Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 4: Cisco Certified Network Associate (CCNA)

Full screen (f)
exit full mode
Question
<strong> Refer to the exhibit. Which command provides this output?</strong> A) show ip route B) show cdp neighbor C) show ip interface D) show interface <div style=padding-top: 35px> Refer to the exhibit. Which command provides this output?

A) show ip route
B) show cdp neighbor
C) show ip interface
D) show interface
Use Space or
up arrow
down arrow
to flip the card.
Question
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

A) Platinum
B) Bronze
C) Gold
D) Silver
Question
<strong> Refer to the exhibit. Which statement explains the configuration error message that is received?</strong> A) It belongs to a private IP address range. B) The router does not support /28 mask. C) It is a network IP address. D) It is a broadcast IP address. <div style=padding-top: 35px> Refer to the exhibit. Which statement explains the configuration error message that is received?

A) It belongs to a private IP address range.
B) The router does not support /28 mask.
C) It is a network IP address.
D) It is a broadcast IP address.
Question
Which IPv6 address block sends packets to a group address rather than a single address?

A) 2000::/3
B) FC00::/7
C) FE80::/10
D) FF00::/8
Question
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two.)

A) input errors
B) frame
C) giants
D) CRC
E) runts
Question
What is the primary effect of the spanning-tree portfast command?

A) It immediately enables the port in the listening state.
B) It immediately puts the port into the forwarding state when the switch is reloaded.
C) It enables BPDU messages.
D) It minimizes spanning-tree convergence time.
Question
<strong> Refer to the exhibit. Which action do the switches take on the trunk link?</strong> A) The trunk does not form, and the ports go into an err-disabled status. B) The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain. C) The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state. D) The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link. <div style=padding-top: 35px> Refer to the exhibit. Which action do the switches take on the trunk link?

A) The trunk does not form, and the ports go into an err-disabled status.
B) The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain.
C) The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state.
D) The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
Question
<strong> Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?</strong> A) default route B) network route C) host route D) floating static route <div style=padding-top: 35px> Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?

A) default route
B) network route
C) host route
D) floating static route
Question
An engineer must configure a /30 subnet between two routes. Which usable IP address and subnet mask combination meets this criteria?

A) interface e0/0 description to HQ-A370:98968 ip address 10.2.1.3 255.255.255.252
B) ip address 192.168.1.1 255.255.255.248
C) ip address 172.16.1.4 255.255.255.248
D) ip address 209.165.201.2 225.255.255.252
Question
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.)

A) QoS settings
B) IP address of one or more access points
C) SSID
D) profile name
E) management interface settings
Question
Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two.)

A) IP routing must be enabled on the switch.
B) A console password must be configured on the switch.
C) Telnet must be disabled on the switch.
D) The switch must be running a k9 (crypto) IOS image.
E) The ip domain-name command must be configured on the switch. The ip domain-name command must be configured on the switch.
Question
Which 802.11 frame type is association response?

A) management
B) protected frame
C) action
D) control
Question
<strong> Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?</strong> A) 10.10.10.0/28 B) 10.10.13.0/25 C) 10.10.13.144/28 D) 10.10.13.208/29 <div style=padding-top: 35px> Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?

A) 10.10.10.0/28
B) 10.10.13.0/25
C) 10.10.13.144/28
D) 10.10.13.208/29
Question
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two.)

A) when Carrier Sense Multiple Access/Collision Detection is used
B) when one side of the connection is configured for half-duplex
C) when the sending device waits 15 seconds before sending the frame again
D) when a collision occurs after the 32nd byte of a frame has been transmitted
E) when the cable length limits are exceeded
Question
Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?

A) ipv6 address dhcp
B) ipv6 address 2001:DB8:5:112::/64 eui-64
C) ipv6 address autoconfig
D) ipv6 address 2001:DB8:5:112::2/64 link-local
Question
Which IPv6 address type communication between subnets and cannot route on the Internet?

A) link-local
B) unique local
C) multicast
D) global unicast
Question
Which statement about Link Aggregation when implementing on a Cisco Wireless LAN Controller is true?

A) The EtherChannel must be configured in "mode active".
B) When enabled, the WLC bandwidth drops to 500 Mbps.
C) To pass client traffic, two or more ports must be configured.
D) One functional physical port is needed to pass client traffic.
Question
Which statement identifies the functionality of virtual machines?

A) The hypervisor communicates on Layer 3 without the need for additional resources.
B) Each hypervisor can support a single virtual machine and a single software switch.
C) The hypervisor can virtual physical components including CPU, memory, and storage.
D) Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
Question
Which action is taken by switch port enabled for PoE power classification override?

A) If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled.
B) When a powered device begins drawing power from a PoE switch port, a syslog message is generated.
C) As power usage on a PoE switch port is checked, data flow to the connected device is temporarily paused.
D) If a switch determines that a device is using less than the minimum configured power, it assumes the device has failed and disconnects it.
Question
In which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required?

A) A spine switch and a leaf switch can be added with redundant connections between them.
B) A spine switch can be added with at least 40 GB uplinks.
C) A leaf switch can be added with connections to every spine switch.
D) A leaf switch can be added with a single connection to a core spine switch.
Question
A user configured OSPF in a single area between two routers. A serial interface connecting R1 and R2 is running encapsulation PPP. By default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

A) nonbroadcast
B) point-to-point
C) point-to-multipoint
D) broadcast
Question
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

A) The administrative distance must be higher on the primary route so that the backup route becomes secondary.
B) The default-information originate command must be configured for the route to be installed into the routing table. The default-information originate command must be configured for the route to be installed into the routing table.
C) The floating static route must have a lower administrative distance that the primary route so it is used as a backup.
D) The floating static route must have a higher administrative distance that the primary route so it is used as a backup
Question
When OSPF learns multiple paths to a network, how does it select a route?

