200-301 Questions and Answers

dynamic

static

active

auto

ip route 10.1.1.10 255.255.255.255 172.16.2.2 100

ip route 10.1.1.0 255.255.255.0 gi0/1 125

ip route 10.1.1.0 255.255.255.0 172.16.2.2 100

ip route 10.1.1.10 255.255.255.255 gi0/0 125

GigabitEthernet0/0

GigabltEthornet0/1

GigabitEthernet0/2

GigabitEthernet0/3

Configure the ip dhcp snooping trust command on the interlace that is connected to the DHCP client.

Configure the ip dhcp relay information option command on the interface that is connected to the DHCP client.

Configure the ip dhcp snooping trust command on the interface that is connected to the DHCP server.

Configure the Ip dhcp relay information option command on the interface that is connected to the DHCP server.

The NMS software must be loaded with the MIB associated with the trap.

The NMS must be configured on the same router as the SNMP agent

The NMS must receive a trap and an inform message from the SNMP agent within a configured interval

The NMS must receive the same trap from two different SNMP agents to verify that it is reliable.

Configure the switchport trunk allowed vlan 300 command on SW1 port-channel 1

Configure the switchport trunk allowed vlan 300 command on interface Fa0/2 on SW1.

Configure the switchport trunk allowtd vlan add 300 command on interface FaO 2 on SW2.

Configure the switchport trunk allowtd vlan add 300 command on SW1 port-channel 1

Option A

Option B

Option C

Option D

array

key

value

object

They are a Cisco proprietary security feature.

They must include one number and one letter.

They define the VLAN on a switch.

They are case sensitive.

To perform upgrades without service interruption

To provide fast and accurate deployment of patches and updates

To allow SSH access to all nodes in the network.

To provide software redundancy in the network.

queuing

marking

shaping

policing

It monitors for outdated software.

It dictates security policy updates.

It identifies patterns indicating intrusions.

It assigns security clearance levels.

Enable Broadcast SSID and select data from the Interface/Interface Group drop-down list.

Enable Status and select data from the Interface/Interface Group drop-down list.

Enable Status and set the NAS-ID to data.

Enable Status and enable Broadcast SSID.

core and WAN

access and WAN

distribution and access

core and distribution

single sign-on

unique user knowledge

passwords that expire

soft tokens

shared password responsibility

repeater mode

autonomous mode

bridge mode

lightweight mode

/29

/30

/27

/28

Device(config)# netconf lock-time 500

Device(config)# netconf max-message 1000

Device(config)# no netconf ssh acl 1

Device(config)# netconf max-sessions 100

If will choose the route with the longest match.O 100.100.100.100'32 (110/21) via 192.168.1.1. 00:05:57. EmernetO/1.

It will always prefer the static route over dynamic routes and choose the routeS 100.100.0.0/16(1/0] via 192.168.4.1.

It will choose the route with the highest metric.D 100.100.100.0/24 (90/435200) via 192.168.2.1. 00:00:13. EthernetO/2.

It will choose the route with the lowest metric,R 100.0.0.0/8 [120/2] via 192.168.3.1. 00:00:13. EthernetO/3.

external storage

hardware resources

network interfaces

backplane network

192.168.1.226

192.168.1.100

192.168.1.254

192.168.1.253

conserve globally unique address space

simplify the addressing in the network

limit the number of nodes reachable via the Internet

reduce network complexity

array

object

Boolean

string

flexibility of design

simplicity of configurator

low cost

full-mesh capability

LAG

EtherChannel

trunk

access

10.10.10.5

10.10.10.3

10.10.10.4

10.10.10.2

snmp-server host

snmp-server community

snmp-server enable traps

snmp-server user

console

Telnet

Bash

SSH

ntp master 172.24.54.8

ntp client 172.24.54.8

ntp peer 172.24.54.8

ntp server 172.24.54.8

LC to SC

SC t ST

SC to SC

LC to LC

Ipv6 address 2001:dbB:d8d2:1008:4343:61:0010::/64

Ipv6 address autoconfig

Ipv6 address fe80::/10

Ipv6 address dhcp

It continues to use a statically assigned IPv4 address

It forces the DNS server to provide the same IPv4 address at each renewal.

It requests the same IPv4 address when it renews its lease with the DHCP server.

It prefers a pool of addresses when renewing the IPv4 host IP address

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 115

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 100

Ip route 10.10.2.0 255.255.255.0 192.168.1.4 115

Ip route 10.10.2.1 255.255.255.255 192.168.1.4 100

An ICMP connection has been built

A certificate has expired

An interface line has changed status

A TCP connection has been torn down

Set the QoS level to silver or greater for voice traffic.

Set the QoS level to platinum for voice traffic.

Enable Media Session Snooping on re WLAN.

Enable traffic shaping for the LAN interlace of the WLC.

Configure two different QoS rotes tor data and voice traffic.

FlexConnect

SE-Connect

bridge

local

channels 1, 5, and 10

channels 1,6, and 11

channels 1,5, and 11

channels 1,6, and 10

ipv6 route 2000::1/128 2012::1

ipv6 route 2000::1/128 2023::2 5

ipv6 route 2000::1/128 2012::1 5

ipv6 route 2000::1/128 2023::3 2

ipv6 route 2000::1/128 2012::2

data center network pokey con

console server that permits secure access to all network devices

IP address cool distribution scheduler

software-defined controller for automaton of devices and services

ip route 10.10.0.0 255.255.252.0 g0/0

ip route 10.0.0.0 255.0.0.0 g0/0

ip route 10.10.10.1 255.255.255.255 g0/0

ip route 10.10.10.0 255.255.255.240 g0/0

employs PKI and RADIUS to identify access points

applies 802.1x authentication and AES-128 encryption

uses TKIP and per-packet keying

defends against deauthentication and disassociation attacks

Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.

Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.

Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.

Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.

Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

REMOVE

REDIRECT

OPOST

GET

UPOP

Enable LLDP globally.

Disable CDP on gi0/0.

Enable LLDP TLVs on the ISP router.

Disable auto-negotiation.

The QoS policy is dropping traffic.

There is a duplex mismatch.

The link is over utilized.

The MTU is not set to the default value.

ipv6 route ::/0 Serial 0/0/0

ipv6 route 0.0.0.0 0.0.0.0 Serial 0/0/0

ipv6 route ::/0 2000::2

ipv6 route ::/0 Serial 0/0/1

to protect against default gateway failures

to prevent loops in a network

to enable multiple switches to operate as a single unit

to provide load-sharing for a multilink segment

They alleviate the shortage of public IPv4 addresses.

They supply redundancy in the case of failure.

They offer Internet connectivity to endpoints on private networks.

They allow for Internet access from IoT devices.

They provide a layer of security from Internet threats.

Option A

Option B

Option C

Option D

The next hop is 10.0.2.1 because it uses distance vector routing

The next hop is 10.0.2.1 because it is a link-state routing protocol

The next hop is 10.0.0.1 because it has a better administrative distance

The next hop is 10.0.0.1 because it has a higher metric.

service

trunk

AP-manager

virtual AP connection

Configure the router A interfaces with the highest OSPF priority value within the area.

Configure router B and router C as OSPF neighbors of router A.

Configure the OSPF priority on router A with the lowest value between the three routers.

Configure router A with a fixed OSPF router ID.

Option A

Option B

Option C

Option D

Both require fiber cable media for transmission.

Both require UTP cable media for transmission.

Both use the single-mode fiber type.

Both use the multimode fiber type.

Configure the no cdp enable command on gO/2.

Configure the no cdp run command globally.

Configure the no lldp run command globally.

Configure the no lldp receive command on gQV1.

personal 10-digit PIN and RSA certificate

complex password and personal 10-digit PIN

password of 8 to 15 characters and personal 12-digit PIN

fingerprint scanning and facial recognition

Provide uninterrupted forwarding service.

Police traffic that is sent to the edge of the network.

Provide direct connectivity for end user devices.

Ensure timely data transfer between layers.

Inspect packets for malicious activity.

It is compatible with 802 lib- and 802 11-compliant wireless devices

It is used in place of 802 11b/g when many nonoverlapping channels are required

It is susceptible to interference from 2 4 GHz devices such as microwave ovens.

It is chosen over 802 11b/g when a lower-cost solution is necessary

Bronze

Platinum

Silver

Gold

configure port in the native VLAN

configure ports in a black hole VLAN

configure in a nondefault native VLAN

configure ports as access ports

enable dynamic ARP inspection

manually implement trunk ports and disable DTP

activate all ports and place in the default VLAN

configure extended VLANs

lt drops the frame immediately.

It forwards the frame back out of interface Fa0/1.

It floods the frame to all interfaces except Fa0/1.

It holds the frame until the MAC address timer expires and then drops the frame.

interface gi0/1no cdp enable

interface gi0/1clear cdp table

interface gi0/0no cdp advertise-v2

interface gi0/0no cdp run

RIP route 10.0.0.0/30

iBGP route 10.0.0.0/30

OSPF route 10.0.0.0/30

EIGRP route 10.0.0.1/32

OSPF route 10.0.0.0/16

The switch rewrites the source and destination MAC addresses with its own.

The source MAC address is changed.

The source and destination MAC addresses remain the same.

The destination MAC address is replaced with ffff.ffff.ffff.

allows access restrictions to be implemented between subscriber sites.

provides direct connections between subscribers

supports Layer 2 VPNs

supports application optimization

Dynamic ARP Inspection

using a non-default native VLAN

802.1x

DHCP snooping

ASCII

base64

binary

decimal

hexadecimal

compare the destination IP address to the IP routing table.

run routing protocols (OSPF, EIGRP, RIP, BGP)

make a configuration change from an incoming NETCONF RPC

reply to an incoming ICMP echo request

on

auto

active

desirable

The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic

It allows logical network devices to move traffic between virtual machines and the rest of the physical network

It allows multiple operating systems and applications to run independently on one physical server.

It allows a physical router to directly connect NICs from each virtual machine into the network

It requires that some servers, virtual machines and network gear reside on the Internet

Both have a 50 micron core diameter

Both have a 9 micron core diameter

Both have a 62.5 micron core diameter

Both have a 100 micron core diameter

Configure the ports in an EtherChannel.

Administratively shut down the ports

Configure the port type as access and place in VLAN 99

Configure the ports as trunk ports

Enable the Cisco Discovery Protocol

Reassociation Request

Probe Request

Authentication Request

Association Request

set the default network as 20.20.20.0/24

set the default gateway as 20.20.20.2

configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network

configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network

TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure applications receive the data on the remote end.

UDP sets up a connection between both devices before transmitting data. TCP uses the three-way handshake to transmit data with a reliable connection.

UDP is used for multicast and broadcast communication. TCP is used for unicast communication and transmits data at a higher rate with error checking.

TCP requires the connection to be established before transmitting data. UDP transmits data at a higher rate without ensuring packet delivery.

SW1

SW2

SW3

SW4

asynchronous routing

single-homed branches

dual-homed branches

static routing

dynamic routing

disk

applications

VM configuration file

operating system

group access points together to increase throughput on a given channel

configure the first three access points are configured to use Channels 1, 6, and 11

include a least two access points on nonoverlapping channels to support load balancing

assign physically adjacent access points to the same Wi-Fi channel

OpenFlow

NETCONF

Thrift

CORBA

DSC

ip address dhcp

ip helper-address

ip dhcp pool

ip dhcp client

The floating static route must have a higher administrative distance than the primary route so it is used as a backup

The administrative distance must be higher on the primary route so that the backup route becomes secondary.

The floating static route must have a lower administrative distance than the primary route so it is used as a backup

The default-information originate command must be configured for the route to be installed into the routing table

10.0.1.3

10.0.1.50

10.0.1.4

Loopback D

enforcing routing policies

marking interesting traffic for data polices

attaching users to the edge of the network

applying security policies

Clock timezone

Clock summer-time-recurring

Clock summer-time date

Clock set

Control

Management

Data

application

it enables BPDU messages

It minimizes spanning-tree convergence time

It immediately puts the port into the forwarding state when the switch is reloaded

It immediately enables the port in the listening state

adapters that support all families of Cisco IOS software

SDKs that support interaction with third-party network equipment

customized versions for small, medium, and large enterprises

REST APIs that allow for external applications to interact natively with Cisco DNA Center

modular design that is upgradable as needed

RADIUS

TACACS+

SCP

Telnet

SSH

wireless access point

firewall

wireless LAN controller

router

separate from other VLANs within the administrative domain

give it a value in the private VLAN range

assign it as VLAN 1

configure it as a different VLAN ID on each end of the link

The Layer 2 switch drops the received frame

The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.

The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.

The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table

a list of the available IP addresses in a pool

a list of public IP addresses and their corresponding names

usernames and passwords for the end users in a domain

a list of statically assigned MAC addresses

logging trap 5

logging trap 2

logging trap 4

logging trap 3

Filter traffic based on destination IP addressing

Sends the default route to the hosts on a network

ensures a loop-free physical topology

forwards multicast hello messages between routers

VTP

DTP

egress traffic

ingress traffic

access-list 2699 permit udp 10.20.1.0 0.0.0.255

no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22

access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22

no access-list 2699 deny ip any 10.20.1.0 0.0.0.255

Enable dynamic ARP inspection

Configure an ACL to prevent traffic from changing VLANs

Change native VLAN to an unused VLAN ID

Implement port security on internet-facing VLANs

alert

critical

notice

debug

dual algorithm

metric

administrative distance

hop count

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

The DHCP client can request up to four DNS server addresses

The DHCP server assigns IP addresses without requiring the client to renew them

The DHCP server leases client IP addresses dynamically.

The DHCP client maintains a pool of IP addresses it can assign.

0000.5E00.010a

0005.3711.0975

0000.0C07.AC99

0007.C070/AB01

YAML

JSON

EBCDIC

SGML

XML

SMTP

SNMP

TCP

FTP

Switch 1

Switch 2

Switch 3

Switch 4

local port ID

lowest path cost to the root bridge

lowest neighbor's bridge ID

lowest neighbor's port ID

switch(config)#spanning-tree vlan 1 max-age 6

switch(config)#spanning-tree vlan 1 hello-time 10

switch(config)#spanning-tree vlan 1 priority 4096

switch(config)#spanning-tree vlan 1 forward-time 20

Enable the allow AAA Override

Enable the Even: Driven RRM.

Disable the LAG Mode or Next Reboot.

Enable the Authorized MIC APs against auth-list or AAA.

IPsec tunnel mode with AH

IPsec transport mode with AH

IPsec tunnel mode with ESP

IPsec transport mode with ESP

TCP uses synchronization packets, and UDP uses acknowledgment packets.

UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

UDP provides reliable message transfer and TCP is a connectionless protocol

TCP uses the three-way handshake and UDP does not guarantee message delivery

Add the switch in the VTP domain with a lower revision number

Add the switch with DTP set to dynamic desirable

Add the switch in the VTP domain with a higher revision number

Add the switch with DTP set to desirable

management plane

control plane

policy plane

data plane

R1(config)#interface ethernet0/0R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0.20R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0.20R1(config)#ip address 10.20.20.1 255.255.255.0

R1(config)#interface ethernet0/0R1(config)#ip address 10.20.20.1 255.255.255.0

interface GigabitEthernet0/0/1channel-group 10 mode on

interface GigabitEthernet0/0/1channel-group 10 mode active

interface GigabitEthernet0/0/1channel-group 10 mode auto

interface port-channel 10switchportswitchport mode trunk

interface port-channel 10no switchportip address 172.16.0.1.255.255.255.0

communicates between the controller and the physical network hardware

reports device errors to a controller

generates statistics for network hardware and traffic

facilitates communication between the controller and the applications

read

update

create

delete

DTP

STP

VTP

802.10

207.165.200.246 via Serial0/1/0

207.165.200.254 via Serial0/0/1

207.165.200.254 via Serial0/0/0

207.165.200.250 via Serial/0/0/0

Interface errors are incrementing

An incorrect SFP media type was used at SiteA

High usage is causing high latency

The sites were connected with the wrong cable type

management interface settings

QoS settings

Ip address of one or more access points

SSID

Profile name

The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.

The two routers negotiate one router as the active router and the other as the standby router

Each router has a different IP address both routers act as the default gateway on the LAN, and traffic is load balanced between them.D The two routers synchronize configurations to provide consistent packet forwarding

The two routed share the same IP address, and default gateway traffic is load-balanced between them

enable AAA override

enable RX-SOP

enable DTIM

enable Band Select

802.1x

IP Source Guard

MAC Authentication Bypass

802.11n

TKiP encryption

AES encryption

scrambled encryption key

SAE encryption

DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

switchport mode trunk

switchport mode dynamic desirable

switchport mode dynamic auto

switchport nonegotiate

port-to-multipoint

broadcast

point-to-point

nonbroadcast

192.168.0.0/26 as summary and 192.168.0.0/29 for each floor

192.168.0.0.24 as summary and 192.168.0.0/28 for each floor

192.168.0.0/23 as summary and 192.168.0.0/25 for each floor

l92.168.0.0/25 as summary and 192.168.0.0/27 for each floor

large and requires a flexible, scalable network design

large and must minimize downtime when hardware fails

small and needs to reduce networking costs currently

small but is expected to grow dramatically in the near future

Option A

Option B

Option C

Option D

hypervisor

router

straight cable

switch

Enabled interfaces are automatically placed in listening state

Enabled interfaces come up and move to the forwarding state immediately

Enabled interfaces never generate topology change notifications.

Enabled interfaces that move to the learning state generate switch topology change notifications

Enabled interfaces wait 50 seconds before they move to the forwarding state

10.10.1.10

10.10.10.20

172.16.15.10

192.168.0.1

enable the PortFast feature on ports

implement port-based authentication

configure static ARP entries

configure ports to a fixed speed

shut down unused ports

Re- Anchor Roamed Clients

11ac MU-MIMO

OEAP Split Tunnel

Client Band Select

backup

standby

listening

forwarding

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

The router calculates the feasible distance of all paths to the destination route

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

The router must use the advertised distance as the metric for any given route

between the SDN controller and PCs on the network

between the SON controller and switches and routers on the network

between the SON controller and services and applications on the network

between network applications and switches and routers on the network

Add the access-list 10 permit any command to the configuration

Remove the access-class 10 in command from line vty 0.4.

Add the ip access-group 10 out command to interface g0/0.

Remove the password command from line vty 0 4.

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Content-Type: application/json; charset=utf-8

Accept: application/json

Eliminating training needs

Increasing reliance on self-diagnostic and self-healing

Policy-derived provisioning of resources

Providing a ship entry point for resource provisioning

Reducing hardware footprint

eBGP

static

OSPF

EIGRP

Option A

Option B

Option C

Option D

point-to-multipoint

point-to-point

broadcast

nonbroadcast

No router ID is set, and the OSPF protocol does not run.

The highest up/up physical interface IP address is selected as the router ID.

The lowest IP address is incremented by 1 and selected as the router ID.

The router ID 0.0.0.0 is selected and placed in the OSPF process.

global unicast

link-local

unique local

multicast

After the cable is connected, the interface uses the fastest speed setting available for that cable type

After the cable is connected, the interface is available faster to send and receive user data

The frames entering the interface are marked with higher priority and then processed faster by a switch.

Real-time voice and video frames entering the interface are processed faster

They prevent (oops in the Layer 2 network.

They allow encrypted traffic.

They are able to bundle muftlple ports to increase bandwidth

They enable automatic failover of the default gateway.

They allow multiple devices lo serve as a single virtual gateway for clients in the network

when the sending device waits 15 seconds before sending the frame again

when the cable length limits are exceeded

when one side of the connection is configured for half-duplex

when Carrier Sense Multiple Access/Collision Detection is used

when a collision occurs after the 32nd byte of a frame has been transmitted

broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites

multicast traffic from a server at one site to hosts at another location

spanning-tree updates between switches that are at two different sites

unicast messages from a host at a remote site to a server at headquarters

Spanning tree may fail to detect a switching loop in the network that causes broadcast storms

VTP is allowed to propagate VLAN configuration information from switch to switch automatically.

Root port choice and spanning tree recalculation are accelerated when a switch link goes down

After spanning tree converges PortFast shuts down any port that receives BPDUs.

Enable Security Association Teardown Protection and set the SA Query timeout to 10

Enable MAC filtering and set the SA Query timeout to 10

Enable 802.1x Layer 2 security and set me Comeback timer to 10

Enable the Protected Management Frame service and set the Comeback timer to 10

to analyze traffic and drop unauthorized traffic from the Internet

to transmit wireless traffic between hosts

to pass traffic between different networks

forward traffic within the same broadcast domain

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how It deploys network resources.

It provides services that are accessed over the Internet.

It Is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately-owned virtual resources

10.10.10.0/28

10.10.13.0/25

10.10.13.144/28

10.10.13.208/29

It ignores the new static route until the existing OSPF default route is removed

It immediately replaces the existing OSPF route in the routing table with the newly configured static route

It starts load-balancing traffic between the two default routes

It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1

Exchange

2-way

Full

Init

it sends information about MIB variables in response to requests from the NMS

it requests information from remote network nodes about catastrophic system events.

it manages routing between Layer 3 devices in a network

it coordinates user authentication between a network device and a TACACS+ or RADIUS server

20

90

110

115

internal BGP route

/24 route of a locally configured IP

statically assigned route

route learned through EIGRP

policy plane

management plane

control plane

data plane

Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.

Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router.

Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.

Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.

Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

Option A

Option B

Option C

Option D

bridge

route

autonomous

lightweight

The administrator can make configuration updates from the CLI

It uses northbound and southbound APIs to communicate between architectural layers

It moves the control plane to a central point.

It decentralizes the control plane, which allows each device to make its own forwarding decisions

It uses Telnet to report system issues.

The switch must be running a k9 (crypto) IOS image

The Ip domain-name command must be configured on the switch

IP routing must be enabled on the switch

A console password must be configured on the switch

Telnet must be disabled on the switch

The user swipes a key fob, then clicks through an email link

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

The user enters a user name and password and then re-enters the credentials on a second screen

passive

mode on

auto

active

connect wireless devices to a wired network

support secure user logins to devices or the network

integrate with SNMP in preventing DDoS attacks

serve as a first line of defense in an enterprise network

It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points

It allows the administrator to assign channels on a per-device or per-interface basis.

It segregates devices from different manufacturers onto different channels.

It analyzes client load and background noise and dynamically assigns a channel.

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)#ip ospf priority 100

R3(config)#interface Gig0/0 R3(config-if)i=ip ospf priority 1

R3(config)#interface Gig0/1 R3(config-if)#ip ospf priority 0

user-activity logging

service limitations

consumption-based billing

identity verification

DTP

FTP

SMTP

TFTP

access - core - distribution - access

access - distribution - distribution - access

access - core - access

access -distribution - core - distribution - access

The switch port interface trust state becomes untrusted

The switch port remains administratively down until the interface is connected to another switch

Dynamic ARP inspection is disabled because the ARP ACL is missing

The switch port remains down until it is configured to trust or untrust incoming packets

Option A

Option B

Option C

Option D

RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication

TACACS+ encrypts only password information and RADIUS encrypts the entire payload

TACACS+ separates authentication and authorization, and RADIUS merges them

RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands

reduced operational costs

reduced hardware footprint

faster changes with more reliable results

fewer network failures

increased network security

HTTPS

HTTP

Telnet

SSH

preshared key that authenticates connections

RSA token

CA that grants certificates

clear-text password that authenticates connections

one or more CRLs

sniffer

mesh

flexconnect

local

host route

default route

floating static route

network route

moves from a two-tier to a three-tier network architecture to provide maximum redundancy

provides an added layer of security to protect from DDoS attacks

allows configuration and monitoring of the network from one centralized port

combines control and data plane functionality on a single device to minimize latency

Option A

Option B

Option C

Option D

R1(config)#ip route 192.168.20.0 255.255.0.0 192.168.30.2

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 90

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2 111

R1(config)#ip route 192.168.20.0 255.255.255.0 192.168.30.2

They enable automatic failover of the default gateway.

They allow multiple devices to serve as a single virtual gateway for clients in the network.

They are able to bundle multiple ports to increase bandwidth.

They prevent loops in the Layer 2 network.

They allow encrypted traffic.

transport input telnet

crypto key generate rsa

ip ssh pubkey-chain

login console

username cisco password 0 Cisco

password password

crypto key generate rsa modulus 1024

ip domain-name domain

ip ssh authentication-retries 2

Option A

Option B

Option C

Option D

lp route 0.0.0.0 0.0.0.0 192.168.1.2

ip default-gateway 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.2.1 10

ip route 0.0.0.0 0.0.0.0 192.168.1.2 10

ip route 0.0.0.0 0.0.0.0 192.168.0.2 GigabitEthernetl/0

ip route 0.0.0.0 0.0.0.0 192.168.0.2 tracked

ip route 0.0.0.0 0.0.0.0 192.168.0.2 floating

ip route 0.0.0.0 0.0.0.0 192.168.0.2

IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration

IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.

Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes

Option A

Option B

Option C

Option D

SW1

SW2

SW3

SW4

R1(config)#lp route 172.16.2.2 255.255.255.248 gi0/1

R1(config)#jp route 172.16.2.2 255.255.255.255 gi0/0

R1(config>#ip route 172.16.2.0 255.255.255.0 192.168.1.15

R1(conflg)#ip route 172.16.2.0 255.255.255.0 192.168.1.5

F0/4

F0/0

F0/1

F0/3

192.168.0.7

192.168.0.4

192.168.0.40

192.168.3.5

to increase security and encrypt management frames

to provide link redundancy and load balancing

to allow for stateful and link-state failover

to enable connected switch ports to failover and use different VLANs

Configure router A to use the same MTU size as router B.

Set the router B OSPF ID to a nonhost address.

Configure a point-to-point link between router A and router B.

Set the router B OSPF ID to the same value as its IP address

Define a NAT pool on the router.

Configure static NAT translations for VLAN 200.

Configure the ip nat outside command on another interface for VLAN 200.

Update the NAT INSIDF RANGFS ACL

ipv6 address 21:EB8:C1:2200:1::331/64

ipv6 address 2001:EB8:C1:22:1::331/64

ipv6 address 2001 :EB8:C 1:2200.1 ::331-64

ipv6 address 2001:EB8:C1:2200:1:0000:331/64

global unicast address

anycast address

multicast address

link-local address

unique local address

link-local address

aggregatable global address

IPv4-compatible IPv6 address

SYIM flood

reflection

teardrop

amplification

10.10.10.5

10.10.11.2

10.10.12.2

10.10.10.9

VLAN numbering

VLAN DSCP

VLAN tagging

VLAN marking

interface vlan 1234ip address 10.70.159.1 255.255.254.0

interface vlan 1148ip address 10.70.148.1 255.255.254.0

interface vlan 4722ip address 10.70.133.17 255.255.255.192

interface vlan 3002ip address 10.70.147.17 255.255.255.224

interface vlan 155ip address 10.70.155.65 255.255.255.224

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf network broadcast

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf network point-to-point

router ospf 1network 192.168.1.1 0.0.0.0 area 0interface e1/1ip address 192.168.1.1 255.255.255.252ip ospf cost 0

router ospf 1network 192.168.1.1 0.0.0.0 area 0hello interval 15interface e1/1Ip address 192.168.1.1 255.255.255.252

ip route 0.0.0.0 0.0.0.0 g0/1 1

ip route 0.0.0.0 0.0.0.0 209.165.201.5 10

ip route 0.0.0.0 0.0.0.0 209.165.200.226 1

ip route 0,0.0.0 0.0.0.0 g0/1 6

VLANID

SSID

RFID

WLANID

Configure the OSPF priority on router A with the lowest value between the three routers.

Configure router B and router C as OSPF neighbors of router A.

Configure the router A interfaces with the highest OSPF priority value within the area.

Configure router A with a fixed OSPF router ID

provides an added level of protection against Internet exposure

provides a reduction in size of the forwarding table on network routers

allows communication across the Internet to other private networks

allows servers and workstations to communicate across public network boundaries

Option A

Option B

Option C

Option D

Change the channel-group mode on SW2 to auto

Change the channel-group mode on SW1 to desirable.

Configure the interface port-channel 1 command on both switches.

Change the channel-group mode on SW1 to active or passive.

The Incoming and outgoing ports for traffic flow must be specified If LAG Is enabled.

The controller must be rebooted after enabling or reconfiguring LAG.

The management interface must be reassigned if LAG disabled.

Multiple untagged interfaces on the same port must be supported.

via next-hop 10.0.1.5

via next-hop 10 0 1.4

via next-hop 10.0 1.50

via next-hop 10.0 1 100

multicast replication at the hardware level

fragmenting and reassembling packets

making routing decisions

forwarding packets

router-id 10.0.0.15

neighbor 10.1.2.0 cost 180

ipospf priority 100

network 10.0.0.0 0.0.0.255 area 0

172.16.0.0/16

192.168.2.0/24

207.165.200.0/24

192.168.1.0/24

SSH

HTTPS

Telnet

console

int range g0/0-1channel-group 10 mode active

int range g0/0-1 chanm.l-group 10 mode desirable

int range g0/0-1channel-group 10 mode passive

int range g0/0-1 channel-group 10 mode auto

int range g0/0-1 channel-group 10 mode on

LC to SC

SC t ST

SC to SC

LC to LC

Alert

Error

Emergency

Critical

STP cables are cheaper to procure and easier to install and UTP cables are more expensive and harder to install.

UTP cables are less prone to crosstalk and interference and STP cables are more prone to crosstalk and interference.

UTP cables provide taster and more reliable data transfer rates and STP cables are slower and less reliable.

STP cables are shielded and protect against electromagnetic interference and UTP lacks the same protection against electromagnetic interference.

It replaces the designated port when the designated port fails

It is the best path to the root from a nonroot switch.

It replaces the designated port when the root port fails.

It is administratively disabled until a failover occurs.

EtherChannel

LAG

trunk

access

divides data link layer functions between the AP and WLC

combines the management and control functions from the data-forwarding functions

uses different MAC addresses for 2.4 GHz and 5 GHz bands on the same AP

leverages two APs to handle control and data traffic

It is enabled by default on all VLANs and interfaces

It increases the potential for MAC address flooding.

It is disabled by default on all interfaces connected to trunks

lt increases security on the management VLAN

when a nonidempotent operation is needed

to update a DNS server

to display a web site

when a read-only operation it required

ipv6 route ::/0 2001:db8:1234:2::1 3

ipv6 route ::/128 2001 :db8:1234:2::1 3

ipv6 route ::/0 2001:db8:1234:2::1 1

ipv6 route ::/0 2001:db8:1234:2::1 2

Option A

Option B

Option C

Option D

ipv6 address 2001:DB8:0:1:C601:42FF:FE0F:7/64

ipv6 address 2001:DB8:0:1:C601:42FE:800F:7/64

ipv6 address 2001 :DB8:0:1:FFFF:C601:420F:7/64

iov6 address 2001 :DB8:0:1:FE80:C601:420F:7/64

Option A

Option B

Option C

Option D

interface vlan 2000ipv6 address ffc0:0000:aaaa::1234:2343/64

interface vlan 2000Ipv6 address fc00:0000:aaaa:a15d:1234:2343:8aca/64

interface vlan 2000ipv6 address fe80;0000:aaaa::1234:2343/64

interface vlan 2000ipv6 address fd00::1234:2343/64

Option A

Option B

Option C

Option D

Option E

R2 is using the passive-interface default command

R1 has an incorrect network command for interface Gi1/0

R2 should have its network command in area 1

R1 interface Gil/0 has a larger MTU size

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

The interface is receiving excessive broadcast traffic.

The cable connection between the two devices is faulty.

The interface is operating at a different speed than the connected device.

The bandwidth setting of the interface is misconfigured

different security settings

discontinuous frequency ranges

different transmission speeds

unique SSIDs

forwards traffic to the next hop

constructs a routing table based on a routing protocol

provides CLI access to the network device