Refer to the exhibit.
An engineer must deny Telnet traffic from the loopback interface of router R3 to the Loopback interface of router R2 during, the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times Which command set accomplishes this task?
A)
B)
C)
D)
A company requires a wireless solution to support its mam office and multiple branch locations. All sites have local Internet connections and a link to the main office lor corporate connectivity. The branch offices are managed centrally. Which solution should the company choose?
Which two features does the Cisco SD-Access architecture add to a traditional campus network? (Choose two.)
What is used to validate the authenticity of the client and is sent in HTTP requests as a JSON object?
Drag and drop the characteristics from the left onto the deployment types on the right.
Refer to the exhibit. A network administrator configured RSPAN to troubleshoot an issue between switch1 and switch2. The switches are connected using interface GigabitEthernet 1/1. An external packet capture device is connected is switch2 interface GigabitEthernet 1/2. Which two commands must be added to complete this configuration? (Choose two)
Which configuration creates a CoPP policy that provides unlimited SSH access from dient 10.0.0.5 and denies access from all other SSH clients'?
A)
B)
C)
D)
Refer to the exhibit.
An engineer entered the command no spanning-tree bpduguard enable on interface Fa 1/0/7. What is the effect of this command on Fa 1/0/7?
Refer to the exhibit.
How should the script be completed so that each device configuration is saved into a JSON-formatted file under the device name?
A)
B)
C)
D)
Which two solutions are used for backing up a Cisco DNA Center Assurance database? (Choose two)
Which function does a fabric wireless LAN controller perform In a Cisco SD-Access deployment?
Refer to the exhibit.
An engineer must set up connectivity between a campus aggregation layer and a branch office access layer. The engineer uses dynamic trunking protocol to establish this connection, however, management traffic on VLAN1 is not passing. Which action resolves the issue and allow communication for all configured VLANs?
Refer to the exhibit.
What are two effect of this configuration? (Choose two.)
Refer to the exhibit.
Object tracking has been configured for VRRP-enabled routers Edge-01 and Edge-02 Which commands cause Edge-02 to preempt Edge-01 in the event that interface G0/0 goes down on Edge-01?
A)
B)
C)
D)
What is a characteristic of the overlay network in the Cisco SD-Access architecture?
A large campus network has deployed two wireless LAN controllers to manage the wireless network. WLC1 and WLC2 have been configured as mobility peers. A client device roams from AP1 on WLC1 to AP2 on WLC2, but the controller's client interfaces are on different VLANs. How do the wireless LAN controllers handle the inter-subnet roaming?
Refer to the exhibit. Which EEM script generates a critical-level syslog message and saves a copy of the running configuration to the bootflash when an administrator saves the running configuration to the startup configuration?
Refer to the exhibit. Which python code parses the response and prints “18:32:21.474 UTC sun Mar 10 2019?
Which feature Is used to propagate ARP broadcast, and link-local frames across a Cisco SD-Access fabric to address connectivity needs for silent hosts that require reception of traffic to start communicating?
Refer to the exhibit. A network engineer must load balance traffic that comes from the NAT Router and is destined to 10.10.110.10, to several FTP servers. Which two commands sets should be applied? (Choose two).
A)
B)
C)
D)
E)
An engineer must configure a new loopback Interface on a router and advertise the interface as a fa4 in OSPF. Which command set accomplishes this task?
A)
B)
C)
D)
Which two Cisco SD-Access components provide communication between traditional network elements and controller layer? (choose two)
An engineer must implement a configuration to allow a network administrator to connect to the console port of a router and authenticate over the network. Which command set should the engineer use?
An engineer is configuring Local WebAuth on a Cisco Wireless LAN Controller. According to RFC 5737, WHICH VIRTUAL IP address must be used in this configuration?
Refer to the exhibit. An engineer is reaching network 172.16.10.0/24 via the R1-R2-R4 path. Which configuration forces the traffic to fake a path of R1-R3-R4?
A)
B)
C)
D)
A network engineer is configuring OSPF on a router. The engineer wants to prevent having a route to 177.16.0.0/16 learned via OSPF. In the routing table and configures a prefix list using the command ip prefix-list OFFICE seq S deny 172.16.0.0/16. Winch two identical configuration commands must be applied to accomplish the goal? (Choose two.)
