Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNP Core - 300-401 ENCOR > Study Guide > Flashcards

Study Guide Flashcards

1
Q

What is a benfit of data modeling languages like YANG?
A. They enable programmers to change or write their own application within the device operating system.
B. They create more secure and efficient SNMP OIDs.
C. They make the CLI simpler and more efficient.
D. They provide a standardized data structure, which results in configuration scalability and consistency.

A

D. They provide a standardized data structure, which results in configuration scalability and consistency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
A customer has several small branches and wants to deploy a Wi-Fi solution with local management using CAPWAP.  Which deployment model meets this requirement?
A. Autonomous
B. Mobility express
C. SD-Access wireless
D. Local Mode
A

B. Mobility express.
Mobility express is the aility to use an access point (AP) as a controller instead of a real WLAN controller. This solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which statement about agent-based versus agentless configuration management tools is true?
A. Agentless tools require no messaging systems between master and slaves.
B. Agentless tools use proxy nodes to interface with slave nodes.
C. Agent-based tools do not require a high-level language interpreter such as Python or Ruby on slave nodes.
D. Agent-based tools do not require installation of additional software packages on the slave nodes.

A

C. Agent-based tools do not require a high-level language interpreter such as Python or Ruby on slave nodes.
Agentless tool means that no software or agent needs to be installed on the client machines that are to be managed. Ansible is an example of an agentless tool.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
On which protocol or technology is the fabric data plane based in Cisco SD-Access fabric?
A. LISP
B. IS-IS
C. Cisco TrustSec
D. VXLAN
A

D. VXLAN
VXLAN (Virtual Extensible LAN) can be forwarded by any IP-based network and creates the overlay network for the SD-Access fabric. Using VXLAN allows the SD-Access fabric to support Layer 2 and Layer 3 virtuial topologies (overlays).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port?
A. logging host 10.2.3.4 vrf mgmt transport tcp port 6514
B. logging host 10.2.3.4 vrf mgmt transport udp port 6514
C. logging host 10.2.3.4 vrf mgmt transport tcp port 514
D. logging host 10.2.3.4 vrf mgmt transport udp port 514

A

A. logging host 10.2.3.4 vrf mgmt transport tcp port 6514

The TCP port 6514 has been allocated as the syslog over TLS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A client device fails to see the enterprise SSID, but other device are connected to it. What is the cause of this issue?
A. The hidden SSID was not manually configured on the client.
B. The broadcast SSID was not manually configured on the client.
C. The client has incorrect credentials stored for the configured hidden SSID.
D. The client has incorrect credentials stored for the configured broadcast SSID.

A

A. The hidden SSID was not manually configured on the client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which function does a fabric edge node perform in an SD-Access deployment?
A. Connects the SD-Access fabric to another fabric or external Layer 3 networks.
B. Connects endpoints to the fabric and forwards their traffic.
C. Provides reachabiity border nodes in the fabric underlay.
D. Encapsulates end-user data traffic into LISP.

A

B. Connects endpoints to the fabric and forwards their traffic.
There are five device roles in the fabric overlay:
Control plane node - Contains the settings, protocols, and mapping tables to provide the endpoint-to-location mapping system for the fabric overlay.
Fabric Border Node - Connects external Layer 3 networks to the SDA fabric.
Fabric Edge Node - Connects wired endpoints to the SDA fabric.
Fabric WLAN Controller (WLC) - Connects APs and wireless endpoints to the SDA fabric.
Intermediate Nodes - Intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which two methods are used by an AP that is trying to discover a wireless LAN controller? (choose two)
A. Cisco Discovery Protocol neighbor
B. Broadcasting on the local subnet
C. DNS lookup cisco-DNA-PRIMARY.local domain
D. DHCP Option 43
E. Querying other APs

A

B and D.
B - Broadcasting on the local subnet
D - DHCP Option 43

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which statement describes the IP and MAC allocation requirements for virtual machines on Type 1 hypervisors?
A. Each virtual machine requires a unique IP and MAC addresses to be able to reach to other nodes.
B. Each virtual machine requires a unique IP address but shares the MAC address with the physical server.
C. Each virtual machine requires a unique IP address but shares the MAC address with the address of the physical server.
D. Each virtual machine requires a unique MAC address but shares the IP address with the physical server.

A

A. Each virtual machine requires a unique IP and MAC address to be able to reach to other nodes.
In Type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server (VMware vSphere/ESXi, Oracle VM, KVM, and Hyper-V).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
Which LISP infrastucture device provides connectivity between non-sites and LISP sites by receiving non-LISP traffic with a LISP site destination?
A. PETR
B. PITR
C. map resolver
D. map server
A

B. PITR
Proxy Ingress Tunnel Router (PITR) is an infrastructure LISP network entity that receives packets from non-LISP sites and encapsulates the packets to LISP sites or natively forwards them to non-LISP sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
In OSPF, which LAS type is responsible for pointing to the ASBR router?
A. type 1
B. type 2
C. type 3
D. type 4
A

D. Type 4
Summary ASBR LSA (Type 4) is generated by the ABR to describe an ASBR to routers in other areas so that routers in other areas know how to get to external routes through that ASBR.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
An engineer configures a WLAN with fast transition enabled.  Some legacy clients fail to connect to this WLAN.  Which feature allows the legacy clients to connect while still allowing other clients to use fast transition based on their OLTI's?
A. over the DS
B. adaptive R
C. 802.11v
D. 802.11k
A

B. adaptive R
802.11r Fast Transition (FT) Roaming is a new concept for roaming. The initial handshake with the new AP occurs before the client roams to the target AP. Hence, fast transition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
What is the JSON syntax for the following data?
Name Bob Johnson
Age 75
Is alive
Favorite Foods are cereal, mustard, and onions.
A. Name: Bob, Johnson...
B. Name" , "Bob Johnson"...
C. Name', 'Bob Johnson,' ...
D. Name", "Bob Johnson" ...
E. {"Name" : "Bob Johnson" ...
A

E. {“Name” : “Bob Johnson” , “age” : 75, “alive” : true, “favorite foods” :[“Cereal” , “Mustard” , “Onions”]}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

If a VRRP master router fails, which router is selected as the new master router?
A. router with the highest priority
B. router with the highest loopack address
C. router with the lowest loopback address
D. router with the lowest priority

A

A. router with the highest priority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
Refer to the exhibit.  Which type of antenna do the radiation patterns represent?
A. Patch
C. Omnidirectional
C. Yagi
D. Dipole
A

A. Patch
A patch antenna, in its simplest form, is just a single rectangular (or circular) conductive plate that is spaced above a ground plane. Patch antennas are attractive due to their low profile and ease of fabrication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What do Cisco DNA southbound APIs provide?
A. Interface between the controller and the network devices.
B. NETCONF API interface for orchestration communication.
C. RESTful API interface for orchestrator communication.
D. Interface between the controller and the consumer.

A

A. Interface between the controller and the network devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q 
To increase total throughput and redundancy on the links between the wireless controller and the switch, the customer enabled LAG on the wireless controller.  Which EtherChannel mode must be configured on the switch to allow the WLC to connect?
A. Auto
B. Active
C. On
D. Passive
A

C. On

LAG requires the EtherChannel to be configured for “mode on” on both the controller and the catalyst switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which description of an SD-Access wireless network infrastructure deployment is true?
A. The access point is part of the fabric underlay
B. The WLC is part of the fabric underlay
C. The access point is part of the fabric overlay
D. The wireless client is part of the fabric overlay

A

C. The access point is part of the fabric overlay.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q 
Which method displays text directly into the active console with a synchronous EEM applet policy?
event manager applet boom
event syslog pattern 'UP'
action 1.0 ...
A. gets 'logging directly to console'
B. syslog priority direct msg 'log directly to console'
C. puts 'logging directly to console'
D. string 'logging directly to console'
A

C. action 1.0 puts ‘logging directly to console’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the difference between a RIB and a FIB?
A. The RIB is used to make IP source prefic-based switching decisions
B. The FIB is where all IP routing information is stored.
C. The RIB maintains a mirror image of the FIB.
D. The FIB is populated based on RIB content.