A) For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.
B) It counts the number of hops between the source router and the destination to determine the route with the lowest metric.
C) It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the exiting interface to calculate the route with the lowest cost.
D) It multiples the active K values by 256 to calculate the route with the lowest metric.
Question
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

A) lldp timer
B) lldp tlv-select
C) lldp reinit
D) lldp holdtime
Question
<strong> Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?</strong> A) It sends packets out of interface Fa0/1 only. B) It sends packets out of interface Fa0/2 only. C) It load-balances traffic out of Fa0/1 and Fa0/2. D) It cannot send packets to 10.10.13.128/25. <div style=padding-top: 35px> Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

A) It sends packets out of interface Fa0/1 only.
B) It sends packets out of interface Fa0/2 only.
C) It load-balances traffic out of Fa0/1 and Fa0/2.
D) It cannot send packets to 10.10.13.128/25.
Question
Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Auto and SW2 is set to Dynamic Desirable. What is the result of this configuration?

A) The link becomes an access port.
B) The link is in an error disabled state.
C) The link is in a down state.
D) The link becomes a trunk port.
Question
A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

A) as-path
B) administrative distance
C) metric
D) cost
Question
<strong> Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?</strong> A) mode on B) active C) passive D) auto <div style=padding-top: 35px> Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

A) mode on
B) active
C) passive
D) auto
Question
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, which type of OSPF network does this interface belong to?

A) point-to-multipoint
B) point-to-point
C) broadcast
D) nonbroadcast
Question
A Cisco IP phone receives untagged data traffic from an attached PC. Which action is taken by the phone?

A) It drops the traffic.
B) It allows the traffic to pass through unchanged.
C) It tags the traffic with the native VLAN.
D) It tags the traffic with the default VLAN.
Question
If a notice-level message is sent to a syslog server, which event has occurred?

A) A network device has restarted.
B) A debug operation is running.
C) A routing instance has flapped.
D) An ARP inspection has failed.
Question
<strong> Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet. Which action corrects the configuration issue?</strong> A) Add the default-information originate command on R2. Add the command on R2. B) Add the always keyword to the default-information originate command on R1. always keyword to the command on R1. C) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 D) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2. ip route 0.0.0.0 0.0.0.0 10.10.10.2 <div style=padding-top: 35px> Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet. Which action corrects the configuration issue?

A) Add the default-information originate command on R2. Add the command on R2.
B) Add the always keyword to the default-information originate command on R1. always keyword to the command on R1.
C) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18
D) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2. ip route 0.0.0.0 0.0.0.0 10.10.10.2
Question
Which MAC address is recognized as a VRRP virtual address?

A) 0000.5E00.010a
B) 0005.3709.8968
C) 0000.0C07.AC99
D) 0007.C070.AB01
Question
<strong> Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?</strong> A) A point-to-point network type is configured. B) The interface is not participating in OSPF. C) The default Hello and Dead timers are in use. D) There are six OSPF neighbors on this interface. <div style=padding-top: 35px> Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

A) A point-to-point network type is configured.
B) The interface is not participating in OSPF.
C) The default Hello and Dead timers are in use.
D) There are six OSPF neighbors on this interface.
Question
Which design element is a best practice when deploying an 802.11b wireless infrastructure?

A) allocating nonoverlapping channels to access points that are in close physical proximity to one another
B) disabling TCP so that access points can negotiate signal levels with their attached wireless devices
C) configuring access points to provide clients with a maximum of 5 Mbps
D) setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
Question
Which two outcomes are predictable behaviors for HSRP? (Choose two.)

A) The two routers negotiate one router as the active router and the other as the standby router.
B) The two routers share the same interface IP address, and default gateway traffic is load-balanced between them.
C) The two routers synchronize configurations to provide consistent packet forwarding.
D) Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them.
E) The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
Question
<strong> Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?</strong> A) Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces. B) Traffic to 10.10.13.0/25 is asymmetrical. C) Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1. D) Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table. <div style=padding-top: 35px> Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?

A) Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces.
B) Traffic to 10.10.13.0/25 is asymmetrical.
C) Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
D) Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table.
Question
Router A learns the same route from two different neighbors; one of the neighbor routers is an OSPF neighbor, and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

A) 20
B) 90
C) 110
D) 115
Question
<strong> Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?</strong> A) It transmits and processes VTP updates from any VTP clients on the network on its trunk ports. B) It processes VTP updates from any VTP clients on the network on its access ports. C) It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports. D) It forwards only the VTP advertisements that it receives on its trunk ports. <div style=padding-top: 35px> Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?

A) It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.
B) It processes VTP updates from any VTP clients on the network on its access ports.
C) It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
D) It forwards only the VTP advertisements that it receives on its trunk ports.
Question
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?

A) Init
B) 2-way
C) Exchange
D) Full
Question
Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

A) enable secret
B) enable password
C) service password-encryption
D) username cisco password encrypt
Question
Which configuration is needed to generate an RSA key for SSH on a router?