The Gig0/0 interface of two routers is directly connected with a 1G Ethernet link. Which configuration must be applied to the interface of both routers to establish an OSPF adjacency without maintaining a DR/BDR relationship?
A)
B)
C)
D)
What is the recommended minimum SNR for data applications on wireless networks?
Refer to the exhibit.
R1 is able to ping the R3 fa0/1 Interface. Why do the extended pings fail?
An engineer must configure an EXEC authorization list that first checks a AAA server then a local username. If both methods fail, the user is denied. Which configuration should be applied?
Refer to the exhibit.
Which command set must be applied on R1 to establish a BGP neighborship with R2 and to allow communication from R1 to reach the networks?
A)
B)
C)
D)
Refer to the exhibit. Which configuration must be implemented to establish EBGP peering between R1 and R2?
Which three resources must the hypervisor make available to the virtual machines? (Choose three)
Refer to the exhibit. Which command set must be added to permit and log all traffic that comes from 172.20.10.1 in interface GigabitEthernet0/1 without impacting the functionality of the access list?
Refer io me exhibit.
An engineer configures the trunk and proceeds to configure an ESPAN session to monitor VLANs10. 20. and 30. Which command must be added to complete this configuration?
Refer to the exhibit.
An engineer must allow R1 to advertise the 192 168.1 0/24 network to R2 R1 must perform this action without sending OSPF packets to SW1 Which command set should be applied?
A)
B)
C)
D)
Which component transports data plane traffic across a Cisco SD-WAN network?
Refer to The exhibit.
Assuming that R1 is a CE router, which VRF is assigned to Gi0/0 on R1?
Refer the exhibit.
Which configuration elects SW4 as the root bridge for VLAN 1 and puts G0/2 on SW2 into a blocking state?
A)
B)
C)
D)
Refer to the exhibit. An attacker can advertise OSPF fake routes from 172.16.20.0 network to the OSPF domain and black hole traffic. Which action must be taken to avoid this attack and still be able to advertise this subnet into OSPF?
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
Which Cisco FlexConnect state allows wireless users that are connected to the network to continue working after the connection to the WLC has been lost?
Which hypervisor requires a host OS to run and is not allowed to directly access the hosts hardware and resources?
Refer to the exhibit .
Which command must be configured for RESTCONF to operate on port 8888?
Refer to the exhibit. A network engineer checks connectivity between two routers. The engineer can ping the remote endpoint but cannot see an ARP entry. Why is there no ARP entry?
Which signal strength and noise values meet the minimum SNR for voice networks?
Drag and drop the characteristics from the left onto the deployment model on the right.
Refer to the exhibit. Which command set enables router R2 to be configured via NETCONF?
A)
B)
C)
D)
An engineer must configure a new WLAN that allows a user to enter a passphrase and provides forward secrecy as a security measure. Which Layer 2 WLAN configuration is required on the Cisco WLC?
What is the function of the fabric control plane node in a Cisco SD-Access deployment?
Refer to the exhibit.
Which configuration enables fallback to local authentication and authorization when no TACACS+ server is available?
A customer has a pair of Cisco 5520 WLCs set up in an SSO cluster to manage all APs. Guest traffic is anchored to a Cisco 3504 WLC located in a DMZ. Which action is needed to ensure that the EolP tunnel remains in an UP state in the event of failover on the SSO cluster?
Refer to the exhibit An engineer is troubleshooting a newly configured BGP peering that does not establish What is the reason for the failure?
Refer to the exhibit Remote users cannot access the Internet but can upload files to the storage server Which configuration must be applied to allow Internet access?
A)
B)
C)
D)
Refer to the exhibit. Cisco IOS routers R1 and R2 are interconnected using interface Gi0/0. Which configuration allows R1 and R2 to form an OSPF neighborship on interface Gi0/0?
What are two benefits of implementing a traditional WAN instead of an SD-WAN solution? (Choose two.)
: 262 DRAG DROP
Drag and drop the snippets onto the blanks within the code to construct a script that brings up the failover Ethernet port if the primary port goes down and also shuts down the failover port when the primary returns to service. Not all options are used.
Which technology is used to provide Layer 2 and Layer 3 logical networks in the Cisco SD-Access architecture?
Which two methods are used to assign security group tags to the user in a Cisco Trust Sec architecture? (Choose two )
Refer to the exhibit.
Why does OSPF fail to establish an adjacency between R1 and R2?
Drag and drop the LISP components on the left to the correct description on the right.
Drag and drop the characteristics from the left onto the switching architectures on the right.
Refer to the exhibit. Which command set completes the ERSPAN session configuration?
Refer to the exhibit. Which command filters the ERSPAN session packets only to interface GigabitEthernet1?
Refer to the exhibit. What are two results of the NAT configuration? (Choose two.)
Refer to the exhibit. What is the cause of the communication failure between R1 and R4?
Why would a customer implement an on-premises solution instead of a cloud solution?
Using the EIRP formula,what parameter is subtracted to determine the EIRP value?
Which DNS lookup does an access point perform when attempting CAPWAP discovery?
Refer to the exhibit.
R1 has a BGP neighborship with a directly connected router on interface Gi0/0.
Which command set is applied between the iterations of show ip bgp 2.2.2.2?
Which two features are available only in next-generation firewalls? (Choose two.)
Which two results occur if Cisco DNA Center loses connectivity to devices in the SD-Access fabric? (Choose two)
In which two ways does the routing protocol OSPF differ from EIGRP? (Choose two.)
Which two methods are used by an AP that is typing to discover a wireless LAN controller? (Choose two.)
Refer to the exhibit. Which two commands ensure that DSW1 becomes root bridge for VLAN 10? (Choose two)
Drag and drop the characteristics from the left onto the corresponding infrastructure deployment models on the right.
In a Cisco SD-Access wireless environment, which device is responsible for hosting the anycast gateway?
Simulation 04
Configure OSPF on both routers according to the topology to achieve these goals:
Refer to the exhibit.
Extended access-list 100 is configured on interface GigabitEthernet 0/0 in an inbound direction, but it does not have the expected behavior of allowing only packets to or from 192.168.0.0/16. Which command set properly configures the access list?
Which tool is used in Cisco DNA Center to build generic configurations that are able to be applied on device with similar network settings?
What is a benefit of Cisco TrustSec in a multilayered LAN network design?
Which configuration protects the password for the VTY lines against over-the-shoulder attacks?
Simulation 02
Configure HSRP between DISTRO-SW1 and DISTRO-SW2 on VLAN 100 for hosts connected to ACCESS-SW1 to achieve these goals:
1. Configure group number 1 using the virtual IP address of 192.168.1.1/24.
2. Configure DlSTRO-SW1 as the active router using a priority value of 110 and DISTRO-SW2 as the standby router.
3. Ensure that DISTRO-SW2 will take over the active role when DISTRO-SW1 goes down, and when DISTRO-SW1 recovers, it automatically resumes the active role.
DISTRO-SW2
Which technology reduces the implementation of STP and leverages both unicast and multicast?
Which Python code snippet must be added to the script to store the changed interface configuration to a local JSON-formatted file?
Which LISP device is responsible for publishing EID-to-RLOC mappings for a site?
Refer to the exhibit. Which two configurations enable R1 and R2 to advertise routes into OSPF? (Choose two)
A)
B)
C)
D)
E)
How must network management traffic be treated when defining QoS policies?
An engineer must export the contents of the devices object in JSON format. Which statement must be used?
Which DHCP option provides the CAPWAP APs with the address of the wireless controller(s)?
A network engineer must configure a router to send logging messages to a syslog server based on these requirements:
Which configuration must be used?
A network engineer configures a WLAN controller with increased security for web access. There is IP connectivity with the WLAN controller, but the engineer cannot start a management session from a web browser. Which action resolves the issued
Drag and drop characteristics of PIM dense mode from the left to the right.
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
An administrator must enable Telnet access to Router X using the router username and password database for authentication. Which configuration should be applied?
A)
B)
C)
D)
Refer to the exhibit.
What is the effect of these commands on the BR and HQ tunnel interfaces?
How does Cisco Trustsec enable more flexible access controls for dynamic networking environments and data centers?
A customer wants to use a single SSID to authenticate loT devices using different passwords. Which Layer 2 security type must be configured in conjunction with Cisco ISE to achieve this requirement?
Refer to the exhibit.
All switches are configured with the default port priority value. Which two commands ensure that traffic from PC1 is forwarded over Gi1/3 trunk port between DWS1 and DSW2? (Choose two)
Drag and drop the characteristics from the left onto the routing protocols they describe on the right
Why is an AP joining a different WLC than the one specified through option 43?