A

D. The FIB is populated based on RIB content.

CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. RIB is in the control plane, FIB is in the data plane.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q 
Which PAgP mode combination prevents an Etherchannel from forming?
A. auto/auto
B. desirable/desirable
C. auto/desirable
D. desirable
A

A. auto/auto
There are two PAgP modes:
Auto - Responds to PAgP messages but does not aggressively negotiate an Etherchannel, unless the other end is set to desirable.
Desirable - Actively negotiates Etherchannel with the other end of the link no matter if it is auto or desirable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q 
In which part of the HTTP message is the content type specified?
A. HTTP method
B. URL
C. header
D. body
A

C. header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the correct EBGP path attribute list, ordered from most preferred to the least preferred that the BGP best-path algorithm uses?
A. weight, AS path, local preference, MED
B. weight, local preference, AS path, MED
C. local preference, weight, AS path, MED
D. local preference, weight, MED, AS path

A 
B. weight, local preference, AS path, and MED
Path selection order for EBGP:
1. Weight
2. Local Preference
3. Originate
4. AS Path
5. Origin
6. MED
7. External
8. IGP Cost
9. eBGP Peering
10. Router ID
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which statement about multicast RPs is true?
A. RPs are required only when using protocol independent multicast dense mode
B. RPs are required for protocol independent multicast sparse mode and dense mode
C. By default, the RP is needed periodically to maintain sessions with sources and receivers.
D. By default, the RP is needed only to start new sessions with sources and receivers.

A

D. By default, the RP is needed only to start new sessions with sources and receivers.

A rendezvous point (RP) is required only in networks running protocol independent multicast sparse mode (PIM-SM). By default, the RP is needed only to start new sessions with sources and receivers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What the role of a fusion in an SD-Access solution?
A. provides connectivity to external networks
B. acts as a DNS server
C. performs route leaking between user-defined virtual networks and shared services.
D. provides additional forwarding capacity to the fabric

A

C. performs route leaking between user-defined networks and shared services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which statement about VXLAN is true?
A. VXLAN uses TCP 35 as the transport protocol over the physical data center network.
B. VXLAN extends the Layer 2 segment ID field to 24-bits, which allows up to 4094 unique layer 2 segments over the same network.
C. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries.
D. VXLAN uses the Spanning Tree Protocol for loop prevention.

A

C. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Refer to the exhibit. Switch C connects HR and Sales to the Core switch. However, business needs require that no traffic from the Finance VLAN traverse this switch. Which command meets this requirement?
A. vtp pruning
B. vtp pruning vlan 110
C. interface port-channel 1
switchport trunk allowed vlan add 210, 310
D. interface port-channel 1
switchport trunk allowed vlan remove 110

A

D. interface port-channel 1
switchport trunk allowed vlan remove 110

Finance belongs to VLAN 110, so it must be removed from the port-channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q 
Which HTTP status code is the correct response for a request with an incorrect password applied to a REST API session?
A. 200
B. 302
C. 401
D. 504
A

C. HTTP Status Code: 401
A 401 error response indicates that the client tried to operate on aprotected resource without providing the proper authorization. It may have provided the wrong credentials or none at all.
4## errors are client, 5## are server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q 
When configuring WPA2 Enterprise on a WLAN, which additional security component configuration is required?
A. NTP server
B. PKI server
C. RADIUS server
D. TACACS server
A

C. RADIUS server

WPA2-Enterprise requires a RADIUS server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A response code of 404 is received while using the REST API on Cisco DNA Center to POST to this URL.
/dna/intent/api/v1
/template-programmer/project
A. The client made a request for a resource that does not exist.
B. The server has not implemented the functionality that is needed to fulfill the request.
C. The request accepted for processing, but the processing was not completed.
D. The POST/PUT request was fulfilled and anew resource was created, information about the resource is in the response body.

A

A. The client made a request a resource that does not exist.

The 404 (Not Found) error status code indicates that the REST API can’t map the client’s URL to a resource but may be available in the future. Subsequent requests by the client are permissible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which behavior can be expected when the HSRP versions is changed from 1 to 2?
A. Each HSRP group reinitializes because the virtual MAC address has changed.
B. No changes occur because version 1 and 2 use the same virtual MAC OUI.
C. Each HSRP group reinitializes because the multicast address has changed.
D. No changes occur because the standby router is upgraded before the active router.

A

A. Each ESRP group reinitializes because the virtual MAC address has changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q 
A client with IP address 209.165.201.25 must access a web server on port 80 at 209.165.200.225.
To allow this traffic, an engineer must add a statement to an access control list that is applied in the inbound direction on the port connecting to the web server.
Which statement allows this traffic?
permit tcp host 209.165...
A. 200.225 eq 80 host 209.165.201.25
B. 201.25 host .200.225 eq 80
C. 200.225 it 80 host 201.25
D. 200.225 host 201.25 eq 80
A

A. permit tcp host 209.165.200.225 eq 80 host 209.165.201.25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

OSPF or EIGRP?

  • Supports unequal path load balancing
  • Link state routing protocol
  • Distance vector routing protocol
  • Metric is based on delay and reliability by default
  • Makes it easy to segment the network logically
  • Constructs three tables s part of its operation - neighbor, topology, and routing.
A

OSPF

  • Link state routing protocol
  • Metric is based on delay and reliability by default
  • Makes it easy to segment the network logically

EIGRP

  • supports unequal path load balancing
  • distance vector routing protocol
  • constructs three tables as part of its operation: neighbor, topology, and routing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q 
Which IP address becomes the next active next-hop for 192.168.102.0/24 when 192.168.101.2 fails?
A. 192.168.101.18
B. 192.168.101.6
C. 192.168.101.10
D. 192.168.101.14
A

A. 192.168.101.18

Path selection attributes: Weight > Local Preference > Originate > AS Path > Origin > MED > External > IGP Cost > eBGP Peering > Router ID

.18 takes over for .2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q 
Which two protocols are used with Yang data models? (Choose two)
A. HTTPS
B. SSH
C. RESTCONF
D. TLS
E. NETCONF
A

C and E.
C. RESTCONF
E. NETCONF

YANG (Yet Another Next Generation) is a data modeling language for the definition of data sent over netwrok management protocols such as the NETCONF and RESTCONF.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q 
Which protocol does REST API rely on to secure the communication channel?
A. TCP
B. HTTPS
C. SSH
D. HTTP
A

B. HTTPS

REST API accepts and returns HTTP or HTTPS messages, but HTTP is not enabled by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q 
Which JSON syntax is valid?
A. {"switch" : "name" : dist1"
B. {'switch':
C. {"switch": {"name":"dist1"
D. {/"switch/"
A

C. { “switch” : { “name” : “dist1” , “interface” : [“gig1” , “gig2” , “gig3” ] } }

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which two descriptions of FlexConnect mode for Cisco APs are true? (choose two)
A. AP’s that operate in FlexConnect mode cannot detect rogue APs.
B. FlexConnect mode is used when the APs are set up in a mesh environment and used to bridge between each other.
C. FlexConnect mode is a feature that is designed to allow specified CAPWAP-enabled APs to exclude themselves from managing data traffic between clients and infrastructure.
D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller.
E. FlexConnect mode is a wireless solution for branch office and remote office deployments.

A

D and E.
D. When connected to the controller, FlexConnect APs can tunnel traffic back to the controller.
E. FlexConnect mode is a wireless solution for branch office and remote office deployments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Which two staetments about he EEM applet configuration are true? (Choose two).
A. The EEM applet runs before the CLI command is executed.
B. The EEM applet runs after the CLI command is executed.
C. The EEM applet requires a case-insensitive response.
D. The running-configuration is displayed only if the letter Y is entered at the CLI.

A

A and D.
A. The EEM applet runs before the CLI command is executed.
D. The running-configuration is displayed only if the letter Y is entered at he CLI.

