A.  

10.0.0.2

B.  

110

C.  

30

D.  

2

A.  

It disables unused services.

B.  

It deploys network firmware updates.

C.  

It creates synthetic network configurations.

D.  

It computes optimal data storage solutions.

A.  

switchport mode trunk channel-group 1 mode active

B.  

no switchport channel-group 1 mode active

C.  

no switchport channel-group 1 mode on

D.  

switchport switchport mode trunk

A.  

value

B.  

object

C.  

array

D.  

key

A.  

interface GigabitEthernet0/0 ip address 10.10.2.10 255.255.252.0

B.  

interface GigabitEthernet0/0.3 encapsulation dot1Q 3 native ip address 10.10.2.10 255.255.252.0

C.  

interface GigabitEthernet0/0.10 encapsulation dot1Q 3

D.  

interface GigabitEthernet0/0.3 encapsulation dot1Q 10 ip address 10.10.2.10 255.255.252.0

A.  

To support DES 56-bit and 3DES (168-bit) ciphers

B.  

To enable secured access to the inbound management interface

C.  

To validate management access with username and domain name only

D.  

To allow passwords protected with HTTPS encryption to be sent

A.  

0

B.  

192.168.10.2

C.  

24

D.  

1

A.  

It supports distributed processing for configuration.

B.  

It relies on global provisioning and configuration.

C.  

It upgrades software and restores files.

D.  

It provides orchestration and network automation services.

A.  

enable AAA override

B.  

enable RX-SOP

C.  

enable DTIM

D.  

enable Band Select

A.  

WLCIP

B.  

gateway IP

C.  

autonomous AP IP

D.  

ACS IP

A.  

switchport trunk allowed vlan 2-1001

B.  

switchport trunk allowed vlan add 23

C.  

switchport trunk allowed vlan 23

D.  

switchport trunk allowed vlan 22-23

A.  

duplex mismatch

B.  

queueing

C.  

bad NIC

D.  

broadcast storm

A.  

supplying network credentials

B.  

role-based access control

C.  

agentless deployment

D.  

manual playbook runs

E.  

launching job templates using version control

A.  

They are allocated by the same organization.

B.  

They are routable on the global internet.

C.  

They use the same process for subnetting.

D.  

They are part of the multicast IPv6 group type.

A.  

to uniquely identify clients to monitor their usage patterns

B.  

to encrypt data to prevent excessive usage

C.  

to contain embedded permissions that automatically expire

D.  

to track the geographical location of each request

A.  

to route traffic on the internet

B.  

to provide flexibility in the IP network design

C.  

to provide overlapping address space with another network

D.  

to limit the number of hosts on the network

A.  

The domain name server is unreachable.

B.  

LAN and WAN network segments are different.

C.  

IP address assignment is incorrect.

D.  

The default gateway should be the first usable IP address.

A.  

They anticipate future traffic spikes.

B.  

They assign IP addresses to devices.

C.  

They select correct cabling types for deployment.

D.  

They solely monitor historical traffic volumes.

A.  

To provide network redundancy in the case of a router failure

B.  

To use an open standard protocol that is configured on Cisco and third-party routers

C.  

To allow hosts in a network to use the same default gateway virtual IP when load-balancing traffic

D.  

To allow clients to be configured with multiple default gateway IPs

A.  

TCP port 443 and UDP 21 are used.

B.  

Control and data traffic encryption are enabled.

C.  

The tunnel uses the IPsec protocol for encapsulation.

D.  

The tunnel uses the EolP protocol to transmit data traffic.

A.  

Content-Type: application/json

B.  

Accept-Encoding: application/json

C.  

Accept: application/json

D.  

Accept-Language: application/json

A.  

It ages out the frame until the MAC address becomes known.

B.  

It drops the frame to avoid unnecessary network congestion.

C.  

It switches the frame to a predetermined port based on settings.

D.  

It floods the frame to all ports except the incoming port.

A.  

A high number of frames smaller than 64 bytes are received.

B.  

Frames are dropped after 16 failed transmission attempts.

C.  

The internal transmit buffer is overloaded.

D.  

An excessive number of frames greater than 1518 bytes are received.

A.  

distribution

B.  

service

C.  

AP-manager

D.  

virtual

A.  

F0/8

B.  

FO/20

C.  

FO/12

D.  

FO/17

A.  

via 10.0.4.2

B.  

via 10.0.0.2

C.  

via FastEthernet0/1

D.  

via FastEthernet1/1

A.  

It uses a single router to route traffic between sites.

B.  

It leverages a dedicated connection.

C.  

It connects remote networks through a single line.

D.  

t delivers redundancy between the central office and branch offices.

E.  

It provides direct connections between each router in the topology.

A.  

ipconfig /renew

B.  

ipconfig

C.  

ipconfig /all

D.  

ipconfig /displaydns

A.  

SwitchA(config-if-range) #channel-group 1 mode desirable

B.  

SwitchA(config-if-range) #channel-group 1 mode auto

C.  

SwitchA(config-if-range) #channel-group 1 mode active

D.  

SwitchA(config-if-range) #channel-group 1 mode passive

A.  

router D

B.  

router B

C.  

router C

D.  

router A

A.  

It identifies the wired network to which a network device is connected.

B.  

It identifies a wireless network for a mobile device to connect.

C.  

It identifies the wireless network to which an application must connect.

D.  

It identifies the wired network to which a user device is connected.

A.  

10.56.65.56

B.  

10.56.65.65

C.  

10.65.56.56

D.  

10.65.65.65

A.  

alleviates the shortage of IPv4 addresses

B.  

reduces the forwarding table on network routers

C.  

enables secure connectivity over the internet

D.  

used as the NAT outside global IP address

A.  

Syslog defines the software or hardware component that triggered the message.

B.  

There are 16 different logging levels (0-15).

C.  

By default, all message levels are sent to the syslog server.

D.  

The logging level defines the severity of a particular message.

A.  

Enabled by default on all VLANs and interfaces

B.  

Forwards frames to a neighbor port using CDP

C.  

Overwrites the known source MAC address in the address table

D.  

Protects against denial of service attacks

A.  

Enable the Aironet IE option.

B.  

Enable the Coverage Hole Detection option.

C.  

Set the MFP Client Protection option to Required

D.  

Enable the client band select option.

E.  

Enable the allow AAA Override option

A.  

switchport mode dynamic desirable

B.  

switchport mode trunk

C.  

switchport nonegotiate

D.  

switchport mode dynamic auto

A.  

Uncheck the WPA Policy option check box, and check the WPA2 Policy option check box.

B.  

Uncheck the MAC Filtering option check box.

C.  

Change the WPA Encryption option from TKIP to CCMP(128AES).

D.  

Set the Security Type option to Personal.

E.  

Set the Layer 2 Security option to None.

A.  

Centralized cloud management platform

B.  

Central WLC

C.  

Individual AP

D.  

Client device

A.  

ipv6 route 2001:db8:23: :/128 fd00:12::2

B.  

Ipv6 route 2001:db8:23::14/128 fd00:13::3

C.  

ipv6 route 2001:db8:23::14/64 fd00:12::2 200

D.  

ipv6 route 2001:db8:23: l4/64 fd00:12::2

E.  

ipv6 route 2001:db8:23: :/64 fd00:12::2

A.  

SDN security is managed near the perimeter of the network with firewalls, VPNs, and IPS, and traditional networking security policies are created based on telemetry data.

B.  

SDN exposes an API to configure locally per device for security policies, and traditional networking uses northbound API for network admin interface for configuring security policies.

C.  

SDN creates a unified control point making security policies consistent across all devices, and traditional networking must be configured device by device, leaving room for error.

D.  

SDN devices communicate with each other to establish a security policy, and in traditional networking, devices communicate upstream to a central location to establish a security policy.

A.  

Set the File Type to Code, set the Transfer Mode to SFTP, and specify the IP address of the WLC.

B.  

Set the File Type to Configuration, set the Transfer Mode to FTP, and specify the IP address of the file server.

C.  

Set the File Type to Code, set the Transfer Mode to SFTP, and specify the IP address of the file server.

D.  

Set the File Type to Configuration, set the Transfer Mode to SFTP, and specify the IP address of the WLC.

A.  

Policing is not supported on subinterfaces.

B.  

Shaping and rate limiting have the same effect.

C.  

Shaping drops excessive traffic without adding traffic delay.

D.  

Shaping levels out traffic bursts by delaying excess traffic.

E.  

Policing is performed in the inbound and outbound directions.

A.  

channel-group 1 mode desirable

B.  

channel-group 1 mode on

C.  

channel-group 1 mode auto

D.  

channel-group 1 mode active

A.  

Disable WPA Policy and WPA Encryption and then enable PSK using ASCII.

B.  

Enable PSK and FT PSK and then disable WPA Policy.

C.  

Disable WPA Encryption and then enable FT PSK.

D.  

Enable PSK using Hex format and then disable WPA Policy.

A.  

It is owned and maintained by one party, but it is shared among multiple organizations.

B.  

It enables an organization to fully customize how It deploys network resources.

C.  

It provides services that are accessed over the Internet.

D.  

It Is a data center on the public Internet that maintains cloud services for only one company.

E.  

It supports network resources from a centralized third-party provider and privately-owned virtual resources

A.  

TCP ensures ordered, reliable data delivery, and UDP offers low latency and high throughput.

B.  

TCP is used for transmitting data over the internet, and UDP is used for transmitting data over a local network.

C.  

TCP manages multicast and broadcast data transfers, and UDP only handles unicast communications.

D.  

TCP is used to ensure data integrity in a file transfer, and UDP is used to broadcast a message to multiple recipients.

A.  

Enable NTP authentication.

B.  

Verify the time zone.

C.  

Disable NTP broadcasts

D.  

Specify the IP address of the NTP server

E.  

Set the NTP server private key

A.  

using the CLI via an out-of-band connection

B.  

using the WLC GUI via HTTPS

C.  

using the AP GUI via an in-band SSH connection

D.  

using the CLI via a virtual interface with SSH

A.  

255.255.255.224

B.  

255.255.255.248

C.  

255.255.255.0

D.  

255.255.255.252

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

The packets fail to match any permit statement

B.  

A matching permit statement is too high in the access test

C.  

A matching permit statement is too broadly defined

D.  

The ACL is empty

E.  

A matching deny statement is too high in the access list

A.  

propagates VLAN information between switches

B.  

listens to multicast traffic for packet forwarding

C.  

provides DDoS mitigation

D.  

rate-limits certain traffic

A.  

Interface errors are incrementing

B.  

An incorrect SFP media type was used at SiteA

C.  

High usage is causing high latency

D.  

The sites were connected with the wrong cable type

A.  

F0/7

B.  

F0/5

C.  

F0/4

D.  

F0/6

A.  

It interoperates with ISE to define and manage patch and update schedules.

B.  

It performs configuration updates based on user profiles.

C.  

It improves the efficiency of system lifecycle management.

D.  

It provides a reactive support model.

A.  

ip route 10.0.2.0 255.255.255.240 10.0.0.7 92

B.  

ip route 10.0.2.0 255.255.255.248 10.0.0.6 91

C.  

ip route 10.0.2.0 256.255.255.240 10.0.0.6 91

D.  

ip route 10.0.2.0 255.255.255.248 null0 93

A.  

Enable AutoConfig iPSK.

B.  

SetCCMP128(AES).

C.  

Configure PSK Format HEX with key string.

D.  

Configure PSK-SHA2.

A.  

cloud computing

B.  

virtualization

C.  

application hosting

D.  

containers

A.  

II exclusively predicts device malfunctions.

B.  

It enhances data packet delivery speeds.

C.  

It simplifies traffic route mapping.

D.  

It analyzes patterns for anomaly detection.

A.  

array

B.  

value

C.  

key

D.  

object

A.  

16

B.  

32

C.  

48

D.  

64

A.  

Light is transmitted through the core of the fiber

B.  

A BNC connector is used for fiber connections

C.  

The glass core component is encased in a cladding

D.  

Fiber connects to physical interfaces using Rj-45 connections

E.  

The data can pass through the cladding

A.  

sniffer

B.  

mesh

C.  

flexconnect

D.  

local

A.  

reduced operational costs

B.  

reduced hardware footprint

C.  

faster changes with more reliable results

D.  

fewer network failures

E.  

increased network security

A.  

The user swipes a key fob, then clicks through an email link

B.  

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device

C.  

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen

D.  

The user enters a user name and password and then re-enters the credentials on a second screen

A.  

Change the IP address to 172.16.1.6 and change the subnet mask to 255.255.255.248.

B.  

Change the IP address to 172.16.1.6 and change the DNS servers to 172.16.1.12 and 172.16.1.13.

C.  

Change the IP address to 172.16.1.9 and change the default gateway to 172.16.1.7.

D.  

Change the IP address to 172.16.1.9 and change the DNS server to 172.16.1.12 only.

A.  

enable dynamic MAC address learning

B.  

implement static MAC addressing.

C.  

enable sticky MAC addressing

D.  

implement auto MAC address learning

A.  

The CAM table is empty until ingress traffic arrives at each port

B.  

Switches dynamically learn MAC addresses of each connecting CAM table.

C.  

The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses

D.  

It requires a minimum number of secure MAC addresses to be filled dynamically

A.  

After the cable is connected, the interface uses the fastest speed setting available for that cable type

B.  

After the cable is connected, the interface is available faster to send and receive user data

C.  

The frames entering the interface are marked with higher priority and then processed faster by a switch.

D.  

Real-time voice and video frames entering the interface are processed faster

A.  

Change the protocol to EtherChannel mode on.

B.  

Change the LACP mode to active

C.  

Change the LACP mode to desirable

D.  

Change the protocol to PAqP and use auto mode

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

It allows the traffic to pass through unchanged

B.  

It drops the traffic

C.  

It tags the traffic with the default VLAN

D.  

It tags the traffic with the native VLAN

A.  

When a powered device begins drawing power from a PoE switch port a syslog message is generated

B.  

As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused

C.  

If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects

D.  

Should a monitored port exceeds the maximum administrative value for power, the port is shutdown and err-disabled

A.  

Cisco DNA Center device management can deploy a network more quickly than traditional campus device management

B.  

Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management

C.  

Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options

D.  

Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

A.  

HTTPS

B.  

RADIUS

C.  

TACACS+

D.  

HTTP

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

RADIUS is most appropriate for dial authentication, but TACACS+ can be used for multiple types of authentication

B.  

TACACS+ encrypts only password information and RADIUS encrypts the entire payload

C.  

TACACS+ separates authentication and authorization, and RADIUS merges them

D.  

RADIUS logs all commands that are entered by the administrator, but TACACS+ logs only start, stop, and interim commands

A.  

longest prefix

B.  

metric

C.  

cost

D.  

administrative distance

A.  

modify hello interval

B.  

modify process ID

C.  

modify priority

D.  

modify network type

A.  

DTP

B.  

FTP

C.  

SMTP

D.  

TFTP

A.  

SW1

B.  

SW2

C.  

SW3

D.  

SW4

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

Add PC A to VLAN 10 and the File Server to VLAN 11 fa VLAN segmentation

B.  

Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation

C.  

Add a router on a stick between Switch A and Switch B allowing for Inter-VLAN routing.

D.  

Add PC A to the same subnet as the Fie Server allowing for intra-VLAN communication.

A.  

infrastructure-as-a-service.

B.  

Software-as-a-service

C.  

control and distribution of physical resources

D.  

services as a hardware controller.

A.  

restricts unauthorized users from viewing clear-text passwords in the running configuration

B.  

encrypts the password exchange when a VPN tunnel is established

C.  

prevents network administrators from configuring clear-text passwords

D.  

protects the VLAN database from unauthorized PC connections on the switch

A.  

It uses a route that is similar to the destination address

B.  

It discards the packets.

C.  

It floods packets to all learned next hops.

D.  

It Queues the packets waiting for the route to be learned.

A.  

Authorization provides access control and authentication tracks user services

B.  

Authentication identifies users and accounting tracks user services

C.  

Accounting tracks user services, and authentication provides access control

D.  

Authorization identifies users and authentication provides access control

A.  

Accept-Encoding: gzip. deflate

B.  

Accept-Patch: text/example; charset=utf-8

C.  

Content-Type: application/json; charset=utf-8

D.  

Accept: application/json

A.  

forwarding remote client/server traffic

B.  

facilitates spanning-tree elections

C.  

processing inbound SSH management traffic

D.  

sending and receiving OSPF Hello packets

A.  

move frames between endpoints limited to IP addresses

B.  

transmit broadcast traffic when operating in Layer 3 mode exclusively

C.  

forward Ethernet frames between VLANs using only MAC addresses

D.  

flood broadcast traffic within a VLAN

A.  

route with the lowest cost

B.  

route with the next hop that has the highest IP

C.  

route with the shortest prefix length

D.  

route with the lowest administrative distance

A.  

2000::/3

B.  

FC00::/7

C.  

FE80::/10

D.  

FF00::/12

A.  

Enable Security Association Teardown Protection and set the SA Query timeout to 10

B.  

Enable MAC filtering and set the SA Query timeout to 10

C.  

Enable 802.1x Layer 2 security and set me Comeback timer to 10

D.  

Enable the Protected Management Frame service and set the Comeback timer to 10

A.  

Router2

B.  

Router3

C.  

Router4

D.  

Router5

A.  

Internet Group Management Protocol

B.  

Adaptive Wireless Path Protocol

C.  

Cisco Discovery Protocol

D.  

Neighbor Discovery Protocol

A.  

access - core - distribution - access

B.  

access - distribution - distribution - access

C.  

access - core - access

D.  

access -distribution - core - distribution - access

A.  

They prevent (oops in the Layer 2 network.

B.  

They allow encrypted traffic.

C.  

They are able to bundle muftlple ports to increase bandwidth

D.  

They enable automatic failover of the default gateway.

E.  

They allow multiple devices lo serve as a single virtual gateway for clients in the network

A.  

Perform a lookup in the MAC address table and discard the frame due to a missing entry.

B.  

Insert the source MAC address and port into the forwarding table and forward the frame to Sales-1.

C.  

Map the Layer 2 MAC address to the Layer 3 IP address and forward the frame.

D.  

Flood the frame out of all ports except on the port where Sales-1 is connected.

A.  

Router2(config)#ntp passive

B.  

Router2(config)#ntp server 172.17.0.1

C.  

Router2(config)#ntp master 4

D.  

Router2(config)#ntp server 192.168.0.2

A.  

The router replaces the source and desinaoon labels wth the sending router uterface label as a source and the next hop router label as a desbnabon

B.  

The router encapsulates the source and destination IP addresses with the sending router P address as the source and the neighbor IP address as the destination

C.  

The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC address as the destination

D.  

The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the destination

A.  

It provides network security

B.  

It differentiates traffic entering access posits

C.  

It identities an individual access point on a WLAN

D.  

It identifies a WLAN

A.  

10.10.10.0/28

B.  

10.10.13.0/25

C.  

10.10.13.144/28

D.  

10.10.13.208/29

A.  

switchport mode trunk

B.  

switchport mode dot1-tunnel

C.  

switchport mode dynamic auto

D.  

switchport mode dynamic desirable

A.  

The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.

B.  

The router calculates the best backup path to the destination route and assigns it as the feasible successor.

C.  

The router calculates the feasible distance of all paths to the destination route

D.  

The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link

E.  

The router must use the advertised distance as the metric for any given route

A.  

The core and distribution layers perform the same functions

B.  

The access layer manages routing between devices in different domains

C.  

The network core is designed to maintain continuous connectivity when devices fail.

D.  

The core layer maintains wired connections for each host

E.  

The distribution layer runs Layer 2 and Layer 3 technologies

A.  

The access point must directly connect to the WLC using a copper cable

B.  

The access point must not be connected to the wired network, as it would create a loop

C.  

The access point must be connected to the same switch as the WLC

D.  

The access point has the ability to link to any switch in the network, assuming connectivity to the WLC

A.  

moves from a two-tier to a three-tier network architecture to provide maximum redundancy

B.  

provides an added layer of security to protect from DDoS attacks

C.  

allows configuration and monitoring of the network from one centralized port

D.  

combines control and data plane functionality on a single device to minimize latency

A.  

management interface settings

B.  

QoS settings

C.  

Ip address of one or more access points

D.  

SSID

E.  

Profile name

A.  

enable the PortFast feature on ports

B.  

implement port-based authentication

C.  

configure static ARP entries

D.  

configure ports to a fixed speed

E.  

shut down unused ports

A.  

Re- Anchor Roamed Clients

B.  

11ac MU-MIMO

C.  

OEAP Split Tunnel

D.  

Client Band Select

A.  

TKiP encryption

B.  

AES encryption

C.  

scrambled encryption key

D.  

SAE encryption

A.  

Both use the same data-link header and trailer formats

B.  

Both cable types support LP connectors

C.  

Both cable types support Rj-45 connectors

D.  

Both support up to 550 meters between nodes

A.  

port-to-multipoint

B.  

broadcast

C.  

point-to-point

D.  

nonbroadcast

A.  

OpenFlow

B.  

Java

C.  

REST

D.  

XML

A.  

It processes VTP updates from any VTP clients on the network on its access ports.

B.  

It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports

C.  

It forwards only the VTP advertisements that it receives on its trunk ports.

D.  

It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports

A.  

Each device is separated by the same number of hops

B.  

It provides variable latency

C.  

It provides greater predictability on STP blocked ports.

D.  

Each link between leaf switches allows for higher bandwidth.

A.  

management-plane

B.  

control-plane

C.  

data-plane

D.  

services-plane

A.  

ip helper-address

B.  

ip address dhcp

C.  

ip dhcp pool

D.  

ip dhcp relay

A.  

The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.

B.  

The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.

C.  

The new frame is placed in a queue for transmission after the previous frame.

D.  

The two frames are processed and delivered at the same time.

A.  

DTP

B.  

STP

C.  

VTP

D.  

802.10

A.  

to analyze traffic and drop unauthorized traffic from the Internet

B.  

to transmit wireless traffic between hosts

C.  

to pass traffic between different networks

D.  

forward traffic within the same broadcast domain

A.  

switchport port-security mac-address abcd.abcd.abcd

B.  

switchport port-security mac-address abed.abed.abed vlan 4

C.  

switchport port-security mac-address sticky abcd.abcd.abcd vlan 4

D.  

switchport port-security mac-address abcd.abcd.abcd vlan voice

A.  

The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device.

B.  

The user swipes a key fob, then clicks through an email link.

C.  

The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.

D.  

The user enters a user name and password, and then re-enters the credentials on a second screen.

A.  

user training

B.  

user awareness

C.  

vulnerability verification

D.  

physical access control

A.  

broadcasts frames to all ports without queueing

B.  

adds unknown source MAC addresses to the address table

C.  

sends a retransmission request when a new frame is received

D.  

sends frames with unknown destinations to a multicast group

A.  

It has a greater sensitivity to changes in temperature and moisture.

B.  

It carries signals for longer distances.

C.  

It carries electrical current further distances for PoE devices.

D.  

It is less expensive when purchasing patch cables.

E.  

It provides greater throughput options.

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

1000BASE-ZX is supported on links up to 1000km, and 1000BASE-LX/LH operates over links up to 70 km.

B.  

1000BASE-LX/LH interoperates with multimode and single-mode fiber, and 10008ASE-ZX needs a conditioning patch cable with a multimode.

C.  

1000BASE-LX/LH is supported on links up to 10km, and 1000BASE-ZX operates over links up to 70 km

D.  

1000BASE-ZX interoperates with dual-rate 100M/1G 10Km SFP over multimode fiber, and 1000BASE-LX/LH supports only single-rate.

A.  

GigabitEthernet0

B.  

GigabitEthernet0/1

C.  

Null0

D.  

GigabitEthernet0/3

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

value

B.  

object

C.  

key

D.  

array

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

It improves real-time threat detection.

B.  

It manages firewall rule sets.

C.  

It enforces password complexity requirements.

D.  

It controls VPN access permissions.

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

full mesh

B.  

Point-to-point

C.  

hub-and-spoke

D.  

router-on-a-stick

A.  

1

B.  

2

C.  

3

D.  

4

A.  

BPDU guard

B.  

loop guard

C.  

portfast

D.  

uplinkfast

A.  

Enable the 802.1X option for Authentication Key Management

B.  

Enable the WPA2 Policy option

C.  

Enable the CCKM option for Authentication Key Management

D.  

Enable the MAC Filtering option

E.  

Enable the OSEN Policy option

A.  

Use less than eight characters in length when passwords are complex.

B.  

Store passwords as contacts on a mobile device with single-factor authentication.

C.  

Include special characters and make passwords as long as allowed.

D.  

Share passwords with senior IT management to ensure proper oversight.

A.  

conserve globally unique address space

B.  

simplify the addressing in the network

C.  

limit the number of nodes reachable via the Internet

D.  

reduce network complexity

A.  

Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

B.  

Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

C.  

Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

D.  

Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

A.  

GCMP2S6

B.  

GCMP128

C.  

CCMP256

D.  

CCMP128

A.  

B.  

B.  

C.  

C.  

D.  

D.  

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

Type 1

B.  

Type 2

C.  

Type 3

D.  

Type 12

A.  

Generic Router Encapsulation (GRE)

B.  

Virtual Local Area Network (VLAN)

C.  

Virtual Extensible LAN (VXLAN)

D.  

Point-to-Point Protocol

A.  

straight-through

B.  

rollover

C.  

crossover

D.  

console

A.  

Reduced ARP traffic on the network

B.  

Balancing traffic across multiple gateways in proportion to their loads

C.  

Reduced management overhead on network routers

D.  

Higher degree of availability

A.  

to enable the number of MAC addresses learned on the port to l

B.  

to protect the operation of the port from topology change processes

C.  

to enable the pod to enter the forwarding state immediately when the host boots up

D.  

to prevent the port from participating in Spanning Tree Protocol operations

E.  

to block another switch or host from communicating through the port

A.  

Cloud-based mode APs relay on underlays and are more complex to maintain than APs in autonomous mode.

B.  

Cloud-based mode APs are easy to deploy but harder to automate than APs in autonomous mode.

C.  

Autonomous mode APs are easy to deploy and automate than APs in cloud-based mode.

A.  

loads configuration files on systems without data storage devices

B.  

provides authentication for data communications over a private data network

C.  

provides encryption mechanisms for file transfer across a WAN

D.  

provides secure file access within the LAN

A.  

switch(config)#spanning-tree vlan 1 max-age 6

B.  

switch(config)#spanning-tree vlan 1 hello-time 10

C.  

switch(config)#spanning-tree vlan 1 priority 4096

D.  

switch(config)#spanning-tree vlan 1 forward-time 20

A.  

6

B.  

8

C.  

12

D.  

18

A.  

file that defines the target devices upon which commands and tasks are executed

B.  

unit of Python code to be executed within Ansible

C.  

collection of actions to perform on target devices, expressed in YAML format

D.  

device with Ansible installed that manages target devices

A.  

UDP is used when low latency is optimal, and TCP is used when latency is tolerable.

B.  

TCP is used when dropped data is more acceptable, and UDP is used when data is accepted out- of-order.

C.  

TCP is used when data reliability is critical, and UDP is used when missing packets are acceptable.

D.  

UDP is used when data is highly interactive, and TCP is used when data is time-sensitive.

A.  

10.8.0.0/16

B.  

10.8.64.0/18

C.  

10.8.128.0/19

D.  

10.8.138.0/24

A.  

Change the Server Status to Disabled

B.  

Select Enable next to Management

C.  

Select Enable next to Network User

D.  

Change the Support for CoA to Enabled.

A.  

Port security

B.  

High throughput

C.  

Cable disconnect

D.  

duplex mismatch

A.  

OS

B.  

hypervisor

C.  

CPU

D.  

physical enclosure

A.  

Uncheck the Guest User check box

B.  

Check the Guest User Role check box

C.  

Set the Lifetime (seconds) value to 0

D.  

Clear the Lifetime (seconds) value

A.  

R1(config)#ip nat inside source static 10.1.1.1 209.165.200.225

B.  

R1(config)#ip nat inside source static 209.165.200.225 10.1.1.1

C.  

R1(config)#ip nat outside source static 10.1.1.1 209.165.200.225

D.  

R1(config)#ip nat outside source static 209.165.200.225 10.1.1.1

A.  

WPA2

B.  

WPA3

C.  

Wi-Fi 6

D.  

WEP

E.  

WPA

A.  

It uses Telnet to report system issues

B.  

It uses northbound and southbound APIs to communicate between architectural layers

C.  

It decentralizes the control plane, which allows each device to make its own forwarding decisions

D.  

It moves the control plane to a central point

E.  

The administrator can make configuration updates from the CLI

A.  

Controller-based networks increase TCO for the company, and traditional networks require less investment.

B.  

Controller-based networks provide a framework for Innovation, and traditional networks create efficiency.

C.  

Controller-based networks are open for application requests, and traditional networks operate manually.

D.  

Controller-based networks are a closed ecosystem, and traditional networks take advantage of programmability.

A.  

It causes a network loop when a violation occurs.

B.  

It disables the native VLAN configuration as soon as port security is enabled.

C.  

It places the port in the err-disabled state if it learns more than one MAC address.

D.  

It places the port in the err-disabled slate after 10 MAC addresses are statically configured.

A.  

Discovery response

B.  

DHCP request

C.  

DHCP discover

D.  

Discovery request

A.  

The scope of an IPv6 link-local address is limited to a loopback address, and an IPv6 unique local address is limited to a directly attached interface.

B.  

The scope of an IPv6 link-local address can be used throughout a company site or network, but an IPv6 unique local address is limited to a loopback address.

C.  

The scope of an IPv6 link-local address is global, but the scope of an IPv6 unique local address is limited to a loopback address.

D.  

The scope of an IPv6 link-local address is limited to a directly attached interface, but an IPv6 unique local address is used throughout a company site or network.

A.  

It replaces the designated port when the designated port fails

B.  

It is the best path to the root from a nonroot switch.

C.  

It replaces the designated port when the root port fails.

D.  

It is administratively disabled until a failover occurs.

A.  

2001:db8:1a44:41a4:C801:BEFF:FE4A:1

B.  

2001:db8:1a44:41a4:C081:BFFF:FE4A:1

C.  

2001:db8:1a44:41a4:4562:098F:FE36:1

D.  

2001:db8:1a44:41a4:C800:BAFE:FF00:1

A.  

safeguards against brute force attacks with SAE

B.  

optional Protected Management Frame negotiation

C.  

backward compatibility with WPAand WPA2

D.  

increased security and requirement of a complex configuration

A.  

config network secureweb enable

B.  

config certificate generate web admin

C.  

config network webmode enable

D.  

config network telnet enable

A.  

service port

B.  

virtual

C.  

AP-Manager

D.  

dynamic

A.  

It is a read-only operation.

B.  

It is a nonldempotent operation.

C.  

It replaces data at the destination.

D.  

It displays a web site.

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

EtherChannel

B.  

LAG

C.  

trunk

D.  

access

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

ipv6 address 2001:DB8:FFFF:FCF3::1/64

B.  

ipv6 address autoconfig 2001:DB8:FFFF:FCF2::/64

C.  

ipv6 address 2001:DB8:FFFF:FCF3::/64 eui-64

D.  

ipv6 address 2001:DB8:FFFF:FCF3::/64 link-local

A.  

Changes can be implemented in parallel across multiple devices at once, which increases the speed of the change rate.

B.  

By using automation platforms with intent-based configuration, all changes are checked for possible outages before being implemented.

C.  

Emails can be generated based on when a network admin performs a network change, which increases visibility.

D.  

Configuration templates and testing can be built into implementation, which increases the success rate of a network change.

A.  

Switch 1

B.  

Switch 2

C.  

Switch 3

D.  

Switch 4

A.  

broadband cable access

B.  

frame-relay packet switching

C.  

dedicated point-to-point leased line

D.  

Integrated Services Digital Network switching.

A.  

partial mesh

B.  

full mesh

C.  

point-to-point

D.  

hub-and-spoke

A.  

Central AP management requires more complex configurations

B.  

Unique SSIDs cannot use the same authentication method

C.  

It supports autonomous and lightweight APs

D.  

It eliminates the need to configure each access point individually

A.  

R1(config)#interface ethernet0/0R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

B.  

R1(config)#interface ethernet0/0.20R1(config)#encapsulation dot1q 20R1(config)#ip address 10.20.20.1 255.255.255.0

C.  

R1(config)#interface ethernet0/0.20R1(config)#ip address 10.20.20.1 255.255.255.0

D.  

R1(config)#interface ethernet0/0R1(config)#ip address 10.20.20.1 255.255.255.0

A.  

84

B.  

110

C.  

128

D.  

192

E.  

193

A.  

Layer 2 switch

B.  

Router

C.  

Load balancer

D.  

firewall

A.  

alert

B.  

critical

C.  

notice

D.  

debug

A.  

disk

B.  

applications

C.  

VM configuration file

D.  

operating system

A.  

used cryptographic tunneling to protect the privacy of data for multiple users simultaneously

B.  

used exclusively when a user is connected to a company's internal network

C.  

establishes a secure tunnel between two branch sites

D.  

allows the users to access company internal network resources through a secure tunnel

A.  

worm

B.  

malware

C.  

DDoS

D.  

man-in-the-middle

A.  

A spine switch and a leaf switch can be added with redundant connections between them

B.  

A spine switch can be added with at least 40 GB uplinks

C.  

A leaf switch can be added with a single connection to a core spine switch.

D.  

A leaf switch can be added with connections to every spine switch

A.  

read

B.  

create

C.  

replace

D.  

update

A.  

access to spec fie networks based on business function

B.  

access to servers to prevent malicious activity

C.  

access to computer networks and file systems

D.  

access to networking equipment and facilities

A.  

The designated port is FastEthernet 2/1

B.  

This is a root bridge

C.  

The spanning-tree mode is Rapid PVST+

D.  

The spanning-tree mode is PVST+

E.  

The root port is FastEthernet 2/1

A.  

OpenFlow

B.  

OpenStack

C.  

OpFlex

D.  

REST

A.  

dual algorithm

B.  

metric

C.  

administrative distance

D.  

hop count

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

The DHCP server offers the ability to exclude specific IP addresses from a pool of IP addresses

B.  

The DHCP client can request up to four DNS server addresses

C.  

The DHCP server assigns IP addresses without requiring the client to renew them

D.  

The DHCP server leases client IP addresses dynamically.

E.  

The DHCP client maintains a pool of IP addresses it can assign.

A.  

Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic.

B.  

Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic

C.  

The source and destination IPs must be swapped in ACL 101

D.  

The ACL must be configured the Gi0/2 interface inbound on R1

E.  

The ACL must be moved to the Gi0/1 interface outbound on R2

A.  

Physical access control

B.  

Social engineering attack

C.  

brute force attack

D.  

user awareness

A.  

PortFast

B.  

BPDU guard

C.  

UplinkFast

D.  

BackboneFast

A.  

acts as a central point for association and authentication servers

B.  

selects the best route between networks on a WAN

C.  

moves packets within a VLAN

D.  

moves packets between different VLANs

E.  

makes forwarding decisions based on the MAC address of a packet

A.  

reduced management overhead on network routers

B.  

balancing traffic across multiple gateways in proportion to their loads

C.  

higher degree of availability

D.  

reduced ARP traffic on the network

A.  

Forwards packets based on stateless packet inspection

B.  

Processes unauthorized packets and allows passage to less secure segments of the network

C.  

determines which packets are allowed to cross from unsecured to secured networks

D.  

explicitly denies all packets from entering an administrative domain

A.  

read

B.  

update

C.  

create

D.  

delete

A.  

Control

B.  

Management

C.  

Data

D.  

application

A.  

data plane

B.  

control plane

C.  

policy plane

D.  

management plane

A.  

YAML

B.  

JSON

C.  

EBCDIC

D.  

SGML

E.  

XML

A.  

enable dynamic ARP inspection

B.  

manually implement trunk ports and disable DTP

C.  

activate all ports and place in the default VLAN

D.  

configure extended VLANs

A.  

show ip route

B.  

show ip interface

C.  

show interface

D.  

show cdp neighbor

A.  

RIP route 10.0.0.0/30

B.  

iBGP route 10.0.0.0/30

C.  

OSPF route 10.0.0.0/30

D.  

EIGRP route 10.0.0.1/32

E.  

OSPF route 10.0.0.0/16

A.  

adapters that support all families of Cisco IOS software

B.  

SDKs that support interaction with third-party network equipment

C.  

customized versions for small, medium, and large enterprises

D.  

REST APIs that allow for external applications to interact natively with Cisco DNA Center

E.  

modular design that is upgradable as needed

A.  

listening

B.  

blocking

C.  

forwarding

D.  

learning

E.  

speaking

A.  

outside global

B.  

outsdwde local

C.  

inside global

D.  

insride local

E.  

outside public

F.  

inside public

A.  

One functional physical port is needed to pass client traffic.

B.  

The EthernetChannel must be configured in "mode active".

C.  

When enabled, the WLC bandwidth drops to 500 Mbps.

D.  

To pass client traffic, two or more ports must be configured.

A.  

switchport access vlan 67

B.  

switchport trunk allowed vlan 67

C.  

switchport private-vlan association host 67

D.  

switchport trunk native vlan 67

A.  

Facilities communication between the controller and the applications

B.  

Facilities communication between the controller and the networking hardware

C.  

allows application developers to interact with the network

D.  

integrates a controller with other automation and orchestration tools.

A.  

It supports numerous extensibility options including cross-domain adapters and third-party SDKs.

B.  

It supports high availability for management functions when operating in cluster mode.

C.  

It enables easy autodiscovery of network elements m a brownfield deployment.

D.  

It is designed primarily to provide network assurance.

A.  

uses predefined tags or angle brackets () to delimit markup text

B.  

used to describe structured data that includes arrays

C.  

used for storing information

D.  

similar to HTML, it is more verbose than XML

A.  

OpenFlow

B.  

NETCONF

C.  

Thrift

D.  

CORBA

E.  

DSC

A.  

adminadmin123

B.  

default

C.  

testing 1234

D.  

cisco123

A.  

different nonoverlapping channels

B.  

different overlapping channels

C.  

one overlapping channel

D.  

one nonoverlapping channel

A.  

it enables BPDU messages

B.  

It minimizes spanning-tree convergence time

C.  

It immediately puts the port into the forwarding state when the switch is reloaded

D.  

It immediately enables the port in the listening state

A.  

Option A

B.  

Option B

C.  

Option C

D.  

Option D

A.  

Enable dynamic ARP inspection

B.  

Configure an ACL to prevent traffic from changing VLANs

C.  

Change native VLAN to an unused VLAN ID

D.  

Implement port security on internet-facing VLANs

A.  

It forwards it out G0/3 only

B.  

It is flooded out every port except G0/0.

C.  

It drops the frame.

D.  

It forwards it out interface G0/2 only.

A.  

Provide uninterrupted forwarding service.

B.  

Police traffic that is sent to the edge of the network.

C.  

Provide direct connectivity for end user devices.

D.  

Ensure timely data transfer between layers.

E.  

Inspect packets for malicious activity.

A.  

connects each switch to every other switch in the network

B.  

enables multiple users to share a single broadband connection

C.  

provides high throughput access for 1000 or more users

D.  

includes at least three tiers of devices to provide load balancing and redundancy

A.  

cookbook

B.  

task

C.  

playbook

D.  

model

E.  

recipe

A.  

The switch rewrites the source and destination MAC addresses with its own.

B.  

The source MAC address is changed.

C.  

The source and destination MAC addresses remain the same.

D.  

The destination MAC address is replaced with ffff.ffff.ffff.