Encor Questions Flashcards
An engineer must export the contents of the devices object in JSON format. Which statement must be use? A. json.print(Devices) B. json.loads(Devices) C. json.dumps(Devices) D. json.repr(Devices)
Answer: C
An engineer troubleshoots connectivity issues with an application. Testing is performed from the server gateway, and traffic with the DF bit set is dropped along the path after increasing packet size. Removing the DF bit setting at the gateway prevents the packets from being dropped. What is the cause of this issue?
A. PMTUD does not work due to ICMP Packet Too Big messages being dropped by an ACL
B. The remote router drops the traffic due to high CPU load
C. The server should not set the DF bit in any type of traffic that is sent toward the network
D. There is a CoPP policy in place protecting the WAN router CPU from this type of traffic
Answer: C
What is the function of Cisco DNA Center in a Cisco SD-Access deployment?
A. It is responsible for routing decisions inside the fabric
B. It is responsible for the design, management, provisioning, and assurance of the fabric network devices
C. It possesses information about all endpoints, nodes, and external networks related to the fabric
D. It provides integration and automation for all nonfabric nodes and their fabric counterparts
Answer: B
A network engineer must configure a password expiry mechanism on the gateway router for all local passwords to expire after 60 days. What is required to complete this task?
A. Add the username admin privilege 15 common-criteria-policy Administrators password 0 Cisco013579! command
B. No further action is required. The configuration is complete
C. Add the aaa authentication enable default Administrators command
D. The password expiry mechanism is on the AAA server and must be configured there
Answer: A
An engineer configures VRRP and issues the show commands to verify operation. What does the engineer confirm about VRRP group 1 from the output?
A. There is no route to 10.10.1.1/32 in R2’s routing table
B. If R1 reboots, R2 becomes the master virtual router until R2 reboots
C. Communication between VRRP members is encrypted using MD5
D. R1 is master if 10.10.1.1/32 is in its routing table
Answer: D
What are two benefits of YANG? (Choose two)
A. It collects statistical constraint analysis information
B. In enforces the use of specific encoding format for NETCONF
C. In enforces configuration semantics
D. It enables multiple leaf statements to exist within a leaf list E. It enforces configuration constraints
Answer: B E
An engineer configures VRRP and issues the show commands to verify operation. What does the engineer confirm about VRRP group 1 from the output?
A. There is no route to 10.10.1.1/32 in R2’s routing table
B. If R1 reboots, R2 becomes the master virtual router until R2 reboots
C. Communication between VRRP members is encrypted using MD5
D. R1 is master if 10.10.1.1/32 is in its routing table
Answer: D
An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where should the SNMP table option be added? A. under the interface B. under the flow record C. under the flow monitor D. under the flow exporter
Answer: D
What is the effect of these commands on the BR and HQ tunnel interfaces?
A. The tunnel line protocol goes down when the keepalive counter reaches 6
B. The keepalives are sent every 5 seconds and 3 retries
C. The keepalives are sent every 3 seconds and 5 retries.
D. The tunnel line protocol goes down when the keepalive counter reaches 5
Answer: B
In Cisco SD-WAN, which protocol is used to measure link quality? A. OMP B. BFD C. RSVP D. IPsec
Answer: B
What is used to perform QoS packet classification?
A. the Options field in the Layer 3 header
B. the Type field in the Layer 2 frame
C. the Flags field in the Layer 3 header
D. the ToS field in the Layer 3 header
Answer: D
Which HTTP code must be returned to prevent the script from exiting? A. 200 B. 201 C. 300 D. 301
Answer: A
Which LISP component is required for a LISP site to communicate with a non-LISP site? A. ETR B. ITR C. Proxy ETR D. Proxy ITR
Answer: C
What is a characteristic of a next-generation firewall?
A. only required at the network perimeter
B. required in each layer of the network
C. filters traffic using Layer 3 and Layer 4 information only
D. provides intrusion prevention
Answer: D
Which technology is used as the basis for the Cisco SD-Access data plane? A. IPsec B. LISP C. VXLAN D. 802.1Q
Answer: C
“HTTP/1.1 204 content” is returned when cur -l -x DELETE command is issued. Which situation has occurred?
A. The object could not be located at the URI path
B. The command succeeded in deleting the object
C. The object was located at the URI, but it could not be deleted
D. The URI was invalid
Answer: B
An engineer must provide wireless converge in a square office. The engineer has only one AP and believes that it should be placed it in the middle of the room. Which antenna type should the engineer use? A. directional B. polarized C. Yagi D. omnidirectional
Answer: D
While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message:
Which configuration change must the engineer make?
A. Change the HSRP group configuration on the remote router to 1
B. Change the HSRP virtual address on the local router to 10.1.1.1
C. Change the HSRP virtual address on the remote router to 10.1.1.1
D. Change the HSRP group configuration on the local router to 1
Answer: B
What is a characteristic of YANG?
A. It is a Cisco proprietary language that models NETCONF data
B. It allows model developers to create custom data types
C. It structures data in an object-oriented fashion to promote model reuse
D. It provides loops and conditionals to control now within models
Answer: C
What is the function of the LISP map resolver?
A. to send traffic to non-LISP sites when connected to a service provider that does not accept nonroutable EIDs as packet sources
B. to connect a site to the LISP-capable part of a core network, publish the EID-to-RLOC mappings for the site and respond to map-request messages
C. to decapsulate map-request messages from ITRs and forward the messages to the MS
D. to advertise routable non-USP traffic from one address family to LISP sites in a different address family
Answer: C
Drag and drop the snippets onto the blanks within the code construct a script that configure a loopback interface with an IP address. Not all options are used.
1 – E
2 – F
3 – D
4 – C
Drag and drop the characteristics from the left onto the orchestration tools they describe on the right.
Ansible
+ utilizes a push model
+ primary/secondary architecture
Puppet
+ utilizes a pull model
+ multimaster architecture
How was spanning-tree configured on this interface?
A. By entering the command spanning-tree portfast trunk in the interface configuration mode.
B. By entering the command spanning-tree portfast in the interface configuration mode
C. By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode
D. By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration mode
Answer: A
An engineer is troubleshooting the AP join process using DNS. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC? A. cisco-capwap-controller.domain.com B. wlchostname.domain.com C. ap-manager.domain.com D. primary-wlc.domain.com
Answer: A
How is Layer 3 roaming accomplished in a unified wireless deployment?
A. An EoIP tunnel is created between the client and the anchor controller to provide seamless connectivity as the client is associated with the new AP
B. The client entry on the original controller is passed to the database on the new controller C. The new controller assigns an IP address from the new subnet to the client
D. The client database on the original controller is updated the anchor entry, and the new controller database is updated with the foreign entry.
Answer: B
A network administrator has designed a network with two multilayer switches on the distribution layer, which act as default gateways for the end hosts. Which two technologies allow every end host in a VLAN to use both gateways? (Choose two) A. HSRP B. GLBP C. MHSRP D. VRRP E. VSS
Answer: B C
Which measurement is used from a post wireless survey to depict the cell edge of the access points? A. CCI B. Noise C. SNR D. RSSI
Answer: D
While troubleshooting a routing issue, an engineer issues a ping from S1 to S2. Which two actions from the initial value of the TTL? (Choose two)
A. The packet reaches R3, and the TTL expires
B. R2 replies with a TTL exceeded message C. R1 replies with a TTL exceeded message
D. The packet reaches R2 and the TTL expires
E. R3 replies with a TTL exceeded message
F. The packet reaches R1 and the TTL expires
Answer: B D
Which command set must be added to permit and log all traffic that comes from 172.20.10.1 in interface GigabitEthernet0/1 without impacting the functionality of the access list? A. Option A B. Option B C. Option C D. Option D
Answer: C
What is the function of a fabric border node in a Cisco SD-Access environment?
A. To connect the Cisco SD-Access fabric to another fabric or external Layer 3 networks
B. To collect traffic flow information toward external networks
C. To attach and register clients to the fabric D. To handle an ordered list of IP addresses and locations for endpoints in the fabric.
Answer: A
How are the different versions of IGMP compatible?
A. IGMPv2 is compatible only with IGMPv1 B. IGMPv2 is compatible only with IGMPv2 C. IGMPv3 is compatible only with IGMPv3 D. IGMPv3 is compatible only with IGMPv1
Answer: A
What is one benefit of implementing a VSS architecture?
A. It provides multiple points of management for redundancy and improved support.
B. It provides a single point of management for improved efficiency
C. It uses GLBP to balance traffic between gateways
D. It uses a single database to manage configuration for multiple switches
Answer: B
When is an external antenna used inside a building?
A. only when using 5 GHz
B. only when using 2.4 GHz
C. when it provides the required coverage
D. only when using Mobility Express
Answer: C
Which entity is a Type 1 hypervisor?
A. Oracle VM VirtualBox B. VMware server C. Citrix XenServer D. Microsoft Virtual PC
Answer: C
An engineer runs the code against an API of Cisco DNA Center, and the platform returns this output.
What does the response indicate?
A. The authentication credentials are incorrect
B. The URI string is incorrect
C. The Cisco DNA Center API port is incorrect D. The HTTP method is incorrect
Answer: D
What is a consideration when designing a Cisco SD-Access underlay network?
A. End user subnets and endpoints are part of the underlay network
B. The underlay switches provide endpoint physical connectivity for users
C. Static routing is a requirement
D. It must support IPv4 and IPv6 underlay networks
Answer: B
What is one difference between Saltstack and Ansible?
A. SaltStack uses an API proxy agent to program Cisco boxes on agent mode, whereas Ansible uses a Telnet connection
B. SaltStack uses the Ansible agent on the box, whereas Ansible uses a Telnet server on the box
C. SaltStack is constructed with minion, whereas Ansible is constructed with YAML
D. SaltStack uses SSH to interact with Cisco devices, whereas Ansible uses an event bus
Answer: A
What is the centralized control policy in a Cisco SD-WAN deployment?
A. list of ordered statements that define user access policies
B. list of enabled services for all nodes within the cloud
C. set of rules that governs nodes authentication within the cloud
D. set of statements that defines how routing is performed
Answer: D
Which command set configures RSPAN to capture outgoing traffic from VLAN 3 on interface GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface?
Answer: B
After configurating an IPsec VPN, an engineer enters the show command to verify the ISAKMP SA status. What does the status show?
A. Peers have exchanged keys, but ISAKMP SA remains unauthenticated.
B. ISAKMP SA is authenticated and can be used for Quick Mode.
C. VPN peers agreed on parameters for the ISAKMP SA
D. ISAKMP SA has been created, but it has not continued to form.
Answer: B
An engineer attempts to create a configuration to allow the Blue VRF to leak into the global routing table, but the configuration does not function as expected. Which action resolves this issue?
A. Change the access-list number in the route map
B. Change the source network that is specified in access-list 101
C. Change the route-map configuration to VRF_BLUE
D. Change the access-list destination mask to a wildcard
Answer: D
POSTMAN is showing an attempt to retrieve network device information from Cisco DNA Center API. What is the issue?
A. The token has expired
B. The URI string is incorrect
C. Authentication has failed
D. The JSON payload contains the incorrect UUID
Answer: B
Running the script causes the output in the exhibit. Which change to the first line of the script resolves the error? A. from ncclient import B. import manager C. from ncclient import D. import ncclient manager
Answer: A
An engineer attempts to configure a trunk between switch SW1 and switch SW2 using DTP, but the trunk does not form. Which command should the engineer apply to switch SW2 to resolve this issue? A. switchport mode access B. switchport nonegotiate C. no switchport D. switchport mode dynamic desirable
Answer: D
Which set of commands on router R1 allow deterministic translation of private hosts PC1, PC2, and PC3 to addresses in the public space?
Answer: C
Which line must be added in the Python function to return the JSON object {“cat_9k”:”FXS193202SE”)?
A. return (json.dumps({d[‘hostname’]: d[‘serialNumber’] for d in json.loads(test_json)[‘response’]}))
B. return (json.loads({for d in json.dumps(test_json)[‘response’]: d[‘hostname’]: d[‘serialNumber’]}))
C. return (json.loads({d[‘hostname’]: d[‘serialNumber’] for d in json.dumps(test_json)[‘response’]}))
D. return (json.dumps({for d in json.loads(test_json)[‘response’]: d[‘hostname’]: d[‘serialNumber’]}))
Answer: D
An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2. Which is the cause of the message?
A. A PC is on the network using the IP address 10.10.1.1
B. The HSRP configuration has caused a spanning-tree loop
C. The HSRP configuration has caused a routing loop
D. The same virtual IP address has been configured for two HSRP groups
Answer: D
Refer to the exhibit. A network engineer troubleshoots an issue with the port channel between SW1 and SW2. Which command resolves the issue?
*
A. SW1(config-if)#channel-group 10 mode active
B. SW1(config-if)#channel-group 10 mode desirable
C. SW2(config-if)#channel-group 10 mode on D. SW2(config-if)#switchport mode trunk
Answer: A
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
EIGRP
+ can automatically summarize networks at the boundary
OSPF
+ supports virtual links
+ requires manual configuration of network summarization
Drag and drop the characteristics from the left onto the protocols they apply to on the right.
OSPF
+ uses Dijkstra’s Shortest Path First algorithm + uses an election process
EIGRP
+ uses Diffused Update Algorithm
+ uses bandwidth, delay, reliability and load for routing metric
Drag and drop the wireless elements on the left to their definitions on the right.
+ the relative increase in signal strength of an antenna in a given direction: gain
+ a graph that shows the relative intensity of the signal strength of an antenna within its space: radiation patterns
+ measures the angle of an antenna pattern in which the relative signal strength is half-power below the maximum value: beamwidth
+ radiated electromagnetic waves that influence the orientation of an antenna within its electromagnetic field: polarization
A network engineer configures NAT on R1 and enters the show command to verify the configuration. What does the output confirm?
A. R1 is configured with NAT overload parameters
B. The first packet triggered NAT to add on entry to NAT table
C. A Telnet from 160.1.1.1 to 10.1.1.10 has been initiated
D. R1 to configured with PAT overload parameters
Answer: B
What does the Cisco DNA REST response indicate?
A. Cisco DNA Center has the incorrect credentials for cat9000-1
B. Cisco DNA Center is unable to communicate with cat9000-1
C. Cisco DNA Center has the incorrect credentials for RouterASR-1
D. Cisco DNA Center has the incorrect credentials for cat3850-1
Answer: A
Rapid PVST+ is enabled on all switches. Which command set must be configured on Switch1 to achieve the following results on port fa0/1? + When a device is connected, the port transitions immediately to a forwarding state + The interface should not send or receive BPDUs. + If a BPDU is received, it continues operating normally.
A. Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast Switch1(config-if)# spanning-tree bpduguard enable
B. Switch1(config)# spanning-tree portfast bpduguard default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast
C. Switch1(config)#interface f0/1 Switch1(config-if)# spanning-tree portfast
D. Switch1(config)#spanning-tree portfast bpdufilter default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast
Answer: D
After running the code in the exhibit. Which step reduces the amount of data that NETCONF server returns to the NETCONF client, to only the interface’s configuration?
A. Create an XML filter as a string and pass it to get_config() method as an argument
B. Use the txml library to parse the data returned by the NETCONF server for the interface’s configuration
C. Create a JSON filter as a string and pass it to the get_config() method as an argument
D. Use the JSON library to parse the data returned by the NETCONF server for the interface’s configuration
Answer: A
External users require HTTP connectivity to an internal company web server that is listening on TCP port 8080. Which command set accomplishes this requirement?
Answer: D
Which single security feature is recommended to provide Network Access Control in the enterprise? A. 802.1X B. MAB C. WebAuth D. port security sticky MAC
Answer: A
A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?
A. The tunnel keepalive is configured incorrectly because they must match on both sites
B. The tunnel destination will be known via the tunnel interface
C. The tunnel will be established and work as expected
D. The default MTU of the tunnel interface is 1500 byte.
Answer: C
An engineer has configured Cisco ISE to assign VLANs to clients based on their method of authentication, but this is not working as expected. Which action will resolve this issue? A. require a DHCP address assignment B. utilize RADIUS profiling C. set a NAC state D. enable AAA override
Answer: D
Drag and drop the snippets onto the blanks within the code to construct a script that advertises the network prefix 192.168.5.0 session. Not all options are used.
Answer: 1-A; 2-C;3-B
Drag and drop the snippets into the RESTCONF request to form the request that returns this response. Not all options are used.
1 – interface/GigabitEthernet/1/
2 – GET
3 – Accept
An engineer implemented several configuration changes and receives the logging message on Switch1. Which action should the engineer take to resolve this issue?
A. Change Switch1 to switch port mode dynamic desirable
B. Change Switch2 to switch port mode dynamic auto
C. Change Switch1 to switch port mode dynamic auto
D. Change the VTP domain to match on both switches
Answer: D
The EtherChannel between SW2 and SW3 is not operational. Which action resolves this issue?
A. Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on
B. Configure the channel-group mode on SW3 Gi0/1 to active
C. Configure the mode on SW2 Gi0/0 to trunk D. Configure the mode on SW2 Gi0/1 to access
Answer: C
Router 1 is currently operating as the HSRP primary with a priority of 110 router1 fails and Router2 take over the forwarding role. Which command on Router1 causes it to take over the forwarding role when it return to service? A. standby 2 priority B. standby 2 preempt C. standby 2 track D. standby 2 timers
Answer: B
Answer:
Process Switching:
+ It is referred as “software” switching
+ It uses General Purpose CPU to perform that switching
Cisco Express Forwarding:
+ It is used when you have to perform in high packet volume
Which action completes the configuration to achieve a dynamic continuous mapped NAT for all users?
A. Increase the NAT pool size to support 254 usable addresses
B. Reconfigure the pool to use the 192.168.1.0 address range
C. Configure a match-host type NAT pool
D. Configure a one-to-one type NAT pool
Answer: A
R1#show access-list 100 Extended IP access list 100 10 deny ip any any 20 permit ip 192.168.0.0 0.0.255.255 any 30 permit ip any 192.168.0.0 0.0.255.255
Extended access-list 100 is configured on interface GigabitEthernet0/0 in an inbound direction, but it does not have the expected behavior of allowing only packets to or from 192.168.0.0/16. Which command set properly configures the access list?
Answer: C
A. Change the JSON method from load() to loads().
B. Enclose null in the test_json string in double quotes
C. Use a single set of double quotes and condense test_json to a single line
D. Call the read() method explicitly on the test_json string
Answer: A
An engineer is configuring an EtherChannel between Switch1 and Switch2 and notices the console message on Switch2. Based on the output, which action resolves this issue?
A. Configure the same port channel interface number on both switches
B. Configure less member ports on Switch2
C. Configure more member ports on Switch1 D. Configure the same EtherChannel protocol on both switches
Answer: D