A) Configure VTY access.
B) Configure the version of SSH.
C) Assign a DNS domain name.
D) Create a user with a password.
Question
What makes Cisco DNA Center different from traditional network management applications and their management of networks?

A) Its modular design allows someone to implement different versions to meet the specific needs of an organization.
B) It only supports auto-discovery of network elements in a greenfield deployment.
C) It does not support high availability of management functions when operating in cluster mode.
D) It abstracts policy from the actual device configuration.
Question
<strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) <div style=padding-top: 35px> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?

A) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) <div style=padding-top: 35px>
B) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) <div style=padding-top: 35px>
C) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) <div style=padding-top: 35px>
D) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) <div style=padding-top: 35px>
Question
When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

A) IPsec
B) IKEv1
C) MD5
D) IKEv2
Question
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

A) TACACS
B) CPU ACL
C) Flex ACL
D) RADIUS
Question
<strong> Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.)</strong> A) Add a permit ip any any statement at the end of ACL 101 for allowed traffic. B) Add a permit ip any any statement to the beginning of ACL 101 for allowed traffic. C) The ACL must be moved to the Gi0/1 interface outbound on R2. D) The source and destination IPs must be swapped in ACL 101. E) The ACL must be configured the Gi0/2 interface inbound on R1. <div style=padding-top: 35px> Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.)

A) Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic.
B) Add a "permit ip any any" statement to the beginning of ACL 101 for allowed traffic.
C) The ACL must be moved to the Gi0/1 interface outbound on R2.
D) The source and destination IPs must be swapped in ACL 101.
E) The ACL must be configured the Gi0/2 interface inbound on R1.
Question
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe, but the link could have contained malicious code. Which type of security program is in place?

A) user awareness
B) brute force attack
C) physical access control
D) social engineering attack
Question
Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two.)

A) Enable NTP authentication.
B) Verify the time zone.
C) Specify the IP address of the NTP server.
D) Set the NTP server private key.
E) Disable NTP broadcasts.
Question
Which type of wireless encryption is used for WPA2 in preshared key mode?

A) AES-128
B) TKIP with RC4
C) AES-256
D) RC4
Question
Which statement correctly compares traditional networks and controller-based networks?

A) Only controller-based networks decouple the control plane and the data plane.
B) Traditional and controller-based networks abstract policies from device configurations.
C) Only traditional networks natively support centralized management.
D) Only traditional networks offer a centralized control plane.
Question
Which output displays a JSON data representation?

A) <strong>Which output displays a JSON data representation?</strong> A) B) C) D) <div style=padding-top: 35px>
B) <strong>Which output displays a JSON data representation?</strong> A) B) C) D) <div style=padding-top: 35px>
C) <strong>Which output displays a JSON data representation?</strong> A) B) C) D) <div style=padding-top: 35px>
D) <strong>Which output displays a JSON data representation?</strong> A) B) C) D) <div style=padding-top: 35px>
Question
What are two benefits of network automation? (Choose two.)

A) reduced hardware footprint
B) reduced operational costs
C) faster changes with more reliable results
D) fewer network failures
E) increased network security
Question
What is the primary difference between AAA authentication and authorization?

A) Authentication identifies and verifies a user who is attempting to access a system, and authorization controls that tasks the user can perform.
B) Authentication controls the system processes a user can access, and authorization logs the activities the user initiates.
C) Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.
D) Authentication identifies a user who is attempting to access a system, and authorization validates the user's password.
Question
<strong> Refer to the exhibit. What is the effect of this configuration?</strong> A) The switch port remains administratively down until the interface is connected to another switch. B) Dynamic ARP Inspection is disabled because the ARP ACL is missing. C) The switch port interface trust state becomes untrusted. D) The switch port remains down until it is configured to trust or untrust incoming packets. <div style=padding-top: 35px> Refer to the exhibit. What is the effect of this configuration?

A) The switch port remains administratively down until the interface is connected to another switch.
B) Dynamic ARP Inspection is disabled because the ARP ACL is missing.
C) The switch port interface trust state becomes untrusted.
D) The switch port remains down until it is configured to trust or untrust incoming packets.
Question
Which set of actions satisfy the requirement for multifactor authentication?

A) The user enters a user name and password, and then re-enters the credentials on a second screen.
B) The user swipes a key fob, then clicks through an email link.
C) The user enter a user name and password, and then clicks a notification in an authentication app on a mobile device.
D) The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.
Question
What are two characteristics of a controller-based network? (Choose two.)

A) It uses Telnet to report system issues.
B) The administrator can make configuration updates from the CLI.
C) It uses northbound and southbound APIs to communicate between architectural layers.
D) It decentralizes the control plane, which allows each device to make its own forwarding decisions.
E) It moves the control plane to a central point.
Question
Which two encoding methods are supported by REST APIs? (Choose two.)

A) SGML
B) YAML
C) XML
D) JSON
E) EBCDIC
Question
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two.)

A) Configure the ports as trunk ports.
B) Enable the Cisco Discovery Protocol.
C) Configure the port type as access and place in VLAN 99.
D) Administratively shut down the ports.
E) Configure the ports in an EtherChannel.
Question
Which command enables a router to become a DHCP client?

A) ip address dhcp
B) ip dhcp client
C) ip helper-address
D) ip dhcp pool
Question
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?

A) active
B) on
C) auto
D) desirable
Question
<strong> Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?</strong> A) 0 B) 110 C) 38443 D) 3184439 <div style=padding-top: 35px> Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

A) 0
B) 110
C) 38443
D) 3184439
Question
What is a benefit of using a Cisco Wireless LAN Controller?

A) It eliminates the need to configure each access point individually.
B) Central AP management requires more complex configurations.
C) Unique SSIDs cannot use the same authentication method.
D) It supports autonomous and lightweight APs.
Question
<strong> Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2?</strong> A) 192.168.16.0/21 B) 192.168.16.0/24 C) 192.168.26.0/26 D) 192.168.16.0/27 <div style=padding-top: 35px> Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2?

A) 192.168.16.0/21
B) 192.168.16.0/24
C) 192.168.26.0/26
D) 192.168.16.0/27
Question
Which design element is a best practice when deploying an 802.11b wireless infrastructure?

A) allocation nonoverlapping channels to access points that are in close physical proximity to one another
B) disabling TCP so that access points can negotiate signal levels with their attached wireless devices
C) configuring access points to provide clients with a maximum of 5 Mbps
D) setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
Question
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

A) platform-as-a-service
B) network-as-a-service
C) software-as-a-service
D) infrastructure-as-a-service
Question
Which two actions influence the EIGRP route selection process? (Choose two.)

A) The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
B) The router calculates the feasible distance of all paths to the destination route.
C) The router must use the advertised distance as the metric for any given route.
D) The router calculates the best backup path to the destination route and assigns it as the feasible successor.
E) The router calculates the reported distance by multiplying the delay on the exiting interface by 256.
Question
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two.)

A) It supports protocol discovery.
B) It guarantees the delivery of high-priority packets.
C) It can identify different flows with a high level of granularity.
D) It can mitigate congestion by preventing the queue from filling up.
E) It drops lower-priority packets before it drops higher-priority packets.
Question
Which network allows devices to communicate without the need to access the Internet?

A) 172.9.0.0/16
B) 172.28.0.0/16
C) 192.0.0.0/8
D) 209.165.201.0/24
Question
<strong> Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)</strong> A) Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. B) Configure the ipv6 route 2012::/126 2023::2 command on the Washington router. ipv6 route 2012::/126 2023::2 command on the Washington router. C) Configure the ipv6 route 2012::/126 2023::1 command on the Washington router. ipv6 route 2012::/126 2023::1 D) Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router. ipv6 route 2023::/126 2012::2 E) Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router. ipv6 route 2012::/126 s0/0/0 <div style=padding-top: 35px> Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)

A) Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.
B) Configure the ipv6 route 2012::/126 2023::2 command on the Washington router. ipv6 route 2012::/126 2023::2 command on the Washington router.
C) Configure the ipv6 route 2012::/126 2023::1 command on the Washington router. ipv6 route 2012::/126 2023::1
D) Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router. ipv6 route 2023::/126 2012::2
E) Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router. ipv6 route 2012::/126 s0/0/0
Question
<strong> Refer to the exhibit. Which prefix does Router1 use to Host A?</strong> A) 10.10.10.0/28 B) 10.10.13.0/25 C) 10.10.13.144/28 D) 10.10.13.208/29 <div style=padding-top: 35px> Refer to the exhibit. Which prefix does Router1 use to Host A?

A) 10.10.10.0/28
B) 10.10.13.0/25
C) 10.10.13.144/28
D) 10.10.13.208/29
Question
<strong> Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?</strong> A) 10.4.4.4 B) 10.4.4.5 C) 172.23.103.10 D) 172.23.104.4 <div style=padding-top: 35px> Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?

A) 10.4.4.4
B) 10.4.4.5
C) 172.23.103.10
D) 172.23.104.4
Question
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

A) The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table.
B) The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.
C) The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.
D) The Layer 2 switch drops the received frame.
Question
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

A) local
B) mesh
C) flexconnect
D) sniffer
Question
Which result occurs when PortFast is enabled on an interface that is connected to another switch?

A) Root port choice and spanning tree recalculation are accelerated when a switch link goes down.
B) After spanning tree converges, PortFast shuts down any port that receives BPDUs.
C) VTP is allowed to propagate VLAN configuration information from switch to switch automatically.
D) Spanning tree may fail to detect a switching loop in the network that causes broadcast storms.
Question
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

A) dual algorithm
B) metric
C) administrative distance
D) hop count
Question
How does HSRP provide first hop redundancy?

A) It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.
B) It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN.
C) It forwards multiple packets to the same destination over different routed links in the data path.
D) It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table.
Question
<strong> Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?</strong> A) It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1. B) It immediately replaces the existing OSPF route in the routing table with the newly configured static route. C) It starts load-balancing traffic between the two default routes. D) It ignores the new static route until the existing OSPF default route is removed. <div style=padding-top: 35px> Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?

A) It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1.
B) It immediately replaces the existing OSPF route in the routing table with the newly configured static route.
C) It starts load-balancing traffic between the two default routes.
D) It ignores the new static route until the existing OSPF default route is removed.
Question
R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP, and Internal EIGRP. Under normal operating conditions, which routing protocol is installed in the routing table?

A) IS-IS
B) Internal EIGRP
C) RIP
D) OSPF
Question
What is the primary effect of the spanning-tree portfast command?

A) It immediately enables the port in the listening state.
B) It immediately puts the port into the forwarding state when the switch is reloaded.
C) It enabled BPDU messages.
D) It minimizes spanning-tree convergence time.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/411
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 4: Cisco Certified Network Associate (CCNA)
1
<strong> Refer to the exhibit. Which command provides this output?</strong> A) show ip route B) show cdp neighbor C) show ip interface D) show interface Refer to the exhibit. Which command provides this output?

A) show ip route
B) show cdp neighbor
C) show ip interface
D) show interface
show cdp neighbor
2
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

A) Platinum
B) Bronze
C) Gold
D) Silver
Platinum
3
<strong> Refer to the exhibit. Which statement explains the configuration error message that is received?</strong> A) It belongs to a private IP address range. B) The router does not support /28 mask. C) It is a network IP address. D) It is a broadcast IP address. Refer to the exhibit. Which statement explains the configuration error message that is received?

A) It belongs to a private IP address range.
B) The router does not support /28 mask.
C) It is a network IP address.
D) It is a broadcast IP address.
It is a broadcast IP address.
4
Which IPv6 address block sends packets to a group address rather than a single address?

A) 2000::/3
B) FC00::/7
C) FE80::/10
D) FF00::/8
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
5
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two.)

A) input errors
B) frame
C) giants
D) CRC
E) runts
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
6
What is the primary effect of the spanning-tree portfast command?

A) It immediately enables the port in the listening state.
B) It immediately puts the port into the forwarding state when the switch is reloaded.
C) It enables BPDU messages.
D) It minimizes spanning-tree convergence time.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
7
<strong> Refer to the exhibit. Which action do the switches take on the trunk link?</strong> A) The trunk does not form, and the ports go into an err-disabled status. B) The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain. C) The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state. D) The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link. Refer to the exhibit. Which action do the switches take on the trunk link?

A) The trunk does not form, and the ports go into an err-disabled status.
B) The trunk forms, but the mismatched native VLANs are merged into a single broadcast domain.
C) The trunk forms, but VLAN 99 and VLAN 999 are in a shutdown state.
D) The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
8
<strong> Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?</strong> A) default route B) network route C) host route D) floating static route Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?

A) default route
B) network route
C) host route
D) floating static route
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
9
An engineer must configure a /30 subnet between two routes. Which usable IP address and subnet mask combination meets this criteria?

A) interface e0/0 description to HQ-A370:98968 ip address 10.2.1.3 255.255.255.252
B) ip address 192.168.1.1 255.255.255.248
C) ip address 172.16.1.4 255.255.255.248
D) ip address 209.165.201.2 225.255.255.252
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
10
Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two.)

A) QoS settings
B) IP address of one or more access points
C) SSID
D) profile name
E) management interface settings
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
11
Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two.)

A) IP routing must be enabled on the switch.
B) A console password must be configured on the switch.
C) Telnet must be disabled on the switch.
D) The switch must be running a k9 (crypto) IOS image.
E) The ip domain-name command must be configured on the switch. The ip domain-name command must be configured on the switch.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
12
Which 802.11 frame type is association response?

A) management
B) protected frame
C) action
D) control
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
13
<strong> Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?</strong> A) 10.10.10.0/28 B) 10.10.13.0/25 C) 10.10.13.144/28 D) 10.10.13.208/29 Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?

A) 10.10.10.0/28
B) 10.10.13.0/25
C) 10.10.13.144/28
D) 10.10.13.208/29
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
14
What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two.)

A) when Carrier Sense Multiple Access/Collision Detection is used
B) when one side of the connection is configured for half-duplex
C) when the sending device waits 15 seconds before sending the frame again
D) when a collision occurs after the 32nd byte of a frame has been transmitted
E) when the cable length limits are exceeded
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
15
Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?

A) ipv6 address dhcp
B) ipv6 address 2001:DB8:5:112::/64 eui-64
C) ipv6 address autoconfig
D) ipv6 address 2001:DB8:5:112::2/64 link-local
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
16
Which IPv6 address type communication between subnets and cannot route on the Internet?

A) link-local
B) unique local
C) multicast
D) global unicast
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
17
Which statement about Link Aggregation when implementing on a Cisco Wireless LAN Controller is true?

A) The EtherChannel must be configured in "mode active".
B) When enabled, the WLC bandwidth drops to 500 Mbps.
C) To pass client traffic, two or more ports must be configured.
D) One functional physical port is needed to pass client traffic.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
18
Which statement identifies the functionality of virtual machines?

A) The hypervisor communicates on Layer 3 without the need for additional resources.
B) Each hypervisor can support a single virtual machine and a single software switch.
C) The hypervisor can virtual physical components including CPU, memory, and storage.
D) Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
19
Which action is taken by switch port enabled for PoE power classification override?

A) If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled.
B) When a powered device begins drawing power from a PoE switch port, a syslog message is generated.
C) As power usage on a PoE switch port is checked, data flow to the connected device is temporarily paused.
D) If a switch determines that a device is using less than the minimum configured power, it assumes the device has failed and disconnects it.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
20
In which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required?

A) A spine switch and a leaf switch can be added with redundant connections between them.
B) A spine switch can be added with at least 40 GB uplinks.
C) A leaf switch can be added with connections to every spine switch.
D) A leaf switch can be added with a single connection to a core spine switch.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
21
A user configured OSPF in a single area between two routers. A serial interface connecting R1 and R2 is running encapsulation PPP. By default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

A) nonbroadcast
B) point-to-point
C) point-to-multipoint
D) broadcast
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
22
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

A) The administrative distance must be higher on the primary route so that the backup route becomes secondary.
B) The default-information originate command must be configured for the route to be installed into the routing table. The default-information originate command must be configured for the route to be installed into the routing table.
C) The floating static route must have a lower administrative distance that the primary route so it is used as a backup.
D) The floating static route must have a higher administrative distance that the primary route so it is used as a backup
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
23
When OSPF learns multiple paths to a network, how does it select a route?

A) For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.
B) It counts the number of hops between the source router and the destination to determine the route with the lowest metric.
C) It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the exiting interface to calculate the route with the lowest cost.
D) It multiples the active K values by 256 to calculate the route with the lowest metric.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
24
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

A) lldp timer
B) lldp tlv-select
C) lldp reinit
D) lldp holdtime
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
25
<strong> Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?</strong> A) It sends packets out of interface Fa0/1 only. B) It sends packets out of interface Fa0/2 only. C) It load-balances traffic out of Fa0/1 and Fa0/2. D) It cannot send packets to 10.10.13.128/25. Refer to the exhibit. If OSPF is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?

A) It sends packets out of interface Fa0/1 only.
B) It sends packets out of interface Fa0/2 only.
C) It load-balances traffic out of Fa0/1 and Fa0/2.
D) It cannot send packets to 10.10.13.128/25.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
26
Two switches are connected and using Cisco Dynamic Trunking Protocol. SW1 is set to Dynamic Auto and SW2 is set to Dynamic Desirable. What is the result of this configuration?

A) The link becomes an access port.
B) The link is in an error disabled state.
C) The link is in a down state.
D) The link becomes a trunk port.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
27
A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

A) as-path
B) administrative distance
C) metric
D) cost
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
28
<strong> Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?</strong> A) mode on B) active C) passive D) auto Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

A) mode on
B) active
C) passive
D) auto
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
29
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, which type of OSPF network does this interface belong to?

A) point-to-multipoint
B) point-to-point
C) broadcast
D) nonbroadcast
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
30
A Cisco IP phone receives untagged data traffic from an attached PC. Which action is taken by the phone?

A) It drops the traffic.
B) It allows the traffic to pass through unchanged.
C) It tags the traffic with the native VLAN.
D) It tags the traffic with the default VLAN.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
31
If a notice-level message is sent to a syslog server, which event has occurred?

A) A network device has restarted.
B) A debug operation is running.
C) A routing instance has flapped.
D) An ARP inspection has failed.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
32
<strong> Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet. Which action corrects the configuration issue?</strong> A) Add the default-information originate command on R2. Add the command on R2. B) Add the always keyword to the default-information originate command on R1. always keyword to the command on R1. C) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 D) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2. ip route 0.0.0.0 0.0.0.0 10.10.10.2 Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet. Which action corrects the configuration issue?

A) Add the default-information originate command on R2. Add the command on R2.
B) Add the always keyword to the default-information originate command on R1. always keyword to the command on R1.
C) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18
D) Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2. ip route 0.0.0.0 0.0.0.0 10.10.10.2
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
33
Which MAC address is recognized as a VRRP virtual address?

A) 0000.5E00.010a
B) 0005.3709.8968
C) 0000.0C07.AC99
D) 0007.C070.AB01
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
34
<strong> Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?</strong> A) A point-to-point network type is configured. B) The interface is not participating in OSPF. C) The default Hello and Dead timers are in use. D) There are six OSPF neighbors on this interface. Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

A) A point-to-point network type is configured.
B) The interface is not participating in OSPF.
C) The default Hello and Dead timers are in use.
D) There are six OSPF neighbors on this interface.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
35
Which design element is a best practice when deploying an 802.11b wireless infrastructure?

A) allocating nonoverlapping channels to access points that are in close physical proximity to one another
B) disabling TCP so that access points can negotiate signal levels with their attached wireless devices
C) configuring access points to provide clients with a maximum of 5 Mbps
D) setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
36
Which two outcomes are predictable behaviors for HSRP? (Choose two.)

A) The two routers negotiate one router as the active router and the other as the standby router.
B) The two routers share the same interface IP address, and default gateway traffic is load-balanced between them.
C) The two routers synchronize configurations to provide consistent packet forwarding.
D) Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them.
E) The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
37
<strong> Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?</strong> A) Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces. B) Traffic to 10.10.13.0/25 is asymmetrical. C) Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1. D) Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router 1. The new circuit uses eBGP and learns the route to VLAN25 from the BGP path. What is the expected behavior for the traffic flow for route 10.10.13.0/25?

A) Traffic to 10.10.13.0/25 is load balanced out of multiple interfaces.
B) Traffic to 10.10.13.0/25 is asymmetrical.
C) Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
D) Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
38
Router A learns the same route from two different neighbors; one of the neighbor routers is an OSPF neighbor, and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

A) 20
B) 90
C) 110
D) 115
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
39
<strong> Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?</strong> A) It transmits and processes VTP updates from any VTP clients on the network on its trunk ports. B) It processes VTP updates from any VTP clients on the network on its access ports. C) It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports. D) It forwards only the VTP advertisements that it receives on its trunk ports. Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?

A) It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.
B) It processes VTP updates from any VTP clients on the network on its access ports.
C) It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
D) It forwards only the VTP advertisements that it receives on its trunk ports.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
40
An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?

A) Init
B) 2-way
C) Exchange
D) Full
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
41
Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

A) enable secret
B) enable password
C) service password-encryption
D) username cisco password encrypt
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
42
Which configuration is needed to generate an RSA key for SSH on a router?

A) Configure VTY access.
B) Configure the version of SSH.
C) Assign a DNS domain name.
D) Create a user with a password.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
43
What makes Cisco DNA Center different from traditional network management applications and their management of networks?

A) Its modular design allows someone to implement different versions to meet the specific needs of an organization.
B) It only supports auto-discovery of network elements in a greenfield deployment.
C) It does not support high availability of management functions when operating in cluster mode.
D) It abstracts policy from the actual device configuration.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
44
<strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D) Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?

A) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D)
B) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D)
C) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D)
D) <strong> Refer to the exhibit. A network engineer must block access for all computers on VLAN 20 to the web server via HTTP. All other computer must be able to access the web server. Which configuration when applied to Switch A accomplishes the task?</strong> A) B) C) D)
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
45
When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

A) IPsec
B) IKEv1
C) MD5
D) IKEv2
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
46
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

A) TACACS
B) CPU ACL
C) Flex ACL
D) RADIUS
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
47
<strong> Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.)</strong> A) Add a permit ip any any statement at the end of ACL 101 for allowed traffic. B) Add a permit ip any any statement to the beginning of ACL 101 for allowed traffic. C) The ACL must be moved to the Gi0/1 interface outbound on R2. D) The source and destination IPs must be swapped in ACL 101. E) The ACL must be configured the Gi0/2 interface inbound on R1. Refer to the exhibit. An extended ACL has been configured and applied to router R2. The configuration failed to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the 10.0.10.0/26 subnet while still allowing all other traffic? (Choose two.)

A) Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic.
B) Add a "permit ip any any" statement to the beginning of ACL 101 for allowed traffic.
C) The ACL must be moved to the Gi0/1 interface outbound on R2.
D) The source and destination IPs must be swapped in ACL 101.
E) The ACL must be configured the Gi0/2 interface inbound on R1.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
48
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe, but the link could have contained malicious code. Which type of security program is in place?

A) user awareness
B) brute force attack
C) physical access control
D) social engineering attack
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
49
Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two.)

A) Enable NTP authentication.
B) Verify the time zone.
C) Specify the IP address of the NTP server.
D) Set the NTP server private key.
E) Disable NTP broadcasts.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
50
Which type of wireless encryption is used for WPA2 in preshared key mode?

A) AES-128
B) TKIP with RC4
C) AES-256
D) RC4
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
51
Which statement correctly compares traditional networks and controller-based networks?

A) Only controller-based networks decouple the control plane and the data plane.
B) Traditional and controller-based networks abstract policies from device configurations.
C) Only traditional networks natively support centralized management.
D) Only traditional networks offer a centralized control plane.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
52
Which output displays a JSON data representation?

A) <strong>Which output displays a JSON data representation?</strong> A) B) C) D)
B) <strong>Which output displays a JSON data representation?</strong> A) B) C) D)
C) <strong>Which output displays a JSON data representation?</strong> A) B) C) D)
D) <strong>Which output displays a JSON data representation?</strong> A) B) C) D)
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
53
What are two benefits of network automation? (Choose two.)

A) reduced hardware footprint
B) reduced operational costs
C) faster changes with more reliable results
D) fewer network failures
E) increased network security
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
54
What is the primary difference between AAA authentication and authorization?

A) Authentication identifies and verifies a user who is attempting to access a system, and authorization controls that tasks the user can perform.
B) Authentication controls the system processes a user can access, and authorization logs the activities the user initiates.
C) Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.
D) Authentication identifies a user who is attempting to access a system, and authorization validates the user's password.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
55
<strong> Refer to the exhibit. What is the effect of this configuration?</strong> A) The switch port remains administratively down until the interface is connected to another switch. B) Dynamic ARP Inspection is disabled because the ARP ACL is missing. C) The switch port interface trust state becomes untrusted. D) The switch port remains down until it is configured to trust or untrust incoming packets. Refer to the exhibit. What is the effect of this configuration?

A) The switch port remains administratively down until the interface is connected to another switch.
B) Dynamic ARP Inspection is disabled because the ARP ACL is missing.
C) The switch port interface trust state becomes untrusted.
D) The switch port remains down until it is configured to trust or untrust incoming packets.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
56
Which set of actions satisfy the requirement for multifactor authentication?

A) The user enters a user name and password, and then re-enters the credentials on a second screen.
B) The user swipes a key fob, then clicks through an email link.
C) The user enter a user name and password, and then clicks a notification in an authentication app on a mobile device.
D) The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
57
What are two characteristics of a controller-based network? (Choose two.)

A) It uses Telnet to report system issues.
B) The administrator can make configuration updates from the CLI.
C) It uses northbound and southbound APIs to communicate between architectural layers.
D) It decentralizes the control plane, which allows each device to make its own forwarding decisions.
E) It moves the control plane to a central point.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
58
Which two encoding methods are supported by REST APIs? (Choose two.)

A) SGML
B) YAML
C) XML
D) JSON
E) EBCDIC
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
59
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two.)

A) Configure the ports as trunk ports.
B) Enable the Cisco Discovery Protocol.
C) Configure the port type as access and place in VLAN 99.
D) Administratively shut down the ports.
E) Configure the ports in an EtherChannel.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
60
Which command enables a router to become a DHCP client?

A) ip address dhcp
B) ip dhcp client
C) ip helper-address
D) ip dhcp pool
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
61
Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?

A) active
B) on
C) auto
D) desirable
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
62
<strong> Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?</strong> A) 0 B) 110 C) 38443 D) 3184439 Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

A) 0
B) 110
C) 38443
D) 3184439
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
63
What is a benefit of using a Cisco Wireless LAN Controller?

A) It eliminates the need to configure each access point individually.
B) Central AP management requires more complex configurations.
C) Unique SSIDs cannot use the same authentication method.
D) It supports autonomous and lightweight APs.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
64
<strong> Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2?</strong> A) 192.168.16.0/21 B) 192.168.16.0/24 C) 192.168.26.0/26 D) 192.168.16.0/27 Refer to the exhibit. Which route does R1 select for traffic that is destined to 192.168.16.2?

A) 192.168.16.0/21
B) 192.168.16.0/24
C) 192.168.26.0/26
D) 192.168.16.0/27
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
65
Which design element is a best practice when deploying an 802.11b wireless infrastructure?

A) allocation nonoverlapping channels to access points that are in close physical proximity to one another
B) disabling TCP so that access points can negotiate signal levels with their attached wireless devices
C) configuring access points to provide clients with a maximum of 5 Mbps
D) setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
66
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

A) platform-as-a-service
B) network-as-a-service
C) software-as-a-service
D) infrastructure-as-a-service
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
67
Which two actions influence the EIGRP route selection process? (Choose two.)

A) The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
B) The router calculates the feasible distance of all paths to the destination route.
C) The router must use the advertised distance as the metric for any given route.
D) The router calculates the best backup path to the destination route and assigns it as the feasible successor.
E) The router calculates the reported distance by multiplying the delay on the exiting interface by 256.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
68
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two.)

A) It supports protocol discovery.
B) It guarantees the delivery of high-priority packets.
C) It can identify different flows with a high level of granularity.
D) It can mitigate congestion by preventing the queue from filling up.
E) It drops lower-priority packets before it drops higher-priority packets.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
69
Which network allows devices to communicate without the need to access the Internet?

A) 172.9.0.0/16
B) 172.28.0.0/16
C) 192.0.0.0/8
D) 209.165.201.0/24
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
70
<strong> Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)</strong> A) Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. B) Configure the ipv6 route 2012::/126 2023::2 command on the Washington router. ipv6 route 2012::/126 2023::2 command on the Washington router. C) Configure the ipv6 route 2012::/126 2023::1 command on the Washington router. ipv6 route 2012::/126 2023::1 D) Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router. ipv6 route 2023::/126 2012::2 E) Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router. ipv6 route 2012::/126 s0/0/0 Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)

A) Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.
B) Configure the ipv6 route 2012::/126 2023::2 command on the Washington router. ipv6 route 2012::/126 2023::2 command on the Washington router.
C) Configure the ipv6 route 2012::/126 2023::1 command on the Washington router. ipv6 route 2012::/126 2023::1
D) Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router. ipv6 route 2023::/126 2012::2
E) Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router. ipv6 route 2012::/126 s0/0/0
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
71
<strong> Refer to the exhibit. Which prefix does Router1 use to Host A?</strong> A) 10.10.10.0/28 B) 10.10.13.0/25 C) 10.10.13.144/28 D) 10.10.13.208/29 Refer to the exhibit. Which prefix does Router1 use to Host A?

A) 10.10.10.0/28
B) 10.10.13.0/25
C) 10.10.13.144/28
D) 10.10.13.208/29
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
72
<strong> Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?</strong> A) 10.4.4.4 B) 10.4.4.5 C) 172.23.103.10 D) 172.23.104.4 Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?

A) 10.4.4.4
B) 10.4.4.5
C) 172.23.103.10
D) 172.23.104.4
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
73
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

A) The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table.
B) The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.
C) The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.
D) The Layer 2 switch drops the received frame.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
74
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

A) local
B) mesh
C) flexconnect
D) sniffer
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
75
Which result occurs when PortFast is enabled on an interface that is connected to another switch?

A) Root port choice and spanning tree recalculation are accelerated when a switch link goes down.
B) After spanning tree converges, PortFast shuts down any port that receives BPDUs.
C) VTP is allowed to propagate VLAN configuration information from switch to switch automatically.
D) Spanning tree may fail to detect a switching loop in the network that causes broadcast storms.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
76
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

A) dual algorithm
B) metric
C) administrative distance
D) hop count
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
77
How does HSRP provide first hop redundancy?

A) It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.
B) It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN.
C) It forwards multiple packets to the same destination over different routed links in the data path.
D) It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
78
<strong> Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?</strong> A) It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1. B) It immediately replaces the existing OSPF route in the routing table with the newly configured static route. C) It starts load-balancing traffic between the two default routes. D) It ignores the new static route until the existing OSPF default route is removed. Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?

A) It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1.
B) It immediately replaces the existing OSPF route in the routing table with the newly configured static route.
C) It starts load-balancing traffic between the two default routes.
D) It ignores the new static route until the existing OSPF default route is removed.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
79
R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP, and Internal EIGRP. Under normal operating conditions, which routing protocol is installed in the routing table?

A) IS-IS
B) Internal EIGRP
C) RIP
D) OSPF
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
80
What is the primary effect of the spanning-tree portfast command?

A) It immediately enables the port in the listening state.
B) It immediately puts the port into the forwarding state when the switch is reloaded.
C) It enabled BPDU messages.
D) It minimizes spanning-tree convergence time.
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 411 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree