200-301 (3)
Uploaded by
privateprofile1977200-301 (3)
Uploaded by
privateprofile1977We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Cisco
Exam Questions 200-301
Cisco Certified Network Associate
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
About Exambible
Your Partner of IT Exam
Found in 1998
Exambible is a company specialized on providing high quality IT exam practice study materials, especially Cisco CCNA, CCDA,
CCNP, CCIE, Checkpoint CCSE, CompTIA A+, Network+ certification practice exams and so on. We guarantee that the
candidates will not only pass any IT exam at the first attempt but also get profound understanding about the certificates they have
got. There are so many alike companies in this industry, however, Exambible has its unique advantages that other companies could
not achieve.
Our Advances
* 99.9% Uptime
All examinations will be up to date.
* 24/7 Quality Support
We will provide service round the clock.
* 100% Pass Rate
Our guarantee that you will pass the exam.
* Unique Gurantee
If you do not pass the exam at the first time, we will not only arrange FULL REFUND for you, but also provide you another
exam of your claim, ABSOLUTELY FREE!
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 1
- (Topic 3)
What is a requirement when configuring or removing LAG on a WLC?
A. The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.
B. The controller must be rebooted after enabling or reconfiguring LAG.
C. The management interface must be reassigned if LAG disabled.
D. Multiple untagged interfaces on the same port must be supported.
Answer: C
NEW QUESTION 2
- (Topic 3)
Refer to the exhibit.
Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the destination address?
A. 192.168.0.7
B. 192.168.0.4
C. 192.168.0.40
D. 192.168.3.5
Answer: B
NEW QUESTION 3
- (Topic 3)
What causes a port to be placed in the err-disabled state?
A. nothing plugged into the port
B. link flapping
C. shutdown command issued on the port
D. latency
Answer: B
NEW QUESTION 4
- (Topic 3)
Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?
A. SYIM flood
B. reflection
C. teardrop
D. amplification
Answer: A
NEW QUESTION 5
- (Topic 3)
Which protocol uses the SSL?
A. HTTP
B. SSH
C. HTTPS
D. Telnet
Answer: C
NEW QUESTION 6
- (Topic 3)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity Issues with applications hosted at site B.
What is the reason for the problem?
A. Heavy usage is causing high latency.
B. An incorrect type of transceiver has been inserted into a device on the link.
C. physical network errors are being transmitted between the two sites.
D. The wrong cable type was used to make the connection.
Answer: B
NEW QUESTION 7
- (Topic 3)
A network engineer is installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the internal network.
Which type of IPv6 address must the engineer assign?
A. unique local address
B. link-local address
C. aggregatable global address
D. IPv4-compatible IPv6 address
Answer: B
NEW QUESTION 8
- (Topic 3)
Refer to the exhibit.
Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two)
A. transport input telnet
B. crypto key generate rsa
C. ip ssh pubkey-chain
D. login console
E. username cisco password 0 Cisco
Answer: BE
NEW QUESTION 9
- (Topic 3)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Refer to the exhibit.
The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The requirement already considers 30% future growth.
Which configuration verifies the IP subnet on router R4?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
NEW QUESTION 10
- (Topic 3)
Refer to the exhibit.
Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable when OSPF goes down?
A. ip route 10.1.1.10 255.255.255.255 172.16.2.2 100
B. ip route 10.1.1.0 255.255.255.0 gi0/1 125
C. ip route 10.1.1.0 255.255.255.0 172.16.2.2 100
D. ip route 10.1.1.10 255.255.255.255 gi0/0 125
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 10
- (Topic 3)
Refer to the exhibit.
Which two commands when used together create port channel 10? (Choose two.)
A. int range g0/0-1channel-group 10 mode active
B. int range g0/0-1 chanm.l-group 10 mode desirable
C. int range g0/0-1channel-group 10 mode passive
D. int range g0/0-1 channel-group 10 mode auto
E. int range g0/0-1 channel-group 10 mode on
Answer: AC
NEW QUESTION 15
- (Topic 3)
Which two components comprise part of a PKI? (Choose two.)
A. preshared key that authenticates connections
B. RSA token
C. CA that grants certificates
D. clear-text password that authenticates connections
E. one or more CRLs
Answer: BC
NEW QUESTION 20
FILL IN THE BLANK - (Topic 3)
Refer to the exhibit.
Drag and drop the prefix lengths from the left onto the corresponding prefixes on the right Not all prefixes are used
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Diagram Description automatically generated with low confidence
NEW QUESTION 25
- (Topic 3)
What is the difference between IPv6 unicast and anycast addressing?
A. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration
B. IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration
C. An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple
nodes.
D. Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes
Answer: C
NEW QUESTION 28
- (Topic 3)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which two network actions occur within the data plane? (Choose two.)
A. Add or remove an 802.1Q trunking header.
B. Make a configuration change from an incoming NETCONF RPC.
C. Run routing protocols.
D. Match the destination MAC address to the MAC address table.
E. Reply to an incoming ICMP echo request.
Answer: BD
NEW QUESTION 32
- (Topic 3)
A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is blocked from being
advertised to the internet. Which configuration must the engineer apply?
A. interface vlan 2000ipv6 address ffc0:0000:aaaa::1234:2343/64
B. interface vlan 2000Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64
C. interface vlan 2000ipv6 address fe80;0000:aaaa::1234:2343/64
D. interface vlan 2000ipv6 address fd00::1234:2343/64
Answer: B
NEW QUESTION 36
- (Topic 3)
Refer to the exhibit.
The following must be considered:
• SW1 is fully configured for all traffic
• The SW4 and SW9 links to SW1 have been configured
• The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured
• The remaining switches have had all VLANs adde d to their VLAN database
Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?
A)
B)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
NEW QUESTION 38
DRAG DROP - (Topic 3)
Drag and drop the facts about wireless architectures from the left onto the types of access point on the right. Not all options are used.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 39
- (Topic 3)
Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?
A. global unicast address
B. anycast address
C. multicast address
D. link-local address
Answer: B
NEW QUESTION 44
- (Topic 3)
What is a function of an endpoint on a network?
A. forwards traffic between VLANs on a network
B. connects server and client devices to a network
C. allows users to record data and transmit to a tile server
D. provides wireless services to users in a building
Answer: C
Explanation:
An endpoint is a host that acts as the source or destination of data traffic flowing through a network.
When you are at your PC, editing your CV and uploading it to a file server, you are sitting at an endpoint.
NEW QUESTION 48
- (Topic 3)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted connections? (Choose two )
A. username CNAC secret R!41!4319115@
B. ip ssh version 2
C. line vty 0 4
D. crypto key generate rsa 1024
E. transport input ssh
Answer: DE
NEW QUESTION 49
- (Topic 2)
The service password-encryption command is entered on a router. What is the effect of this configuration?
A. restricts unauthorized users from viewing clear-text passwords in the running configuration
B. encrypts the password exchange when a VPN tunnel is established
C. prevents network administrators from configuring clear-text passwords
D. protects the VLAN database from unauthorized PC connections on the switch
Answer: A
NEW QUESTION 51
- (Topic 2)
Refer to the exhibit.
Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?
A. The frame is processed in VLAN 5.
B. The frame is processed in VLAN 11
C. The frame is processed in VLAN 1
D. The frame is dropped
Answer: A
NEW QUESTION 53
- (Topic 2)
Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?
A. 1,6,11
B. 1,5,10
C. 1,2,3
D. 5,6,7
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: A
NEW QUESTION 54
DRAG DROP - (Topic 2)
Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 57
- (Topic 2)
An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to preferentially use
5GH2 access points?
A. Re- Anchor Roamed Clients
B. 11ac MU-MIMO
C. OEAP Split Tunnel
D. Client Band Select
Answer: D
NEW QUESTION 60
- (Topic 2)
Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?
A. TKiP encryption
B. AES encryption
C. scrambled encryption key
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
D. SAE encryption
Answer: D
NEW QUESTION 64
- (Topic 2)
An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses 192.168.30.1, 192.168.3.2, 192.168.3.3 Which
configuration should be used?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
NEW QUESTION 65
DRAG DROP - (Topic 2)
Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 70
- (Topic 2)
Refer to the exhibit.
An engineer must configure GigabitEthernet1/1 to accommodate voice and data traffic Which configuration accomplishes this task?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
NEW QUESTION 72
- (Topic 2)
Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?
A. sniffer
B. mesh
C. flexconnect
D. local
Answer: C
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/flexconnect.html
NEW QUESTION 73
DRAG DROP - (Topic 2)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
An engineer is tasked with verifying network configuration parameters on a client workstation to report back to the team lead. Drag and drop the node identifiers
from the left onto the network parameters on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 74
- (Topic 2)
What is a characteristic of spine-and-leaf architecture?
A. Each device is separated by the same number of hops
B. It provides variable latency
C. It provides greater predictability on STP blocked ports.
D. Each link between leaf switches allows for higher bandwidth.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: A
NEW QUESTION 77
- (Topic 2)
Refer to the exhibit.
Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
A. passive
B. mode on
C. auto
D. active
Answer: D
Explanation:
From the neighbor status, we notice the “Flags” are SP. “P” here means the neighbor is in Passive mode.In order to create an Etherchannel interface, the (local)
SW1 ports should be in Active mode.Moreover, the “Port State” in the exhibit is “0x3c” (which equals to “00111100 in binary format).Bit 3 is “1” which means the
ports are synchronizing -
> the ports are working so the local ports should be in Active mode.
NEW QUESTION 82
- (Topic 2)
Why does a switch flood a frame to all ports?
A. The frame has zero destination MAC addresses.
B. The source MAC address of the frame is unknown
C. The source and destination MAC addresses of the frame are the same
D. The destination MAC address of the frame is unknown.
Answer: B
NEW QUESTION 86
- (Topic 2)
Which communication interaction takes place when a southbound API Is used?
A. between the SDN controller and PCs on the network
B. between the SON controller and switches and routers on the network
C. between the SON controller and services and applications on the network
D. between network applications and switches and routers on the network
Answer: B
NEW QUESTION 88
- (Topic 2)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which command configures a floating static route to provide a backup to the primary link?
A. ip route 0.0.0.0 0.0.0.0 209.165.202.131
B. ip route 209.165.201.0 255.255.255.224 209.165.202.130
C. ip route 0.0.0.0 0.0.0.0 209.165.200.224
D. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254
Answer: D
NEW QUESTION 91
- (Topic 2)
Which command must be entered to configure a DHCP relay?
A. ip helper-address
B. ip address dhcp
C. ip dhcp pool
D. ip dhcp relay
Answer: A
NEW QUESTION 94
- (Topic 2)
A corporate office uses four floors in a building
• Floor 1 has 24 users
• Floor 2 has 29 users
• Floor 3 has 28 users
•Floor 4 has 22 users
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?
A. 192.168.0.0/26 as summary and 192.168.0.0/29 for each floor
B. 192.168.0.0.24 as summary and 192.168.0.0/28 for each floor
C. 192.168.0.0/23 as summary and 192.168.0.0/25 for each floor
D. l92.168.0.0/25 as summary and 192.168.0.0/27 for each floor
Answer: D
NEW QUESTION 97
- (Topic 2)
Which function is performed by DHCP snooping?
A. propagates VLAN information between switches
B. listens to multicast traffic for packet forwarding
C. provides DDoS mitigation
D. rate-limits certain traffic
Answer: A
NEW QUESTION 101
- (Topic 2)
Refer to the exhibit.
Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or trunk mode?
A. switchport mode trunk
B. switchport mode dot1-tunnel
C. switchport mode dynamic auto
D. switchport mode dynamic desirable
Answer: C
NEW QUESTION 103
- (Topic 2)
Refer to Exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
An engineer is configuring the NEW York router to reach the Lo1 interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands
must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta
goes down? (Choose two)
A. ipv6 router 2000::1/128 2012::1
B. ipv6 router 2000::1/128 2012::1 5
C. ipv6 router 2000::1/128 2012::2
D. ipv6 router 2000::1/128 2023::2 5
E. ipv6 router 2000::1/128 2023::3 5
Answer: AE
Explanation:
Floating static routes are static routes that have an administrative distance greater than the administrative distance (AD) of another static route or dynamic routes.
By default a static route has an AD of 1 then floating static route must have the AD greater than 1. Floating static route has a manually configured administrative
distance greater than that of the primary route and therefore would not be in the routing table until the primary route fails.
NEW QUESTION 108
- (Topic 2)
Refer to the exhibit.
Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?
A)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
B)
C)
D)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation:
ipv6 unicast-routing statement included (IPv6 is enabled on the router).Compared to the exhibit, Fa0/0 and Fa0/1 have correct configurations.The route to subnet
2001:db8:4::/64 points to R18’s Fa1/0 (correct next-hop).
NEW QUESTION 109
DRAG DROP - (Topic 2)
Drag and drop the TCP/IP protocols from the left onto the transmission protocols on the right
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 112
- (Topic 2)
Which function does an SNMP agent perform?
A. it sends information about MIB variables in response to requests from the NMS
B. it requests information from remote network nodes about catastrophic system events.
C. it manages routing between Layer 3 devices in a network
D. it coordinates user authentication between a network device and a TACACS+ or RADIUS server
Answer: A
NEW QUESTION 116
- (Topic 2)
A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP By default which OSPF
network type is seen on this interface when the user types show ip ospf interface on R1 or R2?
A. port-to-multipoint
B. broadcast
C. point-to-point
D. nonbroadcast
Answer: C
Explanation:
The default OSPF network type for HDLC and PPP on Serial link is point-to- point (while the default OSPF network type for Ethernet link is Broadcast).
NEW QUESTION 119
- (Topic 2)
Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?
A. DTP
B. FTP
C. SMTP
D. TFTP
Answer: B
NEW QUESTION 124
- (Topic 2)
Refer to Exhibit.
Which action do the switches take on the trunk link?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. The trunk does not form and the ports go into an err-disabled status.
B. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.
C. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
D. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.
Answer: B
Explanation:
The trunk still forms with mismatched native VLANs and the traffic can actually flow between mismatched switches. But it is absolutely necessary that the native
VLANs on both ends of a trunk link match; otherwise a native VLAN mismatch occurs, causing the two VLANs to effectively merge.
For example with the above configuration, SW1 would send untagged frames for VLAN 999. SW2 receives them but would think they are for VLAN 99 so we can
say these two VLANs are merged.
NEW QUESTION 127
- (Topic 2)
When a site-to-site VPN is used, which protocol is responsible for the transport of user data?
A. IKEv2
B. IKEv1
C. IPsec
D. MD5
Answer: C
Explanation:
A site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet. A site-to-site
VPN means that two sites create a VPN tunnel by encrypting and sending data between two devices. One set of rules for creating a siteto-site VPN is defined by
IPsec.
NEW QUESTION 131
DRAG DROP - (Topic 2)
Drag and drop to the characteristics of networking from the left onto the correct networking types on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 135
- (Topic 2)
Refer to the exhibit.
The nip server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that
it operates in server-only mode and relies only on its internal clock?
A. Router2(config)#ntp passive
B. Router2(config)#ntp server 172.17.0.1
C. Router2(config)#ntp master 4
D. Router2(config)#ntp server 192.168.0.2
Answer: B
Explanation:
• To use internal clock of this router, use any configured IP address in any interface of this router.
NEW QUESTION 136
- (Topic 2)
What is the benefit of configuring PortFast on an interface?
A. After the cable is connected, the interface uses the fastest speed setting available for that cable type
B. After the cable is connected, the interface is available faster to send and receive user data
C. The frames entering the interface are marked with higher priority and then processed faster by a switch.
D. Real-time voice and video frames entering the interface are processed faster
Answer: B
NEW QUESTION 137
- (Topic 2)
Refer to the exhibit.
Which route does R1 select for traffic that is destined to 192 168.16.2?
A. 192.168.16.0/21
B. 192.168.16.0/24
C. 192.168 26.0/26
D. 192.168.16.0/27
Answer: D
Explanation:
The destination IP addresses match all four entries in the routing table but the 192.168.16.0/27 has the longest prefix so it will be chosen. This is called the
“longest prefix match” rule.
NEW QUESTION 138
- (Topic 2)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which two prefixes are included in this routing table entry? (Choose two.)
A. 192.168.1.17
B. 192.168.1.61
C. 192.168.1.64
D. 192.168.1.127
E. 192.168.1.254
Answer: BC
NEW QUESTION 142
- (Topic 2)
R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the
routing table?
A. IS-IS
B. RIP
C. Internal EIGRP
D. OSPF
Answer: C
Explanation:
With the same route (prefix), the router will choose the routing protocol with lowest Administrative Distance (AD) to install into the routing table. The AD of Internal
EIGRP (90) is lowest so it would be chosen. The table below lists the ADs of popular routing protocols.
Dumps Full Questions - Exam Study Guide & Free 203
CCNA 200-301
Note: The AD of IS-IS is 115. The “EIGRP” in the table above is “Internal EIGRP”. The AD of “External EIGRP” is 170. An EIGRP external route is a route that
was redistributed into EIGRP.
NEW QUESTION 147
- (Topic 2)
What prevents a workstation from receiving a DHCP address?
A. DTP
B. STP
C. VTP
D. 802.10
Answer: B
NEW QUESTION 151
- (Topic 2)
Refer to the exhibit.
A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially configured with IP addressing. Both routers
have the ability to access devices on their respective LANs. Which command set configures the IP connectivity between devices located on both LANs in each
site?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
NEW QUESTION 156
- (Topic 2)
What are two benefits of FHRPs? (Choose two.)
A. They prevent (oops in the Layer 2 network.
B. They allow encrypted traffic.
C. They are able to bundle muftlple ports to increase bandwidth
D. They enable automatic failover of the default gateway.
E. They allow multiple devices lo serve as a single virtual gateway for clients in the network
Answer: DE
NEW QUESTION 160
- (Topic 2)
Refer to the exhibit.
What is the effect of this configuration?
A. All ARP packets are dropped by the switch
B. Egress traffic is passed only if the destination is a DHCP server.
C. All ingress and egress traffic is dropped because the interface is untrusted
D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.
Answer: D
NEW QUESTION 163
- (Topic 2)
What is a characteristic of private IPv4 addressing?
A. traverse the Internet when an outbound ACL is applied
B. issued by IANA in conjunction with an autonomous system number
C. composed of up to 65.536 available addresses
D. used without tracking or registration
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: D
NEW QUESTION 168
- (Topic 2)
Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?
A. HTTPS
B. RADIUS
C. TACACS+
D. HTTP
Answer: A
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_011.html
NEW QUESTION 173
- (Topic 2)
How do AAA operations compare regarding user identification, user services and access control?
A. Authorization provides access control and authentication tracks user services
B. Authentication identifies users and accounting tracks user services
C. Accounting tracks user services, and authentication provides access control
D. Authorization identifies users and authentication provides access control
Answer: B
NEW QUESTION 178
- (Topic 2)
Refer to the exhibit.
With which metric was the route to host 172.16.0.202 learned?
A. 110
B. 38443
C. 3184439
Answer: C
Explanation:
Both the line “O 172.16.0.128/25” and “S 172.16.0.0/24” cover the host 172.16.0.202 but with the “longest (prefix) match” rule the router will choose the first
route.
NEW QUESTION 180
- (Topic 2)
Which type of traffic is sent with pure iPsec?
A. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites
B. multicast traffic from a server at one site to hosts at another location
C. spanning-tree updates between switches that are at two different sites
D. unicast messages from a host at a remote site to a server at headquarters
Answer: D
Explanation:
“The original poster makes a correct observation that EIGRP does not work in a pure IPSEC environment. IPSEC was designed to process unicast traffic.
NEW QUESTION 181
- (Topic 2)
Which condition must be met before an NMS handles an SNMP trap from an agent?
A. The NMS software must be loaded with the MIB associated with the trap.
B. The NMS must be configured on the same router as the SNMP agent
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C. The NMS must receive a trap and an inform message from the SNMP agent within a configured interval
D. The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.
Answer: A
NEW QUESTION 186
- (Topic 2)
What is the expected outcome when an EUI-64 address is generated?
A. The seventh bit of the original MAC address of the interface is inverted
B. The interface ID is configured as a random 64-bit value
C. The characters FE80 are inserted at the beginning of the MAC address of the interface
D. The MAC address of the interface is used as the interface ID without modification
Answer: A
NEW QUESTION 187
- (Topic 2)
Where does a switch maintain DHCP snooping information?
A. in the MAC address table
B. in the CAM table
C. in the binding database
D. in the frame forwarding database
Answer: C
NEW QUESTION 190
- (Topic 2)
Which type of API allows SDN controllers to dynamically make changes to the network?
A. northbound API
B. REST API
C. SOAP API
D. southbound API
Answer: D
Explanation:
Cisco overview doc for SDN here: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/SDN/SDN. html
NEW QUESTION 193
- (Topic 2)
Refer to the exhibit. After the configuration is applied, the two routers fail to establish an OSPF neighbor relationship. what is the reason for the problem?
A. The OSPF router IDs are mismatched.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
B. Router2 is using the default hello timer.
C. The network statement on Router1 is misconfigured.
D. The OSPF process IDs are mismatched.
Answer: B
NEW QUESTION 197
- (Topic 2)
An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which command should be used?
A. switchport trunk allowed vlan 10
B. switchport trunk native vlan 10
C. switchport mode trunk
D. switchport trunk encapsulation dot1q
Answer: B
NEW QUESTION 199
DRAG DROP - (Topic 2)
Drag and drop the AAA terms from the left onto the description on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
1-1, 2-4, 3-3, 4-2
NEW QUESTION 201
- (Topic 2)
When a WPA2-PSK WLAN is configured in the wireless LAN Controller, what is the minimum number of characters that in ASCll format?
A. 6
B. 8
C. 12
D. 18
Answer: B
NEW QUESTION 202
- (Topic 2)
Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask combination does
the engineer assign to minimize wasting addresses?
A. 10.10.225.48 255.255.255.240
B. 10.10.225.32 255.255.255.240
C. 10.10.225.48 255.255.255.224
D. 10.10.225.32 255.255.255.224
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 206
- (Topic 2)
When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server for DHCP?
A. DHCP relay agent
B. DHCP server
C. DHCPDISCOVER
D. DHCPOFFER
Answer: A
NEW QUESTION 211
- (Topic 2)
Refer to the exhibit.
Router R1 Fa0/0 is unable ping router R3 Fa0/1.
Which action must be taken in router R1 to help resolve the configuration issue?
A. set the default network as 20.20.20.0/24
B. set the default gateway as 20.20.20.2
C. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network
D. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network
Answer: D
NEW QUESTION 215
- (Topic 2)
An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled
Which action is necessary to complete the configuration if the ISP uses third-party network devices?
A. Enable LLDP globally
B. Disable autonegotiation
C. Disable Cisco Discovery Protocol on the interface
D. Enable LLDP-MED on the ISP device
Answer: D
NEW QUESTION 218
- (Topic 2)
What benefit does controller-based networking provide versus traditional networking?
A. moves from a two-tier to a three-tier network architecture to provide maximum redundancy
B. provides an added layer of security to protect from DDoS attacks
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C. allows configuration and monitoring of the network from one centralized port
D. combines control and data plane functionality on a single device to minimize latency
Answer: C
NEW QUESTION 220
- (Topic 2)
Which network plane is centralized and manages routing decisions?
A. policy plane
B. management plane
C. control plane
D. data plane
Answer: C
NEW QUESTION 224
- (Topic 2)
Refer to the exhibit.
To which device does Router1 send packets that are destined to host 10.10.13.165?
A. Router2
B. Router3
C. Router4
D. Router5
Answer: B
NEW QUESTION 229
- (Topic 2)
Which technology must be implemented to configure network device monitoring with the highest security?
A. IP SLA
B. syslog
C. NetFlow
D. SNMPv3
Answer: C
NEW QUESTION 232
DRAG DROP - (Topic 2)
Drag and drop the lightweight access point operation modes from the left onto the descriptions on the right
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 235
- (Topic 2)
Refer to the exhibit.
A packet is being sent across router R1 to host 172.163.3.14. To which destination does the router send the packet?
A. 207.165.200.246 via Serial0/1/0
B. 207.165.200.254 via Serial0/0/1
C. 207.165.200.254 via Serial0/0/0
D. 207.165.200.250 via Serial/0/0/0
Answer: B
NEW QUESTION 240
- (Topic 2)
How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?
A. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points
B. It allows the administrator to assign channels on a per-device or per-interface basis.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C. It segregates devices from different manufacturers onto different channels.
D. It analyzes client load and background noise and dynamically assigns a channel.
Answer: A
NEW QUESTION 242
- (Topic 2)
Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)
A. The switch must be running a k9 (crypto) IOS image
B. The Ip domain-name command must be configured on the switch
C. IP routing must be enabled on the switch
D. A console password must be configured on the switch
E. Telnet must be disabled on the switch
Answer: AB
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell- ssh/4145-ssh.html
NEW QUESTION 244
- (Topic 2)
What is the purpose of an SSID?
A. It provides network security
B. It differentiates traffic entering access posits
C. It identities an individual access point on a WLAN
D. It identifies a WLAN
Answer: D
Explanation:
“In IEEE 802.11 wireless local area networking standards (including Wi-Fi), a service set is a group of wireless network devices which share a service set
identifier (SSID)… A service set forms a logical network of nodes operating with shared link-layer networking parameters; they form one logical network segment.“
NEW QUESTION 249
- (Topic 2)
How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment?
A. Cisco DNA Center device management can deploy a network more quickly thantraditional campus device management
B. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management
C. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options
D. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management
Answer: A
NEW QUESTION 252
- (Topic 2)
Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic?
A. FIFO
B. WFQ
C. PQ
D. WRED
Answer: C
NEW QUESTION 256
- (Topic 2)
An engineer needs to configure LLDP to send the port description time length value (TLV). What command sequence must be implemented?
A. switch(config-line)#IIdp port-description
B. switch(config)#IIdp port-description
C. switch(config-if)#IIdp port-description
D. switch#IIdp port-description
Answer: B
NEW QUESTION 261
- (Topic 2)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
The entire contents of the MAC address table are shown. Sales-4 sends a data frame to Sales-1.
What does the switch do as it receives the frame from Sales-4?
A. Perform a lookup in the MAC address table and discard the frame due to a missing entry.
B. Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.
C. Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame.
D. Flood the frame out of all ports except on the port where Sales-1 is connected.
Answer: B
Explanation:
https://www.ciscopress.com/articles/article.asp?p=3089352&seqNum=6
NEW QUESTION 265
DRAG DROP - (Topic 2)
Drag and drop the descriptions from the left onto the configuration-management technologies on the right.
A. Mastered
B. Not Mastered
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: A
Explanation:
Ansible:– uses SSH for remote device communication– uses YAML for fundamental configuration elements
Chef:– uses TCP port 10002 for configuration push jobs– uses Ruby for fundamental configuration elements
Puppet:– fundamental configuration elements are stored in a manifest– uses TCP 8140 for communication
The focus of Ansible is to be streamlined and fast, and to require no node agent installation.Thus, Ansible performs all functions over SSH. Ansible is built on
Python, in contrast to the Ruby foundation of Puppet and Chef.TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file
.This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server.Puppet is an open-source configuration management solution, which is
built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a
declarative-paradigm programming approach.A Puppet piece of code is called a manifest, and is a file with .pp extension.
NEW QUESTION 266
- (Topic 1)
When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?
A. spanning -tree vlan 200 priority 614440
B. spanning -tree vlan 200 priority 38572422
C. spanning -tree vlan 200 priority 0
D. spanning -tree vlan 200 root primary
Answer: C
NEW QUESTION 267
DRAG DROP - (Topic 1)
Drag and drop the SNMP components from the left onto the descriptions on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 271
- (Topic 1)
Why was the RFC 1918 address space defined?
A. conserve public IPv4 addressing
B. preserve public IPv6 address space
C. reduce instances of overlapping IP addresses
D. support the NAT protocol
Answer: A
NEW QUESTION 275
- (Topic 1)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which command provides this output?
A. show ip route
B. show ip interface
C. show interface
D. show cdp neighbor
Answer: D
NEW QUESTION 277
- (Topic 1)
What is the difference regarding reliability and communication type between TCP and UDP?
A. TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol
B. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is aconnectionless protocol
C. TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection- oriented protocol
D. TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection- oriented protocol
Answer: A
NEW QUESTION 280
- (Topic 1)
An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer configure to
achieve the desired result?
A. logging trap 5
B. logging trap 2
C. logging trap 4
D. logging trap 3
Answer: C
NEW QUESTION 285
- (Topic 1)
Which network action occurs within the data plane?
A. compare the destination IP address to the IP routing table.
B. run routing protocols (OSPF, EIGRP, RIP, BGP)
C. make a configuration change from an incoming NETCONF RPC
D. reply to an incoming ICMP echo request
Answer: A
NEW QUESTION 289
- (Topic 1)
Which type of information resides on a DHCP server?
A. a list of the available IP addresses in a pool
B. a list of public IP addresses and their corresponding names
C. usernames and passwords for the end users in a domain
D. a list of statically assigned MAC addresses
Answer: A
NEW QUESTION 293
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
- (Topic 1)
Which switch technology establishes a network connection immediately when it is plugged in?
A. PortFast
B. BPDU guard
C. UplinkFast
D. BackboneFast
Answer: A
Explanation:
PortFast is useful to connect hosts and switches to a switch. Access layer switches are more frequently “plugged in” and “plugged out” than distribution or core
layer switches. Also, this feature’s target is just to minimize STP convergence time.
NEW QUESTION 295
- (Topic 1)
What is a role of wireless controllers in an enterprise network?
A. centralize the management of access points in an enterprise network
B. support standalone or controller-based architectures
C. serve as the first line of defense in an enterprise network
D. provide secure user logins to devices on the network.
Answer: A
NEW QUESTION 298
- (Topic 1)
Refer to the exhibit.
Which outcome is expected when PC_A sends data to PC_B?
A. The switch rewrites the source and destination MAC addresses with its own.
B. The source MAC address is changed.
C. The source and destination MAC addresses remain the same.
D. The destination MAC address is replaced with ffff.ffff.ffff.
Answer: C
NEW QUESTION 299
- (Topic 1)
What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)
A. Both operate at a frequency of 500 MHz.
B. Both support runs of up to 55 meters.
C. Both support runs of up to 100 meters.
D. Both support speeds of at least 1 Gigabit.
E. Both support speeds up to 10 Gigabit.
Answer: CD
NEW QUESTION 301
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
- (Topic 1)
Which state does the switch port move to when PortFast is enabled?
A. forwarding
B. listening
C. blocking
D. learning
Answer: A
NEW QUESTION 304
DRAG DROP - (Topic 1)
Refer to the exhibit.
An engineer is configuring the router to provide static NAT for the webserver Drag and drop the configuration commands from the left onto the letters that
correspond to its position in the configuration on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 306
- (Topic 1)
Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?
A. ipv6 address dhcp
B. ipv6 address 2001:DB8:5:112::/64 eui-64
C. ipv6 address autoconfig
D. ipv6 address 2001:DB8:5:112::2/64 link-local
Answer: C
Explanation:
The “ipv6 address autoconfig” command causes the device to perform IPv6 stateless address autoconfiguration to discover prefixes on the link and then to add
the EUI-64 based addresses to theinterface.Addresses are configured depending on the prefixes received in Router Advertisement (RA)messages.The device will
listen for RA messages which are transmitted periodically from the router (DHCPServer).This RA message allows a host to create a global IPv6 address from:+ Its
interface identifier (EUI- 64 address)+ Link Prefix (obtained via RA)Note: Global address is the combination of Link Prefix and EUI-64 address
NEW QUESTION 310
- (Topic 1)
What is a DNS lookup operation?
A. DNS server pings the destination to verify that it is available
B. serves requests over destination port 53
C. DNS server forwards the client to an alternate IP address when the primary IP is down
D. responds to a request for IP address to domain name resolution to the DNS server
Answer: D
NEW QUESTION 313
- (Topic 1)
What are network endpoints?
A. act as routers to connect a user to the service prowler network
B. a threat to the network if they are compromised
C. support inter-VLAN connectivity
D. enforce policies for campus-wide traffic going to the internet
Answer: B
NEW QUESTION 318
- (Topic 1)
In QoS, which prioritization method is appropriate for interactive voice and video?
A. expedited forwarding
B. traffic policing
C. round-robin scheduling
D. low-latency queuing
Answer: D
NEW QUESTION 321
- (Topic 1)
Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate? (Choose two)
A. OSPF area
B. OSPF MD5 authentication key
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C. iPv6 address
D. OSPf process ID
E. OSPf stub flag
Answer: AD
NEW QUESTION 322
- (Topic 1)
Refer to the exhibit.
Which password must an engineer use to enter the enable mode?
A. adminadmin123
B. default
C. testing 1234
D. cisco123
Answer: C
Explanation:
If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line
password serves as the enable password for all VTY sessions -> The “enable secret” will be used first if available, then “enable password” and line password.
NEW QUESTION 324
- (Topic 1)
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)
A. ASCII
B. base64
C. binary
D. decimal
E. hexadecimal
Answer: AE
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_
chapter_01010001.html
NEW QUESTION 325
- (Topic 1)
What uses HTTP messages to transfer data to applications residing on different hosts?
A. OpenFlow
B. OpenStack
C. OpFlex
D. REST
Answer: D
NEW QUESTION 330
- (Topic 1)
What occurs when overlapping Wi-Fi channels are implemented?
A. The wireless network becomes vulnerable to unauthorized access.
B. Wireless devices are unable to distinguish between different SSIDs
C. Users experience poor wireless network performance.
D. Network communications are open to eavesdropping.
Answer: C
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 331
- (Topic 1)
How are the switches in a spine-and-leaf topology interconnected?
A. Each leaf switch is connected to one of the spine switches.
B. Each leaf switch is connected to two spine switches, making a loop.
C. Each leaf switch is connected to each spine switch.
D. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.
Answer: B
NEW QUESTION 334
- (Topic 1)
Which resource is able to be shared among virtual machines deployed on the same physical server?
A. disk
B. applications
C. VM configuration file
D. operating system
Answer: C
NEW QUESTION 336
- (Topic 1)
What is a practice that protects a network from VLAN hopping attacks?
A. Enable dynamic ARP inspection
B. Configure an ACL to prevent traffic from changing VLANs
C. Change native VLAN to an unused VLAN ID
D. Implement port security on internet-facing VLANs
Answer: C
NEW QUESTION 338
- (Topic 1)
What is a DHCP client?
A. a host that is configured to request an IP address automatically
B. a server that dynamically assigns IP addresses to hosts
C. a workstation that requests a domain name associated with its IP address
D. a rooter that statically assigns IP addresses to hosts
Answer: A
NEW QUESTION 343
- (Topic 1)
Which type of wireless encryption is used for WPA2 in preshared key mode?
A. TKIP with RC4
B. RC4
C. AES-128
D. AES-256
Answer: D
Explanation:
We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not
AES-128.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134- wpa2-config.html
NEW QUESTION 348
- (Topic 1)
What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?
A. The Layer 2 switch drops the received frame
B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.
C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.
D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table
Answer: B
Explanation:
If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same
VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.
NEW QUESTION 349
- (Topic 1)
Refer to the exhibit.
What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?
A. R1(config)#interface ethernet0/0 R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0
B. R1(config)#interface ethernet0/0.20 R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0
C. R1(config)#interface ethernet0/0.20 R1(config)#ip address 10.20.20.1 255.255.255.0
D. R1(config)#interface ethernet0/0 R1(config)#ip address 10.20.20.1 255.255.255.0
Answer: B
NEW QUESTION 354
- (Topic 1)
What criteria is used first during the root port selection process?
A. local port ID
B. lowest path cost to the root bridge
C. lowest neighbor's bridge ID
D. lowest neighbor's port ID
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 358
DRAG DROP - (Topic 1)
Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 360
DRAG DROP - (Topic 1)
Drag the IPv6 DNS record types from the left onto the description on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://ns1.com/resources/dns-types-records-servers-and-
queries#:~:text=Address%20Mapping%20record%20(A%20Record,a%20hostname%20to%20another%20hostname.
NEW QUESTION 365
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
- (Topic 1)
Which command prevents passwords from being stored in the configuration as plain text on a router or switch?
A. enable secret
B. service password-encryption
C. username Cisco password encrypt
D. enable password
Answer: B
NEW QUESTION 367
- (Topic 1)
Refer to the exhibit.
An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the 10.0.0.0/30 subnet. Which command set
meets the requirement?
A. interface gi0/1 no cdp enable
B. interface gi0/1 clear cdp table
C. interface gi0/0no cdp advertise-v2
D. interface gi0/0 no cdp run
Answer: D
NEW QUESTION 372
- (Topic 1)
Refer to the exhibit.
Which switch becomes the root bridge?
A. S1
B. S2
C. S3
D. S4
Answer: B
NEW QUESTION 373
- (Topic 1)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which two encoding methods are supported by REST APIs? (Choose two)
A. YAML
B. JSON
C. EBCDIC
D. SGML
E. XML
Answer: BE
Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST
_ API_Configuration_Guide_chapter_01.html
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_x/rest_api_co
nfig/b_Cisco_N1KV_VMware_REST_API_Config_5x/b_Cisco_N1KV_VMware_REST_API
_Config_5x_chapter_010.pdf
The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not
enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents.
NEW QUESTION 375
DRAG DROP - (Topic 1)
Drag and drop the QoS congestion management terms from the left onto the description on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 380
- (Topic 1)
Which WAN topology provides a combination of simplicity quality, and availability?
A. partial mesh
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: C
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 384
- (Topic 1)
A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this
function using the Cisco IOS MIB?
A. CDP
B. SNMP
C. SMTP
D. ARP
Answer: B
Explanation:
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized
framework and a common language used for the monitoring and management of devices in a network.The SNMP framework has three parts:+ An SNMP
manager+ An SNMP agent+ A Management Information Base (MIB)The Management Information Base (MIB) is a virtual information storage area for network
management information, which consists of collections of managed objects.With SNMP, the network administrator can send commands to multiple routers to do
the backup
NEW QUESTION 388
- (Topic 1)
Which function is performed by the collapsed core layer in a two-tier architecture?
A. enforcing routing policies
B. marking interesting traffic for data polices
C. attaching users to the edge of the network
D. applying security policies
Answer: A
NEW QUESTION 392
- (Topic 1)
Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job roles?
A. role-based access control
B. biometrics
C. multifactor authentication
D. physical access control
Answer: D
NEW QUESTION 395
- (Topic 1)
When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?
A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup
B. The administrative distance must be higher on the primary route so that the backup route becomes secondary.
C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup
D. The default-information originate command must be configured for the route to be installed into the routing table
Answer: A
NEW QUESTION 399
- (Topic 1)
What is the function of a controller in controller-based networking?
A. It serves as the centralized management point of an SDN architecture.
B. It centralizes the data plane for the network.
C. It is the card on a core router that maintains all routing decisions for a campus.
D. It is a pair of core routers that maintain all routing decisions for a campus
Answer: A
NEW QUESTION 404
- (Topic 1)
An engineer is asked to protect unused ports that are configured in the default VLAN on a switch.
Which two steps will fulfill the request? (Choose two)
A. Configure the ports in an EtherChannel.
B. Administratively shut down the ports
C. Configure the port type as access and place in VLAN 99
D. Configure the ports as trunk ports
E. Enable the Cisco Discovery Protocol
Answer: BC
NEW QUESTION 408
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
- (Topic 1)
What is a difference between local AP mode and FiexConnet AP mode?
A. Local AP mode creates two CAPWAP tunnels per AP to the WLC
B. FiexConnect AP mode fails to function if the AP loses connectivity with the WLC
C. FlexConnect AP mode bridges the traffic from the AP to the WLC when local switching is configured
D. Local AP mode causes the AP to behave as if it were an autonomous AP
Answer: A
NEW QUESTION 411
- (Topic 1)
A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded. Which command must be configured to increment
the security- violation count and forward an SNMP trap?
A. switchport port-security violation access
B. switchport port-security violation protect
C. switchport port-security violation restrict
D. switchport port-security violation shutdown
Answer: C
Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.html
NEW QUESTION 412
- (Topic 1)
How will Link Aggregation be Implemented on a Cisco Wireless LAN Controller?
A. One functional physical port is needed to pass client traffic.
B. The EthernetChannel must be configured in "mode active".
C. When enabled, the WLC bandwidth drops to 500 Mbps.
D. To pass client traffic, two or more ports must be configured.
Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_0100010.html
NEW QUESTION 416
- (Topic 1)
Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?
A. TACACS server
B. wireless access point
C. RADIUS server
D. wireless LAN controller
Answer: B
NEW QUESTION 419
- (Topic 1)
What are two roles of Domain Name Services (DNS)? (Choose Two)
A. builds a flat structure of DNS names for more efficient IP operations
B. encrypts network Traffic as it travels across a WAN by default
C. improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs)
D. enables applications to identify resources by name instead of IP address
E. allows a single host name to be shared across more than one IP address
Answer: DE
NEW QUESTION 424
- (Topic 1)
An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to compress it for
easier configuration. Which command must be issued on the router interface?
A. ipv6 address 2001:db8::700:3:400F:572B
B. ipv6 address 2001:db8:0::700:3:4F:572B
C. ipv6 address 2001:Odb8::7:3:4F:572B
D. ipv6 address 2001::db8:0000::700:3:400F:572B
Answer: A
NEW QUESTION 429
- (Topic 1)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Which level of severity must be set to get informational syslogs?
A. alert
B. critical
C. notice
D. debug
Answer: C
NEW QUESTION 431
- (Topic 1)
How do TCP and UDP differ in the way that they establish a connection between two endpoints?
A. TCP uses synchronization packets, and UDP uses acknowledgment packets.
B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits
C. UDP provides reliable message transfer and TCP is a connectionless protocol
D. TCP uses the three-way handshake and UDP does not guarantee message delivery
Answer: D
NEW QUESTION 433
- (Topic 1)
Refer to the exhibit.
The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and Switch 2 while all other VLANs are to remain tagged.
Which command accomplishes this task?
A. switchport access vlan 67
B. switchport trunk allowed vlan 67
C. switchport private-vlan association host 67
D. switchport trunk native vlan 67
Answer: D
NEW QUESTION 436
- (Topic 1)
What is the benefit of using FHRP?
A. reduced management overhead on network routers
B. balancing traffic across multiple gateways in proportion to their loads
C. higher degree of availability
D. reduced ARP traffic on the network
Answer: C
NEW QUESTION 437
DRAG DROP - (Topic 1)
Drag and drop the network protocols from the left onto the correct transport services on the right.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 442
- (Topic 1)
Which command enables a router to become a DHCP client?
A. ip address dhcp
B. ip helper-address
C. ip dhcp pool
D. ip dhcp client
Answer: A
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/12-4/dhcp-12-4-book/config-dhcp-client.html
If we want to get an IP address from the DHCP server on a Cisco device, we can use the command “ip address dhcp”.
Note: The command “ip helper-address” enables a router to become a DHCP Relay Agent.
NEW QUESTION 446
DRAG DROP - (Topic 1)
An engineer is configuring an encrypted password for the enable command on a router
where the local user database has already been configured Drag and drop the configuration commands from the left into the correct sequence on the right Not all
commands are used
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 448
- (Topic 1)
Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)
A. cookbook
B. task
C. playbook
D. model
E. recipe
Answer: CD
NEW QUESTION 451
- (Topic 1)
Which two WAN architecture options help a business improve scalability and reliability for the network? (Choose two.)
A. asynchronous routing
B. single-homed branches
C. dual-homed branches
D. static routing
E. dynamic routing
Answer: AC
NEW QUESTION 452
- (Topic 1)
What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?
A. initiates a ping request to the URL
B. prompts the user to specify the desired IP address
C. continuously attempts to resolve the URL until the command is cancelled
D. sends a broadcast message in an attempt to resolve the URL
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: D
NEW QUESTION 453
- (Topic 1)
Refer to the exhibit.
An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface G/0/1. Which access list must be applied?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
NEW QUESTION 454
- (Topic 1)
An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the
link could have contained malicious code. Which type of security program is in place?
A. Physical access control
B. Social engineering attack
C. brute force attack
D. user awareness
Answer: D
Explanation:
This is a training program which simulates an attack, not a real attack (as it says “The webpage that opens reports that it was safe”) so we believed it should be
called a “user awareness” program.Therefore the best answer here should be “user awareness”. This is the definition of“User awareness” from CCNA 200- 301
Offical Cert Guide Book:“User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own
credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security
incidents. ” Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.
NEW QUESTION 458
- (Topic 1)
Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols.
A. dual algorithm
B. metric
C. administrative distance
D. hop count
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: C
Explanation:
Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different
routing protocols. Administrative distance defines the reliability of a routing protocol.
NEW QUESTION 460
- (Topic 1)
What software defined architecture plane assists network devices with making packet- forwarding decisions by providing Layer 2 reachability and Layer 3 routing
information?
A. data plane
B. control plane
C. policy plane
D. management plane
Answer: B
NEW QUESTION 462
- (Topic 1)
What criteria is used first during me root port selection process?
A. local port ID
B. lowest path cost to the root bridge
C. lowest neighbor's bridge ID
D. lowest neighbor's port ID
Answer: B
NEW QUESTION 465
- (Topic 1)
What is the purpose of traffic shaping?
A. to mitigate delays over slow links
B. to provide fair queuing for buffered flows
C. to limit the bandwidth that a flow can use to
D. be a marking mechanism that identifies different flows
Answer: B
Explanation:
Traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of time.
NEW QUESTION 467
- (Topic 1)
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)
A. 2000::/3
B. 2002::5
C. FC00::/7
D. FF02::1
E. FF02::2
Answer: DE
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s-book/ip6-multicast.html
When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all-
node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer address resolution. Routers
also join a third multicast group, the all-routers group (FF02::2).
NEW QUESTION 468
DRAG DROP - (Topic 1)
Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 470
- (Topic 1)
Refer to the exhibit.
Which type of configuration is represented in the output?
A. Ansible
B. JSON
C. Chef
D. Puppet
Answer: D
NEW QUESTION 475
- (Topic 1)
In software-defined architecture, which place handles switching for traffic through a Cisco router?
A. Control
B. Management
C. Data
D. application
Answer: C
Explanation:
Data plane—Handles all the data traffic. The basic functionality of a Cisco NX-OS device is to forward packets from one interface to another. The packets that are
not meant for the switch itself are called the transit packets. These packets are handled by the data plane
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 476
DRAG DROP - (Topic 1)
Drag and drop the DHCP snooping terms from the left onto the descriptions on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 481
- (Topic 1)
When DHCP is configured on a router, which command must be entered so the default gateway is automatically distributed?
A. default-router
B. default-gateway
C. ip helper-address
D. dns-server
Answer: A
NEW QUESTION 482
- (Topic 1)
Where is the interface between the control plane and data plane within the software- defined architecture?
A. control layer and the infrastructure layer
B. application layer and the infrastructure layer
C. control layer and the application layer
D. application layer and the management layer
Answer: A
NEW QUESTION 483
- (Topic 1)
Which WLC port connects to a switch to pass normal access-point traffic?
A. redundancy
B. console
C. distribution system
D. service
Answer: C
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 487
- (Topic 1)
Which mode allows access points to be managed by Cisco Wireless LAN Controllers?
A. autonomous
B. lightweight
C. bridge
D. mobility express
Answer: B
Explanation:
https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200- series/70278-lap-faq.html
A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are “lightweight,” which means that
they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are “zero touch” deployed,
and individual configuration of APs is not necessary.
NEW QUESTION 488
DRAG DROP - (Topic 1)
Drag and drop the DNS lookup components from the left onto the functions on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 493
- (Topic 1)
What is the difference in data transmission delivery and reliability between TCP and UDP?
A. TCP transmits data at a higher rate and ensures packet deliver
B. UDP retransmits lost data to ensure applications receive the data on the remote end.
C. UDP sets up a connection between both devices before transmitting dat
D. TCP uses the three-way handshake to transmit data with a reliable connection.
E. UDP is used for multicast and broadcast communicatio
F. TCP is used for unicast communication and transmits data at a higher rate with error checking.
G. TCP requires the connection to be established before transmitting dat
H. UDP transmits data at a higher rate without ensuring packet delivery.
Answer: D
NEW QUESTION 494
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
- (Topic 1)
Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)
A. listening
B. blocking
C. forwarding
D. learning
E. speaking
Answer: CD
NEW QUESTION 499
- (Topic 1)
What are two improvements provided by automation for network management in an SDN environment? (Choose two)
A. Data collection and analysis tools establish a baseline for the network
B. Artificial intelligence identifies and prevents potential design failures.
C. Machine learning minimizes the overall error rate when automating troubleshooting processes
D. New devices are onboarded with minimal effort
E. Proprietary Cisco APIs leverage multiple network management tools.
Answer: BE
NEW QUESTION 501
- (Topic 1)
An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
NEW QUESTION 506
- (Topic 1)
Which two outcomes are predictable behaviors for HSRP? (Choose two.)
A. The two routers synchronize configurations to provide consistent packet forwarding
B. The two routers negotiate one router as the active router and the other as the standby router
C. Each router has a different IP address, both routers act as the default gateway on the LAN, and traffic is load-balanced between them
D. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN
E. The two routers share the same interface IP address and default gateway traffic is load- balanced between them
Answer: BD
NEW QUESTION 507
- (Topic 1)
What is a characteristic of a SOHO network?
A. connects each switch to every other switch in the network
B. enables multiple users to share a single broadband connection
C. provides high throughput access for 1000 or more users
D. includes at least three tiers of devices to provide load balancing and redundancy
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: B
NEW QUESTION 508
- (Topic 1)
What are two functions of an SDN controller? (Choose two)
A. Layer 2 forwarding
B. coordinating VTNs
C. tracking hosts
D. managing the topology
E. protecting against DDoS attacks
Answer: BD
NEW QUESTION 509
- (Topic 1)
A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and
updating software which is only used occasionally Which cloud service model does the engineer recommend?
A. infrastructure-as-a-service
B. platform-as-a-service
C. business process as service to support different types of service
D. software-as-a-service
Answer: D
NEW QUESTION 511
- (Topic 1)
Refer to the exhibit.
An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?
A. 10.4.4.4
B. 10.4.4.5
C. 172.23.103.10
D. 172.23.104.4
Answer: D
Explanation:
NAT is used to send a packet to the outside network, using a public IP address to make it routable. The NAT logic is "inside-to-outside" FIRST and "outside-to-
inside" THEN. This way, configuring NAT means "choosing a public IP address" for any outbound packet" IN THE FIRST PLACE, where "public IP address"
translates to "inside global address". Among the given answers, the only inside global address is 172.123.104.4.
NEW QUESTION 515
- (Topic 1)
What is a function of a remote access VPN?
A. used cryptographic tunneling to protect the privacy of data for multiple users simultaneously
B. used exclusively when a user is connected to a company's internal network
C. establishes a secure tunnel between two branch sites
D. allows the users to access company internal network resources through a secure tunnel
Answer: D
NEW QUESTION 519
- (Topic 1)
Which type of address is the public IP address of a NAT device?
A. outside global
B. outsdwde local
C. inside global
D. insride local
E. outside public
F. inside public
Answer: C
Explanation:
NAT use four types of addresses:* Inside local address – The IP address assigned to a host on the inside network. The address is usually not an IP address
assigned by the Internet Network Information Center (InterNIC) or service provider.This address is likely to be an RFC 1918 private address.* Inside global
address – A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world.* Outside
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
local address – The IP address of an outside host as it is known to the hosts on the inside network.* Outside global address – The IP address assigned to a host
on the outside network. The owner of the host assigns
this address.
NEW QUESTION 524
- (Topic 1)
What is the purpose of using First Hop Redundancy Protocol in a specific subnet?
A. Filter traffic based on destination IP addressing
B. Sends the default route to the hosts on a network
C. ensures a loop-free physical topology
D. forwards multicast hello messages between routers
Answer: D
Explanation:
FHRP is layer 3 protocol whose purpose is to protect the default gateway by offering redundancy of the gateway in a subnet. This is achieved by allowing two or
more routers to provide a backup for the first-hop IP router address. If a failure of an active router occurs, the backup router will take over the address. The routers
negotiate their roles (Active/Standby) with each other by multicast hello messages to share the VIP (virtual IP address) between the FHRP routers. The terms
Active/Standby vary between the different types of FHRP. The active router will act as the default gateway and the standby router acts as a backup the active
router.
NEW QUESTION 529
DRAG DROP - (Topic 1)
Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 533
- (Topic 1)
Which device tracks the state of active connections in order to make a decision to forward a packet through?
A. wireless access point
B. firewall
C. wireless LAN controller
D. router
Answer: B
Explanation:
Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to
determine which network packets to allow through the firewall.
NEW QUESTION 534
- (Topic 1)
Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which
configuration accomplishes this task?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
NEW QUESTION 539
- (Topic 1)
Which spanning-tree enhancement avoids the learning and listening states and
immediately places ports in the forwarding state?
A. BPDUfilter
B. PortFast
C. Backbonefast
D. BPDUguard
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Answer: B
Explanation:
PortFast
Spanning Tree Portfast causes layer 2 switch interfaces to enter forwarding state immediately, bypassing the listening and learning states. It should be used on
ports connected directly to end hosts like servers or workstations. Note: If portfast isn’t enabled, DHCP timeouts can occur while STP converges, causing more
problems.
https://skminhaj.wordpress.com/2015/03/04/spanning-tree-stp-rstp-mst-enhancements/
NEW QUESTION 542
DRAG DROP - (Topic 1)
Drag and drop the attack-mitigation techniques from the left onto the Types of attack that they mitigate on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 545
- (Topic 1)
Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?
A. intrusion detection
B. user awareness
C. physical access control
D. network authorization
Answer: C
NEW QUESTION 547
- (Topic 1)
Refer to Exhibit.
The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes must be configured on the
NEW York router? (Choose two)
A. ipv6 route 2000::1/128 2012::1
B. ipv6 route 2000::3/128 2023::3
C. ipv6 route 2000::3/128 s0/0/0
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
D. ipv6 route 2000::1/128 2012::2
E. ipv6 route 2000::1/128 s0/0/1
Answer: AB
NEW QUESTION 550
- (Topic 1)
If a notice-level messaging is sent to a syslog server, which event has occurred?
A. A network device has restarted
B. An ARP inspection has failed
C. A routing instance has flapped
D. A debug operation is running
Answer: C
Explanation:
Usually no action is required when a route flaps so it generates the notification syslog level message (level 5).
NEW QUESTION 553
- (Topic 1)
What protocol allows an engineer to back up 20 network router configurations globally while using the copy function?
A. SMTP
B. SNMP
C. TCP
D. FTP
Answer: B
NEW QUESTION 555
DRAG DROP - (Topic 1)
Drag and drop the statement about networking from the left into the Corresponding networking types on the right. Not all statements are used.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 556
- (Topic 1)
What are two fundamentals of virtualization? (choose two)
A. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic
B. It allows logical network devices to move traffic between virtual machines and the rest of the physical network
C. It allows multiple operating systems and applications to run independently on one physical server.
D. It allows a physical router to directly connect NICs from each virtual machine into the network
E. It requires that some servers, virtual machines and network gear reside on the Internet
Answer: BC
NEW QUESTION 561
- (Topic 1)
Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period?
A. switch(config)#spanning-tree vlan 1 max-age 6
B. switch(config)#spanning-tree vlan 1 hello-time 10
C. switch(config)#spanning-tree vlan 1 priority 4096
D. switch(config)#spanning-tree vlan 1 forward-time 20
Answer: D
Explanation:
Forward time : Determines how long each of the listening and learning states last before the port begins forwarding.
Switch(config)# [ no ] spanning-tree vlan vlan_ID forward-time forward_timeConfigures the forward time of a VLAN. The forward_time value can be from 4 to 30
seconds. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/15-02SG/configuration/guide/config/spantree.html#56177
NEW QUESTION 562
- (Topic 1)
Which technology is appropriate for communication between an SDN controller and applications running over the network?
A. OpenFlow
B. REST API
C. NETCONF
D. Southbound API
Answer: B
NEW QUESTION 563
- (Topic 1)
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual
machine?
A. platform-as-a-service
B. software-as-a-service
C. network-as-a-service
D. infrastructure-as-a-service
Answer: B
Explanation:
Below are the 3 cloud supporting services cloud providers provide to customer:
+ SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a thirdparty vendor and whose interface is accessed on the
clients’ side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins.
+ PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS
is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and
cost-effective. With this technology, enterprise operations, or a thirdparty provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS
software itself. Developers, however, manage the applications.
+ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized
or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on
consumption, similar to electricity or other utility billing.
In general, IaaS provides hardware so that an organization can install their own operating system.
NEW QUESTION 565
- (Topic 1)
Which IPv6 address block sends packets to a group address rather than a single address?
A. 2000::/3
B. FC00::/7
C. FE80::/10
D. FF00::/8
Answer: D
Explanation:
FF00::/8 is used for IPv6 multicast and this is the IPv6 type of address the question wants to ask.FE80::/10 range is used for link-local addresses. Link-local
addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing
protocols). It is only valid on the current subnet.It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
48-bit MAC address).
NEW QUESTION 570
- (Topic 1)
What is the role of a firewall in an enterprise network?
A. Forwards packets based on stateless packet inspection
B. Processes unauthorized packets and allows passage to less secure segments of the network
C. determines which packets are allowed to cross from unsecured to secured networks
D. explicitly denies all packets from entering an administrative domain
Answer: C
NEW QUESTION 571
SIMULATION - (Topic 5)
Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured.
* I . Configure an LACP EtherChanneI and number it as 44; configure it between switches SWI and SW2 using interfaces EthernetO/O and Ethernet0/1 on both
sides. The LACP mode must match on both ends.
* 2. Configure the EtherChanneI as a trunk link.
* 3. Configure the trunk link with 802. Iq tags.
* 4. Configure VLAN 'MONITORING' as the untagged VLAN of the EtherChannel.
==================
Guidelines
This is a lab item in which tasks will be performed on virtual devices.
• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary preconfigurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
To configure an LACP EtherChannel and number it as 44, configure it between switches SW1 and SW2 using interfaces Ethernet0/0 and Ethernet0/1 on both
sides, configure the EtherChannel as a trunk link, configure the trunk link with 802.1q tags, and configure VLAN ‘MONITORING’ as the untagged VLAN of the
EtherChannel, you need to follow these steps:
? On both SW1 and SW2, enter the global configuration mode by using the
configure terminal command.
? On both SW1 and SW2, select the two interfaces that will form the EtherChannel by using the interface range ethernet 0/0 - 1 command. This will enter the
interface range configuration mode.
? On both SW1 and SW2, set the protocol to LACP by using the channel-protocol
lacp command.
? On both SW1 and SW2, assign the interfaces to an EtherChannel group number 44 by using the channel-group 44 mode active command. This will create a
logical interface named Port-channel44 and set the LACP mode to active on both ends. The LACP mode must match on both ends for the EtherChannel to form.
? On both SW1 and SW2, exit the interface range configuration mode by using the exit command.
? On both SW1 and SW2, enter the Port-channel interface configuration mode by using the interface port-channel 44 command.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
? On both SW1 and SW2, configure the Port-channel interface as a trunk link by using the switchport mode trunk command.
? On both SW1 and SW2, configure the Port-channel interface to use 802.1q tags for VLAN identification by using the switchport trunk encapsulation dot1q
command.
? On both SW1 and SW2, configure VLAN ‘MONITORING’ as the untagged VLAN of the Port-channel interface by using the switchport trunk native vlan
MONITORING command.
? On both SW1 and SW2, exit the Port-channel interface configuration mode by using the exit command.
? On both SW1 and SW2, save the configuration to NVRAM by using the copy running-config startup-config command.
NEW QUESTION 574
SIMULATION - (Topic 5)
Connectivity between four routers has been established. IP connectivity must be configured in the order presented to complete the implementation. No dynamic
routing protocols are included.
* 1. Configure static routing using host routes to establish connectivity from router R3 to the router R1 Loopback address using the source IP of 209.165.200.230.
* 2. Configure an IPv4 default route on router R2 destined for router R4.
* 3. Configure an IPv6 default router on router R2 destined for router R4.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Answer as below configuration:
* 1.- on R3
config terminal
ip route 192.168.1.1 255.255.255.255 209.165.200.229
end
copy running start
* 2.- on R2
config terminal
ip route 0.0.0.0 0.0.0.0 209.165.202.130
end
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
copy running start
* 3.- on R2
config terminal
ipv6 route ::/0 2001:db8:abcd::2 end
copy running start
NEW QUESTION 578
SIMULATION - (Topic 5)
Physical connectivity is implemented between the two Layer 2 switches, and the network connectivity between them must be configured
* 1. Configure an LACP EtherChannel and number it as 1; configure it between switches SW1 and SVV2 using interfaces Ethernet0/0 and Ethernet0/1 on both
sides. The LACP mode must match on both ends
* 2 Configure the EtherChannel as a trunk link.
* 3. Configure the trunk link with 802.1 q tags.
* 4. Configure the native VLAN of the EtherChannel as VLAN 15.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Answer as below configuration:
On SW1:
conf terminal vlan 15
exit
interface range eth0/0 - 1 channel-group 1 mode active exit
interface port-channel 1
switchport trunk encapsulation dot1q switchport mode trunk
switchport trunk native vlan 15 end
copy run start
on SW2:
conf terminal
vlan 15 exit
interface range eth0/0 - 1 channel-group 1 mode active exit
interface port-channel 1
switchport trunk encapsulation dot1q switchport mode trunk
switchport trunk native vlan 15 end
copy run start
NEW QUESTION 580
SIMULATION - (Topic 5)
Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28 network from the 192.168.1.0/24 private range. For IPv6, use the first /64 subnet
from the 2001:0db8:aaaa::/48 subnet.
* 1. Using Ethernet0/1 on routers R1 and R2, configure the next usable/28 from the 192.168.1.0/24 range. The network 192.168.1.0/28 is unavailable.
* 2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host address.
* 3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host address.
* 4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from the topology.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
* 5. A ping must work between the routers on the IPv4 and IPv6 address ranges.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Answer as below configuration:
on R1
config terminal
ipv6 unicast-routing inter eth0/1
ip addre 192.168.1.1 255.255.255.240
ipv6 addre 2001:db8:aaaa::1/64 not shut
end
copy running start
on R2
config terminal
ipv6 unicast-routing inter eth0/1
ip address 192.168.1.14 255.255.255.240
ipv6 address 2001:db8:aaaa::2/64 not shut
end
copy running start
---------------------
for test from R1
ping ipv6 2001:db8:aaaa::1
for test from R2
ping ipv6 2001:db8:aaaa::2
NEW QUESTION 585
- (Topic 4)
Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?
A. tunnel
B. transport
C. aggressive
D. main
Answer: B
Explanation:
IPsec encryption mode is the way IPsec secures the data packets that are sent over an IP network. There are two main modes of IPsec encryption: tunnel mode
and transport mode1. Tunnel mode encrypts the entire IP packet, including the original header, and adds a new IP header with the source and destination
addresses of the security gateways (routers, firewalls, or VPN servers) that perform the encryption and decryption2. Transport mode encrypts only the payload
(data) of the IP packet, leaving the original header intact, and uses the original source and destination addresses of the endpoints that generate and consume the
data3. Therefore, transport mode is appropriate when the destination of a packet differs from the security termination point, as it does not change the original IP
header information. Tunnel mode is more suitable when the security termination point is also the destination of the packet, as it provides more protection for the
original IP header information.
NEW QUESTION 588
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
DRAG DROP - (Topic 4)
Refer to the exhibit.
Drag and drop the learned prefixes from the left onto the subnet masks on the right
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 592
- (Topic 4)
Which is a fact related to FTP?
A. It uses block numbers to identify and mitigate data-transfer errors
B. It always operates without user authentication
C. It relies on the well-known UDP port 69.
D. It uses two separate connections for control and data traffic
Answer: D
NEW QUESTION 595
- (Topic 4)
How do TCP and UDP fit into a query-response model?
A. TCP establishes a connection prior to sending data, and UDP sends immediately.
B. TCP uses error detection for packets, and UDP uses error recovery.
C. TCP avoids using sequencing, and UDP avoids using acknowledgments.
D. TCP encourages out-of-order packet delivery, and UDP prevents re-ordering.
Answer: A
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 597
- (Topic 4)
Refer to the exhibit.
The image server and client A are running an application that transfers an extremely high volume of data between the two. An engineer is configuring a dedicated
circuit between R1 and R2. Which set of commands must the engineer apply to the routers so that only traffic between the image server and client A is forces to
use the new circuit?
A. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.6R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.5
B. R1(config)#ip route 10.10.13.10 255.255.255.128 10.10.10.6R2(config)#lp route 192.168.0.100 255.255.255.0 10.10.10.5
C. R1(config)#ip route 10.10.13.10 255.255.255.252 10.10.10.6R2(config)#tp route 192.168.0.100 255.255.255.252 10.10.10.5
D. R1(config)#ip route 10.10.13.10 255.255.255.255 10.10.10.2R2(config)#ip route 192.168.0.100 255.255.255.255 10.10.10.1
Answer: D
NEW QUESTION 600
- (Topic 4)
Refer to the exhibit.
Which switch becomes the root bridge?
A)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
NEW QUESTION 602
- (Topic 4)
Which REST method updates an object in the Cisco DNA Center Intent API?
A. CHANGE
B. UPDATE
C. POST
D. PUT
Answer: D
Explanation:
PUT is most-often utilized for **update** capabilities, PUT-ing to a known
resource URI with the request body containing the newly-updated representation of the original resource.However, PUT can also be used to create a resource in
the case where the resource ID is chosen by the client instead of by the server. In other words, if the PUT is to a URI that contains the value of a non-existent
resource ID. Again, the request body contains a resource representation. Many feel this is convoluted and confusing. Consequently, this method of creation should
be used sparingly, if at all.Alternatively, use POST to create new resources and provide the client-defined ID in the body representation—presumably to a URI that
doesn’t include the ID of the resource (see POST below).On successful update, return 200 (or 204 if not returning any content in the body) from a PUT. If using
PUT for create, return HTTP status 201 on successful creation. A body in the response is optional—providing one consumes more bandwidth. It is not necessary to
return a link via a Location header in the creation case since the client already set the resource ID.PUT is not a safe operation, in that it modifies (or creates) state
on the server, but it is idempotent. In other words, if you create or update a resource using PUT and then make that same call again, the resource is still there and
still has the same state as it did with the first call.If, for instance, calling PUT on a resource increments a counter within the resource, the call is no longer
idempotent. Sometimes that happens and it may be enough to document that the call is not idempotent. However, it’s recommended to keep PUT requests
idempotent. It is strongly recommended to use POST for non-idempotent requests.Examples:
https://www.restapitutorial.com/lessons/httpmethods.html
NEW QUESTION 607
- (Topic 4)
Refer to the exhibit.
Which action by the router when a packet is sourced from 10.10.10.2 and destined 10.10.10.16?
A. It queues the packets waiting for the route to be learned.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
B. It floods packets to all learned next hops.
C. It discards the packets.
D. It uses a route that is similar to the destination address.
Answer: D
NEW QUESTION 611
DRAG DROP - (Topic 4)
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 612
- (Topic 4)
Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?
A. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.
B. Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data
backbone.
C. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI
exclusively.
D. Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.
Answer: C
NEW QUESTION 615
- (Topic 4)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A network administrator must permit traffic from the 10.10.0.0/24 subnet to the WAN on interlace Seria10. What is the effect of the configuration as the
administrator applies the command?
A. The permit command fails and returns an error code.
B. The router accepts all incoming traffic to Seria10 with the last octet of the source IP set to 0.
C. The sourced traffic from IP range 10.0.0.0 -10.0.0.255 is allowed on Seria10.
D. The router fails to apply the access list to the interface.
Answer: C
NEW QUESTION 619
- (Topic 4)
Which two features introduced in SNMPv2 provides the ability to retrieve large amounts of data in one request
A. Get
B. GetNext
C. Set
D. GetBulk
E. Inform
Answer: AD
NEW QUESTION 624
- (Topic 4)
What happens when a switch receives a frame with a destination MAC address that recently aged out?
A. The switch references the MAC address aging table for historical addresses on the port that received the frame.
B. The switch floods the frame to all ports in all VLANs except the port that received the frame
C. The switch drops the frame and learns the destination MAC address again from the port that received the frame
D. The switch floods the frame to all ports in the VLAN except the port that received the frame.
Answer: D
NEW QUESTION 625
- (Topic 4)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
NEW QUESTION 629
- (Topic 4)
To improve corporate security, an organization is planning to implement badge authentication to limit access to the data center. Which element of a security
program is being deployed?
A. user training
B. user awareness
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
C. vulnerability verification
D. physical access control
Answer: D
NEW QUESTION 633
DRAG DROP - (Topic 4)
Drag and drop the characteristics of transport layer protocols from the left onto the corresponding protocols on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 636
- (Topic 4)
Which 802.11 frame type is Association Response?
A. management
B. control
C. action
D. protected frame
Answer: A
NEW QUESTION 639
- (Topic 4)
A WLC sends alarms about a rogue AP, and the network administrator verifies that the alarms are caused by a legitimate autonomous AP.
A. Place the AP into manual containment.
B. Remove the AP from WLC management.
C. Manually remove the AP from Pending state.
D. Set the AP Class Type to Friendly.
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
NEW QUESTION 640
- (Topic 4)
By default, how long will the switch continue to know a workstation MAC address after the workstation stops sending traffic?
A. 200 seconds
B. 300 seconds
C. 600 seconds
D. 900 seconds
Answer: B
NEW QUESTION 644
DRAG DROP - (Topic 4)
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 645
FILL IN THE BLANK - (Topic 4)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Refer to the exhibit. The IPv6 address for the LAN segment on router R1 must be configured using the EUI-64 format. When configured which ipv6 address is
produced by the router?
A. 2001:db8:1a44:41a4:C801:BEFF:FE4A:1
B. 2001:db8:1a44:41a4:C081:BFFF:FE4A:1
C. 2001:db8:1a44:41a4:4562:098F:FE36:1
D. 2001:db8:1a44:41a4:C800:BAFE:FF00:1
Answer: B
NEW QUESTION 646
- (Topic 4)
Why is a first-hop redundancy protocol implemented?
A. to protect against default gateway failures
B. to prevent loops in a network
C. to enable multiple switches to operate as a single unit
D. to provide load-sharing for a multilink segment
Answer: A
NEW QUESTION 649
- (Topic 4)
An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be 2019:C15C:0CAF:E002::1 The route
must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route?
A. R1(config)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
B. R1(config-if)#ipv6 route 2019:C15C:0CAF:E001::/64 2019:C15C:0CAF:E002::1
C. R1(config-if)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet0/0
D. R1(config)#ip route 2019:C15C:0CAF:E001::/64 GigabitEthernet0/0
Answer: C
NEW QUESTION 654
- (Topic 4)
Which component controls and distributes physical resources for each virtual machine?
A. OS
B. hypervisor
C. CPU
D. physical enclosure
Answer: B
NEW QUESTION 655
DRAG DROP - (Topic 4)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Drag and drop the statements about networking from the left onto the corresponding
networking types on the right. Not all statements are used.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Controller-based Networking :– This type deploys a consistent configuration across multiple devices.– Southbound APIs are used to apply
configurations.Traditional Networking :– A distributed control plane is needed.– This type requires a distributed management plane.
On a SND network the control plane is centralized on the the SND controller not distributed on the networking devices.
Northbound APIs do not interact with end devices. They allow the SND controller to interact with applications on the application plane
NEW QUESTION 657
- (Topic 4)
What is used to identify spurious DHCP servers?
A. DHCPREQUEST
B. DHCPDISCOVER
C. DHCPACK
D. DHCPOFFER
Answer: D
Explanation:
DHCPOFFER is used to identify spurious DHCP servers. A spurious DHCP server is any device that is configured to act as a DHCP server without the network
administrator’s knowledge or permission. A spurious DHCP server can cause network problems by assigning incorrect or duplicate IP addresses to clients, or by
redirecting traffic to malicious gateways. To prevent such attacks, the DHCP snooping feature can be enabled on switches to filter out invalid or unauthorized
DHCP messages from untrusted sources1.
DHCP snooping works by intercepting and validating DHCP messages on a per-VLAN basis. The switch maintains a DHCP snooping binding database that
contains information about the trusted hosts with leased IP addresses, such as MAC address, IP address, lease time, binding type, VLAN number, and interface
information2. The switch also classifies its ports as trusted or untrusted. Trusted ports are those that connect to authorized DHCP servers or other trusted
switches. Untrusted ports are those that connect to untrusted hosts or devices. The switch only allows DHCP messages from trusted ports, and drops any DHCP
messages from untrusted ports that do not match the information in the binding database3.
The switch uses DHCPOFFER messages to identify spurious DHCP servers. A DHCPOFFER message is a response from a DHCP server to a client’s request for
an IP address. The message contains the offered IP address, subnet mask, default gateway, and other configuration parameters for the client4. When the switch
receives a DHCPOFFER message from an untrusted port, it compares the source MAC address and the offered IP address with the binding database. If there is
no match, the switch considers the message as coming from a spurious DHCP server and drops it. The switch also logs an error message and increments a
counter for the number of dropped messages5.
References:
? 1: Configuring DHCP Snooping - Cisco
? 2: Catalyst 6500 Release 12.2SX Software Configuration Guide - DHCP Snooping Binding Database
? 3: What is DHCP Snooping? - IONOS
? 4: Dynamic Host Configuration Protocol (DHCP) and Bootstrap Protocol (BOOTP) Parameters
? 5: Configuring DHCP Snooping - Cisco
NEW QUESTION 660
- (Topic 4)
Refer to the exhibit.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
A network engineer configures the CCNA WLAN so that clients must authenticate hourly and to limit the number of simultaneous connections to the WLAN to
Which two actions complete this configuration? (Choose two.)
A. Enable the Enable Session Timeout option and set the value to 3600.
B. Set the Maximum Allowed Clients value to 10.
C. Enable the Client Exclusion option and set the value to 3600.
D. Enable the Wi-Fi Direct Clients Policy option.
E. Set the Maximum Allowed Clients Per AP Radio value to 10.
Answer: AB
NEW QUESTION 664
......
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM 200-301 Dumps From Exambible
https://www.exambible.com/200-301-exam/ (903 Q&As)
Relate Links
100% Pass Your 200-301 Exam with Exambible Prep Materials
https://www.exambible.com/200-301-exam/
Contact us
We are proud of our high-quality customer service, which serves you around the clock 24/7.
Viste - https://www.exambible.com/
Your Partner of IT Exam visit - https://www.exambible.com
Powered by TCPDF (www.tcpdf.org)
You might also like
- 200-301 Exam - Free Actual Q&as, Page 1 _ ExamTopics100% (2)200-301 Exam - Free Actual Q&as, Page 1 _ ExamTopics579 pages
- Cisco Pass4sure 200-301 PDF 2022-Apr-09 by Samuel 376q VceNo ratings yetCisco Pass4sure 200-301 PDF 2022-Apr-09 by Samuel 376q Vce19 pages
- Cisco Practicetest 200-301 Exam Prep 2023-Feb-18 by Mortimer 578q VceNo ratings yetCisco Practicetest 200-301 Exam Prep 2023-Feb-18 by Mortimer 578q Vce11 pages
- Cisco Prep4sure 200-301 Actual Test 2022-Dec-25 by Elvis 215q VceNo ratings yetCisco Prep4sure 200-301 Actual Test 2022-Dec-25 by Elvis 215q Vce11 pages
- Exam Questions 200-301: Cisco Certified Network Associate100% (2)Exam Questions 200-301: Cisco Certified Network Associate15 pages
- Cisco Transcender 200-301 Practice Test 2020-Apr-22 by Lester 33q VceNo ratings yetCisco Transcender 200-301 Practice Test 2020-Apr-22 by Lester 33q Vce8 pages
- Cisco - Testkings.200 301.PDF - Download.2023 Jun 01.by - Tim.366q.vceNo ratings yetCisco - Testkings.200 301.PDF - Download.2023 Jun 01.by - Tim.366q.vce18 pages
- Cisco Pass4sure 200-301 PDF 2022-Apr-19 by Arvin 377q VceNo ratings yetCisco Pass4sure 200-301 PDF 2022-Apr-19 by Arvin 377q Vce17 pages
- 200-301 Dumps Cisco Certified Network AssociateNo ratings yet200-301 Dumps Cisco Certified Network Associate7 pages
- Cisco.lead2pass.200 301.Exam.dumps.2023 Apr 06.by.lucien.654q.vceNo ratings yetCisco.lead2pass.200 301.Exam.dumps.2023 Apr 06.by.lucien.654q.vce11 pages
- Dumpleader: Ensure Success With Money Back GuaranteeNo ratings yetDumpleader: Ensure Success With Money Back Guarantee19 pages
- 200-301 Exam – Free Actual Q&as, Page 1 _ ExamTopics901-1000100% (1)200-301 Exam – Free Actual Q&as, Page 1 _ ExamTopics901-100060 pages
- 400-101 CCIE Routing and Switching Written 2019-10-11No ratings yet400-101 CCIE Routing and Switching Written 2019-10-1140 pages
- 200-301 Implementing and Administering Cisco Solutions Updated Dumps QuestionsNo ratings yet200-301 Implementing and Administering Cisco Solutions Updated Dumps Questions78 pages
- Exam Questions 200-301: Cisco Certified Network AssociateNo ratings yetExam Questions 200-301: Cisco Certified Network Associate15 pages
- Exam Questions 200-301: Cisco Certified Network AssociateNo ratings yetExam Questions 200-301: Cisco Certified Network Associate15 pages
- 200-301 Dumps Cisco Certified Network AssociateNo ratings yet200-301 Dumps Cisco Certified Network Associate9 pages
- H12-211.exam.120q: Number: H12-211 Passing Score: 800 Time Limit: 120 Min File Version: 1No ratings yetH12-211.exam.120q: Number: H12-211 Passing Score: 800 Time Limit: 120 Min File Version: 156 pages
- Huawei Testkings H12-211 v2018-05-15 by Nick 120qNo ratings yetHuawei Testkings H12-211 v2018-05-15 by Nick 120q56 pages
- Cisco Lead2pass 200-301 Practice Test 2023-Jan-09 by Ternence 233q VceNo ratings yetCisco Lead2pass 200-301 Practice Test 2023-Jan-09 by Ternence 233q Vce18 pages
- Latest Version - CCNP Route - 300-101 - Version 2018 - 91q - Prince-V1 PDFNo ratings yetLatest Version - CCNP Route - 300-101 - Version 2018 - 91q - Prince-V1 PDF33 pages
- Cisco Selftestengine 350-401 Sample Question 2022-Aug-30 by Louis 437q VceNo ratings yetCisco Selftestengine 350-401 Sample Question 2022-Aug-30 by Louis 437q Vce26 pages
- Exam Questions 300-101: ROUTE Implementing Cisco IP RoutingNo ratings yetExam Questions 300-101: ROUTE Implementing Cisco IP Routing7 pages
- CCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020No ratings yetCCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020167 pages
- Cisco - Testkings.350 401.practice - Test.2021 Nov 06.by - Stanley.207q.vceNo ratings yetCisco - Testkings.350 401.practice - Test.2021 Nov 06.by - Stanley.207q.vce19 pages
- 200-301 Exam – Free Actual Q&As, Page 1 _ ExamTopics801-900No ratings yet200-301 Exam – Free Actual Q&As, Page 1 _ ExamTopics801-90052 pages
- CCNA - 200-125 - 182q - 112116: Number: 200-125 Passing Score: 810 Time Limit: 140 Min File Version: 1.1No ratings yetCCNA - 200-125 - 182q - 112116: Number: 200-125 Passing Score: 810 Time Limit: 140 Min File Version: 1.170 pages
- HUAWEI USG9500 Series Terabit-Level Next-Generation Firewall DatasheetNo ratings yetHUAWEI USG9500 Series Terabit-Level Next-Generation Firewall Datasheet13 pages
- The Awareness of Cybersecurity: Cybersecurity Lecturer: Jumana KhwailehNo ratings yetThe Awareness of Cybersecurity: Cybersecurity Lecturer: Jumana Khwaileh173 pages
- Alcatel-Lucent Omniswitch 6860: Stackable Lan Switches For Mobility, Iot and Network AnalyticsNo ratings yetAlcatel-Lucent Omniswitch 6860: Stackable Lan Switches For Mobility, Iot and Network Analytics17 pages
- HUAWEI CloudEngine 6800 Switch DatasheetNo ratings yetHUAWEI CloudEngine 6800 Switch Datasheet12 pages
- User Guide: AXE5400 Tri-Band Mesh Wi-Fi 6E SystemNo ratings yetUser Guide: AXE5400 Tri-Band Mesh Wi-Fi 6E System55 pages
- Huawei SmartAX MA5600T MA5603T Brief Product Brochure (2016) PDFNo ratings yetHuawei SmartAX MA5600T MA5603T Brief Product Brochure (2016) PDF4 pages
- Purple App Phone Mockup Sales Marketing Presentation_20230906_143101_0000 (1)No ratings yetPurple App Phone Mockup Sales Marketing Presentation_20230906_143101_0000 (1)40 pages
- HPE Aruba Networking CX 6300 Series Switch Data Sheet-a00085162enw (1)No ratings yetHPE Aruba Networking CX 6300 Series Switch Data Sheet-a00085162enw (1)42 pages
- Install New Generation 6 Hardware IsilonNo ratings yetInstall New Generation 6 Hardware Isilon17 pages
- Bleeding Wall:A Hematologic Examination on the Great FirewallNo ratings yetBleeding Wall:A Hematologic Examination on the Great Firewall9 pages
