Last Update: 22 April 2021
Table of Content:
I- Multiple Choice Questions
II- Drag and Drop Questions
- Network Fundamentals
- Network Access
- IP Connectivity
- IP Services
- Security Fundamentals
- Automation and Programmability
Multiple Choice Questions:
What are two benefits of network automation? (Choose two)
A. reduced operational costs
B. reduced hardware footprint
C. faster changes with more reliable results
D. fewer network failures
E. increased network security
Which command enables a router to become a DHCP client?
A. ip address dhcp
B. ip helper-address
C. ip dhcp pool
D. ip dhcp client
Which design element is a best practice when deploying an 802.11b wireless infrastructure?
A. disabling TPC so that access points can negotiate signal levels with their attached wireless devices
B. setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
C. allocating nonoverlapping channels to access points that are in close physical proximity to one another
D. configuring access points to provide clients with a maximum of 5 Mbps
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)
Which option about JSON is true?
A. uses predefined tags or angle brackets (<>) to delimit markup text
B. used to describe structured data that includes arrays
C. used for storing information
D. similar to HTML, it is more verbose than XML
Which IPv6 address type provides communication between subnets and cannot route on the Internet?
A. global unicast
B. unique local
Which command prevents passwords from being stored in the configuration as plaintext on a router or switch?
A. enable secret
B. service password-encryption
C. username Cisco password encrypt
D. enable password
What are two southbound APIs? (Choose two)
A. The user swipes a key fob, then clicks through an email link
B. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device
C. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen
D. The user enters a user name and password and then re-enters the credentials on a second screen
Which two capacities of Cisco DNA Center make it more extensible? (Choose two)
A. adapters that support all families of Cisco IOS software
B. SDKs that support interaction with third-party network equipment
C. customized versions for small, medium, and large enterprises
D. REST APIs that allow for external applications to interact natively with Cisco DNA Center
E. modular design that is upgradable as needed
An email user has been lured into clicking a link in an email sent by their company’s security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?
A. Physical access control
B. Social engineering attack
C. brute force attack
D. user awareness
Which type of wireless encryption is used for WPA2 in pre-shared key mode?
A. TKIP with RC4
Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)
A. The switch must be running a k9 (crypto) IOS image
B. The ip domain-name command must be configured on the switch
C. IP routing must be enabled on the switch
D. A console password must be configured on the switch
E. Telnet must be disabled on the switch
Which type of address is the public IP address of a NAT device?
A. outside global
B. outsdwde local
C. inside global
D. insride local
E. outside public
F. inside public
15. Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A?
How does HSRP provide first hop redundancy?
A. It load-balances traffic by assigning the same metric value to more than one route to the same destination m the IP routing table
B. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN
C. It forwards multiple packets to the same destination over different routed links in the data path
D. It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN
A. A spine switch and a leaf switch can be added with redundant connections between them
B. A spine switch can be added with at least 40 GB uplinks
C. A leaf switch can be added with a single connection to a core spine switch
D. A leaf switch can be added with connections to every spine switch
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)
A. It drops lower-priority packets before it drops higher-priority packets
B. It can identify different flows with a high level of granularity
C. It guarantees the delivery of high-priority packets
D. It can mitigate congestion by preventing the queue from filling up
E. It supports protocol discovery
A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?
Refer to the exhibit. What is the effect of this configuration?
A. The switch port interface trust state becomes untrusted
B. The switch port remains administratively down until the interface is connected to another switch
C. Dynamic ARP inspection is disabled because the ARP ACL is missing
D. The switch port remains down until it is configured to trust or untrust incoming packets
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two)
E. input errors
How do TCP and UDP differ in the way that they establish a connection between two endpoints?
TCP uses synchronization packets, and UDP uses acknowledgment packets
UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits
UDP provides reliable message transfer and TCP is a connectionless protocol
TCP uses the three-way handshake and UDP does not guarantee message delivery
When OSPF learns multiple paths to a network, how does it select a route?
A. It multiple the active K value by 256 to calculate the route with the lowest metric
B. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth
C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost
D. It count the number of hops between the source router and the destination to determine the router with the lowest metric
24. Refer to the exhibit. Which password must an engineer use to enter the enable mode?
Which configuration is needed to generate an RSA key for SSH on a router?
A. Configure the version of SSH
B. Configure VTY access
C. Create a user with a password
D. Assign a DNS domain name
26. Which output displays a JSON data representation?
A. Option A
B. Option B
C. Option C
D. Option D
What is the primary different between AAA authentication and authorization?
A. Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database
B. Authentication identifies a user who is attempting to access a system, and authorization validates the users password
C. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform
D. Authentication controls the system processes a user can access and authorization logs the activities the user initiates
A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?
A. It allows the traffic to pass through unchanged
B. It drops the traffic
C. It tags the traffic with the default VLAN
D. It tags the traffic with the native VLAN
An engineer must configure a /30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?
A. interface e0/0
description to HQ-A370:98968
ip address 10.2.1.3 255.255.255.252
B. interface e0/0
description to HQ-A370:98968
ip address 192.168.1.1 255.255.255.248
C. interface e0/0
description to HQ-A370:98968
ip address 172.16.1.4 255.255.255.248
D. interface e0/0
description to HQ-A370:98968
ip address 18.104.22.168 255.255.255.252
What is a benefit of using a Cisco Wireless LAN Controller?
A. Central AP management requires more complex configurations
B. Unique SSIDs cannot use the same authentication method
C. It supports autonomous and lightweight APs
D. It eliminates the need to configure each access point individually
What are two characteristics of a controller-based network? (Choose two)
A. The administrator can make configuration updates from the CLI
B. It uses northbound and southbound APIs to communicate between architectural layers.
C. It moves the control plane to a central point
D. It decentralizes the control plane, which allows each device to make its own forwarding decisions
E. It uses Telnet to report system issues
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?
A. dual algorithm
C. administrative distance
D. hop count
33. Refer to Exhibit. How does SW2 interact with other switches in this VTP domain?
B. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports
C. It forwards only the VTP advertisements that it receives on its trunk ports
D. It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?
Which two encoding methods are supported by REST APIs? (Choose two)
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)
A. when the sending device waits 15 seconds before sending the frame again
B. when the cable length limits are exceeded
C. when one side of the connection is configured for half-duplex
D. when Carriner Sense Multiple Access/Collision Detection is used
E. when a collision occurs after the 32nd byte of a frame has been transmitted
Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?
What is the primary effect of the spanning-tree portfast command?
A. It enables BPDU messages
B. It minimizes spanning-tree convergence time
C. It immediately puts the port into the forwarding state when the switch is reloaded
D. It immediately enables the port in the listening state
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?
A. The Layer 2 switch drops the received frame
B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN
C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning
D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table
Refer to the exhibit. What is the effect of this configuration?
A. All ARP packets are dropped by the switch
B. Egress traffic is passed only if the destination is a DHCP server
C. All ingress and egress traffic is dropped because the interface is untrusted
D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings
Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?
42. Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?
C. 192.168 26.0/26
Which IPv6 address block sends packets to a group address rather than a single address?
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)
A. management interface settings
B. QoS settings
C. Ip address of one or more access points
E. Profile name
B. The router calculates the best backup path to the destination route and assigns it as the feasible successor
C. The router calculates the feasible distance of all paths to the destination route
D. The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link
E. The router must use the advertised distance as the metric for any given route
Refer to Exhibit. Which action do the switches take on the trunk link?
A. The trunk does not form and the ports go into an err-disabled status
B. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain
C. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link
D. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?
A. lldp timer
B. lldp holdtimt
C. lldp reinit
D. lldp tlv-select
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?
Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?
A. The interface is not participating in OSPF
B. A point-to-point network type is configured
C. The default Hello and Dead timers are in use
D. There are six OSPF neighbors on this interface
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two)
A. Configure the ports in an EtherChannel
B. Administratively shut down the ports
C. Configure the port type as access and place in VLAN 99
D. Configure the ports as trunk ports
E. Enable the Cisco Discovery Protocol
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?
Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1. The new circuit uses eBGP and teams the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?
A. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces
B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1
C. Traffic to 10.10.13.0/25 is a symmetrical
D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table
Which statement identifies the functionality of virtual machines?
A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor
B. The hypervisor can virtualize physical components including CPU, memory, and storage
C. Each hypervisor can support a single virtual machine and a single software switch
D. The hypervisor communicates on Layer 3 without the need for additional resources