Question:

Refer to the diagram. Which static route statements on R1 would

be configured to ensure that:

- all normal device traffic going to the [Link] network would be routed
via the primary path, and
- all traffic going to ServerA would be routed via the high-priority path?

Response:

ip route [Link] [Link] [Link]

ip route [Link] [Link] [Link]

ip route [Link] [Link] [Link]

ip route [Link] [Link] [Link]

Score 1 of 1

Question:

If you want to be alerted when a device configuration differs from

the intended configuration, what should you implement?

Response:

Configuration monitoring

Centralized configuration

Version control

Configuration drift
Score 1 of 1

Question:

A wireless client can’t connect to an 802.11b/g BSS with a b/g

wireless card. And the client section of the access point doesn’t
list any active WLAN clients. What’s a possible reason for this?

Response:

The incorrect channel is configured on the client.

The client’s IP address is on the wrong subnet.

The SSID is configured incorrectly on the client.

The client has an incorrect pre-shared key.

Score 0 of 1

Question:
Refer to the exhibit. An engineer is required to verify that the
network parameters are valid for the users' wireless LAN
connectivity on a /24 subnet. Drag and drop the values from the
left onto the network parameters on the right. Not all values are
used.

Select and Place:

Solution:

Determine whether the given solution is correct?

Response:

Incorrect
 Correct

Score 0 of 1

Question:

The network in the figure uses CAT5 cabling with RJ-45

connectors. Which of the following statements are true about the
wires inside the cable and the RJ-45 pins to which they are
connected?

Response:

The cable from PC1 to SW1 connects pin 1 on one end to pin 3 on the other

The cable from SW2 to R1 connects pin 1 on one end to pin 3 on the other.

The cable from SW1 to SW2 connects pin 1 on one end to pin 1 on the other

The cable from PC1 to SW1 connects pin 1 on one end to pin 1 on the other.

The cable from SW1 to SW2 connects pin 1 on one end to pin 3 on the other

The cable from SW2 to R1 connects pin 2 on one end to pin 2 on the other.

Score 1 of 1

Question:
When deploying syslog, which severity level logs informational
messages?

Response:

Score 1 of 1

Question:

What is the name of the protocol that has been developed by the
ONF that is used to communicate between an SDN controller and
the network devices it controls?

Response:

OpenFlow

OpenSDN

OpFlex

SbControl

Score 1 of 1

Question:

Which of the following describes the creation of private networks

across the Internet, enabling privacy and tunneling of non-TCP/IP
protocols?

Response:

VPN

HDLC

IPsec
 Cable

xDSL

Score 1 of 1

Question:

To use nonoverlapping channels for your Wi-Fi network, which of

these would be a correct strategy for neighboring access points?

Response:

Use any channel in the 2.4-GHz band.

Use only 2.4-GHz channels that are four channel numbers apart.

Use the same 2.4-GHz channel on every access point

Use only 2.4-GHz channels that are five channel numbers apart.

Score 1 of 1

Question:

What is the purpose of the ip address hcp command?

Response:

to configure an interface as a DHCP relay

to configure an interface as a DHCP helper

to configure an interface as a DHCP server

to configure an interface as a DHCP client

Score 1 of 1

Question:

An engineer must configure neighbor discovery between the

company router and an ISP What is the next step to complete the
configuration if the ISP uses a third-party router?

Response:
 Enable LLDP globally.

Enable LLDP TLVs on the ISP router.

Disable auto-negotiation.

Disable CDP on gi0/0.

Score 1 of 1

Question:

This diagram refers to which type of fiber cable?

Response:

Single mode

GBIC

SFP

Multimode

Score 1 of 1

Question:

Refer to the exhibit.

Which route must be configured on R1 so that OSPF routing is
used when OSPF is up. but the server is still reachable when OSPF
goes down?

Response:

ip route [Link] [Link] [Link] 100

ip route [Link] [Link] gi0/0 125

ip route [Link] [Link] [Link] 100

ip route [Link] [Link] gi0/1 125

Score 1 of 1

Question:

Which two technologies are examples of layer 2 MPLS VPN

technologies?
(Choose two.)

Response:

GETVPN
 VPLS

VPWS

DMVPM

Score 1 of 1

Question:

You want to ping the loopback address of your IPv6 local host.
What will you type?

Response:

ping [Link]

trace 0.0.::1

ping ::1

ping [Link]

Score 1 of 1

Question:

Which statement best describes a converged network?

Response:

a network with mix of data and video traffic

a network with real-time applications

a network with a mix of voice, video, and data traffic

a network with a mix of voice and video traffic

Score 1 of 1

Question:

Which of the following will mitigate access layer threats?

(Choose two.)

Response:
 Port security

Dynamic ARP inspection

Access lists

AAA

Score 0 of 1

Question:

Refer to the diagram. IEEE auto-negotiation fails between the

switch and host A. Additionally, the devices fail to sense the
correct speed using features outside of the IEEE auto-negotiation
process, so that they must use default settings for speed and
duplex. What settings will the devices use?

Response:

100, Full

100, Half

1000, Full

10, Half

Score 1 of 1

Question:

Which of the following answers are valid abbreviations of address

[Link]?

Response:
 [Link]

[Link]

[Link]

[Link]

Score 1 of 1

Question:

Which options are actions of the management plane of a

networking device?

Response:

The alert of an error occurring on an interface

The discard of a packet because of an ACL rule

The lookup of a MAC/IP address pair

The matching of a packet to forward based on the existing routing table

The calculation of the best route for a packet

The configuration of a device via its VTY ports

Score 1 of 1

Question:

With REST API, which standard HTTP header tells a server which
media type is expected by the client?

Response:

Accept-Encoding: gzip. deflate

Accept-Patch: text/example; charset=utf-8

Accept: application/json
 Content-Type: application/json; charset=utf-8

Score 1 of 1

Question:

Which QoS tool is used to optimize voice traffic on a network that

is primarily intended for data traffic?

Response:

WFQ

FIFO

PQ

WRED

Score 1 of 1

Question:

Which of the following is a congestion-avoidance mechanism?

Response:

WRED

QPM

LMI

QoS

Score 1 of 1

Question:

Refer to the diagram; an engineer is asked to apply an extended

ACL on the network. The ACL filters traffic from LAN A to LAN B.
Which location would the best place to apply this ACL?
Response:

Score 1 of 1

Question:

Which two of the following are GRE characteristics?

(Choose two.)

Response:

The GRE header, together with the tunneling IP header, creates at least 24 b
additional overhead for tunneled packets

GRE itself is stateful. It includes flow-control mechanisms, by default.

GRE includes strong security mechanisms to protect its payload.

GRE encapsulation uses a protocol-type field in the GRE header to support t

encapsulation of any OSI layer 3 protocol.

Score 0 of 1

Question:

What tab contains access point configuration in the WCS?

Response:

General > Configure > Access Points

Controller > Access Points

 Configure > Access Points

System > Configure > Access Points

Score 1 of 1

Question:

Refer to the diagram. An engineer is tasked with configuring a

floating static route on R1. The faster path toward the 3000::/64
network should be prioritized over the other using an
administrative distance of 10 versus an administrative distance of
20 for the slower path.

Which command would correctly configure the higher priority

route using an IPv6 next-hop address?

Response:

ipv6 route 3000::/64 2000::2 administrative-distance 10

ipv6 route 3000::/64 2000::2 distance 10

ipv6 route 3000::/64 2000::2 10

ip route v6 3000::/64 2000::2 10

Score 1 of 1

Question:

What are some perceived benefits of controller-based networks as

compared to traditional networks?

Response:

New operational models that allow for a single device to be instantiated with
 network in mind

The use of legacy approaches in the network to increase efficiency and prod

The use of APIs to mass-configure network devices, allowing for more consis
errors

The use of DevOps approaches in the network to increase efficiency and pro

Score 0 of 1

Question:

Host B issues a ping command to ping host D’s IP address. The

ping command succeeds. Which of the following statements is
true regarding the ICMP echo request messages sent by host B?