An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used.
Refer to the exhibit.
An engineer must permit traffic from these networks and block all other traffic An informational log message should be triggered when traffic enters from these prefixes Which access list must be used?
An engineer is working with the Cisco DNA Center API Drag and drop the methods from the left onto the actions that they are used for on the right.
A vulnerability assessment highlighted that remote access to the switches is permitted using unsecure and unencrypted protocols Which configuration must be applied to allow only secure and reliable remote access for device administration?
Based on the router's API output in JSON format below, which Python code will display the value of the "hostname" key?
A)
B)
C)
D)
An engineer configures GigabitEthernet 0/1 for VRRP group 115. The router must assume the primary role when it has the highest priority in the group. Which command set is required to complete this task?
Refer to the exhibit.
Which JSON syntax is derived from this data?
A)
B)
C)
D)
Refer to the exhibit.
Which command set changes the neighbor state from Idle (Admin) to Active?
A)
B)
C)
D)
In a three-tier hierarchical campus network design, which action is a design best-practice for the core layer?
A client device roams between access points located on different floors in an atrium. The access points are Joined to the same controller and configured in local mode. The access points are in different AP groups and have different IP addresses, but the client VLAN in the groups is the same. Which type of roam occurs?
What is the function of a control-plane node In a Cisco SD-Access solution?
Which two actions, when applied in the LAN network segment, will facilitate Layer 3 CAPWAP discovery for lightweight AP? (Choose two.)
Which protocol is used to encrypt control plane traffic between SD-WAN controllers and SD-WAN endpoints?
Refer to the exhibit.
An engineer troubleshoots connectivity issues with an application. Testing is performed from the server gateway, and traffic with the DF bit set is dropped along the path after increasing packet size. Removing the DF bit setting at the gateway prevents the packets from being dropped. What is the cause of this issue?
Drag and drop the descriptions from the left onto the QoS components they describe on the right.
Which two GRE features are configured to prevent fragmentation? (Choose two.)
Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied on SW2 port G0/0 in the inbound direction?
Refer to the exhibit. An engineer attempts to configure a router on a stick to route packets between Clients, Servers, and Printers; however, initial tests show that this configuration is not working. Which command set resolves this issue?
A)
B)
C)
D)
What is provided by the Stealthwatch component of the Cisco Cyber Threat Defense solution?
Which element enables communication between guest VMs within a virtualized environment?
Refer to the exhibit.
An engineer is troubleshooting an application running on Apple phones. The application Is receiving incorrect QoS markings. The systems administrator confirmed that ail configuration profiles are correct on the Apple devices. Which change on the WLC optimizes QoS for these devices?
Drag and drop the REST API authentication methods from the left onto their descriptions on the right.
AN engineer is implementing a route map to support redistribution within BGP. The route map must configured to permit all unmatched routes. Which action must the engineer perform to complete this task?
Which threat defence mechanism, when deployed at the network perimeter, protects against zero-day attacks?
Refer to the exhibit.
An engineer is installing a new pair of routers in a redundant configuration. Which protocol ensures that traffic is not disrupted in the event of a hardware failure?
Refer to the exhibit.
What is required to configure a second export destination for IP address 192.168.10.1?
Refer to the exhibit.
Which command must be applied to Router 1 to bring the GRE tunnel to an up/up state?
Refer to the exhibit.
An engineer attempts to bundle interface Gi0/0 into the port channel, but it does not function as expected. Which action resolves the issue?
Refer to the exhibit.
After the code is run on a Cisco IOS-XE router, the response code is 204.
What is the result of the script?
The login method is configured on the VTY lines of a router with these parameters.
Which configuration accomplishes this task?
An engineer must enable a login authentication method that allows a user to log in by using local authentication if all other defined authentication methods fail Which configuration should be applied?
Refer to the exhibit.
Which two facts does the device output confirm? (Choose two.)
Refer to the exhibit.
What is the Json syntax that is formed from the data?
A company has an existing Cisco 5520 HA cluster using SSO. An engineer deploys a new single Cisco Catalyst 9800 WLC to test new features. The engineer successfully configures a mobility tunnel between the 5520 cluster and 9800 WLC. Client connected to the corporate WLAN roam seamlessly between access points on the 5520 and 9800 WLC. After a failure on the primary 5520 WLC, all WLAN services remain functional; however, Client roam between the 5520 and 9800 controllers without dropping their connection. Which feature must be configured to remedy the issue?