The “sync yes” option causes the EEM applet to run before the CLI command is executed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which network script automation option or tool is used in the exhibit?
https://mydevice.mycompany.com/getstuff?queryName=errors&queryResults=yes
A. EEM
B. Python
C. Bash script
D. NETCONF
E. REST

A

E. REST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q 
Which data modeling language is commonly used by NETCONF?
A. HTML
B. XML
C. YANG
D. REST
A

C. YANG

Cisco IOS-XE supports YANG, which can be used with NETCONF for automation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q 
Refer to the exhibit.  Which IPv6 OSPF network type is applied to interface Fa0/0 of R2 by default?
A. broadcast
B. Ethernet
C. multipoint
D. point-to-point
A

A. broadcast.

The Broadcast network type is the default for an OSPF enabled ethernet interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q 
A network is being migrated from IPv4 to IPv6 using a dual-stack approach.  Network management is already 100% IPv6 enabled.  In a dual-stack network with two dual-stack NetFlow collections, how many flow exporters are needed per network device in the flexible NetFlow configuration?
A. 1
B. 2
C. 4
D. 8
A

B. 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is the structure of a JSON web token?
A. three parts separated by dots. Header, payload, and signature
B. header and payload
C. three parts separated by dots. Version, header, and signature.
D. payload and signature

A

A. three partes separated by dots. Header, payload, and signature.

JSON Web Token (JWT) are composed of three parts separated by a dot:
xxxxx.yyyyy.zzzzz

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q 
Which feature is supported by EIGRP but is not supported by OSPF?
A. route summarization
B. equal-cost load balancing
C. unequal-cost load balancing
D. route filtering
A

C. unequal-cost load balancing

EIGRP supports unequal-cost load balncing via the “variance” command. OSPF only supports equal-cost load balancing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q 
Which method creates an EEM applet policy that is registered with the EEM and runs on demand or manually?
event manager applet ondemand
A. event register
B. event manual
C. event none
D. none
A

C. event none

The “event none” command allows EEM to identify an EEM policy that can be manually triggered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q 
Which IP SLA operation requires the IP SLA responder to be configured on the remote end?
A. ICMP echo
B. UDP jitter
C. CMP jitter
D. TCP connect
A

B. UDP jitter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q 
An engineer is configuring local web authentication on a WLAN.  The engineer chooses the Authentication radio button under the Layer 3 security options for Web Policy.  Which device presents the web authentication for the WLAN?
A. ISE server
B. local WLC
C. RADIUS server
D. anchor WLC
A

B. local WLC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q 
Refer to exhibit.  VLANs 50 and 60 exist on the trunk links between all switches.  All access ports on SW3 are configured for VLAN 50 and SW1 is the VTP server.  Which command ensures that SW3 receives frames only from VLAN 50?
A. SW1# vtp pruning
B. SW3# vtp mode transparent
C. SW2# vtp pruning
D. SW1# vtp mode transparent
A

A. SW1# vtp pruning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q 
Which NGFW mode block flows crossing the firewall?
A. Passive
B. Tap
C. Inline Tap
D. Inline
A

D. Inline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q 
What are two common sources of interference for Wi-Fi networks? (Choose two)
A. radar
B. LED lights
C. rogue AP
D. conventional oven
E. fire alarm
A

A and C.
A. Radar
C. Rogue AP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

A network administrator is implementing a routing configuration change and enables routing debugs to track routing behavior during the change. The logging output on the terminal is interrupting the command typing process. Which two actions can the network administrator take to minimize the possibility of typing commands incorrectly? (Choose two)
A. Configure the logging synchronous global configuration command
B. Configure the logging delimiter feature
C. Configure the logging synchronous command under the vty
D. Press the TAB key to reprint the command in a new line
E. Increase the number of lines on the screen using the terminal length command.

A

A and D.
A. Configure the logging synchronous global configuration command.
D. Press the TAB key to reprint the command in anew line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

The login method is configured on the VTY lines of a router with these parameters:
-The first method for authentication is TACACS
-If TACACS is unavailable, login is allowed without any provided credentials
A. aaa authentication login VTY group tacacs+ none
line vty 0 4
password 7
sh run | include username

A

Pick the option with:
aaa authentication login VTP group tacacs+ none
and
displays nothing under sh run | include username

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q 
Which QoS component alters a packet to change the way that traffic is treated in the network?
A. Marking
B. Classification
C. Shaping
D. Policing
A

A. Marking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q 
Which marking field is used only as an internal marking within a router?
A. QoS Group
B. Discard Eligibility
C. IP Precedence
D. MPLS Experimental
A

A. QoS Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Which statement about a Cisco APIC controller versus amore traditional SDN controller is true?
A. APIC uses a policy agent to translate policies into instructions.
B. APIC supports OpFlex as a Northbound protocol.
C. APIC does support a Southbound REST API.
D. APIC uses an imperative model.

A

A. APIC uses a policy agent to translate policies into instructions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q 
Which QoS mechanism will prevent a decrease in TCP performance?
A. Shaper
B. Policer
C. WRED
D. Rate-Limit
E. LLQ
F. Fair-Queue
A

C. WRED

Weighted Random Early Detection is a congestion avoidance mechanism.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which statement explains why Type 1 hypervisors are considered more efficient than Type 2 hypervisors?
A. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS.
B. Type 1 hypervisor enables other operating systems to run on it.
C. Type 1 hypervisor relics on the existing OS of the host machine to access CPU, memory, storage, and network resources.
D. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques.

A

A. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What are two benfits of virtualizng the server with the use of VMs in a data center environment? (Choose two)
A. Increased security
B. Reduced rack space, power, and cooling requirements
C. Reduced IP and MAC address requirements
D. Speedy deployment
E. Smaller Layer 2 domain

A

B and D.
B. Reduced rack space, power, and cooling requirements.
D. Speedy deployment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Which exhibit displays a valid JSON file?
{
“hostname” : “edge_router_1”

or

{
“hostname” : “edge-router_1”,

A

{
“hostname” : “edge_router_1” ,

Look for the only option with a comma after “edge_router_1”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q 
Which TCP setting is tuned to minimize the risk of fragmentation on a GRE/IP tunnel?
A. MTU
B. Window size
C. MRU
D. MSS
A

D. MSS

The TCP Maximum Segment Size.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Which statement about an RSPAN session configuration is true?
A. A fitter must be configured for RSPAN regions.
B. Only one session can be configured at a time.
C. A special VLAN type must be used as the RSPAN destination.
D. Only incoming traffic can be monitored.

A

C. A special VLAN type must be used as the RSPAN destination.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q 
Refer to the exhibit.  Based on the configuration in the WLAN security setting.  Which method can a client use to authenticate to the network?
A. text string
B. username and password
C. certificate
D. RADIUS token
A

A. text string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q 
Which two pieces of information are necessary to compute SNR? (Choose two).
A. EIGRP
B. noise floor
C. antenna gain
D. RSSI
E. transmit power
A

B and D.
B. noise floor
D. RSSI

SNR - Signal to Noise Ratio

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q 
Refer to the exhibit.  The WLC administrator sees that the controller to which a roaming client associates has Mobility Role Anchor configured under Clients > Detail.  Which type of roaming is supported?
A. Indirect
B. Layer 3 intercontroller
C. Layer 2 intercontroller
D. Intercontroller
A

B. Layer 3 intercontroller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

What is the difference between the enable password and the enable secret password when password encryption is enabled on an IOS device?
A. Te enable password is encrypted with a stronger exncryption method.
B. There is no difference and both passwords are encrypted identically.
C. The enable password cannot be decrypted.
D. The enable secret password is protected via stronger cryptography mechanisms.

A

D. The enable secret password is protected via stronger cryptography mechanisms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q 
When reason could cause an OSPF neighborship to be in the EXSTART / EXCHANGE staet?
A. Mismatched OSPF network type
B. Mismatched areas
C. Mismatched MTU size
D. Mismatched OSPF link costs
A

C. Mismatched MTU size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Which two staetments about VRF-lite are true? (Choose two)
A. It can increase the packet switching rate.
B. It supports most routing protocols, including EIGRP, ISIS, and OSPF.
C. It supports MPLS-VRF label exchange and labeled packets.
D. It should be used when a customer’s router is connected to an ISP over OSPF.
E. It can support multiple customers on a single switch.

A

B and E.
B. It supports most routing protocols, including EIGRP, ISIS, and OSPF.
E. It can support multiple customers on a single switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Which staetment about the default QoS configuration on aCisco switch is true?
A. All traffic is sent through four egress queues.
B. Port trust is enabled.
C. The Port Cos value is 0
D. The Cos value of each tagged packet is modified

A

C. Te Port Cos value is 0.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q 
Which IPv6 migration method relies on dynamic tunnels that use the 2002::/16 reserved address space?
A. 6RD
B. 6to4
C. ISATAP
D. GRE
A

B. 6to4

6to4 tunnel is a technique which relies on reserved address space 2002::/16

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

How are the Cisco Express Forwarding table and the FIB related to each other?
A. The FIB is used to populate the Cisco Express Forwarding table
B. The Cisco Express Forwarding table allows route lookups to be forwarded to the route processor for processing before they are
C. There can be only one FIB but multiple Cisco Express Forwarding tables on IOS devices.
D. Cisco Express Forwarding uses a FIB to make IP destination prefix-based switching decisions.

