54:79
ANSWER : C
What is the primary purpose of a console port on a Cisco WLC?
A. In-band management via an asynchronous transport
B. out-of-band management via an IP transport
C. in-band management via an IP transport
D. out-of-band management via an asynchronous transport
ANSWER : D
What is the temporary state that switch ports always enter immediately after the bootprocess when Rapid PVST+ is used?
A. discarding
B. listening
C. forwarding
D. learning
ANSWER : A
A network architect is deciding whether to implement Cisco autonomous access points orlightweight access points. Which fact about firmware updates must the architect consider?Unlike lightweight access points, which require
A. Unlike lightweight access points, which require redundant WLCs to support firmwareupgrades, autonomous access points require only one WLC.
B. Unlike autonomous access points, lightweight access points store a complete copy ofthe current firmware for backup.
C. Unlike lightweight access points, autonomous access points can recover automaticallyfrom a corrupt firmware update.
D. Unlike autonomous access points, lightweight access points require a WLC toimplement remote firmware updates.
ANSWER : D
Which WPA mode uses PSK authentication?
A. Local
B. Client
C. Enterprise
D. Personal
ANSWER : C
When an access point is seeking to join wireless LAN controller, which message is sent tothe AP- Manager interface?
A. Discovery response
B. DHCP request
C. DHCP discover
D. Discovery request
ANSWER : D
Refer to the exhibit.
What must be configured to enable 802.11w on the WLAN?
A. Set PMF to Required.
B. Enable MAC Filtering.
C. Enable WPA Policy.
D. Set Fast Transition to Enabled
ANSWER : A
What are two reasons lo configure PortFast on a switch port attached to an end host? (Choose two.)
A. to enable the number of MAC addresses learned on the port to l
B. to protect the operation of the port from topology change processes
C. to enable the pod to enter the forwarding state immediately when the host boots up
D. to prevent the port from participating in Spanning Tree Protocol operations
E. to block another switch or host from communicating through the port
ANSWER : B,C
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : C
What should a network administrator consider when deciding to implement automation?
A. Automated systems may have difficulty expanding network changes at scale.
B. Network automation typically is limited to the configuration and management of virtual devices within a network.
C. Network automation typically increases enterprise management operating costs.
D. Manual changes frequently lead to configuration errors and inconsistencies.
ANSWER : D
SW1 supports connectivity for a lobby conference room and must be secured. Theengineer must limit the connectivity from PCI lo ma SW1 and SW2 network. The MACaddresses allowed must be Limited to two. Which configuration secures the conferenceroom connectivity?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : B
A network engineer must migrate a router loopback interface to the IPv6 address space. Ifthe current IPv4 address of the interface is 10.54.73.1/32, and the engineer configures IPv6address 0.0.0.0.0:ffff:a36:4901, which prefix length must be used?
A. /64
B. /96
C. /124
D. /128
ANSWER : D
Refer to the exhibit.
The given Windows PC is requesting the IP address of the host at www.cisco.com. Towhich IP address is the request sent?
A. 192.168.1.226
B. 192.168.1.100
C. 192.168.1.254
D. 192.168.1.253
ANSWER : D
Refer to the exhibit.
Router R14 is in the process of being configured. Which configuration must be used toestablish a host route to PC 10?
A. ip route 10.80.65.10 255.255.255.254 10.80.65.1
B. ip route 10.8065.10 255.255.255.255 10.73.65.66
C. ip route 1073.65.65 255.0.0.0 10.80.65.10
D. ip route 10.73.65.66 0.0.0.255 10.80.65.10
ANSWER : B
Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1and the ISP must be configured with a manual assignment, and the LAN interface must beself-provisioned Both connections must use the applicable IPv6 networks Which twoconfigurations must be applied to R1? (Choose two.)
A. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127
B. interface Gi0/0ipv6 address 2001:db8:1:AFFF::/64 eui-64
C. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127
D. interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64
E. interface Gi0/0ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127
ANSWER : C,D
Refer to the exhibit. An engineer is building a new Layer 2 LACP EtherChannel betweenSW1 and SW2. and they executed the given show commands to verify the work Whichadditional task must be performed so that the switches successfully bundle the secondmember in the LACP port-channel?
A. Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1
B. Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.
C. Configure the switchport trunk allowtd vlan add 300 command on interface FaO 2 on SW2.
D. Configure the switchport trunk allowtd vlan add 300 command on SW1 port-channel 1
ANSWER : B
What is a characteristic of RSA?
A. It uses preshared keys for encryption
B. It requires both sides to have identical keys
C. It is a private-key encryption algorithm
D. It is a public-key cryptosystem
ANSWER : D
What is the function of "off-the-shell" switches in a controller-based network?
A. providing a central view of the deployed network
B. forwarding packets
C. making routing decisions
D. setting packet-handling policies
ANSWER : D
Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?
A. Generic Router Encapsulation (GRE)
B. Virtual Local Area Network (VLAN)
C. Virtual Extensible LAN (VXLAN)
D. Point-to-Point Protocol
ANSWER : C
When a switch receives a frame for an unknown destination MAC address, how is theframe handled?
A. broadcast to all ports on the switch
B. flooded to all ports except the origination port
C. forwarded to the first available port
D. inspected and dropped by the switch
ANSWER : D
A router has two static routes to the same destination network under the same OSPFprocess. How does the router forward packets to the destination if the next-hop devices aredifferent?
A. The router chooses the route with the oldest age.
B. The router load-balances traffic over all routes to the destination.
C. The router chooses the next hop with the lowest MAC address.
D. The router chooses the next hop with the lowest IP address.
ANSWER : B
Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, andautomatically when edge devices or access circuits fail?
A. SLB
B. FHRP
C. VRRP
D. HSRP
ANSWER : D
Refer to the exhibit.
An engineer must configure the interface that connects to PC 1 and secure it in a way thatonly PC1 is allowed to use the port No VLAN tagging can be used except for a voice VLAN.Which command sequence must be entered to configure the switch?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : B
Refer to the exhibit.
What is represented beginning with line 1 and ending with line 5?
A. value
B. object
C. key
D. array
ANSWER : D
Refer to the exhibit.
R1 has just received a packet from host A that is destined to host B. Which route in therouting table is used by R1 to reac B?
A. 10.10.13.0/25 [108/0] via 10.10.10.10
B. 10.10.13.0/25 [110/2] via 10.10.10.2
C. 10.10.13.0/25 [110/2] via 10.10.10.6
D. 10.10.13.0/25 [1/0] via 10.10.10.2
ANSWER : D
How is noise defined in Wi-Fi?
A. ratio of signal-to-noise rating supplied by the wireless device
B. signals from other Wi-Fi networks that interfere with the local signal
C. measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal
D. any interference that is not Wi-Fi traffic that degrades the desired signal
ANSWER : A
Refer to the exhibit.
A network engineer must configure router R1 with a host route to the server. Whichcommand must the engineer configure?
A. R1(conftg)#lp route 10.10.10.0 255.255.255.0 192.168.0.2
B. R1(Config)#lp route 10.10.10.10 265.255.255.255 192 168.0.2
C. R1(config)#ip route 192.168.0.2 255.255.255.255 10.10.10.10
D. R1(config)3|p route 0.0.0.0 0.0 0.0 192 168.0.2
ANSWER : B
Which properly is shared by 10GBase-SR and 10GBase-LR interfaces?
A. Both require fiber cable media for transmission.
B. Both require UTP cable media for transmission.
C. Both use the single-mode fiber type.
D. Both use the multimode fiber type.
ANSWER : A
Which two features introduced in SNMPv2 provides the ability to retrieve large amounts ofdata in one request
A. Get
B. GetNext
C. Set
D. GetBulk
E. Inform
ANSWER : A,D
Which is a fact related to FTP?
A. It uses block numbers to identify and mitigate data-transfer errors
B. It always operates without user authentication
C. It relies on the well-known UDP port 69.
D. It uses two separate connections for control and data traffic
ANSWER : D
How does authentication differ from authorization?
A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.
ANSWER : A
How does authentication differ from authorization?
A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.
ANSWER : A
An engineer is configuring a switch port that is connected to a VoIP handset. Whichcommand must the engineer configure to enable port security with a manually assignedMAC address of abod-bod on voice VLAN 4?
A. switchport port-security mac-address abcd.abcd.abcd
B. switchport port-security mac-address abed.abed.abed vlan 4
C. switchport port-security mac-address sticky abcd.abcd.abcd vlan 4
D. switchport port-security mac-address abcd.abcd.abcd vlan voice
ANSWER : A
Refer to the exhibit.
Which prefix did router R1 learn from internal EIGRP?
A. 192.168.10/24
B. 192.168.3.0/24
C. 192.168.2.0/24
D. 172.16 1.0/24
ANSWER : C
What is a purpose of traffic shaping?
A. It enables dynamic flow identification.
B. It enables policy-based routing.
C. It provides best-effort service.
D. It limits bandwidth usage.
ANSWER : A
Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?
A. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.
B. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.
C. UDP uses flow control mechanisms for the delivery of packets, and TCP usescongestion control for efficient packet delivery.
D. UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capabilityto receive packets in random order.
ANSWER : A
Refer to the exhibit. Local access for R4 must be established and these requirements mustbe met:• Only Telnet access is allowed.• The enable password must be stored securely.• The enable password must be applied in plain text.• Full access to R4 must be permitted upon successful login.Which configuration script meets the requirements?
A)
A. Option
B. Option
C. Option
D. Option
ANSWER : D
What is a reason to implement LAG on a Cisco WLC?
A. Increase the available throughput on the link.
B. Increase security by encrypting management frames
C. Allow for stateful failover between WLCs
D. Enable the connected switch ports to use different Layer 2 configurations
ANSWER : A
What are two protocols within the IPsec suite? (Choose two)
A. AH
B. 3DES
C. ESP
D. TLS
E. AES
ANSWER : D,E
Refer to the exhibit. Each router must be configured with the last usable IP address in thesubnet. Which configuration fulfills this requirement?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : C
An administrator must use the password complexity not manufacturer-name command toprevent users from adding “cisco” as a password. Which command must be issued beforethis command?
A. Password complexity enable
B. confreg 0x2142
C. Login authentication my-auth-list
D. service password-encryption
ANSWER : A
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : B
Which WAN topology has the highest degree of reliability?
A. full mesh
B. Point-to-point
C. hub-and-spoke
D. router-on-a-stick
ANSWER : A
What is the purpose of configuring different levels of syslog for different devices on the network?
A. to rate-limit messages for different seventy levels from each device
B. to set the severity of syslog messages from each device
C. to identify the source from which each syslog message originated
D. to control the number of syslog messages from different devices that are stored locally
ANSWER : B
Refer to the exhibit.
A network engineer is updating the configuration on router R1 to connect a new branchoffice to the company network R2 has been configured correctly. Which command must theengineer configure so that devices at the new site communicate with the main office?
A. ip route 172.25.25 0 255 255 255.0 192.168.2.1
B. ip route 172.25.25 1 255 255 255 255 g0/1
C. ip route 172.25.25.0.255.255.255.0.192.168.2.2
ANSWER : C
Refer to the exhibit.
An engineer is configuring a new Cisco switch NewSW, to replace SW2 The details havebeen provided• Switches SW1 and SW2 are third-party devices without support for trunk ports• The existing connections must be maintained between PC1 PC2 and PC3• Allow the switch to pass traffic from future VLAN 10. Which configuration must beapplied?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : B
Refer to the exhibit.
An engineer is configuring a new Cisco switch NewSW, to replace SW2 The details havebeen provided• Switches SW1 and SW2 are third-party devices without support for trunk ports• The existing connections must be maintained between PC1 PC2 and PC3• Allow the switch to pass traffic from future VLAN 10. Which configuration must beapplied?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : B
Which components are contained within a virtual machine?
A. physical resources, including the NIC, RAM, disk, and CPU
B. configuration files backed by physical resources from the Hypervisor
C. applications running on the Hypervisor
D. processes running on the Hypervisor and a guest OS
ANSWER : B
Refer to the exhibit.
What is the prefix length for the route that router1 will use to reach host A?
A. /25
B. /27
C. /28
D. /29
ANSWER : D
Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active?
A. BPDU guard
B. loop guard
C. portfast
D. uplinkfast
ANSWER : C
A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?
A. ARP
B. CDP
C. flooding
D. multicast
ANSWER : C
Which type of port is used to connect lo the wired network when an autonomous AP mapstwo VLANs to its WLANs?
A. LAG
B. EtherChannel
C. trunk
D. access
ANSWER : C
Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access?
A. global unicast
B. public
C. private
D. multicast
ANSWER : C
Which two wireless security stewards use Counter Mode Cipher Block Chaining Message Authentication Code Protocol for encryption and data integrity'? (Choose two.
A. WPA2
B. WPA3
C. Wi-Fi 6
D. WEP
E. WPA
ANSWER : B,D
Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?
A. tunnel
B. transport
C. aggressive
D. main
ANSWER : B
Refer to the exhibit.
Which per-hop QoS behavior is R1 applying to incoming packets?
A. queuing
B. marking
C. shaping
D. policing
ANSWER : D
Why would VRRP be implemented when configuring a new subnet in a multivendor environment?
A. when a gateway protocol is required that support more than two Cisco devices for redundancy
B. to enable normal operations to continue after a member failure without requiring a change In a host ARP cache
C. to ensure that the spanning-tree forwarding path to the gateway is loop-free
D. to interoperate normally with all vendors and provide additional security features for Cisco devices
ANSWER : A
Refer to the exhibit.
A Cisco engineer creates a new WLAN called lantest. Which two actions must beperformed so that only high-speed 2.4-Ghz clients connect? (Choose two.)
A. Enable the Broadcast SSID option
B. Enable the Status option.
C. Set the Radio Policy option to 802 11g Only.
D. Set the Radio Policy option to 802.11a Only.
E. Set the Interface/Interface Group(G) to an interface other than guest
ANSWER : A,B
Refer to the exhibit.
assigns IP addressing to the current VLAN with three PCs. The configuration must alsoaccount for the expansion of 30 additional VLANS using the same Class C subnet forsubnetting and host count. Which command set fulfills the request while reserving addressspace for the expected growth?
A. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 265 255.255.252
B. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255 255.255.248
C. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255 255.255.0
D. Switch(config)#interface vlan 10Switch(config-if)#ip address 192.168.0.1 255.255.255.128
ANSWER : B
Which advantage does the network assurance capability of Cisco DNA Center provide overtraditional campus management?
A. Cisco DNA Center correlates information from different management protocols to obtaininsights, and traditional campus management requires manual analysis.
B. Cisco DNA Center handles management tasks at the controller to reduce the load oninfrastructure devices, and traditional campus management uses the data backbone.
C. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric andnonfabric devices, and traditional campus management uses CLI exclusively.
D. Cisco DNA Center automatically compares security postures among network devices,and traditional campus management needs manual comparisons.
ANSWER : C
What is the function of northbound API?
A. It upgrades software and restores files.
B. It relies on global provisioning and configuration.
C. It supports distributed processing for configuration.
D. It provides a path between an SDN controller and network applications.
ANSWER : D
Which type of hypervisor operates without an underlying OS to host virtual machines?
A. Type 1
B. Type 2
C. Type 3
D. Type 12
ANSWER : A
A network engineer must configure an access list on a new Cisco IOS router. The accesslist must deny HTTP traffic to network 10.125.128.32/27 from the 192.168.240.0/20network, but it must allow the 192.168.240.0/20 network to reach the rest of the 10.0.0.0/8network. Which configuration must the engineer apply?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : C
Why would a network administrator choose to implement automation in a network environment?
A. To simplify the process of maintaining a consistent configuration state across all devices
B. To centralize device information storage
C. To implement centralized user account management
D. To deploy the management plane separately from the rest of the network Answer: A
ANSWER : A
Refer to the exhibit.
A. Option
B. Option
C. Option
D. Option
ANSWER : C
Refer to the exhibit.
What is the next step to complete the implementation for the partial NAT configurationshown?
A. Reconfigure the static NAT entries that overlap the NAT pool
B. Configure the NAT outside interface
C. Modify the access list for the internal network on e0/1
D. Apply the ACL to the pool configuration
ANSWER : B
What provides connection redundancy increased bandwidth and load sharing between a wireless LAN controller and a Layer 2 switch?
A. VLAN trunking
B. tunneling
C. first hop redundancy
D. link aggregation
ANSWER : D
What is the purpose of the Cisco DNA Center controller?
A. to secure physical access to a data center
B. to scan a network and generate a Layer 2 network diagram
C. to securely manage and deploy network devices
D. to provide Layer 3 services to autonomous access points
ANSWER : C
What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?
A. forwarding mode and provides the lowest-cost path to the root bridge for each VLAN
B. learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN
C. blocking mode and provides an alternate path toward the designated bridge
D. listening mode and provides an alternate path toward the root bridge
ANSWER : C
What is an advantage of using auto mode versus static mode for power allocation when anaccess point is connected to a PoE switch port?
A. All four pairs of the cable are used
B. It detects the device is a powered device
C. The default level is used for the access point
D. Power policing is enabled at the same time
ANSWER : D
What is a characteristics of a collapsed-core network topology?
A. It allows the core and distribution layers to run as a single combined layer.
B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel.
C. It enables all workstations in a SOHO environment to connect on a single switch with internet access.
D. It allows wireless devices to connect directly to the core layer, which enables faster data transmission.
ANSWER : B
Which command implies the use of SNMPv3?
A. snmp-server host
B. snmp-server community
C. snmp-server enable traps
D. snmp-server user
ANSWER : B
What is used to identify spurious DHCP servers?
A. DHCPREQUEST
B. DHCPDISCOVER
C. DHCPACK
D. DHCPOFFER
ANSWER : D
Refer to the exhibit.
Which action by the router when a packet is sourced from 10.10.10.2 and destined 10.10.10.16?
A. It queues the packets waiting for the route to be learned.
B. It floods packets to all learned next hops.
C. It discards the packets.
D. It uses a route that is similar to the destination address.
ANSWER : D
What describes the functionality of southbound APIs?
A. They use HTTP messages to communicate.
B. They enable communication between the controller and the network device.
C. They convey information from the controller to the SDN applications.
D. They communicate with the management plane.
ANSWER : B
What is a function of an endpoint?
A. It is used directly by an individual user to access network services
B. It passes unicast communication between hosts in a network
C. It transmits broadcast traffic between devices in the same VLAN
D. It provides security between trusted and untrusted sections of the network.
ANSWER : A
Which benefit does Cisco ONA Center provide over traditional campus management?
A. Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditionalcampus management uses SNMPv2.
B. Cisco DNA Center automates HTTPS for secure web access, and traditional campusmanagement uses HTTP.
C. Cisco DNA Center leverages APIs, and traditional campus management requiresmanual data gathering.
D. Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent fromtraditional campus management.
ANSWER : B
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : C
Refer to the exhibit.
A packet sourced from 10.10.10.32 is destined for the internet.
A. 0
B. 1
C. 2
D. 32
ANSWER : B
Which interface is used for out-of-band management on a WLC?
A. dynamic
B. service port
C. virtual
D. management
ANSWER : D
Which type of IPv4 address type helps to conserve the globally unique address classes?
A. multicast
B. private
C. loopback
D. public
ANSWER : B
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
ANSWER : A,E
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
ANSWER : A,E
A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
ANSWER : A,E
Company has decided to require multifactor authentication for all systems. Which set ofparameters meets the requirement?
A. personal 10-digit PIN and RSA certificate
B. complex password and personal 10-digit PIN
C. password of 8 to 15 characters and personal 12-digit PIN
D. fingerprint scanning and facial recognition
ANSWER : A
Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points?
A. virtual interface
B. management interface
C. console port
D. service port
ANSWER : B
Which command do you enter so that a switch configured with Rapid PVST + listens andlearns for a specific time period?
A. switch(config)#spanning-tree vlan 1 max-age 6
B. switch(config)#spanning-tree vlan 1 hello-time 10
C. switch(config)#spanning-tree vlan 1 priority 4096
D. switch(config)#spanning-tree vlan 1 forward-time 20
ANSWER : D
Refer to the exhibit.
What is the issue with the interface GigabitEthernet0/0/1?
A. Port security
B. High throughput
C. Cable disconnect
D. duplex mismatch
ANSWER : C
What is the role of SNMP in the network?
A. to monitor network devices and functions using a TCP underlay that operates on the presentation layer
B. to collect data directly from network devices using an SSL underlay that operates on the transport layer
C. to monitor and manage network devices using a UDP underlay that operates on the application layer
D. to collect telemetry and critical information from network devices using an SSH underlay that operates on the network layer
ANSWER : C
Refer to the exhibit.
Which IP route command created the best path for a packet destined for 10.10.10.3?
A. ip route 10.10.0.0 255.255.252.0 g0/0
B. ip route 10.0.0.0 255.0.0.0 g0/0
C. ip route 10.10.10.1 255.255.255.255 g0/0
D. ip route 10.10.10.0 255.255.255.240 g0/0
ANSWER : D
Refer to the exhibit.When router R1 receives a packet with destination IP address 10.56.0 62. through whichinterface does it route the packet?
A. Null0
B. VIan58
C. Vlan60
D. VIan59
ANSWER : B
In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?
A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet
ANSWER : D
In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?
A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet
ANSWER : D
What is the functionality of the Cisco DNA Center?
A. data center network pokey con
B. console server that permits secure access to all network devices
C. IP address cool distribution scheduler
D. software-defined controller for automaton of devices and services
ANSWER : D
Refer to the exhibit. User traffic originating within site 0 is failing to reach an applicationhosted on IP address 192.168 0 10. Which is located within site A What is determined bythe routing table?
A. The default gateway for site B is configured incorrectly
B. The lack of a default route prevents delivery of the traffic
C. The traffic is blocked by an implicit deny in an ACL on router2
D. The traffic to 192 168 010 requires a static route to be configured in router 1.
ANSWER : B
Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP?
A. service
B. trunk
C. AP-manager
D. virtual AP connection
ANSWER : C
What is a feature of WPA?
A. 802.1x authentication
B. preshared key
C. TKIP/MIC encryption
D. small Wi-Fi application
ANSWER : A
A network engineer must configure an interface with IP address 10.10.10.145 and a subnetmask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask mustthe engineer use?
A. /29
B. /30
C. /27
D. /28
ANSWER : A
Which capability does TFTP provide?
A. loads configuration files on systems without data storage devices
B. provides authentication for data communications over a private data network
C. provides encryption mechanisms for file transfer across a WAN
D. provides secure file access within the LAN
ANSWER : A
What is used as a solution for protecting an individual network endpoint from attack?
A. Router
B. Wireless controller
C. Anti software
D. Cisco DNA Center
ANSWER : C
Refer to the exhibit.
Routers R1 and R2 are configured with RIP as the dynamic routing protocol. A networkengineer must configure R1 with a floating static route to serve as a backup route tonetwork 192.168.23. Which command must the engineer configure on R1?
A. ip route 192.168.23.0 255.255.255.0 192.168.13.3 100
B. ip route 192.168.23.0 255.255.255.0 192.168.13.3 121
C. ip route 192.168.23.0 255.255.255.255 192.168.13.3 121
D. ip route 192.168.23.0 255.255.255.0 192.168.13.3
ANSWER : B
Which two server types support dornas name to IP address resolution? (Choose two >
A. ESX host
B. resolver
C. web
D. file transfer
E. authentication
ANSWER : A,C
Refer to the exhibit.
Which format matches the Modified EUI-64 IPv6 interface address for the network 2001:db8::/64?
A. 2001 :db8::5000:0004:5678:0090/64
B. 2001 :db8:4425:5400:77ft:fe07:/64
C. 2001 :db8::5000:00ff:fe04 0000/64
D. 2001 :db8::5200:00ff:fe04:0000/64
ANSWER : C
Refer to the exhibit.
What are two conclusions about this configuration? {Choose two.)
A. The spanning-tree mode is Rapid PVST+.
B. This is a root bridge.
C. The root port is FastEthernet 2/1.
D. The designated port is FastEthernet 2/1.
E. The spanning-tree mode is PVST+.
ANSWER : A
What happens when a switch receives a frame with a destination MAC address that recently aged out?
A. The switch references the MAC address aging table for historical addresses on the port that received the frame.
B. The switch floods the frame to all ports in all VLANs except the port that received the frame
C. The switch drops the frame and learns the destination MAC address again from the port that received the frame
D. The switch floods the frame to all ports in the VLAN except the port that received the frame.
ANSWER : D
Refer to the exhibit.
What are the two steps an engineer must take to provide the highest encryption and authentication using domain credentials from LDAP?
A. Select PSK under Authentication Key Management
B. Select WPA+WPA2 on Layer 2 Security
C. Select Static-WEP + 802.1X on Layer 2 Security
D. Select WPA Policy with TKIP Encryption
E. Select 802.1X from under Authentication Key Management
ANSWER : B,E
What is the role of community strings in SNMP operations?
A. It serves as a sequence tag on SNMP traffic messages.
B. It serves as a password lo protect access to MIB objects.
C. It passes the Active Directory username and password that are required for device access
D. It translates alphanumeric MIB output values to numeric values.
ANSWER : B
Refer to the exhibit.
The primary route across Gi0/0 is configured on both routers. A secondary route must beconfigured to establish connectivity between the workstation networks. Which commandset must be configured to complete this task?
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : D
A WLC sends alarms about a rogue AP, and the network administrator verifies that thealarms are caused by a legitimate autonomous AP.
A. Place the AP into manual containment.
B. Remove the AP from WLC management.
C. Manually remove the AP from Pending state.
D. Set the AP Class Type to Friendly.
ANSWER : B
Refer to the exhibit.
A. Option
B. Option
C. Option
ANSWER : C
Refer to the exhibit.
What is the subnet mask for route 172.16.4.0?
A. 255.255.248.0
B. 255.255.254.0
C. 255.255.255.192
D. 255.255.240.0
ANSWER : A
To improve corporate security, an organization is planning to implement badgeauthentication to limit access to the data center. Which element of a security program isbeing deployed?
A. user training
B. user awareness
C. vulnerability verification
D. physical access control
ANSWER : D
Which functionality is provided by the console connection on a Cisco WLC?
A. out-of-band management
B. secure in-band connectivity for device administration
C. unencrypted in-band connectivity for file transfers
D. HTTP-based GUI connectivity
ANSWER : B
Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)
A. ::ffif 1014 1011/96
B. 2001 7011046:1111:1/64
C. ;jff06bb43cd4dd111bbff02 4545234d
D. 2002 5121204b 1111:1/64
E. FF02::0WlFF00:0l)00/104
ANSWER : B
Which enhancements were implemented as part of WPA3?
A. 802.1x authentication and AES-128 encryption
B. TKIP encryption improving WEP and per-packet keying
C. AES-64 m personal mode and AES-128 in enterprise mode
D. forward secrecy and SAE in personal mode for secure initial key exchange
ANSWER : D
What is the default port-security behavior on a trunk link?
A. It causes a network loop when a violation occurs.
B. It disables the native VLAN configuration as soon as port security is enabled.
C. It places the port in the err-disabled state if it learns more than one MAC address.
D. It places the port in the err-disabled slate after 10 MAC addresses are statically configured.
ANSWER : A
An on-site service desk technician must verify the IP address and DNS server informationon a users Windows computer. Which command must the technician enter at the commandprompt on the user's computer?
A. ipconfig /all
B. ifconfig -a
C. show interface
D. netstat -r
ANSWER : A
Refer to the exhibit.
A. Option A
B. Option B
C. Option C
D. Option D
ANSWER : D
Dumpsgroup is a verified platform for certification preparation. Our expert professionals are working day and night to create the perfect Practice Exam so you can pass your exam with flying colors. We provide only the authentic and valid Practice Questions approved by IT Experts. Start your certification journey now!
www.dumpsgroup.com
support@dumpsgroup.com
1104 Long Street, NY, 11206, USA
Feel free to contact us, we are available 24/7.