A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?
Refer to the exhibit.
A network engineer must simplify the IPsec configuration by enabling IPsec over GRE using IPsec profiles. Which two configuration changes accomplish this? (Choose two).
Refer to the exhibit. An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2. Which is the cause of the message?
Drag and drop the Qos mechanisms from the left to the correct descriptions on the right
Refer to the exhibit. Which configuration change will force BR2 to reach 209 165 201 0/27 via BR1?
Refer to the exhibit.
After implementing the configuration 172.20.20.2 stops replaying to ICMP echoes, but the default route fails to be removed. What is the reason for this behavior?
Refer to the exhibit. What does the error message relay to the administrator who is trying to configure a Cisco IOS device?
A customer has several small branches and wants to deploy a WI-FI solution with local management using CAPWAP. Which deployment model meets this requirement?
Refer to exhibit.
VLANs 50 and 60 exist on the trunk links between all switches All access ports on SW3 are configured for VLAN 50 and SW1 is the VTP server Which command ensures that SW3 receives frames only from VLAN 50?
Refer to the exhibit. Which two commands are needed to allow for full reachability between AS 1000 and AS 2000? (Choose two)
In a Cisco SD-Access solution, what is the role of the Identity Services Engine?
Which technology provides a secure communication channel for all traffic at Layer 2 of the OSI model?
Refer to the exhibit.
Which type of antenna is show on the radiation patterns?
Refer to the exhibit.
A network engineer is configuring OSPF between router R1 and router R2. The engineer must ensure that a DR/BDR election does not occur on the Gigabit Ethernet interfaces in area 0. Which configuration set accomplishes this goal?
A)
B)
C)
D)
Refer to the exhibit Drag and drop the snippets into the RESTCONF request to form the request that returns this response Not all options are used
Refer to the exhibit.
Which configuration allows Customer2 hosts to access the FTP server of Customer1 that has the IP address of 192.168.1.200?
Refer to the exhibit.
An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24. The engineer applies access control list EGRESS in the outbound direction on the GigabitEthernet0/0 interface of the router However, the router can still ping hosts on the 209.165.200.0/24 subnet. Which explanation of this behavior is true?
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
Drag and drop the virtual components from the left onto their deceptions on the right.
Which entity is responsible for maintaining Layer 2 isolation between segments In a VXLAN environment?
Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?
Which protocol does REST API rely on to secure the communication channel?
Drag and drop the descriptions from the left onto the QoS components on the right.
Refer to the exhibit.
Router 1 is currently operating as the HSRP primary with a priority of 110 router1 fails and router2 take over the forwarding role. Which command on router1 causes it to take over the forwarding role when it return to service?
Which measure is used by an NTP server to indicate its closeness to the authoritative time source?
Refer to the exhibit.
Security policy requires all idle-exec sessions to be terminated in 600 seconds. Which configuration achieves this goal?
Refer to the exhibit.
What are two effects of this configuration? (Choose two.)
A server running Linux is providing support for virtual machines along with DNS and DHCP services for a small business. Which technology does this represent?
When configuration WPA2 Enterprise on a WLAN, which additional security component configuration is required?
Where is radio resource management performed in a cisco SD-access wireless solution?
When a wireless client roams between two different wireless controllers, a network connectivity outage is experience for a period of time. Which configuration issue would cause this problem?
Which statement about TLS is accurate when using RESTCONF to write configurations on network devices?
Which DHCP option helps lightweight APs find the IP address of a wireless LAN controller?
Which algorithms are used to secure REST API from brute attacks and minimize the impact?
Refer to the exhibit.
An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as the exit point. Assuming that all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers, which configuration accomplish task?
Which features does Cisco EDR use to provide threat detection and response protection?
Refer to the exhibit. Which action completes the configuration to achieve a dynamic continuous mapped NAT for all users?
Refer to the exhibit. An engineer attempts to create a configuration to allow the Blue VRF to leak into the global routing table, but the configuration does not function as expected. Which action resolves this issue?
When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port?
How does Cisco Trustsec enable more access controls for dynamic networking
environments and data centers?
An engineer is troubleshooting the Ap join process using DNS. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC?