New Questions - Part 7 Flashcards by Pedro Ivo Silva

An engineer must export the contents of the devices object in JSON format. Which statement must be use?

python_json.jpg

A. json.print(Devices)
B. json.loads(Devices)
C. json.dumps(Devices)
D. json.repr(Devices)

C. json.dumps(Devices)

How well did you know this?

Not at all

Perfectly

What is the function of Cisco DNA Center in a Cisco SD-Access deployment?

A. It is responsible for routing decisions inside the fabric

B. It is responsible for the design, management, provisioning, and assurance of the fabric network devices

C. It possesses information about all endpoints, nodes, and external networks related to the fabric

D. It provides integration and automation for all nonfabric nodes and their fabric counterparts

B. It is responsible for the design, management, provisioning, and assurance of the fabric network devices

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

ping_DF_bit.jpg

An engineer troubleshoots connectivity issues with an application. Testing is performed from the server gateway, and traffic with the DF bit set is dropped along the path after increasing packet size. Removing the DF bit setting at the gateway prevents the packets from being dropped. What is the cause of this issue?

A. PMTUD does not work due to ICMP Packet Too Big messages being dropped by an ACL

B. The remote router drops the traffic due to high CPU load

C. The server should not set the DF bit in any type of traffic that is sent toward the network

D. There is a CoPP policy in place protecting the WAN router CPU from this type of traffic

C. The server should not set the DF bit in any type of traffic that is sent toward the network

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

aaa_login_authentication.jpg

A network engineer must configure a password expiry mechanism on the gateway router for all local passwords to expire after 60 days. What is required to complete this task?

A. Add the username admin privilege 15 common-criteria-policy Administrators password 0 Cisco013579! command

B. No further action is required. The configuration is complete

C. Add the aaa authentication enable default Administrators command

D. The password expiry mechanism is on the AAA server and must be configured there

A. Add the username admin privilege 15 common-criteria-policy Administrators password 0 Cisco013579! command

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

BGP_attributes.jpg

BR1
router bgp 100
neighbor 172.24.109.1 remote-as 100
neighbor 172.24.109.1 next-hop self
neighbor 209.165.202.134 remote-as 200

PE1
router bgp 200
bgp log-neighbor-changes
neighbor 209.165.202.133 remote as 100

BR2
router bgp 100
neighbor 172.24.109.2 remote-as 100
neighbor 172.24.109.2 next-hop-self
neighbor 209.165.200.230 remote-as 300

PE2
router bgp 300
bgp log-neighbor-changes
neighbor 209.165.200.229 remote as 100

show_ip_route.png

Which configuration change will force BR2 to reach 209.165.201.0/27 via BR1?

A. Set the origin to igp on BR2 toward PE2 inbound
B. Set the local preference to 150 on PE1 toward BR1 outbound
C. Set the weight attribute to 65,535 on BR1 toward PE1
D. Set the MED to 1 on PE2 toward BR2 outbound

D. Set the MED to 1 on PE2 toward BR2 outbound

How well did you know this?

Not at all

Perfectly

What are two benefits of YANG? (Choose two)

A. It collects statistical constraint analysis information
B. In enforces the use of specific encoding format for NETCONF
C. In enforces configuration semantics
D. It enables multiple leaf statements to exist within a leaf list
E. It enforces configuration constraints

B. It enforces the use of specific encoding format for NETCONF

E. It enforces configuration constraints

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

VRRP_track.jpg

An engineer configures VRRP and issues the show commands to verify operation. What does the engineer confirm about VRRP group 1 from the output?

A. There is no route to 10.10.1.1/32 in R2’s routing table
B. If R1 reboots, R2 becomes the master virtual router until R2 reboots
C. Communication between VRRP members is encrypted using MD5
D. R1 is master if 10.10.1.1/32 is in its routing table

D. R1 is master if 10.10.1.1/32 is in its routing table

“preempt” is enabled by default with VRRP.

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

flow record Recorder
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
!
flow exporter Exporter
 destination 192.168.100.22
 transport udp 2055
!
flow monitor Monitor
 exporter Exporter
 record Recorder
!
et-analytics
 ip flow-export destination 192.168.100.22 2055
!
interface gi1
 ip flow monitor Monitor input
 ip flow monitor Monitor output
 et-analytics enable
!

An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where should the SNMP table option be added?

A. under the interface
B. under the flow record
C. under the flow monitor
D. under the flow exporter

D. under the flow exporter

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

GRE_keep_alive.jpg

BR(config)#interface tunnel1
BR(config-if)#keepalive 5 3

HQ(config)#interface tunnel1
HQ(config-if)#keepalive 5 3

What is the effect of these commands on the BR and HQ tunnel interfaces?

A. The tunnel line protocol goes down when the keepalive counter reaches 6
B. The keepalives are sent every 5 seconds and 3 retries
C. The keepalives are sent every 3 seconds and 5 retries.
D. The tunnel line protocol goes down when the keepalive counter reaches 5

B. The keepalives are sent every 5 seconds and 3 retries

How well did you know this?

Not at all

Perfectly

In Cisco SD-WAN, which protocol is used to measure link quality?

A. OMP
B. BFD
C. RSVP
D. IPsec

B. BFD

How well did you know this?

Not at all

Perfectly

What is used to perform QoS packet classification?

A. the Options field in the Layer 3 header
B. the Type field in the Layer 2 frame
C. the Flags field in the Layer 3 header
D. the ToS field in the Layer 3 header

D. the ToS field in the Layer 3 header

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

python_code

Which HTTP code must be returned to prevent the script from exiting?

A. 200
B. 201
C. 300
D. 301

A. 200

How well did you know this?

Not at all

Perfectly

Which LISP component is required for a LISP site to communicate with a non-LISP site?

A. ETR
B. ITR
C. Proxy ETR
D. Proxy ITR

C. Proxy ETR

How well did you know this?

Not at all

Perfectly

What is a characteristic of a next-generation firewall?

A. only required at the network perimeter
B. required in each layer of the network
C. filters traffic using Layer 3 and Layer 4 information only
D. provides intrusion prevention

D. provides intrusion prevention

How well did you know this?

Not at all

Perfectly

Which technology is used as the basis for the Cisco SD-Access data plane?

A. IPsec
B. LISP
C. VXLAN
D. 802.1Q

C. VXLAN

How well did you know this?

Not at all

Perfectly

“HTTP/1.1 204 content” is returned when curl -l -x DELETE command is issued. Which situation has occurred?

A. The object could not be located at the URI path
B. The command succeeded in deleting the object
C. The object was located at the URI, but it could not be deleted
D. The URI was invalid

B. The command succeeded in deleting the object

How well did you know this?

Not at all

Perfectly

An engineer must provide wireless converge in a square office. The engineer has only one AP and believes that it should be placed it in the middle of the room. Which antenna type should the engineer use?

A. directional
B. polarized
C. Yagi
D. omnidirectional

D. omnidirectional

How well did you know this?

Not at all

Perfectly

While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message:

Jan 1 12:12:14.122: %HSRP-4-DIFFVIP1: GigabitEthernet0/0 Grp 1 active routers virtual IP address 10.1.1.1 is different to the locally configured address 10.1.1.25

Which configuration change must the engineer make?

A. Change the HSRP group configuration on the remote router to 1

B. Change the HSRP virtual address on the local router to 10.1.1.1

C. Change the HSRP virtual address on the remote router to 10.1.1.1

D. Change the HSRP group configuration on the local router to 1

B. Change the HSRP virtual address on the local router to 10.1.1.1

How well did you know this?

Not at all

Perfectly

What is a characteristic of YANG?

A. It is a Cisco proprietary language that models NETCONF data

B. It allows model developers to create custom data types

C. It structures data in an object-oriented fashion to promote model reuse

D. It provides loops and conditionals to control now within models

C. It structures data in an object-oriented fashion to promote model reuse

How well did you know this?

Not at all

Perfectly

What is the function of the LISP map resolver?

A. to send traffic to non-LISP sites when connected to a service provider that does not accept nonroutable EIDs as packet sources

B. to connect a site to the LISP-capable part of a core network, publish the EID-to-RLOC mappings for the site and respond to map-request messages

C. to decapsulate map-request messages from ITRs and forward the messages to the MS

D. to advertise routable non-USP traffic from one address family to LISP sites in a different address family

C. to decapsulate map-request messages from ITRs and forward the messages to the MS

How well did you know this?

Not at all

Perfectly

When is an external antenna used inside a building?

A. only when using 5 GHz
B. only when using 2.4 GHz
C. when it provides the required coverage
D. only when using Mobility Express

C. when it provides the required coverage

How well did you know this?

Not at all

Perfectly

Drag and drop the snippets onto the blanks within the code construct a script that configure a loopback interface with an IP address. Not all options are used.

configure_IP_snippet.jpg

1 – E
2 – F
3 – D
4 – C

How well did you know this?

Not at all

Perfectly

Drag and drop the characteristics from the left onto the orchestration tools they describe on the right.

Ansible_Puppet_2.jpg

Ansible
+ utilizes a push model
+ primary/secondary architecture

Puppet
+ utilizes a pull model
+ multimaster architecture

How well did you know this?

Not at all

Perfectly

Refer to the exhibit.

show_spanning_tree_int.jpg

How was spanning-tree configured on this interface?

A. By entering the command spanning-tree portfast trunk in the interface configuration mode.

B. By entering the command spanning-tree portfast in the interface configuration mode

C. By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode

D. By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration mode

A. By entering the command spanning-tree portfast trunk in the interface configuration mode.

How well did you know this?

Not at all

Perfectly

An engineer is troubleshooting the **AP join** process **using DNS**. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC? A. cisco-capwap-controller.domain.com B. wlchostname.domain.com C. ap-manager.domain.com D. primary-wlc.domain.com

A. **cisco-capwap-controller**.domain.com

**How is Layer 3 roaming accomplished in a unified wireless deployment**? A. An EoIP tunnel is created between the client and the anchor controller to provide seamless connectivity as the client is associated with the new AP B. The client entry on the original controller is passed to the database on the new controller C. The new controller assigns an IP address from the new subnet to the client D. The client database on the original controller is updated the anchor entry, and the new controller database is updated with the foreign entry.

D. **The client database on the original controller is updated the anchor entry**, and the new controller database is updated with the foreign entry.

A network administrator has designed a network with **two multilayer switches** on the distribution layer, which act as default gateways for the end hosts. Which two technologies allow every end host in a VLAN to use both gateways? (Choose two) A. HSRP B. GLBP C. MHSRP D. VRRP E. VSS

B. **GLBP** C. **MHSRP**

Which **measurement** is used from a post wireless **survey** to depict the **cell edge** of the access points? A. CCI B. Noise C. SNR D. RSSI

D. **RSSI**

Refer to the exhibit. [TTL_ping.jpg](https://www.digitaltut.com/images/ENCOR/Troubleshooting/TTL_ping.jpg) [TTL_ping_Wireshark.jpg](https://www.digitaltut.com/images/ENCOR/Troubleshooting/TTL_ping_Wireshark.jpg) While **troubleshooting** a routing issue, an engineer issues a **ping from S1 to S2**. Which two actions from the initial value of the **TTL**? (Choose two) A. The packet reaches R3, and the TTL expires B. R2 replies with a TTL exceeded message C. R1 replies with a TTL exceeded message D. The packet reaches R2 and the TTL expires E. R3 replies with a TTL exceeded message F. The packet reaches R1 and the TTL expires

B. **R2 replies with a TTL exceeded** message D. **The packet reaches R2** and the TTL expires

Refer to the exhibit. [show access-list](https://i.postimg.cc/D0YkWXcc/Capture.png) Which command set must be added to **permit and log** all traffic that comes from **172.20.10.1** in interface GigabitEthernet0/1 **without impacting** the functionality of the access list? **Option A** Router(config)#ip access-list extended 100 Router(config-ext-nacl)#5 permit ip 172.20.10.0 0.0.0.255 any log Router(config)#interface GigabitEthernet0/1 Router(config-if)#access-group 100 in **Option B** Router(config)#no access-list 100 permit ip 172.16.0.0 0.0.15.255 any Router(config)#access-list 100 permit ip 172.16.0.0 0.0.15.255 any log Router(config)#interface Gigabit Ether net0/1 Router(config-if)#access-group 100 in **Option C** Router(config)#access-list 100 permit ip host 172.20.10.1 any log Router(config)#interface GigabitEthernet0/1 Router(config-if)#access-group 100 in **Option D** Router(config)#access-list 100 seq 5 permit ip host 172.20.10.1 any log Router(config)#interface GigabitEthernet0/1 Router(config-if)#access-group 100 in

**Option C** Router(config)#access-list 100 **permit ip host** 172.20.10.1 **any log** Router(config)#interface GigabitEthernet0/1 Router(config-if)#access-group 100 in

What is the function of a **fabric border node** in a Cisco **SD-Access** environment? A. To connect the Cisco SD-Access fabric to another fabric or external Layer 3 networks B. To collect traffic flow information toward external networks C. To attach and register clients to the fabric D. To handle an ordered list of IP addresses and locations for endpoints in the fabric.

A. To **connect** the Cisco SD-Access fabric to **another fabric or external Layer 3 networks**

How are the different versions of **IGMP compatible**? A. IGMPv2 is compatible only with IGMPv1 B. IGMPv2 is compatible only with IGMPv2 C. IGMPv3 is compatible only with IGMPv3 D. IGMPv3 is compatible only with IGMPv1

A. **IGMPv2** is compatible only with **IGMPv1**

What is one **benefit** of implementing a **VSS** architecture? A. It provides multiple points of management for redundancy and improved support. B. It provides a single point of management for improved efficiency C. It uses GLBP to balance traffic between gateways D. It uses a single database to manage configuration for multiple switches

B. It provides a **single point of management** for improved efficiency

Which entity is a **Type 1 hypervisor**? A. Oracle VM VirtualBox B. VMware server C. Citrix XenServer D. Microsoft Virtual PC

C. Citrix **XenServer**

An engineer runs the code against an **API of Cisco DNA Center**, and the platform returns this output. [Python_device_authentication.jpg](https://www.digitaltut.com/images/ENCOR/Python/Python_device_authentication.jpg) What does the response indicate? A. The authentication credentials are incorrect B. The URI string is incorrect C. The Cisco DNA Center API port is incorrect D. The HTTP method is incorrect

D. The **HTTP method is incorrect**

What is a **consideration** when designing a Cisco SD-Access **underlay** network? A. End user subnets and endpoints are part of the underlay network B. The underlay switches provide endpoint physical connectivity for users C. Static routing is a requirement D. It must support IPv4 and IPv6 underlay networks

B. The **underlay switches provide endpoint physical connectivity for users**

What is a **characteristic** of a **virtual machine**? A. It relies on hypervisors to allocate computing resources for it B. It is deployable without a hypervisor to host it C. It must run the same operating system as its host D. It must be aware of other virtual machines, in order to allocate physical resources for them

A. It **relies on hypervisors to allocate computing resources** for it

What is one **difference** between **Saltstack and Ansible**? A. SaltStack uses an API proxy agent to program Cisco boxes on agent mode, whereas Ansible uses a Telnet connection B. SaltStack uses the Ansible agent on the box, whereas Ansible uses a Telnet server on the box C. SaltStack is constructed with minion, whereas Ansible is constructed with YAML D. SaltStack uses SSH to interact with Cisco devices, whereas Ansible uses an event bus

C. **SaltStack** is constructed **with minion**, whereas **Ansible** is constructed with **YAML**

What is the **centralized control policy** in a Cisco **SD-WAN** deployment? A. list of ordered statements that define user access policies B. list of enabled services for all nodes within the cloud C. set of rules that governs nodes authentication within the cloud D. set of statements that defines how routing is performed

D. **set of statements that defines** how routing is performed

Which command set configures **RSPAN** to capture **outgoing** traffic from **VLAN 3** on interface GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface? **Option A** ``` monitor session 2 source interface gigabitethernet0/3 rx monitor session 2 filter vlan 3 ``` **Option B** ``` monitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 3 ``` **Option C** ``` monitor session 2 source interface gigabitethernet0/3 rx monitor session 2 fitter vlan 1-2,4 – 4094 ``` **Option D** ``` monitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 1-2, 4 – 4094 ```

**Option B** monitor session 2 source interface gigabitethernet0/3 **tx** monitor session 2 **filter vlan 3**

Refer to the exhibit. [show crypto isakmp sa](https://i.postimg.cc/05fKry1K/Capture.png) After configurating an **IPsec VPN**, an engineer enters the show command to verify the **ISAKMP SA status**. What does the status show? A. Peers have exchanged keys, but ISAKMP SA remains unauthenticated. B. ISAKMP SA is authenticated and can be used for Quick Mode. C. VPN peers agreed on parameters for the ISAKMP SA D. ISAKMP SA has been created, but it has not continued to form.

B. **ISAKMP SA is authenticated** and can be used for **Quick Mode**.

Refer to the exhibit. [VRF_leak.jpg](https://www.digitaltut.com/images/ENCOR/VRF/VRF_leak.jpg) An engineer attempts to create a configuration to allow the **Blue VRF to leak** into the **global routing table**, but the configuration does not function as expected. Which action resolves this issue? A. Change the access-list number in the route map B. Change the source network that is specified in access-list 101 C. Change the route-map configuration to VRF_BLUE D. Change the access-list destination mask to a wildcard

D. **Change the access-list destination mask** to a wildcard

Refer to the exhibit. [Postman_400_error.jpg](https://www.digitaltut.com/images/ENCOR/Automation/Postman_400_error.jpg) **POSTMAN** is showing an **attempt** to retrieve **network device information** from Cisco DNA Center API. What is the issue? A. The token has expired B. The URI string is incorrect C. Authentication has failed D. The JSON payload contains the incorrect UUID

B. The **URI string is incorrect**

Running the **script** causes the output in the exhibit. Which **change to the first line** of the script resolves the error? [ncclient_manager.jpg](https://www.digitaltut.com/images/ENCOR/Python/ncclient_manager.jpg) A. from ncclient import * B. import manager C. from ncclient import D. import ncclient manager

A. from ncclient import *

An engineer configures **HSRP group 37**. The configuration does not modify the default virtual MAC address. Which virtual MAC address does the group use? A. 00:00:0c:07:ac:25 B. 00:00:0c:07:ac:37 C. C0:39:83:25:258:5 D. C0.00:00:25:00:00

A. 00:00:0c:07:ac:**25**

Which Cisco **DNA** center **application** is responsible for **group-based** access control **permissions**? A. Design B. Provision C. Assurance D. Policy

D. **Policy**

Refer to the exhibit. [Trunking_DTP.jpg](https://www.digitaltut.com/images/ENCOR/Trunking/Trunking_DTP.jpg) An engineer attempts to configure a **trunk** between switch SW1 and switch SW2 using **DTP**, but the trunk does not form. Which command should the engineer apply to switch SW2 to resolve this issue? A. switchport mode access B. switchport nonegotiate C. no switchport D. switchport mode dynamic desirable

D. switchport mode dynamic **desirable**

Refer to the exhibit. [NAT_config.jpg](https://www.digitaltut.com/images/ENCOR/NAT/NAT_config.jpg) Which set of commands on router R1 allow deterministic translation of private hosts PC1, PC2, and PC3 to addresses in the public space? **Option A** RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255 RouterR1(config)#ip nat pool POOL 155.1.1.101 155.1.1.103 netmask 255.255.255.0 RouterR1(config)#ip nat inside source list 1 pool POOL **Option B** RouterR1(config)#int f0/0 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101 RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102 RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103 **Option C** RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.101 RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.102 RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.103 **Option D** RouterR1(config)#int f0/0 RouterR1(config)#ip nat inside RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat outside RouterR1(config-if)#exit RouterR1(config-if)#access-list 1 10.10.10.0 0.0.0.255 RouterR1(config)#ip nat inside source list 1 interface f0/1 overload

**Option C** RouterR1(config)#int f0/0 RouterR1(config)#ip nat **inside** RouterR1(config-if)#exit RouterR1(config)#int f0/1 RouterR1(config)#ip nat **outside** RouterR1(config-if)#exit RouterR1(config)#ip nat inside source static 10.10.10.101 155.1.1.**101** RouterR1(config)#ip nat inside source static 10.10.10.102 155.1.1.**102** RouterR1(config)#ip nat inside source static 10.10.10.103 155.1.1.1**03**

A client device **roams between** wireless LAN controllers that are **mobility peers**. Both controllers have dynamic interface on the same client VLAN. Which type of roam is described? A. intra-VLAN B. intra-controller C. inter-controller D. inter-subnet

C. **inter**-controller

Which line must be added in the Python function to return the JSON object {“cat_9k”:”FXS193202SE”)? [python_get_element_array.jpg](https://www.digitaltut.com/images/ENCOR/Python/python_get_element_array.jpg) A. ``` return (json.dumps({d[‘hostname’]: d[‘serialNumber’] for d in json.loads(test_json)[‘response’]})) ``` B. ``` return (json.loads({for d in json.dumps(test_json)[‘response’]: d[‘hostname’]: d[‘serialNumber’]})) ``` C. ``` return (json.loads({d[‘hostname’]: d[‘serialNumber’] for d in json.dumps(test_json)[‘response’]})) ``` D. ``` return (json.dumps({for d in json.loads(test_json)[‘response’]: d[‘hostname’]: d[‘serialNumber’]})) ```

A. ``` return (json.dumps({d[‘hostname’]: d[‘serialNumber’] for d in json.loads(test_json)[‘response’]})) ``` **json.dumps()** Input: Python object Output: JSON-formatted string **json.loads()** Input: JSON-formatted string Output: Python object

Which two operational models enable an AP to **scan one or more wireless channels** for rouge access points and **at the same time provide wireless services to clients**? (Choose two) A. Sniffer B. Rouge detector C. Local D. FlexConnect E. Monitor

C. **Local** D. **FlexConnect**

Refer to the exhibit. [HSRP.jpg](https://www.digitaltut.com/images/ENCOR/HSRP/HSRP_Duplicate_IP_error.jpg) An engineer configures a **new HSRP group**. While reviewing the HSRP status, the engineer sees the **logging message** generated on R2. Which is the cause of the message? A. A PC is on the network using the IP address 10.10.1.1 B. The HSRP configuration has caused a spanning-tree loop C. The HSRP configuration has caused a routing loop D. The same virtual IP address has been configured for two HSRP groups

D. The **same virtual IP address** has been configured for two HSRP groups

Refer to the exhibit. A network engineer troubleshoots an issue with the port channel between SW1 and SW2. Which command resolves the issue? [Etherchannel_modes.jpg](https://www.digitaltut.com/images/ENCOR/Etherchannel/Etherchannel_modes.jpg) *Aug 12 02:22:23.233: %LINK-3-UPDOWN: Interface Port-channel10, changed state to down *Aug 12 02:22:24.236: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel10,changed state to down *Aug 12 02:22:27.237: %ETC-5-L3DONTBNDL2: Gi0/1 suspended: LACP currently not enabled on the remote port *Aug 12 02:22:29.233: %ETC-5-L3DONTBNDL2: Gi0/0 suspended: LACP currently not enabled on the remote port A. SW1(config-if)#channel-group 10 mode active B. SW1(config-if)#channel-group 10 mode desirable C. SW2(config-if)#channel-group 10 mode on D. SW2(config-if)#switchport mode trunk

A. SW1(config-if)#channel-group 10 **mode active**

Which **new enhancement** was implemented in **Wi-Fi 6**? A. Wi-Fi Protected Access 3 B. 4096 Quadrature Amplitude Modulation Mode C. Uplink and Downlink Orthogonal Frequency Division Multiple Access D. Channel bonding

C. **Uplink and Downlink Orthogonal**

How is **MSDP** used to interconnect multiple **PIM-SM** domains? A. MSDP depends on BGP or multiprotocol BGP for interdomain operation B. MSDP allows a rendezvous point to dynamically discover active sources outside of its domain C. MSDP SA request messages are used to request a list of active sources for a specific group D. MSDP messages are used to advertise active sources in a domain

C. **MSDP SA request messages are used to request a list of active sources** for a specific group

Drag and drop the characteristics from the left onto the routing protocols they describe on the right. [OSPF_EIGRP_differences_2.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/OSPF_EIGRP_differences_2.jpg)

**EIGRP** + can **automatically** summarize networks at the boundary **OSPF** + supports **virtual links** + requires **manual** configuration of network summarization

Drag and drop the characteristics from the left onto the protocols they apply to on the right. [OSPF_EIGRP_differences_3.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/OSPF_EIGRP_differences_3.jpg)

**OSPF** + uses **Dijkstra**’s Shortest Path First algorithm + uses an **election process** **EIGRP** + uses **Diffused Update Algorithm** + uses **bandwidth**, **delay**, **reliability** and **load** for routing metric

How is **802.11 traffic** handled in a fabric-enabled **SSID**? A. converted by the AP into 802.3 and encapsulated into a VLAN B. centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC C. centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC D. converted by the AP into 802.3 and encapsulated into VXLAN

D. **converted** by the AP into **802.3** and encapsulated into **VXLAN**

Drag and drop the wireless elements on the left to their definitions on the right. [wireless_elements.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/wireless_elements.jpg)

+ the relative increase in signal strength of an antenna in a given direction: **gain** + a graph that shows the relative intensity of the signal strength of an antenna within its space: radiation **patterns** + measures the angle of an antenna pattern in which the relative signal strength is half-power below the maximum value: **beamwidth** + radiated electromagnetic waves that influence the orientation of an antenna within its electromagnetic field: **polarization**

Refer to the exhibit. [NAT_verify.jpg](https://www.digitaltut.com/images/ENCOR/NAT/NAT_verify.jpg) [R1 conf](https://i.postimg.cc/FFYcCJfb/Capture.png) A network engineer configures **NAT on R1** and enters the show command to verify the configuration. What does the output confirm? A. R1 is configured with NAT overload parameters B. The first packet triggered NAT to add on entry to NAT table C. A Telnet from 160.1.1.1 to 10.1.1.10 has been initiated D. R1 to configured with PAT overload parameters

B. **The first packet triggered NAT to add on entry to NAT table**

Which **congestion queuing method** on Cisco IOS based routers uses **four static queues**? A. low latency B. custom C. weighted fair D. Priority

D. **Priority**

What does the Cisco **DNA REST response** indicate? [DNA_Center_response.jpg](https://www.digitaltut.com/images/ENCOR/Python/DNA_Center_response.jpg) A. Cisco DNA Center has the incorrect credentials for cat9000-1 B. Cisco DNA Center is unable to communicate with cat9000-1 C. Cisco DNA Center has the incorrect credentials for RouterASR-1 D. Cisco DNA Center has the incorrect credentials for cat3850-1

A. Cisco DNA Center has the **incorrect credentials** for cat9000-1

Which AP mode allows an engineer to **scan** configured **channels for rogue access points**? A. local B. sniffer C. bridge D. monitor

D. **monitor**

Where is **radio resource management** performed in a Cisco **SD-access** wireless solution? A. control plane node B. DNA Center C. Cisco CMX D. wireless controller

D. **wireless controller**

Refer to the exhibit. [PVST_portfast.jpg](https://www.digitaltut.com/images/ENCOR/STP/PVST_portfast.jpg) **Rapid PVST+** is enabled on all switches. Which command set must be configured on Switch1 to achieve the following results on port fa0/1? + When a device is connected, the port transitions immediately to a forwarding state + The interface should not send or receive BPDUs. + If a BPDU is received, it continues operating normally. A. Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast Switch1(config-if)# spanning-tree bpduguard enable B. Switch1(config)# spanning-tree portfast bpduguard default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast C. Switch1(config)#interface f0/1 Switch1(config-if)# spanning-tree portfast D. Switch1(config)#spanning-tree portfast bpdufilter default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast

D. Switch1(config)#spanning-tree portfast **bpdufilter** default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast

Refer to the exhibit. [ncclient_reduce_data.jpg](https://www.digitaltut.com/images/ENCOR/Python/ncclient_reduce_data.jpg) After running the code in the exhibit. Which step **reduces the amount of data** that **NETCONF** server returns to the NETCONF client, to only the interface’s configuration? A. Create an XML filter as a string and pass it to get_config() method as an argument B. Use the txml library to parse the data returned by the NETCONF server for the interface’s configuration C. Create a JSON filter as a string and pass it to the get_config() method as an argument D. Use the JSON library to parse the data returned by the NETCONF server for the interface’s configuration

A. **Create an XML filter** as a string and pass it to get_config() method as an argument

A network engineer configures **BGP** between R1 and R2. Both routers use BGP peer group **CORP** and are set up to use **MD5 authentication**. This message is logged to the console of router R1: *Jun 5 33:34:33.033: %**TCP-6-BADAUTH**: Invalid MD5 digest from 10.10.10.1 (29832) to 10.120.10.1 (179) tableid -0 Which two configurations allow a peering session to form between R1 and R2? (Choose two) A. R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco B. R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(Config-router)#neighbor PEER password Cisco C. R1(config-router)#neighbor 10.10.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco D. R1(config-router)#neighbor 10.120.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco E. R2(config-router)#neighbor 10.120.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco

C. **R1**(config-router)#neighbor **10.10.10.1** peer-group **CORP** **R1**(config-router)#neighbor **CORP** password **Cisco** E. **R2**(config-router)#neighbor **10.120.10.1** peer-group **CORP** **R2**(config-router)#neighbor **CORP** password **Cisco**

Which device makes the **decision** for a wireless **client to roam**? A. wireless client B. access point C. wireless LAN controller D. WCS location server

A. wireless **client**

Refer to the exhibit. [NAT_config_web.jpg](https://www.digitaltut.com/images/ENCOR/NAT/NAT_config_web.jpg) External users require **HTTP connectivity** to an internal company web server that is listening on **TCP port 8080**. Which command set accomplishes this requirement? **Option A** interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat inside **Option B** interface G0/0 ip address 209.165.200.225 255.256.255.224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 209.165.200.225 80 10.1.1.100 8080 **Option C** interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat inside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat outside ip nat inside source static tcp 10.1.1.1 8080 209.166.200.225 80 **Option D** interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 10.1.1.100 8080 interface G0/0 80 **Option E** interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat outside interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat inside ip nat inside source static tcp 209.165.200.225 8080 10.1.1.100 8080

**Option D** interface G0/0 ip address 209.165.200.225 255.255.255.224 ip nat **outside** interface G0/1 ip address 10.1.1.1 255.255.255.0 ip nat **inside** ip nat inside source static tcp 10.1.1.100 **8080 interface G0/0 80**

Which three elements determine **Air Time efficiency**? (Choose three) A. channel bandwidth B. dynamic channel assignment C. evert-driven RRM D. number of spatial streams and spatial reuse E. RF group leader F. data rate (modulation density) or QAM

A. **channel bandwidth** D. number of **spatial streams** and spatial reuse F. **data rate** (modulation density) or QAM

Which **features** does Cisco **EDR** use to provide threat detection and response protection? A. containment, threat intelligence, and machine learning B. firewalling and intrusion prevention C. container-based agents D. cloud analysis and endpoint firewall controls

A. **containment, threat intelligence, and machine learning**

Refer to the exhibit. [python code](https://i.postimg.cc/pXnSvTSz/Capture.png) What is the output of this code? A. username: Cisco B. get_credentials C. username D. cisco

D. **cisco**

Which two threats does **AMP4E** have the **ability to block**? (Choose two) A. DDoS B. ransomware C. SQL injection D. Microsoft Word macro attack E. email phishing

B. **ransomware** D. **Microsoft Word macro attack**

Refer to the exhibit. [NAC_security.jpg](https://www.digitaltut.com/images/ENCOR/Security/NAC_security.jpg) Which single **security** feature is recommended to provide **Network Access Control** in the enterprise? A. 802.1X B. MAB C. WebAuth D. port security sticky MAC

A. **802.1X**

Refer to the exhibit. [log](https://i.postimg.cc/x8QPSfNy/Capture.png) What is the **cause** of the log messages? A. OSPF area change B. hello packet mismatch C. MTU mismatch D. IP address mismatch

A. OSPF **area change**

What are two **benefits of virtual switching** when compared to hardware switching? (Choose two) A. increased MTU size B. hardware independence C. VM-level isolation D. increased flexibility E. extended 802.1Q VLAN range

C. **VM-level** isolation D. increased **flexibility**

What are two **characteristics of VXLAN**? (Choose two) A. It uses VTEPs to encapsulate and decapsulate frames. B. It has a 12-bit network identifier C. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay. D. It lacks support for host mobility E. It allows for up to 16 million VXLAN segments

A. It uses **VTEPs** to **encapsulate and decapsulate** frames. E. It allows for up to **16 million VXLAN segments**

Refer to the exhibit. [traceroute](https://i.postimg.cc/ZYjNqFGh/Capture.png) An engineer is **troubleshooting** a connectivity issue and executes a **traceoute**. What does the result confirm? A. The destination server reported it is too busy B. The probe timed out C. The destination port is unreachable D. The protocol is unreachable

B. The **probe timed out**

Refer to the exhibit. [GRE_Config_verify.jpg](https://www.digitaltut.com/images/ENCOR/GRE/GRE_Config_verify.jpg) A network engineer configures a **new GRE tunnel** and enters the show run command. What does the output verify? A. The tunnel keepalive is configured incorrectly because they must match on both sites B. The tunnel destination will be known via the tunnel interface C. The tunnel will be established and work as expected D. The default MTU of the tunnel interface is 1500 byte.

B. **The tunnel destination will be known via the tunnel interface**

Refer to the exhibit. [ISE_assign_VLANs.jpg](https://www.digitaltut.com/images/ENCOR/ISE/ISE_assign_VLANs.jpg) An engineer has configured Cisco **ISE** to **assign VLANs** to clients based on their method of authentication, but this is **not working** as expected. Which action will resolve this issue? A. require a DHCP address assignment B. utilize RADIUS profiling C. set a NAC state D. enable AAA override

D. enable **AAA override**

What is the function of a **VTEP in VXLAN**? A. provide the routing underlay and overlay for VXLAN headers B. dynamically discover the location of end hosts in a VXLAN fabric C. encapsulate and de-encapsulate traffic into and out of the VXLAN fabric D. statically point to end host locations of the VXLAN fabric

C. **encapsulate** and **de-encapsulate traffic** into and out of the VXLAN fabric

If the noise floor is **-90 dBm** and the wireless client is receiving a signal of **-75 dBm**, what is the **SNR**? A. -165 B. 83 C. 15 D. 1.2

C. **15** ## Footnote **Explanation** If your SNR measurements are already in decibel form, then you can subtract the noise quantity from the desired signal: SNR = S – N. This is because when you subtract logarithms, it is the equivalent of dividing normal numbers. Also, the difference in the numbers equals the SNR. In this question, SNR = -75 – (-90) = 15.

Drag and drop the snippets onto the blanks within the code to construct a script that advertises the network prefix 192.168.5.0 session. Not all options are used. [bgp_netconf_yang.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/bgp_netconf_yang.jpg)

1-A 2-C 3-B

How does an **on-premises** infrastructure compare to a **cloud** infrastructure? A. On-premises can increase compute power faster than cloud B. On-premises offers faster deployment than cloud C. On-premises offers lower latency for physically adjacent systems than cloud D. On-premises requires less power and cooling resources than cloud

C. **On-premises offers lower latency** for physically adjacent systems than cloud

Which **design principle** states that a user has **no access by default** to any resource, and unless a resource is explicitly granted, it should be denied? A. complete mediation B. least privilege C. economy of mechanism D. fail-safe defaults

D. **fail-safe** defaults

Refer to the exhibit. [RESTCONF.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/RESTCONF.jpg) Drag and drop the snippets into the **RESTCONF** request to form the request that returns this response. Not all options are used. [RESTCONF2.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/RESTCONF2.jpg)

1 – interface/GigabitEthernet/1/ 2 – GET 3 – Accept

Refer to the exhibit. [Exhibit](https://www.digitaltut.com/images/ENCOR/VTP/VTP_Domain.jpg) An engineer implemented several configuration changes and receives the **logging message** on Switch1. Which action should the engineer take to resolve this issue? A. Change Switch1 to switch port mode dynamic desirable B. Change Switch2 to switch port mode dynamic auto C. Change Switch1 to switch port mode dynamic auto D. Change the VTP domain to match on both switches

D. **Change the VTP domain to match on both switches**

Refer to the exhibit. [Etherchannel_misconfigure.jpg](https://www.digitaltut.com/images/ENCOR/Etherchannel/Etherchannel_misconfigure.jpg) The **EtherChannel** between SW2 and SW3 is **not operational**. Which action resolves this issue? A. Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on B. Configure the channel-group mode on SW3 Gi0/1 to active C. Configure the mode on SW2 Gi0/0 to trunk D. Configure the mode on SW2 Gi0/1 to access

C. Configure the mode on SW2 **Gi0/0 to trunk**

A network administrator applies the following configuration to an IOS device. What is the **process of password checks** when a login attempt is made to the device? aaa new-model aaa authentication login default local group tacacs+ A. A TACACS+server is checked first. If that check fail, a database is checked. B. A TACACS+server is checked first. If that check fail, a RADIUS server is checked. If that check fail, a local database is checked. C. A local database is checked first. If that fails, a TACACS+server is checked, if that check fails, a RADIUS server is checked. D. A local database is checked first. If that check fails, a TACACS+server is checked.

D. A **local database** is checked first. If that check **fails, a TACACS+**server is checked.

Refer to the exhibit. [HSRP_primary_preempt_2.jpg](https://www.digitaltut.com/images/ENCOR/HSRP/HSRP_primary_preempt_2.jpg) Router 1 is currently operating as the **HSRP primary** with a priority of 110 router1 fails and Router2 take over the forwarding role. Which **command** on Router1 causes it **to take over the forwarding role** when it return to service? A. standby 2 priority B. standby 2 preempt C. standby 2 track D. standby 2 timers

B. standby 2 **preempt**

Drag and drop packet switching architecture from the left onto the correct positions on the right. [Process_Switching_CEF.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/Process_Switching_CEF.jpg)

**Process Switching**: + It is referred as **“software” switching** + It uses **General Purpose CPU** to perform that switching **Cisco Express Forwarding**: + It is used when you have to perform in **high packet volume**

Refer to the exhibit. [show interfaces trunk](https://i.postimg.cc/Dzyr6pk5/Capture.png) The **trunk does not work** over the **back-to-back link** between Switch1 interface Gig1/0/20 and Switch2 interface Gig1/0/20. Which configuration fixes the problem? A. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic desirable B. Switch1(config)#interface gig1/0/20 Switch1(config-if)#switchport mode dynamic auto C. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic auto D. Switch2(config)#interface gig1/0/20 Switch1(config-if)#switchport trunk native vlan 1 Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport trunk native vlan 1

A. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic **desirable** ## Footnote https://www.digitaltut.com/images/ENCOR/Trunking/DTP_modes.png

What is the **function of vBond** in a Cisco SDWAN deployment? A. onboarding of SDWAN routers into the SD-WAN overlay B. pushing of configuration toward SD-WAN routers C. initiating connections with SD-WAN routers automatically D. gathering telemetry data from SD-WAN routers

A. **onboarding of SDWAN routers** into the SD-WAN overlay

What is the **difference in dBm** when an AP power increases from **25 mW to 100mW**? A. 75dBm B. 150dBm C. 6dBm D. 125dBm

C. **6dBm**

Which **free application make REST call** against DNA center? A. Postman B. Ansible C. Chef D. Puppet

A. **Postman**

A network engineer must configure a router to **send logging messages to a syslog server** based on these requirements: uses syslog IP address: 10.10.10.1 uses a **reliable protocol** must not use any well-known TCP/UDP ports Which configuration must be used? A. logging host 10.10.10.1 transport udp port 1024 B. logging origin-id 10.10.10.1 C. logging host 10.10.10.1 transport udp port 1023 D. logging host 10.10.10.1 transport tcp port 1024

D. logging host 10.10.10.1 transport **tcp port 1024**

Drag and drop the characteristics from the left onto the routing protocols they describe on the right. [OSPF_EIGRP_2.jpg](https://www.digitaltut.com/images/ENCOR/Drag_Drop/OSPF_EIGRP_2.jpg)

**EIGRP** + It is an Advanced Distance Vector routing protocol + It relies on the Diffused Update Algorithm to calculate the shortest path to a destination + It requires an Autonomous System number to create a routing instance for exchanging routing information **OSPF** + The default Administrative Distance is equal to 110 + It requires a process ID that is local to the router + It uses virtual links to connect two parts of a partitioned backbone through a non-backbone area

Refer to the exhibit. [python code](https://i.postimg.cc/hGWF7mkS/Capture.png) Refer to the exhibit. Which result does the python code achieve? A. The code converts time to the yyyymmdd representation B. The code encrypts a base64 decrypted password C. The code converts time to the “year/month/day” time format D. The code converts time to the Epoch LINUX time format

A. **The code converts time to the yyyymmdd representation**

Refer to the exhibit. Which command is required to verify **NETCONF capability reply messages**? [NETCONF_request_response.jpg](https://www.digitaltut.com/images/ENCOR/NETCONF_RESTCONF/NETCONF_request_response.jpg) A. show netconf | section rpc-reply B. show netconf rpc-reply C. show netconf xml rpc-reply D. show netconf schema | section rpc-reply

D. show netconf **schema | section rpc-reply**