Prova Ccna Emulador

14/02/2022 22:22 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.
4)
How2Pass CCNA 200-301 Online Practice Tests
Test #09: Random Test from all exam topics
How2Pass Test Score Report Print this page
Test Taker's Name : el_buffalo

Questions Attempted : 100
Correct Answers : 95
Your score: 95%
Passing score: 82.5%
Pass/Fail: Pass

Your time is: 0 hr 25 min 15 sec
Section Analysis

Section 0% 50% 100% Score

Network Fundamentals: 95% (20/21)
Network Access: 86% (19/22)
IP Connectivity: 100% (19/19)
Security Fundamentals: 94% (17/18)
Automation and Programmability: 100% (12/12)
IP Services: 100% (8/8)
Correct Answers/Explanations are given below
1. (QID:AN013) Refer to the exhibit. Which statement explains the configuration error message that is received?
Exhibit:
Router(config)#interface GigabitEthernet 1/0/1

Router(config-if)#ip address 192.168.16.143 255.255.255.240

Bad mask /28 for address 192.168.16.143
Your Answer: It is a broadcast IP address.

Correct Answer: It is a broadcast IP address.

Explanation:
Using the 256 method, subtract last octet of the mask from 256 to find increment.
256 - 240 = 16
The subnet IDs are in multiples of 16, in the third octet, that is:
192.168.16.0

192.168.16.16
192.168.16.32
.......
192.168.16.128 (given IP address belongs to this subnet)

192.168.16.144
So, the subnet ID for the given IP address = 192.168.16.128
The broadcast address = 192.168.16.143
Current host range = 192.168.16.129 - 192.168.16.142
2. (QID:AN020) Refer to the Exhibit. After the switch configuration, the ping test fails between PC A and PC B. Based on the output for Switch1 which
error must be corrected?

Exhibit

Your Answer: There is a native VLAN mismatch.

Correct Answer: There is a native VLAN mismatch.

Explanation:
Switch1 is configured with Native VLAN 1 but Switch2 is configured with Native VLAN 99. Both PCs are configured in VLAN 99.
Connectivity issues occur in the network if a native VLAN mismatch exists. Data traffic for VLANs, other than the native VLAN configured, successfully propagates
across the trunk link, but data associated with the native VLAN does not successfully propagate across the trunk link.
3. (QID:AN022) Which result occurs when PortFast is enabled on an interface that is connected to another switch?

Your Answer: Spanning tree may fail to detect a switching loop in the network that causes broadcast storms.

Correct Answer: Spanning tree may fail to detect a switching loop in the network that causes broadcast storms.

Explanation:
https://www.how2pass.com/emembers/ccna301/onlinetest/frame.php 1/20
14/02/2022 22:22 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.4)
Never enable PortFast on ports connecting to other switches or hubs. This could lead to bridging loops and broadcast storms since the switch port never goes through
the listening and learning state of STP
"After spanning tree converges PortFast shuts down any port that receives BPDUs" is incorrect, because the statement means any port that receives BPDU gets
shutdown. On the contrary, only PortFast-enabled access ports are shutdown by STP if they receive BPDU.
A PortFast-enabled port that receives BPDU loses its operational PortFast status and becomes a non-PortFast port until disconnected or shut down.
If a trunk is to be configured as PortFast (only towards routers, firewalls, routers, etc., never towards switches), the spanning-tree portfast trunk port level command
has to be used.
4. (QID:AN024) Refer to the exhibit. Which action do the switches take on the trunk link?
Exhibit
Your Answer: The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.
Correct Answer: The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.
Explanation:
If the native VLANs do not match, the switch will log Cisco Discovery Protocol (CDP) messages stating the mismatch. While not catastrophic, this setup ffectively
causes the two different native VLANs to be merged into one larger L2 broadcast domain (VLAN). These two VLANs will attempt to calculate one common Spanning-
Tree Protocol (STP) topology for such bridged native VLANs, with the risk of eventually exceeding the maximum supported STP diameter.
https://community.cisco.com/t5/other-network-architecture/native-vlan-mismatch-error-on-4006-switch/td-p/163964
Connectivity issues occur in the network if a native VLAN mismatch exists. Data traffic for VLANs, other than the two native VLANs configured, successfully propagates
across the trunk link, but data associated with either of the native VLANs does not successfully propagate across the trunk link.
https://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=9
5. (QID:AN030) Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?
Your Answer: on
Correct Answer: on
6. (QID:AN034) Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
Exhibit
Your Answer: active
Correct Answer: active
Explanation:
The output shows LACP status for the neighbor switch. The P flag indicates that neighbor switch is in LACP Passive mode. Therefore, for successful Etherchannel
creation, the local switch (SW1) must be in LACP Active mode.
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3se/layer2/command_reference/b_lay2_3se_3650_cr/b_lay2_3se_3650_cr_chapter_010.html
7. (QID:AN036) Which 802.11 frame type is association response?
Your Answer: management
Correct Answer: management
Explanation:
https://community.cisco.com/t5/wireless-mobility-documents/802-11-frames-a-starter-guide-to-learn-wireless-sniffer-traces/ta-p/3110019
8. (QID:AN038) Which two actions influence the EIGRP route selection process? (Choose two)
Your Answer: The router calculates the best backup path to the destination route and assigns it as the feasible successor.
The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
Correct Answer: The router calculates the best backup path to the destination route and assigns it as the feasible successor.
The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
9. (QID:AN042) Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?
Exhibit
Your Answer: network route
Correct Answer: network route
Explanation:
R1 uses the network route 10.10.13.0/25, learned through OSPF, to reach the end host 10.10.13.10/25.
The network route 10.10.13.0/25 contains host range 10.10.13.1 to 10.10.13.126.
10. (QID:AN056) Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1. The new circuit
uses eBGP and learns the route to VLAN 25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?
Exhibit
Your Answer: Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
Correct Answer: Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
Explanation:
The output shows that R1 has learned the route to VLAN 25 from OSPF, having Administrative Distance value of 110. The same route when learned from eBGP via
interface Gi0/1, having lower AD value of 20, the routing table will be updated with the new route, learned from BGP via interface Gi0/1.
11. (QID:AN059) Refer to the exhibit. What does router R1 use as its OSPF router-ID?
Exhibit
Your Answer: 172.16.15.10
Correct Answer: 172.16.15.10
Explanation:
The OSPF router ID is chosen according to the following criteria:
The highest router ID configured explicitly with router-id ip address command, in OSPF router configuration mode.
The highest IP address on its loopback interfaces (Loopback interface is a logical interface on a router).
If no loopback interface is configured then the highest IP address on one of its active physical interfaces.
If there is no active interface, the OSPF process will not start and therefore you will not have any OSPF routes in your routing table.
12. (QID:AN075) What is the primary difference between AAA authentication and authorization?
Your Answer: authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.
Correct Answer: authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.
Explanation:
AAA (Authentication, Authorization, Accounting)
AAA is a standard based framework used to control who is permitted to use network resources (through authentication), what they are authorized to do (through
authorization) and capture the actions performed while accessing the network (through accounting).
13. (QID:AN081) Refer to the exhibit. Which password must an engineer use to enter the enable mode?
Exhibit:
Atlanta#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Atlanta(config)#aaa new-model
Atlanta(config)#aaa authentication login default local
Atlanta(config)#line vty 0 4
Atlanta(config-line)#login authentication default
Atlanta(config-line)#exit
Atlanta(config)#username ciscoadmin password adminadmin123
Atlanta(config)#username ciscoadmin privilege 15
Atlanta(config)#enable password cisco123
Atlanta(config)#enable secret testing1234
Atlanta(config)#end
Your Answer: testing1234
Correct Answer: testing1234
Explanation:
The the enable secret command overrides the enable password command. When both of them are configured, the user must provide the enable secret password to
enter the enable mode.
14. (QID:AN085) Which API is used in controller-based architectures to interact with edge devices?
Your Answer: southbound
Correct Answer: southbound
Explanation:
In SDN, the southbound interface is the OpenFlow (or alternative) protocol specification. Its main function is to enable communication between the SDN controller and
the network nodes (both physical and virtual switches and routers) so that the router can discover network topology, define network flows and implement requests
relayed to it via northbound APIs.
The northbound interface describes the area of protocol-supported communication between the controller and applications or higher layer control programs.
In a figurative sense, northbound flow can be thought of as going upward, while southbound flow can be thought of as going downward. In architectural diagrams,
northbound interfaces are drawn at the top of the applicable component, while southbound interfaces are drawn at the bottom of the component.While the terms
northbound and southbound can apply to almost any type ofnetwork or computer system, in recent years they have been used increasingly inconjunction with
application program interfaces (APIs) in software-defined networking (SDN).
15. (QID:AN093) Which statement correctly compares traditional networks and controller-based networks?
Your Answer: Only controller-based networks decouple the control plane and the data plane.
Correct Answer: Only controller-based networks decouple the control plane and the data plane.
Explanation:
Traditional networks uses a distributed architecture, in which each control plane is resided in a networking device. Therefore they need to communicate with each other
via messages to work correctly.
Software defined networking (SDN) emerges as a promising paradigm shift that decouples the control plane from the data plane. It has the ability to centrally monitor
and control the network through software, i.e., controller.
We gain access to the SDN solution via the Northbound Interface, which is actually similar to the management plane.
The SDN Controller communicates with network-level devices through the Southbound Interface.
16. (QID:AND09) Drag-n-drop. Drag and drop the functions from the left onto the correct network components on the right.
Your Answer: 1:H,2:H,3:H,4:N,5:N
Correct Answer: 1:H,2:H,3:H,4:N,5:N
Explanation:
DHCP Server:
holds the TCP/IP settings to be distributed to the clients.

assigns a default gateway to a client.
assigns IP addresses to enabled clients.
DNS Server:
resolves web URLs to IP addresses.

stores a list of IP addresses mapped to names.
17. (QID:AND05) Drag-n-drop. Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.
Your Answer: 1:D,2:B,3:C,4:A
Correct Answer: 1:D,2:B,3:C,4:A
Explanation:
802.1q double tagging: Configure VACL.

ARP spoofing: Configure dynamic ARP inspection.
Unwanted superior BPDUs: Configure root guard.
Unwanted BPDUs on PortFast-enabled interfaces: Configure BPDU guard.
18. (QID:AND04) Drag-n-drop. Drag and drop the WLAN components from the left onto the correct descriptions on the right.
Your Answer: 1:E,2:A,3:D,4:B,5:C
Correct Answer: 1:E,2:A,3:D,4:B,5:C
Explanation:
Wireless LAN controller: device that manages access points.

Access point: device that provides Wi-Fi devices with a connection to a wired network.
Service port: used for out of band management of a WLC.
Virtual interface: used to support mobility management of the WLC.
Dynamic interface: applied to the WLAN for wireless client communication.
19. (QID:AXD12) Drag-n-drop. Refer to the Exhibit. Drag and drop the routing table components on the left onto the corresponding letter from the exhibit
on the right. Not all options are used.
Exhibit
Your Answer: 1:E,2:A,3:B,4:G,5:D
Correct Answer: 1:E,2:A,3:B,4:G,5:D
Explanation:
A => route source

B => administrative distance
C => metric
D => timestamp
E => outbound interface
Not used:
subnet mask
next-hop interface
20. (QID:AX001) Which two IPv6 addresses are valid? (Choose two.)
Your Answer: 2000:::1
FE80:CD00::0:CDE:1227:0:211D:7790
Correct Answer: FF01::101

0001::1:1CD0:8665:9801:96C3:C409
Explanation:
FF01::101 is the shorthand form of FF01:0:0:0:0:0:0:101, a multicast address that represents all NTP servers on the same machine.
IPv6 address
An IPv6 address is an identification assigned to a computer host on the Internet. IPv6 is the version 6 of IP address standard. It uses 128 bits or 16 bytes to represent
IP addresses.
A 16-byte IPv6 address is normally represented hexadecimal digits and divided into 8 groups separated by colons (:). For example,
"2001:0db8:0000:0000:0000:ff00:0042:8329" IPv6 address.
For convenience, an IPv6 address may be abbreviated to reduce its length using these rules.
One or more leading zeroes from any groups of hexadecimal digits are removed; this is usually done to either all or none of the leading zeroes. For example, the
above IPv6 address can be abbreviated as: "2001:db8:0:0:0:ff00:42:8329".
Consecutive sections of zeroes are replaced with a double colon (::). The double colon may only be used once in an address, as multiple use would render the
address indeterminate. For example, the above IPv6 address can be abbreviated as: "2001:db8::ff00:42:8329".
21. (QID:AX005) Which of the following is true about access point?
Your Answer: It is a layer 2 device used to extend the LAN coverage to wireless devices.
Correct Answer: It is a layer 2 device used to extend the LAN coverage to wireless devices.
22. (QID:AX009) What happens to new traffic that is sent to a destination MAC address after the MAC aging time expires?
Your Answer: It is flooded.
Correct Answer: It is flooded.
Explanation:
Layer 2 switches maintain a table of destination MAC addresses and associated ports. When a unicast frame is received, its destination MAC address is searched in
the MAC address table. If a match is found the frame is forwarded through the port associated with that destination MAC address. If no entry matches, the frame is
flooded out all ports except the receiving port.
23. (QID:AX011) When troubleshooting a user complaint, you notice that two routers failed to establish an OSPF neighbor adjacency. Which two issues
are root causes for the problem? (Choose two)
Your Answer: The passive-interface command is configured on the connected interfaces.

The two routers are using the same router ID.
Correct Answer: The two routers are using the same router ID.
The passive-interface command is configured on the connected interfaces.
Explanation:
Out of the given choices, the following two reasons will prevent an OSPF neighbor relationship between two connected routers:
The two routers are using the same router ID.

The passive-interface command is configured on the connected interfaces.
24. (QID:AX012) For which two reasons might you choose to configure static routing instead of dynamic routing on a router? (Choose two)
Your Answer: The router is part of a stub network.

The router only needs access to a single or small number of routes.
Correct Answer: The router only needs access to a single or small number of routes.
The router is part of a stub network.
25. (QID:AN108) Which command must be entered when a device is configured as an NTP server?
Your Answer: ntp master
Correct Answer: ntp master
Explanation:
Cisco routers can be configured as both NTP clients and NTP servers. To configure a Cisco router as an NTP client, we can use the ntp server IP_Address command:
R1(config)#ntp server 192.168.0.100
To verify NTP status, use the show ntp status command.
To configure your Cisco router as an NTP server, only a single command is needed:
DEVICE(config)#ntp master
After entering this command you will need to point all the devices in your LAN to use the router as NTP server.
26. (QID:AX017) Which two characteristics of standard Access Control Lists are true? (Choose two)
Your Answer: They must be identified with a number between 1 and 99 or 1300 and 1999.
They can compare source traffic only against a permit or deny statement.
Correct Answer: They can compare source traffic only against a permit or deny statement.
They must be identified with a number between 1 and 99 or 1300 and 1999.
Explanation:
Standard Access Control List
Standard ACLs are made using the source IP addresses only. These ACLs permit or deny the entire protocol suite. They do not distinguish between the protocol port,
such as TCP, UDP, HTTP, etc. By using numbers 1-99 or 1300-1999, a router will understand it as a standard ACL and the specified address(s) as source IP
address(s).
27. (QID:AN103) Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. What is the
reason for the problem?
Exhibit
Your Answer: Router2 is using the default hello timer.
Correct Answer: Router2 is using the default hello timer.
Explanation:
The OSPF Hello and Dead intervals must match between neighbors to establish OSPF adjacency.
Router1 is configured with the ip ospf hello-interval 5 command, that sets Hello interval to 5 seconds, but Router2 is using the default OSPF Hello interval of 10
seconds.
OSPF Hello and Dead Interval
OSPF uses hello packets and two timers to check if a neighbor is still alive or not:
Hello interval: this defines how often we send the hello packet.
Dead interval: this defines how long we should wait for hello packets before we declare the neighbor dead.
The hello and dead interval values can be different depending on the OSPF network type. On Ethernet interfaces you will see a 10 second hello interval and a 40
second dead interval.
28. (QID:AN102) Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and
subnet mask combination does the engineer assign to minimize wasting addresses?
Exhibit
Your Answer: 10.10.225.32 255.255.255.224
Correct Answer: 10.10.225.32 255.255.255.224
Explanation:
10.10.225.48 255.255.255.240
Incorrect - provides up to 14 hosts; requirement is minimum 20 hosts.
10.10.225.32 255.255.255.240
Incorrect - provides up to 14 hosts; requirement is minimum 20 hosts.
10.10.225.48 255.255.255.224
Incorrect - not a subnet; it is host address.
10.10.225.32 255.255.255.224
Correct - provides up to 30 hosts in the range 10.10.225.33 - 10.10.225.62
29. (QID:AN097) What are two reasons for an engineer to configure a floating state route? (Choose two)
Your Answer: to automatically route traffic on a secondary path when the primary path goes down
to enable fallback static routing when the dynamic routing protocol fails
Correct Answer: to automatically route traffic on a secondary path when the primary path goes down
to enable fallback static routing when the dynamic routing protocol fails
Explanation:
Floating Static Route
There may be times when a primary route fails due to physical layer problems, hardware issues, a misconfiguration, or many other reasons. A floating static route can
be used as a backup route when there is a secondary path available.
Floating static routes are static routes that have an administrative distance greater than the administrative distance of another static route or dynamic route. They are
very useful when providing a backup to a primary link.
By default, static routes have an administrative distance of 1, making them preferable to routes learned from dynamic routing protocols. For example, the administrative
distances of some common dynamic routing protocols are:
EIGRP = 90
IGRP = 100
OSPF = 110
IS-IS = 115
RIP = 120
The administrative distance of a static route can be increased to make the route less desirable than that of another static route or a route learned through a dynamic
routing protocol. In this way, the static route "floats" and is not used when the route with the better administrative distance is active. However, if the preferred route is
lost, the floating static route can take over, and traffic can be sent through this alternate route.
A floating static route can be used to provide a backup route to multiple interfaces or networks on a router. It is also encapsulation independent, meaning it can be used
to forward packets out any interface, regardless of encapsulation type.
30. (QID:AN131) Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other
VLANs are to remain tagged. Which command accomplishes this task?
Exhibit
Your Answer: switchport trunk native vlan 67
Correct Answer: switchport trunk native vlan 67
Explanation:
Native VLAN
The native VLAN is used to carry untagged traffic across an 802.1Q trunk. The default native VLAN is set to VLAN 1, but can be changed on each trunk interface. The
native VLAN must be the same on both sides of a trunk interface.
The switchport trunk native vlan command specifies the native VLAN number for the trunk.
An 802.1Q native VLAN is defined as one of the following:
The VLAN that a port is associated with when not in trunking operational mode.
The VLAN that is associated with untagged frames that are received on a switch port.
The VLAN to which Layer 2 frames will be forwarded if received untagged on an 802.1Q trunk port.
31. (QID:AN135) What is a difference between RADIUS and TACACS+?
Your Answer: TACACS+ separates authentication and authorization, and RADIUS merges them.
Correct Answer: TACACS+ separates authentication and authorization, and RADIUS merges them.
32. (QID:AN141) Refer to the exhibit. Which path is used by the router for Internet traffic?
Exhibit
Your Answer: 0.0.0.0/0
Correct Answer: 0.0.0.0/0
Explanation:
The default route 0.0.0.0/0 via 10.10.11.2 will be used for the Internet traffic.
33. (QID:AN142) Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165?
Exhibit
Your Answer: Router3
Correct Answer: Router3
Explanation:
You need to check every route entry for valid host range and the one having IP address 10.10.13.165 in the range is our correct answer. Upon checking, you will find
that IP address 10.10.13.165 belongs to the subnet 10.10.13.160/29, that is present in the routing table of Router1 and is reachable through the next hop address
10.10.10.5. Now this next hop address belongs to the subnet 10.10.10.4/30 - Router3.
The subnet 10.10.13.160/29 has a valid host range from 10.10.13.161 to 10.10.13.166.
34. (QID:AN143) Which IPv6 address block forwards packets to a multicast address rather than a unicast address?
Your Answer: FF00::/12
Correct Answer: FF00::/12
Explanation:
IPv6 Multicast Address
An IPv6 multicast address defines a group of devices known as a multicast group. IPv6 multicast addresses use the prefix ff00::/8, which is equivalent to the IPv4
multicast address 224.0.0.0/4. A packet sent to a multicast group always has a unicast source address. A multicast address can never be the source address. Unlike
IPv4, there is no broadcast address in IPv6. Instead, IPv6 uses multicast, including an all-IPv6 devices well-known multicast address and a solicited-node multicast
address.
IPv6 multicast addresses are distinguished from unicast addresses by the value of the high-order octet of the addresses: a value of 0xFF (binary 11111111) identifies an
address as a multicast address; any other value identifies an address as a unicast address.
35. (QID:AN145) What is the primary purpose of a First Hop Redundancy Protocol?
Your Answer: It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.
Correct Answer: It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a network.
Explanation:
A first hop redundancy protocol (FHRP) is a computer networking protocol which is designed to protect the default gateway used on a subnetwork by allowing two or
more routers to provide backup for that address. In the event of failure of an active router, the backup router will take over as active default gateway, usually within a
few seconds. Examples of such protocols includes HSRP, VRRP, GLBP etc.
36. (QID:AN149) Refer to the exhibit. What commands are needed to add a sub-interface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address
10.20.20.1/24?
Exhibit
Your Answer: R1(config)#interface ethernet0/0.20

R1(config-if)#encapsulation dot1q 20
R1(config-if)#ip address 10.20.20.1 255.255.255.0
Correct Answer: R1(config)#interface ethernet0/0.20

R1(config-if)#encapsulation dot1q 20
R1(config-if)#ip address 10.20.20.1 255.255.255.0
Explanation:
R1(config)#interface ethernet0/0.20
!-- Create sub-interface Ethernet0/0.20
R1(config)#encapsulation dot1q 20
!-- Set frame encapsulation to 802.1Q.
!-- The number 20 at the end represents the VLAN ID.
R1(config)#ip address 10.20.20.1 255.255.255.0

!-- Configure IP address of the sub-interface.
37. (QID:AN152) Refer to Exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two
static host routes must be configured on the New-York router? (Choose two)
Exhibit
Your Answer: ipv6 route 2000::1/128 2012::1

ipv6 route 2000::3/128 2023::3
Correct Answer: ipv6 route 2000::1/128 2012::1

ipv6 route 2000::3/128 2023::3
Explanation:
ipv6 route 2000::1/128 2012::1
This route indicates that destination 2000::1/128 (Atlanta's Lo1 address) is reachable via the next hop address 2012::1 (Atlanta's Serial 0/0/0 address), with the default
AD value of 1 (not configured).
So this route uses New-York's interface Se0/0/0 as the primary path to reach the Lo1 interface on Atlanta router. This is an example of the Recursive Static Route in
IPv6.
ipv6 route 2000::3/128 2023::3
This route indicates that destination 2000::3/128 (Washington's interface Lo3 is reachable via the next hop address 2023::3 (Washington's Serial 0/0/0 address).
IPv6 Static Routes
Directly Attached Static Routes
In directly attached static routes, only the output interface is specified. The destination is assumed to be directly attached to this interface, so the packet destination is
used as the next-hop address. This example shows such a definition:
ipv6 route 2001:DB8::/32 gigabitethernet1/0/0
The example specifies that all destinations with address prefix 2001:DB8::/32 are directly reachable through interface GigabitEthernet1/0/0.
Recursive Static Routes
In a recursive static route, only the next hop is specified. The output interface is derived from the next hop. This example shows such a definition:
ipv6 route 2001:DB8::/32 2001:DB8:3000:1
This example specifies that all destinations with address prefix 2001:DB8::/32 are reachable via the host with address 2001:DB8:3000:1.
Floating Static Routes
A floating static route is configured with a higher administrative distance than the dynamic routing protocol it is backing up. As a result, the dynamic route learned
through the routing protocol is always used in preference to the floating static route. If the dynamic route learned through the routing protocol is lost, the floating static
route will be used in its place. The following example defines a floating static route:
ipv6 route 2001:DB8:/32 gigabitethernet1/0/0 2001:DB8:3000:1 210
Fully Specified Static Routes
In a fully specified static route, both the output interface and the next hop are specified. This form of static route is used when the output interface is a multi-access one
and it is necessary to explicitly identify the next hop. The next hop must be directly attached to the specified output interface. The following example shows a definition
of a fully specified static route:
ipv6 route 2001:DB8:/32 gigabitethernet1/0/0 2001:DB8:3000:1
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/ip6-route-static-xe.html
38. (QID:AN155) Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the switch and DHCP server
configurations are complete and correct. Which two sets of commands must be configured on R1 and R2 to complete the task? (Choose two)
Exhibit
Your Answer: R2(config)# interface gi0/0

R2(config-if)#ip helper-address 198.51.100.100
R1(config)# interface fa0/0
R1(config-if)#ip address dhcp
R1(config-if)# no shutdown
Correct Answer: R1(config)# interface fa0/0

R1(config-if)#ip address dhcp
R1(config-if)# no shutdown
R2(config)# interface gi0/0
R2(config-if)#ip helper-address 198.51.100.100
39. (QID:AN157) Refer to the exhibit. Which outcome is expected when PC_A sends data to PC_B?
Exhibit
Your Answer: The source and destination MAC addresses remain the same.
Correct Answer: The source and destination MAC addresses remain the same.
Explanation:
Since both PCs are configured in VLAN 200, the source and destination MAC addresses remain unchanged. There is no layer 3 routing involved here.
40. (QID:AN159) Refer to the exhibit. What action establishes the OSPF neighbor relationship without forming an adjacency?
Exhibit
Your Answer: Modify network type
Correct Answer: Modify network type
Explanation:
From the perspective of OSPF, there are a couple of things that must match for a OSPF neighborship to establish; these include:
1. The devices must be in the same area.

2. The devices must have the same authentication configuration.
3. The devices must be on the same subnet.
4. The devices hello and dead intervals must match.
5. The devices must have matching stub flags.
But the question is asking about OSPF neighborship without forming adjacencies. The OSPF point-to-point and point-to-multipoint nonbroadcast networks require
statically defined neighbor statements without forming DR/BDR adjacencies.
41. (QID:AN161) Refer to the exhibit. An engineer booted a new switch and applied this configuration via the console port. Which additional
configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password?
Exhibit
Your Answer: R1(config)#username admin privilege 15 secret p@ss1234

R1(config-if)#line vty 0 4
R1(config-line)#login local
Correct Answer: R1(config)#username admin privilege 15 secret p@ss1234

R1(config-if)#line vty 0 4
R1(config-line)#login local
42. (QID:AN166) A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is
received. Which interface counter increments?
Your Answer: Late collision
Correct Answer: Late collision
Explanation:
The subset of all collisions that happen after the 64th byte (512th bit) of the frame has been transmitted, are called late collisions.
Typical causes of late collisions are segment cable lengths in excess of the maximum permitted for the cable type. A collision wave is not detected by the transmitting
stations until after the 64 byte slot time since it has to travel an excessive distance.
When a late collision wave is detected, the frame is not retransmitted automatically by the MAC sublayer. Upper layer protocols must deduce that something went
wrong and implement retransmission of the frame. This takes times and so late transmissions can cause excessive delays.
43. (QID:AN167) What are two roles of Domain Name Services (DNS)? (Choose two.)
Your Answer: Allows a single host name to be shared across more than one IP address.
Enables applications to identify resources by name instead of IP address.
Correct Answer: Enables applications to identify resources by name instead of IP address.

Allows a single host name to be shared across more than one IP address.
44. (QID:AN173) How will Link Aggregation be implemented on a Cisco Wireless LAN Controller?
Your Answer: To pass client traffic, two or more ports must be configured.
Correct Answer: One functional physical port is needed to pass client traffic.
Explanation:
When you enable link aggregation (LAG), only one functional physical port is needed for the controller to pass client traffic... As long as at least one controller port is
functioning, the system continues to operate, access points remain connected to the network, and wireless clients continue to send and receive data.
LAG requires the EtherChannel to be configured for "mode on" on both the controller and the Catalyst switch.
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ports_and_interfaces.html#ID1363
45. (QID:AN178) Refer to the exhibit. Which switch in this configuration will be elected as the root bridge?
Exhibit:
SW1: 0C:E0:38:00:36:85
SW2: 0C:0E:15:22:05:97
SW3: 0C:0E:15:1A:3C:9D
SW4: 0C:E0:18:A1:B3:19
Your Answer: SW3
Correct Answer: SW3
Explanation:
Root Bridge Election
A Root Bridge is a reference point for all switches in a spanning-tree topology. Across all connected switches a process of election occurs and the Bridge with the
lowest Bridge ID is elected as the Root Bridge.
Since the Bridge ID starts with the Bridge Priority field, essentially, the switch with the lowest Bridge Priority field becomes the Root Bridge. If there is a tie between two
switches having the same priority value, then the switch with the lowest MAC address becomes the Root Bridge.
In this case, with the default Bridge Priority, switch SW3 becomes the root bridge because it has the lowest MAC address of 0C:0E:15:1A:3C:9D.
46. (QID:AN185) Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?
Exhibit:
10.0.0.0/24 is subnetted, 1 subnets

C 10.0.0.0 is directly connected, FastEthernet0/1
C 172.160.0/16 is directly connected, FastEthernet0/0
D 192.168.0.0/24 [90/30720] via 172.16.0.2, 00:00:03, FastEthernet0/0
Your Answer: route learned through EIGRP
Correct Answer: route learned through EIGRP
Explanation:
EIGRP routes are represented by the letter D, in the output of the show ip route command.
47. (QID:AN188) What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2
reachability and Layer 3 routing information?
Your Answer: control plane
Correct Answer: control plane
Explanation:
Control Plane Function
In its simplest form, the control plane provides layer-2 MAC reachability and layer-3 routing information to network devices that require this information to make packet
forwarding decisions.
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/SDN/SDN.html
48. (QID:AN189) Which WAN access technology is preferred for a small office / home office architecture?
Your Answer: Broadband cable access
Correct Answer: Broadband cable access
49. (QID:AN190) A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in
order to allow the port to learn the MAC address of the printer and insert it into the table automatically?
Your Answer: Enable sticky MAC addressing
Correct Answer: Enable sticky MAC addressing
50. (QID:AN192) What criteria is used first during the root port selection process?
Your Answer: lowest path cost to the root bridge
Correct Answer: lowest path cost to the root bridge
Explanation:
Spanning Tree Root Port selection
If a Switch has multiple paths to reach the Root Bridge, it must select one path and the associated port as the Root Port.
Spanning Tree Root Port selection process in a Non-Root Switch involves the following steps:
1. Select the port connected to the path with the lowest accumulated Spanning Tree Path Cost to the Root Bridge (Root Switch) as the Root Port, when a Non-Root
Switch has multiple paths to reach the Root Switch.
2. If multiple paths are available to reach the Root Bridge (Root Switch) with the same accumulated Spanning Tree Path Cost in a Non-Root Switch, select the port
connected to the neighbor switch which has the lowest Switch ID value as the Root Port.
3. If all the multiple paths go through the same neighboring switch to reach the Root Bridge (Root Switch), Non-Root Switch will select the local port which receives
the lowest port Spanning Tree Port Priority value from neighbor Switch as the Root Port.
4. If the received Spanning Tree Port Priority value values are the same between the connecting ports to reach the Root Bridge (Root Switch), Non-Root Switch will
select the port which receives the lowest physical port number from neighbor Switch as the Root Port. This is the last tie breaker.
51. (QID:AN195) Which technology must be implemented to configure network device monitoring with the highest security?
Your Answer: SNMPv3
Correct Answer: SNMPv3
52. (QID:AN196) Which type of information resides on a DHCP server?
Your Answer: A list of the available IP addresses in a pool.
Correct Answer: A list of the available IP addresses in a pool.
53. (QID:AND18) Drag-n-drop. Drag the IPv6 DNS record types from the left onto the description on the right.
Your Answer: 1:B,2:E,3:C,4:A,5:D
Correct Answer: 1:B,2:E,3:C,4:A,5:D
Explanation:
CNAME: aliases one name to another.
SOA: associates the domain serial number with its owner.
NS: correlates a domain with its authoritative name servers.
AAAA: correlates a host name with an IP address.
PTR: supports reverse name lookups.
https://en.wikipedia.org/wiki/List_of_DNS_record_types
54. (QID:AN199) An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action
should be taken?
Your Answer: Configure switchport mode dynamic desirable
Correct Answer: Configure switchport mode dynamic auto
Explanation:
Dynamic auto: Makes the Ethernet port willing to convert the link to a trunk link. The port becomes a trunk port if the neighboring port is set to trunk or dynamic
desirable mode. This is the default mode for some switchports.
Dynamic desirable: Makes the port actively attempt to convert the link to a trunk link. The port becomes a trunk port if the neighboring Ethernet port is set to trunk,
dynamic desirable or dynamic auto mode.
55. (QID:AN205) Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?
Your Answer: PortFast
Correct Answer: PortFast
Explanation:
PortFast
Spanning Tree PortFast causes layer 2 switch interfaces to enter forwarding state immediately, bypassing the listening and learning states. It should be used on ports
connected directly to end hosts like servers or workstations.
56. (QID:AN210) What are two functions of a server on a network? (Choose two)
Your Answer: Handles requests from multiple workstations at the same time.

Runs applications that send and retrieve data for workstations that make requests.
Correct Answer: Runs applications that send and retrieve data for workstations that make requests.
Handles requests from multiple workstations at the same time.
57. (QID:AN213) An engineer requires a switch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be
configured?
Your Answer: switchport mode dynamic auto
Correct Answer: switchport mode dynamic desirable
Explanation:
The dynamic desirable DTP mode makes the port actively attempt to convert the link to a trunk link. The port becomes a trunk port if the neighboring Ethernet port is set
to trunk, dynamic desirable or dynamic auto mode.
58. (QID:AN219) Which CRUD operation modifies an existing table or view?
Your Answer: update
Correct Answer: update
Explanation:
Create, Read, Update, and Delete operations are abbreviated as CRUD. The update operation modifies an existing table or view.
59. (QID:AN224) Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team
resides on the 10.20.1.0/25 network. Which command will accomplish this task?
Exhibit:
interface GigabitEthernet0/1
ip address 192.168.1.2 255.255.255.0
ip access-group 2699 in
!
access-list 2699 deny icmp any 10.10.1.0 0.0.0.255 echo
access-list 2699 deny ip any 10.20.1.0 0.0.0.255
access-list 2699 permit ip any 10.10.1.0 0.0.0.255
access-list 2699 permit tcp any 10.20.1.0 0.0.0.127 eq 22
Your Answer: no access-list 2699 deny ip any 10.20.1.0 0.0.0.255
Correct Answer: no access-list 2699 deny ip any 10.20.1.0 0.0.0.255
Explanation:
access-list 2699 deny ip any 10.20.1.0 0.0.0.255

!-- Deny all traffic to 10.20.1.0/24 network
access-list 2699 permit tcp any 10.20.1.0 0.0.0.127 eq 22

!-- Permit SSH traffic (port 22) from any source to 10.20.1.0/25 subnet.
Remember that once the traffic matches an ACL entry, all remaining ACL entries are skipped.
Therefore, the last ACL entry has no effect because the second ACL entry in exhibit denies all destinations on 10.20.1.0/24 network.
So, we must remove the second ACL entry to allow SSH traffic to the operations team's subnet.
60. (QID:AN238) Refer to the exhibit. Which switch becomes the root of the spanning tree for VLAN 110?
Exhibit
Your Answer: Switch 2
VLAN 110 - 24586 001a.e3ff.a680
Correct Answer: Switch 2

VLAN 110 - 24586 001a.e3ff.a680
Explanation:
Root Bridge Election
A Root Bridge is a reference point for all switches in a spanning-tree topology. Across all connected switches a process of election occurs and the Bridge with the
lowest Bridge ID is elected as the Root Bridge.
Since the Bridge ID starts with the Bridge Priority field, essentially, the switch with the lowest Bridge Priority field becomes the Root Bridge. If there is a tie between two
switches having the same priority value, then the switch with the lowest MAC address becomes the Root Bridge.
In this case, switch SW3 becomes the root bridge because it has the lowest bridge priority value of 24586.
61. (QID:AN240) Which device tracks the state of active connections in order to make a decision to forward a packet through?
Your Answer: firewall
Correct Answer: firewall
Explanation:
A stateful firewall is a firewall that monitors the full state of active network connections. This means that stateful firewalls are constantly analyzing the complete context
of traffic and data packets, seeking entry to a network.
62. (QID:AN241) Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which access-list entry
accomplishes this task?
Exhibit:
access-list 101 permit ospf any any

access-list 101 permit tcp any any eq 179
access-list 101 permit tcp any eq 179 any
access-list 101 permit gre any any
access-list 101 permit esp any any
access-list 101 deny ospf any any

access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
access-list 101 permit udp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq 500
access-list 101 permit udp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq 4500
access-list 101 deny ip any any log
interface Ethernet0/0
ip address 10.1.1.25 255.255.255.0
ip access-group 101 in
Your Answer: access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
Correct Answer: access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet
Explanation:
Securing the vty lines means to allow access to required hosts and disallow all others.
The given answer allows telnet access, through VTY lines, only from IP address 10.1.1.0/24 to the destination host 172.16.1.0/24. All other hosts are denied and failed
attempts are logged.
63. (QID:AN243) What is the effect when loopback interfaces and the configured router ID are absent during the OSPF process configuration?
Your Answer: The highest up/up physical interface IP address is selected as the router ID.
Correct Answer: The highest up/up physical interface IP address is selected as the router ID.
Explanation:
The OSPF router ID is chosen according to the following criteria:
The highest router ID configured explicitly with router-id ip address command, in OSPF router configuration mode.
The highest IP address on its loopback interfaces (Loopback interface is a logical interface on a router).
If no loopback interface is configured then the highest IP address on one of its active physical interfaces.
If there is no active interface, the OSPF process will not start and therefore you will not have any OSPF routes in your routing table.
64. (QID:AN249) What does a switch use to build its MAC address table?
Your Answer: ingress traffic
Correct Answer: ingress traffic
Explanation:
The switch maintains an address table called MAC address table in order to efficiently switch frames between interfaces. When the switch receives a frame, it
associates the MAC address of the sending device with the switch port on which it was received. In this way, a switch dynamically builds an address table by using the
source MAC address of the frames received.
65. (QID:AN255) Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?
Your Answer: physical access control
Correct Answer: physical access control
66. (QID:AN259) What is a benefit of VRRP?
Your Answer: It provides the default gateway redundancy on a LAN using two or more routers.
Correct Answer: It provides the default gateway redundancy on a LAN using two or more routers.
67. (QID:AN261) Refer to Exhibit. Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200 while
allowing devices on VLAN 100 to use their own IP addresses?
Exhibit
Your Answer: Router1(config)#access-list 99 permit 192.168.100.32 0.0.0.31

Router1(config)#ip nat inside source list 99 interface gi1/0/0 overload
Router1(config)#interface gi2/0/1.200
Router1(config-if)#ip nat inside
Router1(config)#interface gi1/0/0
Router1(config-if)#ip nat outside
Correct Answer: Router1(config)#access-list 99 permit 192.168.100.32 0.0.0.31

Explanation:
Router1(config)#access-list 99 permit 192.168.100.32 0.0.0.31

!-- Define addresses on VLAN 200 that should be translated.
!-- Enable NAT and use ACL 99 to translate allowed hosts to
!-- the public IP address of the interface Gi1/0/1.
68. (QID:AN265) Refer to the exhibit. An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G0/1.
Which access list must be applied?
Exhibit
Your Answer: ip access-list standard 99

permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.0.255.255
Correct Answer: ip access-list standard 99

permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.0.255.255
Explanation:
By using numbers 1-99 or 1300-1999, a router will understand it as a standard ACL and the specified address(s) as source IP address(s).
The prefix length /24 represents the subnet mask 255.255.255.0 and when converted to wildcard mask it becomes 0.0.0.255. Similarly the prefix length /16 represents
the subnet mask 255.255.0.0 and when converted to wildcard mask it becomes 0.0.255.255.
Now you can easily eliminate incorrect answers.
69. (QID:AN273) Which resource is able to be shared among virtual machines deployed on the same physical server?
Your Answer: disk
Correct Answer: disk
Explanation:
All virtual machines have their own operating systems, configurations and applications. The disk space of the host machine is shared among virtual machines.
70. (QID:AN287) What causes a port to be placed in the err-disabled state?
Your Answer: port security violation
Correct Answer: port security violation
Explanation:
Out of the given options, only port security violation causes a port to be placed in the err-disabled state. The default port security violation mode on Cisco switches is
shutdown. In this mode, a port security violation causes the interface to immediately become error-disabled, and turns off the port LED. It also sends an SNMP trap,
logs a syslog message, and increments the violation counter. When a secure port is in the error-disabled state, administrative action is needed to re-enable it. This is
the default mode.
71. (QID:AN294) What uses HTTP messages to transfer data to applications residing on different hosts?
Your Answer: REST
Correct Answer: REST
Explanation:
REST stands for Representational State Transfer. It is essentially an "architecture for networked applications." In other words, it's a set of standards that describe how
computers should communicate with each other and with applications across a network. REST defines certain specific operations that applications should be able to do
in order to satisfy all of the CRUD (create, read, update, delete) requirements.
A RESTful API is an application programming interface (API) that uses HTTP requests to GET, PUT, POST and DELETE data.
72. (QID:AN299) A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair
to encrypt management traffic to and from the connecting client. Which configuration, when applied, meets the requirements?
Your Answer: R1#enable
Reconfigure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate rsa modulus 1024
Correct Answer: R1#enable

Reconfigure terminal
R1(config)#ip domain-name cisco.com
R1(config)#crypto key generate rsa modulus 1024
73. (QID:AN300) An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow
clients to preferentially use 5GH2 access points?
Your Answer: Client Band Select
Correct Answer: Client Band Select
74. (QID:AN305) Which 802.11 management frame type is sent when a client roams between access points on the same SSID?
Your Answer: Re-association Request
Correct Answer: Re-association Request
75. (QID:AN309) Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent
connectivity issues with applications hosted at SiteB. What is the cause of the intermittent connectivity issue?
Exhibit
Your Answer: Interface errors are incrementing.
Correct Answer: Interface errors are incrementing.
76. (QID:AN310) What describes the operation of virtual machines?
Your Answer: In a virtual machine environment, physical servers must run one operating system at a time.
Correct Answer: In a virtual machine environment, physical servers must run one operating system at a time.
77. (QID:AN316) Which technology allows for multiple operating systems to be run on a single host computer?
Your Answer: server virtualization
Correct Answer: server virtualization
78. (QID:AN318) Which two QoS tools provides congestion management? (Choose two.)
Your Answer: CBWFQ
PQ
Correct Answer: CBWFQ

PQ
79. (QID:AN320) Which JSON data type is an unordered set of attribute - value pairs?
Your Answer: object
Correct Answer: object
80. (QID:AN326) What are two improvements provided by automation for network management in an SDN environment? (Choose two)
Your Answer: Proprietary Cisco APIs leverage multiple network management tools.

Artificial intelligence identifies and prevents potential design failures.
Correct Answer: Artificial intelligence identifies and prevents potential design failures.
Proprietary Cisco APIs leverage multiple network management tools.
81. (QID:AN330) Which access layer threat-mitigation technique provides security based on identity?
Your Answer: 802.1x
Correct Answer: 802.1x
82. (QID:AND27) Drag-n-drop. Drag and drop the application protocols from the left onto the transport protocols that it uses on the right.
Your Answer: 1:T,2:T,3:T,4:U,5:U,6:U
Correct Answer: 1:T,2:T,3:T,4:U,5:U,6:U
Explanation:
TCP:
FTP
SMTP
SSH
UDP:
DHCP
SNMP
TFTP
83. (QID:AN337) Which two primary drivers support the need for network automation? (Choose two.)
Your Answer: Providing a ship entry point for resource provisioning.

Policy-derived provisioning of resources.
Correct Answer: Policy-derived provisioning of resources.

Providing a ship entry point for resource provisioning.
84. (QID:AN338) What is a function of the Cisco DNA Center Overall Health Dashboard?
Your Answer: It provides a summary of the top 10 global issues.
Correct Answer: It provides a summary of the top 10 global issues.
Explanation:
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center-assurance/1-3-1-
0/b_cisco_dna_assurance_1_3_1_0_ug/b_cisco_dna_assurance_1_3_1_0_chapter_0101.html
85. (QID:AN347) A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new
VLANs with unused remaining. Which action should be taken for the unused ports?
Your Answer: Configure ports in a black hole VLAN.
Correct Answer: Configure ports in a black hole VLAN.
Explanation:
Cisco switches have a factory configuration in which default VLANs are preconfigured to support various media and protocol types. The default Ethernet VLAN is VLAN
1. It is a security best practice to configure all the ports on all switches to be associated with VLANs other than VLAN 1. This is usually done by configuring all unused
ports to a black hole VLAN that is not used for anything on the network. All used ports are associated with VLANs distinct from VLAN 1 and distinct from the black hole
VLAN. It is also a good practice to shut down unused switch ports to prevent unauthorized access.
https://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=11
86. (QID:AN348) Why was the RFC 1918 address space defined?
Your Answer: conserve public IPv4 addressing
Correct Answer: conserve public IPv4 addressing
Explanation:
Organizations can use RFC 1918 private IPv4 addresses on their inside network, which are not publicly routable, so they won't work on the public Internet. The obvious
advantage of using private address space for the Internet at large is to conserve the globally unique address space by not using it where global uniqueness is not
required.
87. (QID:AN353) Which virtual MAC address is used by VRRP group 1?
Your Answer: 0000.5E00.0101
Correct Answer: 0000.5E00.0101
Explanation:
In VRRP, a virtual router must use 00-00-5E-00-01-XX as its Media Access Control (MAC) address.
The first three octets are derived from the IANA's OUI. The next two octets (00-01) indicate the address block assigned to the VRRP protocol. The last byte of the
address (XX) is the Virtual Router IDentifier (VRID). This mapping provides for up to 255 VRRP routers on a network.
88. (QID:AN364) How are the switches in a spine-and-leaf topology interconnected?
Your Answer: Each leaf switch is connected to each spine switch.
Correct Answer: Each leaf switch is connected to each spine switch.
Explanation:
Leaf-and-Spine Network Topology
Leaf-and-spine is a two-layer network topology. The topology is composed of:
1. leaf switches (connected to the end devices e.g. clients and servers), and
2. spine switches (to which leaf switches connect).
Leaf switches mesh into the spine, forming the access layer that delivers network connection points for servers. Each leaf switch connects to every spine switch. As a
result, there is no need for interconnections between spine switches.
It is useful for data center that experience more east-west network traffic than north-south traffic and caters scalable over subscription ratios.
Here are some general rules for leaf-and-spine topology:
Each leaf switch must connect to every spine switch.

Each spine switch must connect to every leaf switch.
Leaf switches cannot connect to each other.
Spine switches cannot connect to each other.
Endpoints connect only to the leaf switches.
89. (QID:AN370) Which plane is centralized by a JSON controller?
Your Answer: Control-plane
Correct Answer: Control-plane
90. (QID:AN371) An engineer configures interface Gi1/0 on the company PE router to connect to an ISP. Neighbor discovery is disabled. Which action is
necessary to complete the configuration if the ISP uses third-party network devices?
Exhibit:
interface Gi1/0
description HQ-DC-87752
duplex full
speed 100
negotiation auto
lldp transmit
lldp receive
Your Answer: Enable LLDP globally
Correct Answer: Enable LLDP globally
Explanation:
The Link Layer Discovery Protocol (LLDP)
LLDP is a link layer discovery protocol, similar to CDP. The big difference between the two is that LLDP is a standard (vendor-neutral) while CDP is a Cisco proprietary
protocol. Cisco devices support the IEEE 802.1ab version of LLDP. This allows non-Cisco devices to advertise information about themselves to our network devices.
Use of LLDP is limited to 802.1 media types such as Ethernet, Token Ring, and Fiber Distributed Data Interface (FDDI) networks.
Enabling LLDP Globally
LLDP is disabled globally by default on Cisco devices. It is configured in global configuration mode with the following command:
Router(config)# lldp run
91. (QID:AND29) Drag-n-drop. Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all
statements are used.
Your Answer: 1:C,2:C,3:T,4:T
Correct Answer: 1:C,2:C,3:T,4:T
Explanation:
Controller-Based Networking
This type deploys a consistent configuration across multiple devices.
Southbound APIs are used to apply configurations.
Traditional Networking
A distributed control plane is needed.

This type requires a distributed management plane.
92. (QID:AND30) Drag-n-drop. Drag and drop the AAA terms from the left onto the description on the right.
Your Answer: 1:D,2:A,3:C,4:B
Correct Answer: 1:A,2:D,3:C,4:B
Explanation:
Accounting => tracks activity
CoA => updates session attributes
Authorization => verifies access rights
Authentication => verifies identity
93. (QID:AN399) In software-defined architecture, which plane handles switching for traffic through a Cisco router?
Your Answer: Authentication identifies users and accounting tracks user services.
Correct Answer: Authentication identifies users and accounting tracks user services.
94. (QID:AN374) What are two characteristics of an SSID? (Choose two.)
Your Answer: It is at most 32 characters long.

It can be hidden or broadcast in a WLAN.
Correct Answer: It can be hidden or broadcast in a WLAN.

It is at most 32 characters long.
Explanation:
The Service Set Identifier (SSID) is a 32-character unique identifier attached to the header of packets that are sent over a Wireless Local Area Network (WLAN). The
SSID differentiates one WLAN from another. Client devices use this name to identify and join wireless networks.
Most wireless routers offer the option to disable SSID broadcasting as a means to improve Wi-Fi network security since it requires the clients to know two passwords:
the SSID and the network password.
95. (QID:AN375) Where does wireless authentication happen?
Your Answer: Layer 2
Correct Answer: Layer 2
96. (QID:AN379) Which type of traffic is sent with pure IPsec?
Your Answer: Unicast messages from a host at a remote site to a server at headquarters.
Correct Answer: Unicast messages from a host at a remote site to a server at headquarters.
Explanation:
Pure IPSec configuration (without GRE tunnel) is a point to point implementation and does not support broadcast or multicast packets. Spanning-tree updates are also
a multicast traffic.
97. (QID:AN381) Which communication interaction takes place when a southbound API is used?
Your Answer: Between the SDN controller and switches and routers on the network.
Correct Answer: Between the SDN controller and switches and routers on the network.
Explanation:
SDN Southbound APIs
Software-defined southbound application program interfaces (SDN southbound APIs) are used to communicate between the SDN Controller and the switches and
routers of the network. They can be open-source or proprietary.
Southbound APIs facilitate control over the network and enable the SDN Controller to dynamically make changes according to real-time demands and needs.
OpenFlow, which was developed by the Open Networking Foundation (ONF), is the first and probably the most well-known southbound interface.
98. (QID:AN386) How does WPA3 improve security?
Your Answer: It uses SAE for authentication.
Correct Answer: It uses SAE for authentication.
Explanation:
Cisco supports two WPA3 modes:
WPA3-Personal allows for better password-based authentication even when using non-complex combinations. WPA3 uses Simultaneous Authentication of Equals
(SAE) to provide stronger defenses against password guessing. SAE is a secure key establishment protocol.
WPA3-Enterprise provides additional protections for networks transmitting sensitive data by offering the equivalent of 192-bit cryptographic strength. WPA3 networks
use a suite of 192-bit cryptographic tools to ensure consistent protection across networks.
99. (QID:AN392) An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1
must transmit packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used?
Your Answer: interface fastethernet0/1

switchport priority extend cos 7
Correct Answer: interface fastethernet0/1

switchport priority extend cos 7
Explanation:
The switchport priority extend cos 7 command sets the access port of switch (connected to IP phone) to override the priority received from the attached PC or other
device, with the highest priority 7 (used for voice traffic).
100. (QID:AN418) Refer to the exhibit. Which action must be taken to ensure that RouterA is elected as the DR for OSPF area 0?
Exhibit
Your Answer: Configure the RouterA interfaces with the highest OSPF priority value within the area.
Correct Answer: Configure the RouterA interfaces with the highest OSPF priority value within the area.
Retake this test with (5) incorrectly answered question(s)
Repeat this test with the same set of (100) question(s)
Close this window

Prova Ccna Emulador

Uploaded by

Copyright:

Available Formats

Prova Ccna Emulador

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Prova Ccna Emulador

Uploaded by

Copyright:

Available Formats

14/02/2022 22:22 How2Pass CCNA 200-301 Online Practice Tests - (Test Engine v4.7.

How2Pass CCNA 200-301 Online Practice Tests

Test #09: Random Test from all exam topics

How2Pass Test Score Report Print this page

Test Taker's Name : el_buffalo

Your score: 95%

Passing score: 82.5%

Your time is: 0 hr 25 min 15 sec

Section 0% 50% 100% Score

Correct Answers/Explanations are given below

Router(config)#interface GigabitEthernet 1/0/1

Router(config-if)#ip address 192.168.16.143 255.255.255.240

Your Answer: It is a broadcast IP address.

Correct Answer: It is a broadcast IP address.

192.168.16.128 (given IP address belongs to this subnet)

So, the subnet ID for the given IP address = 192.168.16.128

The broadcast address = 192.168.16.143

Current host range = 192.168.16.129 - 192.168.16.142

Your Answer: There is a native VLAN mismatch.

Correct Answer: There is a native VLAN mismatch.

Correct Answer: active

7. (QID:AN036) Which 802.11 frame type is association response?

Correct Answer: management

Your Answer: network route

Correct Answer: network route

Correct Answer: 172.16.15.10

The OSPF router ID is chosen according to the following criteria:

AAA (Authentication, Authorization, Accounting)

Correct Answer: testing1234

Correct Answer: southbound

Correct Answer: 1:H,2:H,3:H,4:N,5:N

holds the TCP/IP settings to be distributed to the clients.

resolves web URLs to IP addresses.

Correct Answer: 1:D,2:B,3:C,4:A

802.1q double tagging: Configure VACL.

Correct Answer: 1:E,2:A,3:D,4:B,5:C

Wireless LAN controller: device that manages access points.

Correct Answer: 1:E,2:A,3:B,4:G,5:D

A => route source

Correct Answer: FF01::101

21. (QID:AX005) Which of the following is true about access point?

Your Answer: It is flooded.

Correct Answer: It is flooded.

Your Answer: The passive-interface command is configured on the connected interfaces.

The two routers are using the same router ID.

Your Answer: The router is part of a stub network.

Your Answer: ntp master

Correct Answer: ntp master

R1(config)#ntp server 192.168.0.100

To verify NTP status, use the show ntp status command.

Standard Access Control List

Your Answer: Router2 is using the default hello timer.

Correct Answer: Router2 is using the default hello timer.

OSPF Hello and Dead Interval

Your Answer: 10.10.225.32 255.255.255.224

Correct Answer: 10.10.225.32 255.255.255.224

Floating Static Route

Your Answer: switchport trunk native vlan 67