Response:

The frame holding the packet as it crosses the cable between R1 and the loc
a destination MAC address of R2’s serial MAC address.

The frame holding the packet as it crosses the cable between SW3 and Hub
address on R2 as the source MAC address.

The frame holding the packet as it crosses the cable between SW2 and SW1
destination MAC address of a MAC address on SW1.

The frame holding the packet as it crosses the cable between R2 and SW3 h
address as the source MAC address.

The frame holding the packet as it crosses the cable between SW1 and R1 h
MAC address of a MAC address on R1.

Score 0 of 1

Question:
Refer to the diagram; which options are true about this
configuration?

Response:

Each customer router would learn the routes from all other customer router

This configuration will form three different EIGRP routing domains

The provider would form a super EIGRP AS to combine the routes from all di

Each customer router would form a neighborship with the provider edge rou

Each customer router would form a neighborship with the remote customer

Only two of the customer routers would learn each other’s routes

Score 1 of 1

Question:

A switch implements both DHCP Snooping as well as Dynamic ARP

Inspection (DAI) using ARP ACLs. DHCP Snooping reacted when
host A leased an address with DHCP so that the switch now has a
valid binding table entry for host A.

However, the configured ARP ACL rule denies host A's MAC
address. What happens when host A sends ARP messages that
need to pass through the switch?

Response:

The valid ARP message is discarded by the DHCP Snooping binding informat

The valid ARP message is allowed by the DHCP Snooping binding informatio
 The valid ARP message is discarded by the ARP ACL

The valid ARP message is allowed by the ARP ACL

Score 1 of 1

Question:

Refer to the exhibit. An engineer is updating the R1 configuration

to connect a new server to the management network. The PCs on
the management network must be blocked from pinging the
default gateway of the new server. Which command must be
configured on R1 to complete the task?

Response:

R1(config)#ip route [Link] [Link] gi0/0

R1(config)#ip route [Link] [Link] gi0/1

R1(config)#ip route [Link] [Link] [Link]

R1(config)#ip route [Link].[Link] [Link]

Score 1 of 1

Question:

__________ means that the QoS tool changes one or more header
fields, setting a value in the header.

Response:

Marking
 Classifying

Qualifying

Insertion

Score 1 of 1

Question:

What are two benefits of FHRPs?

(Choose two.)

Response:

They are able to bundle multiple ports to increase bandwidth.

They allow encrypted traffic.

They allow multiple devices to serve as a single virtual gateway for clients in

They enable automatic failover of the default gateway.

They prevent loops in the Layer 2 network.

Score 1 of 1

Question:

Which type of memory does a switch use to build the MAC address
table?

Response:

CAM

NVRAM

DRAM

Flash

Score 0 of 1

Question:

Refer to the exhibit.

The nip server [Link] command has been configured on
router 1 to make it an NTP client of router 2. Which command
must be configured on router 2 so that it operates in server-only
mode and relies only on its internal clock?

Response:

Router2(config)#ntp master 4

Router2(config)#ntp server [Link]

Router2(config)#ntp server [Link]

Router2(config)#ntp passive

Score 0 of 1

Question:

Which protocol sends authentication and accounting in different

requests?

Response:

TACACS+

PEAP

EAP-Chaining

EAP-TLS

RADIUS

Score 0 of 1

Question:

Refer to the exhibit.

Which minimum configuration items are needed to enable Secure
Shell version 2 access to R15?

Response:

Router(config)#crypto key generate rsa general-keys modulus 1024

Router(config)#ip ssh version 2
Router(config-line #line vty 0 15
Router(config-line)#transport input ssh
Router(config)#ip ssh logging events
R15(config)#ip ssh stricthostkeycheck

Router(config)#hostname R15
R15(config)#ip domain-name [Link]
R15(config)#crypto key generate rsa general-keys modulus 1024
R15(config)#ip ssh version 2
R15(config-line)#line vty 0 15
 R15(config-line)#transport input ssh

Router(config)#ip domain-name [Link]

Router(config)#crypto key generate rsa general-keys modulus 1024
Router(config)#ip ssh version 2
Router(config-line)#line vty 0 15
Router(config-line)#transport input all
Router(config)#ip ssh logging events

Router(config)#hostname R15
R15(config)#crypto key generate rsa general-keys modulus 1024
R15(config-line #line vty 0 15
R15(config-line)#transport input ssh
R15(config)#ip ssh source-interface Fa0/0
R15(config)#ip ssh stricthostkeycheck

Score 0 of 1

Question:

Which command will verify the DTP status on a switch interface?

Response:

sh dtp status interface interface

sh dtp interface interface

sh dtp status

sh interface interface dtp

Score 1 of 1

Question:

Which of the following is called an advanced distance-vector

routing protocol?

Response:

BGP

EIGRP
 RIP

OSPF

Score 1 of 1

Question:

Which two protocols must be disabled to increase security for

management connections to a Wireless LAN Controller?
(Choose two.)

Response:

HTTP

TFTP

HTTPS

SSH

Telnet

Score 1 of 1

Question:

To protect the privacy of sensitive data sent over a wireless

network, which of the following mechanisms should be leveraged?

Response:

Message integrity check (MIC)

Encryption

Authentication

Data privacy protection (DPP)

Score 0 of 1

Question:
If you want to see the configured values for IP address, subnet
mask, default gateway, and DNS servers on a macOS device,
which command(s) would you issue?

Response:

networksetup -getinfo Ethernet

netstat

ipconfig

networksetup -getdnsservers Ethernet

ipconfig /all

netstat -rn

Score 1 of 1

Question:

Which Cisco IOS command would correctly route traffic destined

for the [Link]/64 network
out the GigabitEthernet0/1 interface?

Response:

ip route [Link]/64 Gi0/1

ipv6 route [Link]/64 Gi0/1

ipv6 route [Link]/64 interface Gi0/1

ip route v6 [Link]/64 Gi0/1

Score 1 of 1

Question:

Which two of the following describe the wireless security standard

that WPA defines?
(Choose two.)

Response:
 It can use PSK authentication.

It specifies the use of dynamic encryption keys that change throughout the
connection time.

It requires that all devices must use the same encryption key.

Static keys must be used.

Score 0 of 1

Question:

Which interface mode must be configured to connect the

lightweight APs in a centralized architecture?

Response:

trunk

WLAN dynamic

access

management

Score 0 of 1

Question:

Which spanning-tree modes are IEEE standards?

Response:

MSTP

PVST+

STP

RPVST+

RSTP
Score 1 of 1

Question:

Given the output from a working OSPF router, as seen in the

exhibit, how many neighboring routers exist?

HICKORY#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

[Link] 1 FULL/BDR [Link] [Link] Fast0/0
[Link] 1 FULL/ - [Link] [Link] Serial1/0
[Link] 10 FULL/DR [Link] [Link] Serial1/1

Response:

More than 3

Score 0 of 1

Question:

A device uses MAC address 000c.42b9.46ee. Which part of the

MAC address indicates the originating networking equipment
vendor?

Response:

000c

000c.42

42b9

b9.46ee

Score 1 of 1

Question:
What command verifies the IP address on a Mac?

Response:

show ip int brief

ifconfig

iptables

Get-NetIPAddress

ipconfig

Score 0 of 1

Question:

In software defined architectures, which plane is distributed and

responsible for traffic forwarding?

Response:

control plane

management plane

data plane

policy plane

Score 0 of 1

Question:

Which function does an SNMP agent perform?

Response:

It sends information about MIB variables in response to requests from the N

It requests information from remote network nodes about catastrophic syste

It coordinates user authentication between a network device and a TACACS

server.
 It manages routing between Layer 3 devices in a network.

Score 0 of 1

Question:

All of the following must match for two OSPF routers to become
neighbors except which?

Response:

Router ID

Area ID

Stub area flag

Authentication password if using one

Score 1 of 1

Question:

Refer to the exhibit.

Which command must be executed for Gi1/1 on SW1 to passively

become a trunk port if Gi1/1 on SW2 is configured in desirable or
trunk mode?

Response:

switchport mode trunk

switchport mode dynamic auto

switchport mode dot1-tunnel

switchport mode dynamic desirable

Score 1 of 1

Question:

On which default interface have you configured an IP address for

a switch?

Response:

int vlan 1

int s/0/0

int fa0/0

int vty 0 15

Score 0 of 1

Question:

Which OSPF message type is used to actually send the LSAs

between neighbors?

Response:

Link-State Request

Link-State Update

Link-State Description

Link-State Shuttle

Score 0 of 1

Question:

From the following options, what are the required REST API
attributes?

Response:

Dynamic interface

Uniform interface
 Clear determination of whether a resource can be cached

Peer-to-peer architecture

Score 0 of 1

Question:

What is a practice that protects a network from VLAN hopping

attacks?

Response:

Configure an ACL to prevent traffic from changing VLANs.

Implement port security on internet-facing VLANs.

Enable dynamic ARP inspection.

Change native VLAN to an unused VLAN ID.

Score 1 of 1

Question:

What command generated the output shown below?

- Reply from [Link]: bytes=32 time
- Reply from [Link]: bytes=32 time
- Reply from [Link]: bytes=32 time
- Reply from [Link]: bytes=32 time

Response:

traceroute

ping

show ip route

pathping

Score 1 of 1

Question:
Which answers describe how automation impacts network
management?

Response:

The increase in complexity of operations from automation results in a less c

configuration and more errors in the network

The use of data and controllers makes it possible to automate functions that
automated before.

The use of APIs and data models makes managing a network easier and qui

The use of automation slows the timeline for implementing new projects

Score 1 of 1

Question:

A local user (Bob) has been created on the switch and the
following output is from the same switch:

SW1#show crypto key mypubkey rsa

% Key pair was generated at: [Link] UTC Mar 2 2012
Key name: [Link]

Storage Device: not specified

Usage: General Purpose Key
Key is not exportable.
Key Data:

30819F30 0D06092A 864886F7 0D010101 05000381 8D003081

89028181 009A57C6
78938149 5740DCE8 4C29BF0B 6A75E3A2 30899991 14C2F5CE
5EE96D32 3BD16F27
ADB93E31 76EE584F AEE9B437 D52C31A1 38655F4B B44EF4AD
7D9BF6C4 585F0AE2
EF1D526E 6D45BB2C E16733CE DDDB3385 9D41A234 2A2F2FB4
D018623E 1315AB88
30FEC410 61701A3A 35B7FBBE 366CA098 E4FE207B 77AAA99F
6BC1E440 99020301 0001

% Key pair was generated at: [Link] UTC Mar 2 2012

Key name: [Link]

Temporary key
Usage: Encryption Key
Key is not exportable.
Key Data:

307C300D 06092A86 4886F70D 01010105 00036B00 30680261

00B39B93 1CA95CF8
53A6C686 DB890DB9 884007E4 F9DCB7D0 27240DE0 2A25307D
73075C87 8885B335
32F60805 3EDB7CB2 07CFA030 DBC14A83 AF2BA323 2E1BAF23
8ADEC75E 48276E3F
B47CF339 2ED49D6D B939793E F7080D9E E9F4BE52 2D99A0D1
3B020301 0001

SW1#

Bob has an IP address on his computer, and can ping the interface
of the switch. SSH is enabled on the vty lines, but the user Bob
cannot log in to the switch via SSH? What needs to be added to
the configuration?

Response:

Make Bob’s password at least eight characters long

Configure a domain name for the switch

Require local authentication

Generate the RSA key pair for SSH

Score 1 of 1

Question:

Considering the differences between NAT and PAT, which is the

most accurate description?

Response:

NAT allows for multiple protocols across a single IP address

NAT translates many IP addresses into a few or even one IP address

PAT translates many IP addresses into a few or even one IP address

PAT allows for multiple protocols across multiple IP addresses

Score 1 of 1
Question:

On workstations running Microsoft Windows, which protocol

provides the default gateway for the device?

Response:

SNMP

STP

DNS

DHCP

Score 0 of 1

Question:

In QoS, which prioritization method is appropriate for interactive

voice and video?

Response:

low-latency queuing

expedited forwarding

round-robin scheduling

traffic policing

Score 0 of 1

Question:

Refer to the exhibit; which options are true about the OSPF
configuration?
Response:

R2 is configured in a single OSPF area: 0.

R2 is configured in two OSPF areas: 0 and 2.

R2’s F0/1 is configured using OSPF interface configuration.

 R2’s F0/1 is configured using OSPF network configuration.

Score 0 of 1

Question:

Refer to the diagram; which command could be configured on R1

to automatically calculate an IPv6 address from a prefix learned
from the ISP router?

Response:

ipv6 address dynamic

ipv6 address autoconfig neighbor

ipv6 address slaac

ipv6 address autoconfig

Score 0 of 1

Question:

For which reasons was the RFC 1918 address space defined?

Response:

To support the NAT protocol

To preserve the public IPv6 address space

To reduce the Internet router’s routing table size

To avoid/delay IPv4 address exhaustion

Score 0 of 1

Question:
What is the class A network ID of the hosts shown on the single
LAN in the figure?

Response:

[Link]

[Link]

[Link]

[Link]

Score 1 of 1

Question:

Which two statements describe the IP address [Link]/23?

(Choose two.)

Response:

The subnet address is [Link] [Link].

The lowest host address in the subnet is [Link] [Link].

The last valid host address in the subnet is [Link] [Link].

The broadcast address of the subnet is [Link] [Link].

The network is not subnetted.

Score 0 of 1

Question:
This output comes from a network analysis tool. It lists a group of
lines for each header in a PDU, with the frame (data link) header
at the top, then the next header (typically the IP header), and so
on. The first line in each section has a gray highlight, with the
indented lines below each heading line listing details about the
fields inside the respective header.

You will need to remember some parts of the various headers, and
compare those concepts to this output, to answer this question.

The circled field, part of the Ethernet header, lists a value of hex
0800, which in this case means that an IP header follows next (as
shown on the line below the circled field.) What is the name of
that circled field?

Response:

Type

Length

SFD

Protocol

Score 1 of 1

Question:

Which of the following access lists will allow only HTTP traffic into
network [Link]?

Response:

access-list 100 permit [Link] [Link] eq www

access-list 10 deny tcp any [Link] eq www

access-list 110 permit www [Link] [Link]

 access-list 110 permit ip any [Link] [Link]

access-list 100 permit tcp any [Link] [Link] eq www

Score 1 of 1

Question:

What is the difference in data transmission delivery and reliability

between TCP and UDP?

Response:

TCP requires the connection to be established before transmitting data. UDP

at a higher rate without ensuring packet delivery

UDP is used for multicast and broadcast communication. TCP is used for uni
communication and transmits data at a higher rate with error checking.

UDP sets up a connection between both devices before transmitting data. TC

three-way handshake to transmit data with a reliable connection

TCP transmits data at a higher rate and ensures packet delivery. UDP retran
to ensure applications receive the data on the remote end

Score 0 of 1

Question:

An engineer at Acme Corporation was tasked with the subnetting

design for a new headquarters location. The only information she
was given is shown here:

- Use the [Link]/16 address space.

- Plan for at least 400 different subnets of the same size.
- Plan for each subnet to have at least 50 hosts per subnet.

How many subnet and host bits would be required?

Response:

Subnet: 9, Host: 7

Subnet: 8, Host: 8

Subnet: 10, Host: 6

 Subnet: 11, Host: 5

Score 0 of 1

Question:

Router R1 in the diagram needs to be configured for dynamic NAT,

reserving public IP addresses [Link] through [Link]
as a dynamic NAT pool for hosts in the [Link]/24 private IP
subnet.

Which of the following commands would be useful as part of the

NAT configuration on R1?

Response:

The ip nat outside interface subcommand under interface S0/0

The ip nat inside interface subcommand under interface S0/0

An access list that includes the single command access-list 1 permit 10.1.1.

The ip nat inside source pool mypool list 1 global configuration command

The ip nat pool mypool [Link] [Link] netmask [Link]

command

Score 0 of 1

Question:

When a client and server are not on the same physical network,
which device is used to forward requests and replies between
client and server for DHCP?

Response:
 DHCP relay agent

DHCP server

DHCPDISCOVER

DHCPOFFER

Score 0 of 1

Question:

Drag and drop the TCP or UDP details from the left onto their
corresponding protocols on the right.

Select and Place:

Solution:
Determine whether the given solution is correct?

Response:

Incorrect

Correct

Score 0 of 1

Question:

Refer to the diagram; you have been tasked to help implement

security measures for your company, which is going to place a
number of public access computer terminals in its retail locations.

Part of this process is securing the Ethernet ports that will be

used by these terminals; this will be done by implementing
Cisco’s port security feature on SW2 and SW3.

Your boss wants to make sure that any traffic from unauthorized
devices is logged but not affect the operation of the terminals. In
this case, which port security violation mode should be configured
on these ports?

Response:

Shutdown

Restrict
 Disable

Protect

Score 0 of 1

Question:

Which security function would be the best option to recognize a

DoS attack?

Response:

Stateful firewall

Security zone

Stateless firewall

Router ACL

Score 0 of 1

Question:

Which QoS per-hop behavior changes the value of the ToS field in
the IPv4 packet header?

Response:

Marking

Policing

Classification

Shaping

Score 0 of 1

Question:

Which options are true about implementing standard ACLs?

Response:
 Place them as close to the destination as possible.

All standard ACLs have a default deny action.

Place them as close to the source as possible

All standard ACLs have a default permit action.

Score 1 of 1

Question:

Which of the following are methods of NAT?

(Choose three.)

Response:

Static

NAT double-translation

IP NAT pool

Dynamic

Overload

Score 0 of 1
(skipped)

Question:

Which networking function occurs on the data plane?

Response:

processing inbound SSH management traffic

sending and receiving OSPF Hello packets

forwarding remote client/server traffic

facilitates spanning-tree elections

Score 0 of 1
(skipped)

Question:

Refer to the exhibit.

An engineer is configuring the HO router. Which IPv6 address

configuration must be applied to the router fa0/1 interface for the
router to assign a unique 64-bit IPv6 address to itself?

Response:

ipv6 address [Link]/64

ipv6 address [Link]/64

 ipv6 address [Link]/64

ipv6 address [Link]/64

Score 0 of 1
(skipped)

Question:

Refer to the exhibit.

What must be configured to enable 802.11w on the WLAN?

Response:

Set Fast Transition to Enabled.

Enable WPA Policy.

Set PMF to Required.

Enable MAC Filtering.

Score 0 of 1
(skipped)

Question:
A customer needs wireless access points on a different VLAN from
the controller to join via broadcast. Which two commands are
required on the Layer 3 switch?
(Choose two.)

Response:

ip forward-protocol tcp 5246

ip helper-address <WLC-Multicast-Address>

ip helper-address <WLC-Virtual-Address>

ip forward-protocol udp 5246

ip helper-address

Score 0 of 1
(skipped)

Question:

Which wireless LAN design ensures that a mobile wireless client

will not lose connectivity when moving from one access point to
another?

Response:

Using adapters and access points manufactured by the same company

Overlapping the wireless cell coverage by at least 15%

Configuring all access points to use the same channel

Utilizing MAC address filtering to allow the client MAC address to authentica
surrounding APs

Score 0 of 1
(skipped)

Question:

What command would need to be utilized to allow DAI to check for

source MAC addresses?

Response:
 ip arp validate inspection src-mac

ip arp inspection validate src-mac

ip arp validate src-mac

ip arp inspection src-mac

Score 0 of 1
(skipped)

Question:

A junior-level engineer has been given the task of configuring an

ACL on a router; she was told that the port that should be blocked
is UDP 69. Which access-list command keyword could be used in
place of this port number when configured?

Response:

smtp

tftp

ftp-data

ftp

Score 0 of 1
(skipped)

Question:

This SDA design uses the [Link]/12 network for the underlay
addressing scheme and [Link]/16 for the enterprise. Using
the figure as a reference, what is the best option for IP addresses
for SW1 through SW4?
Response:

[Link], [Link], [Link], [Link]

[Link], [Link], [Link], [Link]

[Link], [Link], [Link], [Link]

[Link], [Link], [Link], [Link]

Score 0 of 1
(skipped)

Question:

Which option is a valid IPv6 address?

Response:

[Link]

[Link]

[Link]WXYZ:0067::2A4

[Link]

Score 0 of 1
(skipped)

Question:

Given a mask of [Link], which of the following statements

are true?
Response:

If a Class B network had this mask, up to 254 possible subnets could be crea

This is not the default mask for a Class A address

There could be 254 possible hosts on the subnet with this mask

This is not the default mask for a Class C address

Score 0 of 1
(skipped)

Question:

What router command allows you to determine whether an IP

access list is enabled on a particular interface?

Response:

show ip port

show access-lists

show ip interface

show access-lists interface

Score 0 of 1
(skipped)

Question:

Which one of the following is true about the Cisco core layer in
the three-tier design?

Response:

Never do anything to slow down traffic. This includes making sure you don’t
perform routing between virtual local area networks, or implement packet fi

It’s best to support workgroup access here.

Expanding the core, e.g., adding routers as the internetwork grows, is highly
as a first step in expansion.
 All cables from the Core must connect to the TOR.

Score 0 of 1
(skipped)

Question:

Which of the following statements correctly describes the

functions of data integrity and data privacy?

Response:

Data integrity involves making the right decisions about protecting wireless

Data privacy involves hiding the contents of wireless frames so eavesdroppe

successfully read the original data.

Data integrity involves hiding the contents of wireless frames so eavesdropp

successfully read the original data.

Data privacy involves protecting the contents of wireless frames so that the
cannot be altered.

Score 0 of 1
(skipped)

Question:

Which is true about DAI?

Response:

It must use TCP, BootP, and DHCP snooping in order to work.

DHCP snooping is required in order to build the MAC-to-IP bindings for DAI v

DAI is required in order to build the MAC-to-IP which protects against man in
attacks.

DAI tracks ICMP-to-MAC bindings from DHCP.

Score 0 of 1
(skipped)

Question:

Which of the following protocols utilizes the well-known port

number 53?
Response:

SNMP

DHCP server

DHCP client

DNS

Score 0 of 1
(skipped)

Question:

What type(s) of route is the following?

S* [Link]/0 [1/0] via [Link]

(Choose all that apply.)

Response:

Default

Subnetted

Static

Local

Score 0 of 1
(skipped)

Question:

A leased line provides a _________ service.

Response:

Layer 2

Layer 1

Layer 3
 Layer 5

Score 0 of 1
(skipped)

Question:

Refer to the exhibit.

For security reasons, automatic neighbor discovery must be

disabled on the R5 Gi0/1 interface. These tasks must be
completed:

- Disable all neighbor discovery methods on R5 interface Gi0/1

- Permit neighbor discovery on R5 interface Gi0/2.
- Verify there are no dynamically learned neighbors on R5 interface Gi0/1.
- Display the IP address of R6's interface Gi0/2

Which configuration must be used?

Response:

R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(confi

R5(config)#no cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor

R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(confi

R5(config)#cdp run R5#sh cdp neighbor R5#sh lldp neighbor

R5(config)#int Gi0/1 R5(config-if)#no cdp run R5(config-if)#exit R5(config)#

R5(config)#cdp enable R5#sh cdp neighbor R5#sh lldp neighbor

R5(config)#int Gi0/1 R5(config-if)#no cdp enable R5(config-if)#exit R5(confi

R5(config)#cdp run R5#sh cdp neighbor detail R5#sh lldp neighbor

Score 0 of 1
(skipped)

Question:

Drag and drop the QoS terms from the left onto the descriptions
on the right.

Select and Place:

Solution:

Determine whether the given solution is correct?

Response:

Correct
Incorrect