A

D. Cisco Express Forwarding uses a FIB to make IP destination prefix-based switching decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q 
Which two operations are valid for RESTCONF? (Choose two)
A. HEAD
B. REMOVE
C. PULL
D. PATCH
E. ADD
F. PUSH
A

A and D.
A. HEAD
D. PATCH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What is a benefit of deploying an on-premises infrastructure versus a cloud infrastructure deployment?
A. faster deployment times because additional infrastructure does not need to be purchased.
B. lower latency between systems that are physically located near each other.
C. less power and cooling resources needed to run infrastructure on-premises.
D. ability to quickly increase compute power without the need to install additional hardware.

A

B. lower latency between systems that are physically located near each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

How does Cisco Trustsec enable more access controls for dynamic networking environments and data centers?
A. uses flexible NetFlow
B. assigns a VLAN to the endpoint
C. classifies traffic based on the contexual identity of the endpoint rather than its IP address.
D. classifies traffic based on advanced application recognition.

A

C. classifies traffic based on the contexual identity of the endpoint rather than its IP address.

75
Q 
Which method does the enable secret password option use to encrypt device passwords?
A. AES
B. CHAP
C. PAP
D. MD5
A

D. MD5

76
Q 
Refer to the exhibit.  Which privilege level is assigned to VTY users?
line vty 0 4
password 7
login
linte vty 5 15
password 7
login
A. 1
B. 7
C. 13
D. 15
A

A. 1

VTY lines default to level 1 privilege.

77
Q 
Refer to the exhibit.  Assuming that R is a CE router, which VRF is assigned to Gi0/0 on R1.
A. VRF VPN_B
B. Default
C. Management VRF
D. VRF VPN_A
A

D. VRF VPN_A

78
Q 
What technology provides a secure communication channel for all traffic at Layer 2 of the OSI model?
A. MACsec
B. IPsec
C. SSL
D. Cisco Trustsec
A

A. MACSec

79
Q 
Refer to the exhibit.  Which HTTP JSON response does the python code output give?
A. NameError: name 'json' is not defined
B. KeyError 'kickstart_ver_str'
C. 7.61
D. 7.0(3)I7(4)
A

D. 7.0(3)I7(4)

80
Q

Which two staetments about EIGRP load balancing are true? (Choose two)
A. EIGRP supports 6 unequal-cost paths
B. A path can be used for load balancing only if it is a feasible successor.
C. EIGRP supports unequal-cost paths by default.
D. Any path in the EIGRP topology table can be used for unequal-cost load balancing.
E. Cisco Express Forwarding is required to load-balance across interfaces.

A

A and B.
A. EIGRP supports 6 unequal-cost paths.
B. A path can be used for load balancing only if it is a feasible successor.

81
Q

Which staetment about LISP encapsulation in an EIGRP OTP implementation is true?
A. OTP uses LISP encapsulation for ynamic multipoint tunneling.
B. OTP maintains the LISP control plane.
C. OTP uses LISP encapsulation to obtain routes from neighbors.
D. LISP learns the next hop.

A

B. OTP maintains the LISP control plane.

EIGRP Over-the-Top can be used to ensure connectivity between disparate EIGRP sites.

82
Q 
Which EIGRP feature allows the use of leak maps?
A. offset-list
B. neighbor
C. address-family
D. stub
A

D. stub

An EIGRP stub router configured so that it only advertises connected and summary routes but want to have an exception to this rule, we can configure a leak map.

83
Q 
Which statements are used for error handling in Python?
A. try/catch
B. try/except
C. block/rescue
D. catch/release
A

B. try/except

84
Q 
Which feature must be configured to allow packet capture over Layer 3 infrastructure?
A. VSPAN
B. IPSPAN
C. RSPAN
D. ERSPAN
A

D. ERSPAN

Encapsulated Remote SPAN brings GRE encapsulation for all captured traffic and allows it to be extended across Layer 3 domains.

85
Q

Which statement about Cisco Express Forwarding is true?
A. It uses a fast cache that is maintained in arouter data plane.
B. It maintains two tables in the data plane. The FIB and adjacency table.
C. It makes forwarding decisions by a process that is scheduled through the IOS scheduler.
D. The CPU of a router becomes directly involved with packet-switching decisions.

A

B. It maintains two tables in the data plane. The FIB and adjacency table.

86
Q

Which statement about route targets is true when using VRF-Lite?
A. When BGP is configured, route targets are transmitted as BGP standard communities.
B. Route targets control the import and export of routes into a customer routing table.
C. Route targets allow customers to be assigned overlapping addresses.
D. Route targets uniquely identify the customer routing table.

A

B. Route targets control the import and export of routes into a customer routing table.

87
Q 
Which two GRE features are configured to prevent fragmentation? (Choose two)
A. TCP window size
B. TCP MSS
C. IP MTU
D. DF bit clear
E. MTU ignore
F. PMTUD
A

B and D.
B. TCP MSS
D. DF bit clear

88
Q

Refer to the exhibit. An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24.
The engineer applies access control list EGRESS in the outbound direction on the GigabitEthernet0/0 interface of the router.
However, the router can still ping hosts on teh 209.165.200.0/24 subnet.
Which explanation of this behavior is true?`
A. Access control lists that are applied outband to a router interface do not affect traffic that is sourced from the router.
B. Only standard access control lists can block traffic from a source IP address.
C. After an access control list is applied to an interface, that interface must be shut and no shut for the access control list to take effect.
D. The access control list must contain an explicit deny to block all traffic from the router.

A

A. Access control lists that are applied outbound to a router interface do not affect traffic that is sources from router.

89
Q 
Which First Hop Redundancy Protocol maximizes uplink utilization and minimizes the amount of configuration that is necessary?
A. GLBP
B. HSRP v2
C. VRRP
D. HSRP v1
A

A. GLBP

The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway, while the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol that load balances among gateways.

90
Q 
Which LISP device is responsible for publishing EID-to-RLOC mappings for a site?
A. ETR
B. MS
C. ITR
D. MR
A

A. ETR

An Egress Tunnel Router (ETR) connects a site to the LISP-capable part of a core network and publishes EID-to-RLOC mappings for the site.

91
Q 
Which access controls list allows only TCP traffic with a destination port range of 22-443 excluding port 80?
A. Deny tcp any any eq 80
Permit tcp any any gt 21 it 444
B. Permit tcp any any ne 80
C. Permit tcp any any range 22 443
Deny tcp any any eq 80
D. Deny tcp any any ne 80
Permit tcp any any range 22 443
A

A. Deny tcp any any eq 80

Permit tcp any any gt 21 it 444

92
Q

Which feature does Cisco TrustSec use to provide scalable, secure communication throughout a network?
A. security group tag ACL assigned to each port on a switch
B. security group tag number assigned to each port on a network
C. security group tag number assigned to each user on a switch
D. security group tag ACL assigned to each router on a network

A

B. security group tag number assigned to each port on a network

93
Q

Which action is the vSmart controller responsible for in an SD-WAN deployment?
A. onboard vEdge nodes into the SD-WAN fabric
B. distribute security information for tunnel establishment between vEdge routers
C. manage, maintain, and gather configuration and status for nodes within the SD-WAN fabric
D. gather telemetry data from vEdge routers?

A

A. onboard vEdge nodes into the SD-WAN fabric

94
Q

Refer to the exhibit. Link1 is a copper connection and Link2 is a fiber connection. The fiber port must be the primary port for all forwarding. The output of the show spanning-tree command on SW2 shows that the fiber port is blocked by spanning tree. An engineer enters the spanning-tree port-priority 32 command on Gi0/1 on SW2, but the port remains blocked.
Which command should be entered on the ports that are connected to the Lmk2 to resolve the issue?
A. Enter spanning-tree port-priority 32 on SW1.
B. Enter spanning-tree port-priority 224 on SW1.
C. Enter spanning-tree port-priority 4 on SW2.
D. Enter spanning-tree port-priority 64 on SW2.

A

A. Enter spanning-tree port-priority 32 on SW1.

95
Q

Which requirement for an Ansible-managed node is true?
A. It must be a Linux server or a Cisco device
B. It must have an SSH server running
C. It must support ad hoc commands
D. It must have an Ansible Tower installed.

A

A. It must be a Linux server or a Cisco device.

Ansible can communicate via SSH or HTTPS, so an SSH server is not required. Ansible controllers cannot be installed on Windows.

96
Q 
Refer to this output.  What is the logging severity level?
%LINEPROTO-5-UPDOWN
A. Notification
B. Alert
C. Critical
D. Emergency
A

A. Notification

Level 5 is Notification.

97
Q 
Which DNS lookup does an access point when attempting CAPWAP discovery?
A. CISCO-DNA-CONTROLLER.local
B. CAPWAP-CONTROLLER.local
C. CISCO-CONTROLLER.local
D. CISCO-CAPWAP-CONTROLLER.local
A

D. CISCO-CAPWAP-CONTROLLER.local

98
Q

At which Layer does Cisco DNA Center support REST controls?
A. EEM applets or scripts
B. Session layer
C. YMAL output from responses to API calls
D. Northbound APIs

A

D. Northbound APIs

99
Q

Which two statements about IP SLA are true? (Choose two)
A. SNMP access is not supported
B. It uses active traffic monitoring
C. It is Layer 2 transport-independent
D. The IP SLA responder is a component in the source Cisco device
E. It can measure MOS
F. It uses NetFlow for passive traffic monitoring

A

B and C.
B. It uses active traffic monitoring
C. It is Layer 2 transport-independent

100
Q

Which two statements about Cisco Express Forwarding load balancing are true?
A. Cisco Express Forwarding can load-balance over a maximum of two destinations
B. It combines the source IP address subnet mask to create a hash for each destinations
C. Each hash maps directly to a single entry in the RIB
D. Each hash maps directly to a single entry in the adjacency table
E. It combines the source and destination IP addresses to create ahash for each destination

A

D and E.
D. Each hash maps directly to a single entry in the adjacency table.
E. It combines the source and destination IP addresses to create a hash for each destination.

101
Q

What is the main function of VRF-lite?
A. To allow devices to use labels to make Layer 2 path decisions.
B. To segregate multiple routing tables on a single device.
C. To connect different autonomous systems together to share routes.
D. To route IPv6 traffic accross an IPv4 backbone.

A

B. To segregate multiple routing tables on a single device.

102
Q 
Which two steps are required for a complete Cisco DNA Center upgrade? (Choose two)
A. golden image selection
B. automation backup
C. proxy configuration
D. application updates
E. system update
A

D. application updates

E. system update

103
Q 
Based on this interface configuration, what is the expected state of OSPF adjacency?
A. Full on both routers
B. not established
C. 2WAY / DROTHER on both routers
D. FULL / BDR on R1 and FULL / BDR on R2
A

B. not established

On Ethernet interfaces the OSPF hello interval is 10 seconds by default so in this case there would be a Hello interval mismatch, the OSPF adjacency would not be established.

104
Q

Which statement about TLS is true when using RESTCONF to write configurations on network devices?
A. It is provided using NGINX acting as a proxy web server.
B. It is not supported on Cisco devices.
C. It is requires certificates for authentication.
D. It is used for HTTP and HTTPS requests.

A

C. It required certificates for authentication.

105
Q 
Which controller is the single plane of management for Cisco SD-WAN?
A. vBond
B. vEdge
C. vSmart
D. vManage
A

D. vManage

106
Q

Categorize the following characteristics as “On Premises” or “Cloud”:

  • customizable hardware, purpose-built systems
  • easy to scale and upgrade
  • more suitable for companies with specific regulatory or security requirements
  • resources can be over or underutilizes as requirements vary
  • requires a strong and stable internet connection
  • built-in automated data backups and recovery
A

On Premises

  • customizable hardware, purpose-built systems
  • more suitable for companies with specific regulatory or security requirements
  • resources can be over or underutilized as requirements vary

Cloud

  • easy to scale and upgrade
  • requires a strong and stable internet connection
  • built-in automated data backups and recovery
107
Q

Categorize the description with the QoS component “Traffic Policing” or “Traffic Shaping”:

  • causes TCP retransmission when traffic is dropped
  • buffers excessive traffic
  • introduces no delay and jitter
  • introduces delay and jitter
  • drops excessive traffic
  • typically delays, rather than drops traffic
A

Traffic Policing:

  • causes TCP retransmission when traffic is dropped
  • introduces no delay and jitter
  • drops excessive traffic

Traffic Shaping

  • buffers excessive traffic
  • introduces delay and jitter
  • typically delays, rather than drops traffic
108
Q

What does this EEM applet event accomplish?
event snmp oid 1.3.6.1.3.7.1.5.1.2.4.2.9 get-type next entry-op g entry-val 75 poll-interval 5
A. It issues email when the value is greater than 75% for five polling cycles.
B. It reads an SNMP variable, and when the value exceeds 75%, it triggers an action GO.
C. It presents an SNMP variable that can be interrogated.
D. Upon the value reaching 75%, an SNMP event is generated and sent to the trap server.

A

B. It reads an SNMP variable, and when the value exceeds 75%, it triggers an action GO.

109
Q 
What are three valid HSRP states? (Choose three)
A. listen
B. learning
C. full
D. established
E. speak
F. IN IT
A

A, B, and E
A. listen
B. learning
E. speak

110
Q

Which two statements about HSRP are true? (Choose two)
A. Its virtual MAC is 0000.0C07.ACxx
B. Its multicast virtual MAC is 0000.5E00.01xx
C. Its default configuration allows for pre-emption.
D It supports tracking.
E. It supports unique virtual MAC addresse.

A

A and D.
A. Its virtual MAC is 0000.0C07.ACxx
D. It supports tracking.

111
Q

Refer to the exhibit. Which configuration establishes EBGP neighborship between these two directly connected neighbors and exchanges the loopback network of the two routers through BGP?

R1# router bgp 1
neighbor 192.168.10.2 remote-as 2
network 10.1.1.0 mask 255.255.255.0

R2# router bgp 2
neighbor 192.168.10.1 remote-as 1
network 10.2.2.0 mask 255.255.255.0

A

R1 must be bgp 1, neighbor .2, remote-as 2, network 10.1.1.0

112
Q 
Which two mechanisms are available to secure NTP? (Choose two)
A. IP prefix list-based
B. IPSec
C. TACACS-based authentication
D. IP access list-based
E. Encrypted authentication
A

D and E
D. IP access list-based
E. Encrypted authentication

113
Q 
Which standard access control entry permits from odd-numbered hosts in the 10.0.0.0/24 subnet?
A. Permit 10.0.0.0 0.0.0.1
B. Permit 10.0.0.1 0.0.0.0
C. Permit 10.0.0.1 0.0.0.254
D. Permit 10.0.0.0 255.255.255.254
A

C. Permit 10.0.0.1 0.0.0.254

114
Q

Refer to the exhibit. What are two effects of this configuration? (Choose two)
access-list 1 permit 10.1.1.0 0.0.0.31
ip nat pool CISCO 209.165.201.1 209.165.201.30 netmask 255.255.255.224
ip nat inside source list 1 pool CISCO
A. Inside source addresses are translated to the 209.165.201.0/27 subnet.
B. It establishes a one-to-one NAT translation.
C. The 10.1.1.0/27 subnet is assigned as the inside global address range.
D. The 209.165.201.0/27 subnet is assigned as the ouside local address range.
E. The 10.1.1.0/27 subnet is assigned as the inside local addresses.

A

A and E.
A. Inside source addresses are translated to the 209.165.201.0/27 subnet.
E. The 10.1.1.0/27 subnet is assigned as the inside local addresses.

115
Q

Which statement about a fabric access point is true?
A. It is in local mode and must be connected directly to the fabric border node.
B. It is in FlexConnect mode and must be connected directly to the fabric border node.
C. It is in local mode and must be connected directly to the fabric edge switch.
D. It is in FlexConnect mode and must be connected directly to the fabric edge switch.

A

C. It is in local mode and must be connected directly to the fabric edge switch.

116
Q

A local router shows an EBGP neighbor in the Active state. Which staetment is true about the local router?
A. The local router has active prefix in the forwarding table from the neighboring router.
B. The local router has BGP passive mode configured for the neighboring router.
C. The local router is attempting to open a TCP session with the neighboring router.
D. The local router is receiving prefixes from the neighboring router and adding them in RIB-IN.

A

C. The local router is attempting to open a TCP session with the neighboring router.

117
Q 
Which OSPF network types are compatible and allow communication through the two peering devices?
A. broadcast to nonbroadcast
B. point-tomultipoint to nonbroadcast
C. broadcast to point-to-point
D. point-to-multipoint to broadcast
A

A. Broadcast and Non-Broadcast

118
Q

Which statement about Cisco EAP-FAST is true?
A. It does not require a RADIUS server certificate.
B. It requires aclient certificate.
C. It is an IETF standard.
D. It operates in transparent mode.

A

A. It does not require a RADIUS server certificate.

119
Q

Refer to the exhibit. A port channel is configured between SW2 and SW3, SW2 is not running a Cisco operating system. When all physical connections are desirable mode, the port-channel does not establish. Based on the configuration excerpt of SW3, what is the cause of the problem?
A. The port-channel on SW2 is using an incompatible protocol.
B. The port-channel trunk is not allowing the native VLAN.
C. The port-channel should be set to auto.
D. The port-channel interface lead balance shuld be set to src-mac.

A

A. The port-channel on SW2 is using an incompatible protocol.

The Cisco switch was configured with PAgP, which is a Cisco proprietary protocol so the non-Cisco switch could not communicate.

120
Q

Refer to the exhibit. Which statement about the OSPF debug output is true?
debug ip ospf hello
debug condition interface Fa0/1
Condition 1 set
A. The output displays all OSPF messages which router R1 has sent or received on interface Fa0/1.
B. The output displays all OSPF messages which router R1 has sent or received on all interfaces.
C. The output displays OSPF hello messages which router R1 has sent or received on interface Fa0/1.
D. The output displays OSPF hello and LSACK messages which router R1 has sent or received.

A

C. The output displays OSPF hello messages which router R1 has sent or received on interface Fa0/1.

121
Q

Refer to the exhibit. An engineer must modify the access control EGRESS to allow all IP traffic from subnet 10.1.10.0/24 to 10.1.2.0/24. The access control list is applied in the outbound direction on router interface GigabitEthernet0/1.
Extended IP access list EGRESS
10 permit ip 10.1.100.0 0.0.0.255 10.1.2.0 0.0.0.255
20 deny ip any any

which configuration commands can the engineer use to allow this traffic without disrupting existing traffic flows?
config t

A. ip access-list extended EGRESS
permit ip 10.1.10.0 255.255.255.0 10.1.2.0 255.255.255.0

B. ip access-list extended EGRESS
5 permit ip 10.1.10.0 0.0.0.255 10.1.2.0 0.0.0.255

A

B. 5 permit ip 10.1.10.0….

Look for the “5” permit

122
Q

Which two staetments about VRRP are true? (Choose two)
A. It is assigned multicast address 224.0.0.18
B. The TTL for VRRP packets must be 255.
C. It is assigned multicast address 225.0.0.9
D. Its IP protocol numer is 115
E. Three versions of the VRRP protocol have been defined.
F. It supports both MD5 and SHA1 authentication.

A

A and B.
A. It is assigned multicast address 224.0.0.18
B. The TTL for VRRP packets must be 255.

123
Q 
Which variable in an EEM applet is set when you use the sync yes option?
A. $_cli_result
B. $_result
C. $_string_result
D. $_exit_status
A

D. $_exit_status

124
Q 
Into which two pieces of information does the LISP protocol split the device identity? (Choose two)
A. Routing Locator
B. Endpoint Identifier
C. Resource Location
D. Enterprise Identifier
E. LISP ID
F. Device ID
A

A. Routing Locator

B. Endpoint Identifier

125
Q 
Refer to the exhibit.  Which LISP component do routers in the public IP network use to forward traffic between the two networks?
A. EID
B. RLOC
C. map server
D. map resolver
A

B. RLOC

126
Q 
Which statement about VRRP is true?
A. It supports load balancing
B. It can be configured with HSRP on a switch or switch stack.
C. It supports IPv4 and IPv6
D. It supports encrypted authentication
A

B. It can be configured with HSRP on a switch or switch stack

127
Q

Refer to the exhibit. You have just created a new VRF on PE3. You have enabled debug ip bgp vpnv4 unicast updates on PE1, and you can see the route in the debug, but not in the BGP VPNv4 table. Which two staetments are true? (Choose two)
A. VPNv4 is not configured between PE1 and PE3.
B. address-family ipv4 vrf is not configured on PE3.
C. After you configure route-target import 999:999 for a VRF on PE3, the route will be accepted.
D. PE1 will reject the route due to automatic route filtering.
E. After you configure route-target import 999:999 for a VRF on PE1, the route will be accepted.

A

D and E.
D. PE1 will reject the route due to automatic route filtering.
E. After you configure route-target import 999:999 for a VRF on PE1, the route will be accepted.

128
Q

A GRE tunnel is down with the error message %TUN-5-RECURDOWN:
Tunnel0 temporarily disabled due to recursive routing error.

Which two options describe possible causes of the error? (Choose two)
A. Incorrect destination IP addresses are configured on the tunnel.
B. There is link flapping on the tunnel.
C. There is instability in the network due to route flapping.
D. The tunnel mode and tunnel IP address are misconfigured.
E. The tunnel destination is being routed out of the tunnel interface.

A

C and E.
C. There is instability in the network due to route flapping.
E. The tunnel destination is being routed out of the tunnel interface.

129
Q

Which two statements about AAA authentication are true? (Choose two)
A. RADIUS authentication queries the router’s local username database.
B. TACACS+ authentication uses an RSA server to authenticate users.
C. Local user names are case-insensitive.
D. Local authentication is maintained on the router.
E. KRB5 authentication disables user access when an incorrect password is entered.

A

D and E.
D. Local authentication is maintained on the router.
E. KRB5 authentication disables user access when an incorrect password is entered.

130
Q

Which statement about dynamic GRE between a headend router and a remote router is true?
A. The headend router learns the IP address of the remote end router statically.
B. A GRE tunnel without an IP address has a status of administratively down.
C. GRE tunnels can be established when the remote router has a dynamic IP address.
D. The remote router initiates the tunnel connection.

A

D. The remote router initiates the tunnel connection.

131
Q

Refer to the exhibit. What is the result when a technician adds the monitor session 1 destination remote vlan 223 command?
A. The RSPAN VLAN is replaced by VLAN 223.
B. RSPAN traffic is sent to VLANs 222 and 223.
C. An error is flagged for configuring two destinations.
D. RSPAN traffic is split between VLANs 222 and 223.

A

A. The RSPAN VLAN is replaced by VLAN 223.

132
Q

An engineer is describing QoS to a client. Which two facts apply to traffic policng? (Choose two)
A. Policing adpats to network congestion by queuing excess traffic.
B. Policing should be performed as close to the destination as possible.
C. Policing drops traffic that exceeds the defined rate.
D. Policing typically delays the traffic, rather than drops it.
E. Policing should be performed as close to the source as possible.

A

C and E.
C. Policing drops traffic that exceeds the defined rate.
E. Policing should be performed as close to the source as possible.

133
Q

Which configuration restricts the amount of SSH that a router accepts to 100 kbs?

A

Control-plane

The option with “control-plane” itself after “exceed-action drop”

134
Q

What are two reasons why broadcast radiation is caused in the virtual machine environment? (Choose two)
A. vSwich must interrupt the server CPU to process the broadcast packet.
B. The Layer 2 domain can be large in virtual machine environments.
C. Virtual machines communicate primarily through broadcast mode.
D. Communication between vSwitch and network switch is broadcast based.
E. Communication between vSwitch and network switch is multicast based.

A

B and C.
B. The LAyer 2 domain can be large in virtual machine environments.
C. Virtual machines communicate primarily through broadcast mode.

135
Q

When a wireless client roams between two different wireless controllers, a network connectivity outage is experience for a period of time. Which configuration issue would cause this problem?
A. Not all of the controllers in the mobility group are using the same mobility group name.
B. Not all of the controllers within the mobility group are using the same virtual interface IP address.
C. All of the controllers within the mobility group are using the same virtual interface IP address.
D. All of the controllers in the mobility group are using the same mobility group name.

A

B. Not all of the controllers within the mobility group are using the same virtual interface IP address.

136
Q

What does the LAP send when multiple WLCs respond to the CISCO_CAPWAP-CONTROLLER.localdomain hostname during the CAPWAP discovery and join process?
A. broadcast discover request
B join request to all the WLCs
C. unicast discovery request to each WLC.
D. unicast discovery request to the first WLS that resolves the domain name.

A

D. Unicast discovery request to the first WLS that resolves the domain name.

Look for the keyword “domain name”

137
Q 
Which two namespaces does the LISP network architecture and protocol use? (Choose two)
A. TLOC
B. RLOC
C. DNS
D. VTEP
E. EID
A

B and E.
B. RLOC
E. EID

EID (Endpoint Identifiers)
RLOC (Routing Locators)

138
Q 
Which method of account authentication does OAuth 2.0 within REST APIs?
A. username / role combination
B access tokens
C. cookie authentication
D. basic signature workflow
A

B. access tokens

139
Q 
Which DHCP option helps lightweight APs find the IP address of a wireless controller?
A. Option 43
B. Option 60
C. Option 67
D. Option 150
A

A. Option 43

140
Q

Which feature of EIGRP is not supported in OSPF?
A. load balancing of unequal-cost paths
B. load balnce over four equal-costs paths.
C. uses interface bandwidth to determine best path.
D. per-packet load balancing over multiple paths.

A

A. load balancing of unequal-cost paths.

Note keyword “Unequal Cost”

141
Q 
Which protocol infers that a YANG data model is being used?
A. SNMP
B. NX-API
C. REST
D. RESTCONF
A

D. RESTCONF

YANG is used with protocols ending in CONF (NETCONF and RESTCONF)

142
Q 
What NTP STratum level is aserver that is connected directly to an authoritative time source?
A. Stratum 0
B. Stratum 1
C. Stratum 14
D. Stratum 15
A

B. Stratum 1

143
Q 
Which tool is used in Cisco DNA Center to build generic configurations that are able to be applied on a device with similar network settings?
A. Command Runner
B. Template Editor
C. Application Policies
D. Authentication Template
A

B. Template Editor

144
Q 
Refer to the exhibit.  An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as the exit point.  Assuming that all BGP neighbor relationships have been formed and the attributes have not been changed on any of the routers, which configuration accomplish this task?
A. R4 - bgp default local-preference 200
B. R3 - neighbor 10.1.1.1 weight 200
C. R3 - bgp default local-preference 200
D. neighbor 10.2.2.2 weight 200
A

A. R4 - default local-preference 200

Look for keywords “R4” and “default”

145
Q 
Which access point mode allows a supported AP to function like a WLAN client would, associating and identifying client connectivity issues?
A. client mode
B. SE-connect mode
C. sensor mode
D. sniffer mode
A

D. sniffer mode

146
Q 
Which benfit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?
A. efficient scalability
B. virtualization
C. storage capcity
D. supported systems
A

A. efficient scalability

147
Q

In an SD-Access solution what is the role of a fabric edge node?
A. to connect external Layer 3 network to the SD-Access fabric
B. to connect wired endpoint to the SD-Access fabric.
C. to advertise fabric IP address space to external network
D. to connect the fusion router to the SD-Access fabric

A

B. to connect wired endpoint to the SD-Access fabric

148
Q 
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?
A. Cisco Firepower and FireSIGHT
B. Cisco Stealthwatch system
C. Advanced Malware Protection
D. Cisco Web Security Appliance
A

B. Cisco Stealthwatch system

149
Q 
What are two device roles in Cisco SD-Access fabric? (Choose two)
A. core switch
B. vBond controller
C. edge node
D. access switch
E. border node
A

C and E.
C. edge node
E. border node

Pick both the options with “Node” in it.

150
Q 
When a wired client connects to an edge switch in an SDA fabric, which component decides whether the client has access to the network?
A. control-plane node
B. Identity Services Engine
C. RADIUS server
D. edge node
A

C. RADIUS server

151
Q

What is the role of the RP in PIM sparse mode?
A. The RP responds to the PIM join messes with the source of requested multicast group.
B. The RP maintains default aging timeouts for all multicast streams requested by the receivers.
C. The RP acts as a control-plane node and does not receive or forward multicast packets.
D. The RP is the multicast that is the root of the PIM-SM shared multicast distribution tree.

A

A. The RP responds to the PIM join messes with the source of requested multicast group.

Look for keyword “Responds”

152
Q

How does QoS traffic shaping alleviate network congestion?
A. It drops packets when traffic exceeds a certain bitrate.
B. It buffers and queue packets above the committed rate.
C. It fragments large packets and queues them for delivery.
D. It drops packets randomly from lower priority queues.

A

B. It buffers and queue packets above the committed rate.

153
Q 
Refer to the exhibit (depicts a red to blue series of circles from left to right).  Which type of antenna does the radiation pattern represent?
A. Yagi
B. multidirectional
C. directional patch
D. omnidirectional
A

A. Yagi

154
Q

Refer to the exhibit. The inside and outside interfaces in the NAT configuration of this device have been correctly identified.

access-list 1 permit 172.16.1.0 0.0.0.255
ip nat inside source list 1 interface gigabitethernet0/0 overload

What is the effect of this configuration?

A. dynamic NAT
B. NAT64
C. PAT
D. static NAT

A

C. PAT

155
Q 
What does the Cisco DNA Center use to enable the delivery of applications through a network and to yield analytics for innovation?
A. process adapters
B. Command Runner
C. intent-based APIs
D. domain adapters
A

C. intent-based APIs

156
Q

Why is an AP joining a different WLC that the one specified through option 43?
A. The WLC is running a different software version.
B. The API is joining a primed WLC.
C. The AP multicast traffic unable to reach the WLC through Layer 3.
D. The APs broadcast traffic is unable to reach the WLC through Layer 2.

A

B. The API is joining a primed WLC.

157
Q

Refer to the exhibit. Assuming the WLC’s interfaces are not in the same subnet as the RADIUS server, which interface would the WLC use as the source for all RADIUS-related traffic?

WLANs > Edit ‘Guest_Wireless’

The diagram shows the tab Security > AAA Servers.

A. the interface specified on the WLAN configuration.
B. any interface configured on the WLC.
C. the controller management interface.
D. the controller virtual interface.

A

A. The interface specified on the WLAN configuration.

158
Q

An engineer must protect their company against ransom-ware attacks. Which solution allows the engineer to block the execution stage and prevent file encryption?
A. Use Cisco AMP deployment with the Malicious Activity Protection engine enabled.
B. Use Cisco AMP deployment with the Exploit Prevention engine enabled.
C. Use Cisco Firepower…
D. Use Cisco Firepower…

A

A. Use Cisco AMP deployment with the Malicious Activity Protection engineer enabled.

Look for keywords “Cisco AMP” and “Malicious Activity Protection.”

159
Q

Wireless users report frequent disconnections from the wireless network. While troubleshooting a network engineer finds that after the user a disconnect, the connection re-establishes automatically without any input required. The engineer also notices these message logs.

AP ‘AP#” is down. Reason: Radio channel set. 6:54:04 PM.

Which action reduces the user impact?

A. increase the AP heartbeat timeout
B. increase BandSelect
C. enable coverage hole detection
D. increase the dynamic channel assignment interval

A

D. increase the dynamic channel assignment interval

160
Q 
Which algorithms are used to secure REST API from brute attacks and minimize the impact?
A. SHA-512 and SHA-384
B. MD5 algorithm-128 and SHA-384
C. SHA-1, SHA-256, and SHA-512
D. PBKDF2, BCrypt, and SCrypt
A

D. PBKDFS, BCrypt, and SCrypt

161
Q

Company policy restricts VLAN 10 to be allowed only on SW1 and SW2. All other VLANs can be on all three switches. An administrator has noticed that VLAN 10 has propagated to SW3. Which configuration corrects the issue?

A. SW1
int gi1/1
switchport trunk allowed vlan 1-9, 11-4094

B. SW2
int gi1/2
switchport runk allowed vlan 10

C. SW2
int gi1/2
switchport runk allowed vlan 1-9, 11-4094

D. SW1
int gi1/1
switchport trunk allowed vlan 10

A

A. SW1
int gi1/1
switchport trunk allowed vlan 1-9, 11-4094

Look for keyword “SW1” and “4094”

162
Q

Refer to the exhibit. An engineer reconfigures the port-channel between SW1 and SW2 from an access port to a trunk and immediately notices this error in SW1’s log.

Which command set resolves this error?

A. int g0/0
no spanning-tree bpdufilter

B. int g0/0
no spanning-tree bpuguard enable

C. int g0/0
spanning-tree bpduguard enable

D. interface g0/1
spanning-tree bpduguard enable

A

B. int g0/0
no spanning-tree bpduguard enable

Look for keyword “no spanning-tree bpduguard enable”

163
Q 
A company plans to implement intent-based networking in its campus infrastructure.  Which design facilitates a migrate from traditional campus design to programmer fabric designer?
A. Layer 2 access
B. three-tier
C. two-tier
D. routed access
A

C. two-tier

164
Q 
Which two entities are Type 1 hypervisors? (Choose two)
A. Oracle VM VirtualBox
B. Microsoft Hyper-V
C. VMware server
D. VMware ESX
E. Microsoft Virtual PC
A

B and D.
B. Microsoft Hyper-V
D. VMWare ESX

165
Q

A network administrator applies the following configuration to an IOS device:
aaa new-model
aaa authentication login default local group tacacs+

What is the process of password checks when a login attempt is made to the device?

A. A TACACS+ server is checked first….
B. A TACACS+ server is checked first…
C. A local database is checked first. If that fails, a TACACS+ server is checked, if that check fails, a RADIUS server is checked.
D. A local database is chacked first. If that check fails, a TACASC+ server is checked.

A

D. A local database is checked first. If that check fails, a TACACS+ server is checked.

166
Q 
Which devices does Cisco Center configure when deploying an IP-based access control policy?
A. all devices integrating with ISE.
B. selected individual devices.
C. all devices in selcted sites.
D. all wired devices.
A

A. All devices integrating with ISE.

167
Q 
A network administrator is preparing a Python script to configure a Cisco IOS XE-based device on the network.  The administrator is worried that colleagues will make changes to the device while the script is running.  Which operation of the client manager prevents colleagues making changes to the device while the script is running?
A. m.lock (config='running')
B. m.lock (target='running')
C. m.freeze (target='running')
D. m.freeze (config=
running')
A

B. m.lock (target=’running’)

Look for keywords “lock” and “target”

168
Q 
Which component handles the orchestration plane of the Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. vEdge
A

A. vBond

169
Q 
Which First Hop Redundancy Protocol should be used to meet a design requirement for more efficient default bandwidth usage across multiple devices?
A. GLBP
B. LCAP
C. HSRP
D. VRRP
A

A. GLBP

HSRP and VRRP allow only one gateway to be the active gateway, while the rest are unused until the active one fails. Not very efficient usage of available bandwidth.

170
Q 
A client device roams between access points located on different floors in an atrium.  The access points joined to the same controller and configuration in local mode.  The access points are in different IP addresses, but the client VLAN in the group are the same.  What type of roam occurs?
A. inter-controller
B. inter-subnet
C. intra-VLAN
D. intra-controller
A

B. inter-subnet

171
Q

Which action is a function of VTEP in VXLAN?
A. tunneling traffic from IPv6 and IPv4 VXLANs
B. allowing encrypted communication on the local VXLAN Ethernet segment
C. encapsulating and de-encapsulating VXLAN Ethernet frames
D. tunneling traffic from IPv4 to IPv6

A

C. encapsulating and de-encapsulating VXLAN Ethernet frames.

172
Q

Refer to the xhibit. An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times. Which command accomplishes this task?

A. R3 - periodic Saturday Sunday…

B. R1 - periodic weekend

C. R3 - periodic weekend

D. R1 - periodic Friday Sunday….

A

B. R1 - periodic weekend

173
Q

Refer to the exhibit. A network engineer is configuring OSPF between router R1 and router R2. The engineer must ensure that DR/BDR election does not occur on the gigabit ethernet interfaces in area 0. Which configuration accomplishes this goal?

A. ip ospf network point-to-point
B. ip ospf network broadcast
C ip ospf database-filter all out
D. ip ospf priority 1

A

A. ip ospf network point-to-point

174
Q

What is the role of the vsmart controller in a Cisco SD-WAN environment?

A. it performs authentication and authorization
B. it manages the control plane
C. It is the centralized network management system
D. it manages the dat plane

A

B. it manages the control plane

175
Q

What mechanism does PIM use to forward multicast traffic?
A. PIM sparse mode uses a pull model to deliver multicast traffic.
B. PIM dense mode uses a pull model to deliver multicast traffic.
C. PIM sparse mode uses receivers to register with the RP.
D. PIM sparse mode uses a flood and prune model to deliver multicast traffic

A

A. PIM sparse mode uses a pull model to deliver multicast traffic.

Look for keywords “sparse” and “pull”

176
Q 
Which two security features are available when implementing NTP? (choose two)
A. symmetric server passwords
B. dock offset authentication
C. broadcast association mode
D. encrypted authentication mechanism
E. access list-based restriction scheme
A

D and E
D. encrypted authentication mechanism.
E. access list-based restriction scheme.

177
Q 
What is calculated using the numerical values of the transmitter power level, cable loss, and antenna gain?
A. EIRP
B. dBi
C. RSSI
D. SNR
A

B. dBi

178
Q 
In a Cisco SD-WAN solution, how is the health of a data plane tunnel monitored?
A. with IP SLA
B. ARP probing
C. using BFD
D. with OMP
A

C. using BFD

179
Q 
Which two LISP infrastructure elements are needed to support LISP to non-LISP internetworking? (Choose two)
A. PETR
B. PITR
C. MR
D. MS
E. ALT
A

A and C.
A. PETR
C. MR

“Mr. Petr” supports LISP to non-LISP networking.

180
Q

In an SD-WAN deployment, which action is the vSmart controller responsible for?
A. handle, maintain, and gather configuration and status for nodes within the SD-WAN fabric.
B. distribute polices that govern data forwarding performed within the SD-WAN fabric
C. gather telemetry data from vEdge routers
D. onboard vEdge nodes into the SD-WAN fabric

A

B. distribute policies that govern data forwarding performed within the SD-WAN fabric

181
Q 
In OSPF, which LSA type is responsible for pointing to the ASBR router?
A. type 1
B. type 2
C. type 3
D. type 4
A

D. type 4

182
Q

Categorize the description as either OSPF or EIGRP.

  • summaries can be created anywhere in the IGP topology
  • uses areas to segment a network
  • DUAL algorithm
  • summaries can be created in specific parts of the IGP topology
A

OSPF

  • summaries can be created in specific parts of the IGP topology
  • uses areas to segment a network

EIGRP

  • DUAL algorithm
  • summaries can be created anywhere in the IGP topology
183
Q

Categorize the LISP components to the functions (not all components are used):

Components:

  • LISP map resolver
  • LISP proxy ETR
  • LISP route reflector
  • LISP ITR
  • LISP map server

functions:

  • accepts LISP encapsulated map requests
  • learns of EID profile mapping entries from an ETR
  • receives traffic from LISP sites and sends it to non-LISP sites
  • receives packets from site-facing interfaces
A

Accepts LISP encapsulated map requests = LISP map resolver

learns of EID profile mapping entries from an ETR = LISP map server

receives traffic from LISP site and sends it to non-LISP sites = LISP proxy ETR

receives packets from site-facing interfaces = LISP ITR

184
Q

Pair the REST API authentication method to the description.

Method:

  • HTTP basic authentication
  • token-based authentication
  • secure vault
  • OAuth

description:

  • public API resource
  • username and password in an encoded string
  • API-dependent secret
  • authorization through identity provider
A

Secure vault = public API resource

HTTP basic authentication = username and password in an encoded string

token-based authentication = API-dependent secret

OAuth = authorization through identity provider

CCNP Core - 300-401 ENCOR (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions