CCNA 200-301 Dumps Full Questions – Exam Study Guide & Free

CCNA 200-301 Exam Information

The official CCNA 200-301 exam contains 100± questions, to be completed in 120 minutes. The passing score is usually 825 out of 1000.

Cisco Certified Network Associate (CCNA 200-301) is the single exam required to earn CCNA certification. This exam is effective from February 24, 2020. It has replaced the earlier CCNA Routing and Switching exam.

This exam tests a candidate’s knowledge and skills related to a broad range of fundamentals for IT careers, for example, network fundamentals, network access, IP connectivity, IP services, security fundamentals, and network automation and programmability.

Exam Topics

The following topics and their approximate %ages of content are likely to be included on the CCNA 200-301 exam. However, Cisco may include other related topics on any delivery of exam.

NEW CCNA 300-301 PATTERN IN EXAMINATION
1. Network Fundamentals: Includes basic fundamentals of networking 20%
2. Network Access: How to connect to a network 20%
3. IP Connectivity: Basics of Routing and Switching 25%
4. IP Services: Includes services DNS, DHCP, FTP… 10%
5. Security Fundamentals: Foundational knowledge 15%
6. Automation and Programmability: Importance, basics and application 10%

CCNA 200-301 DUMPS

From the comments here and information from other places, this article tries to summarize all the CCNA frequently asked questions and many tips that can help you save much time when sitting in the exam hall.
Please feel free to ask anything that you are unclear about CCNA so that all of us can help you. I will update this article frequently to bring you newest information about this exam.

Multiple Choice Questions

1. What are two benefits of network automation? (Choose two)

  • A. reduced operational costs
  • B. reduced hardware footprint
  • C. faster changes with more reliable results
  • D. fewer network failures
  • E. increased network security

Correct Answer: AC
Section: Automation and Programmability

2. Which command enables a router to become a DHCP client?

  • A. ip address dhcp
  • B. ip helper-address
  • C. ip dhcp pool
  • D. ip dhcp client

Correct Answer: D
Section: IP Services

3. Which design element is a best practice when deploying an 802.11b wireless infrastructure?

  • A. disabling TPC so that access points can negotiate signal levels with their attached wireless devices
  • B. setting the maximum data rate to 54 Mbps on the Cisco Wireless LAN Controller
  • C. allocating nonoverlapping channels to access points that are in close physical proximity to one another
  • D. configuring access points to provide clients with a maximum of 5 Mbps

Correct Answer: C
Section: Network Access

4. When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)

  • A. 2000::/3
  • B. 2002::5
  • C. FC00::/7
  • D. FF02::1
  • E. FF02::2

Correct Answer: DE
Section: Network Fundamentals

5. Which option about JSON is true?

  • A. uses predefined tags or angle brackets (<>) to delimit markup text
  • B. used to describe structured data that includes arrays
  • C. used for storing information
  • D. similar to HTML, it is more verbose than XML

6. Which IPv6 address type provides communication between subnets and cannot route on the Internet?

  • A. global unicast
  • B. unique local
  • C. link-local
  • D. multicast

Correct Answer: B
Section: Network Fundamentals

7. Which command prevents passwords from being stored in the configuration as plain text on a router or switch?

  • A. enable secret
  • B. service password-encryption
  • C. username Cisco password encrypt
  • D. enable password

Correct Answer: B
Section: Security Fundamentals

8. What are two southbound APIs? (Choose two )

  • A. OpenFlow
  • B. NETCONF
  • C. Thrift
  • D. CORBA
  • E. DSC

Correct Answer: AB
Section: Automation and Programmability

9. Which set of action satisfy the requirement for multifactor authentication?

  • A. The user swipes a key fob, then clicks through an email link.
  • B. The user enters a user name and password, and then clicks a notification in an authentication app on a mobile device.
  • C. The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen.
  • D. The user enters a user name and password and then re-enters the credentials on a second screen.

Correct Answer: B
Section: Security Fundamentals

10. Which two capacities of Cisco DNA Center make it more extensible? (Choose two)

  • A. adapters that support all families of Cisco IOS software
  • B. SDKs that support interaction with third-party network equipment
  • C. customized versions for small, medium, and large enterprises
  • D. REST APIs that allow for external applications to interact natively with Cisco DNA Center
  • E. modular design that is upgradable as needed

Correct Answer: BD
Section: Automation and Programmability

11. An email user has been lured into clicking a link in an email sent by their company’s security organization. The webpage that opens reports that it was safe but the link could have contained malicious code.
Which type of security program is in place?

  • A. Physical access control
  • B. Social engineering attack
  • C. brute force attack
  • D. user awareness

Correct Answer: D
Section: Security Fundamentals

12. Which type of wireless encryption is used for WPA2 in preshared key mode?

  • A. TKIP with RC4
  • B. RC4
  • C. AES-128
  • D. AES-256

Correct Answer: D
Section: Security Fundamentals

13. Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

  • A. The switch must be running a k9 (crypto) IOS image.
  • B. The ip domain-name command must be configured on the switch.
  • C. IP routing must be enabled on the switch.
  • D. A console password must be configured on the switch.
  • E. Telnet must be disabled on the switch.

Correct Answer: AB
Section: Network Access

14. Which type of address is the public IP address of a NAT device?

  • A. outside global
  • B. outsdwde local
  • C. inside global
  • D. insride local
  • E. outside public
  • F. inside public

15. Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A?

  • A. 10.10.10.0/28
  • B. 10.10.13.0/25
  • C. 10.10.13.144/28
  • D. 10.10.13.208/29

Correct Answer: D
Section: Network Fundamentals

Explanation/Reference: Host A address fall within the address range. However, if more than one route to the same subnet exist (router will use the longest stick match, which match more specific route to the subnet). If there are route 10.10.13.192/26 and 10.10.13.208/29, the router will forward the packet to /29 rather than /28.


16. How does HSRP provide first hop redundancy?

  • A. It load-balances traffic by assigning the same metric value to more than one route to the same destination m the IP routing table.
  • B. It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.
  • C. It forwards multiple packets to the same destination over different routed links n the data path.
  • D. It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN.

Correct Answer: D
Section: IP Connectivity

17. In Which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required?

  • A. A spine switch and a leaf switch can be added with redundant connections between them.
  • B. A spine switch can be added with at least 40 GB uplinks.
  • C. A leaf switch can be added with a single connection to a core spine switch.
  • D. A leaf switch can be added with connections to every spine switch.

Correct Answer: D
Section: Network Fundamentals

18. Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)

  • A. It drops lower-priority packets before it drops higher-priority packets.
  • B. It can identify different flows with a high level of granularity.
  • C. It guarantees the delivery of high-priority packets.
  • D. It can mitigate congestion by preventing the queue from filling up.
  • E. It supports protocol discovery.

Correct Answer: AD
Section: IP Services

19. A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

  • A. CDP
  • B. SNMP
  • C. SMTP
  • D. ARP

Correct Answer: B
Section: IP Services

20. Refer to the exhibit. What is the effect of this configuration?

  • A. The switch port interface trust state becomes untrusted.
  • B. The switch port remains administratively down until the interface is connected to another switch.
  • C. Dynamic ARP inspection is disabled because the ARP ACL is missing.
  • D. The switch port remains down until it is configured to trust or untrust incoming packets.

Correct Answer: A
Section: Security Fundamentals

21. A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two)

  • A. runts
  • B. giants
  • C. frame
  • D. CRC
  • E. input errors

Correct Answer: DE
Section: Network Fundamentals

22. How do TCP and UDP differ in the way that they establish a connection between two endpoints?

  • A. TCP uses synchronization packets, and UDP uses acknowledgment packets.
  • B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits.
  • C. UDP provides reliable message transfer and TCP is a connectionless protocol.
  • D. TCP uses the three-way handshake and UDP does not guarantee message delivery.

Correct Answer: D
Section: Network Fundamentals

23. When OSPF learns multiple paths to a network, how does it select a route?

  • A. It multiple the active K value by 256 to calculate the route with the lowest metric.
  • B. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.
  • C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.
  • D. It count the number of hops between the source router and the destination to determine the router with the lowest metric.

Correct Answer: C
Section: IP Connectivity

24. Refer to the exhibit. Which password must an engineer use to enter the enable mode?

  • A. adminadmin123
  • B. default
  • C. testing1234
  • D. cisco123

Correct Answer: C
Section: Network Access

25. Which configuration is needed to generate an RSA key for SSH on a router?

  • A. Configure the version of SSH.
  • B. Configure VTY access.
  • C. Create a user with a password.
  • D. Assign a DNS domain name.

Correct Answer: D
Section: Security Fundamentals

26. Which output displays a JSON data representation?

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D

Correct Answer: C
Section: Automation and Programmability

27. What is the primary different between AAA authentication and authorization?

  • A. Authentication verifies a username and password, and authorization handles the communication between the authentication agent and the user database.
  • B. Authentication identifies a user who is attempting to access a system, and authorization validates the users password.
  • C. Authentication identifies and verifies a user who is attempting to access a system, and authorization controls the tasks the user can perform.
  • D. Authentication controls the system processes a user can access and authorization logs the activities the user initiates.

Correct Answer: C
Section: Security Fundamentals

28. A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?

  • A. It allows the traffic to pass through unchanged.
  • B. It drops the traffic.
  • C. It tags the traffic with the default VLAN.
  • D. It tags the traffic with the native VLAN.

Correct Answer: A
Section: Network Access

29. An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria?

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D

Correct Answer: D
Section: Network Fundamentals

30. What is a benefit of using a Cisco Wireless LAN Controller?

  • A. Central AP management requires more complex configurations.
  • B. Unique SSIDs cannot use the same authentication method.
  • C. It supports autonomous and lightweight APs.
  • D. It eliminates the need to configure each access point individually.

Correct Answer: D
Section: Network Fundamentals

31. What are two characteristics of a controller-based network? (Choose two)

  • A. The administrator can make configuration updates from the CLI.
  • B. It uses northbound and southbound APIs to communicate between architectural layers.
  • C. It moves the control plane to a central point.
  • D. It decentralizes the control plane, which allows each device to make its own forwarding decisions.
  • E. It uses Telnet to report system issues.

Correct Answer: BC
Section: Automation and Programmability

32. Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

  • A. dual algorithm
  • B. metric
  • C. administrative distance
  • D. hop count

Correct Answer: C
Section: IP Connectivity

33. Refer to Exhibit. How does SW2 interact with other switches in this VTP domain?

  • A. It processes VTP updates from any VTP clients on the network on its access ports.
  • B. It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.
  • C. It forwards only the VTP advertisements that it receives on its trunk ports.
  • D. It transmits and processes VTP updates from any VTP Clients on the network on its trunk ports.

Correct Answer: C
Section: Network Access

34. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?

  • A. sniffer
  • B. mesh
  • C. flexconnect
  • D. local

Correct Answer: C
Section: Network Access

35. Which two encoding methods are supported by REST APIs? (Choose two)

  • A. YAML
  • B. JSON
  • C. EBCDIC
  • D. SGML
  • E. XML

Correct Answer: BE
Section: Automation and Programmability

36. What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)

  • A. when the sending device waits 15 seconds before sending the frame again
  • B. when the cable length limits are exceeded
  • C. when one side of the connection is configured for half-duplex
  • D. when Carriner Sense Multiple Access/Collision Detection is used
  • E. when a collision occurs after the 32nd byte of a frame has been transmitted

Correct Answer: BC
Section: Network Fundamentals

Explanation/Reference:
The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC.


37. Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the routing table?

  • A. 20
  • B. 90
  • C. 110
  • D. 115

Correct Answer: B
Section: IP Connectivity

38. What is the primary effect of the spanning-tree portfast command?

  • A. It enables BPDU messages
  • B. It minimizes spanning-tree convergence time
  • C. It immediately puts the port into the forwarding state when the switch is reloaded
  • D. It immediately enables the port in the listening state

Correct Answer: B
Section: Network Access

39. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?

  • A. The Layer 2 switch drops the received frame.
  • B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.
  • C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.
  • D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table.

Correct Answer: B
Section: Network Fundamentals

40. Refer to the exhibit. What is the effect of this configuration?

  • A. All ARP packets are dropped by the switch.
  • B. Egress traffic is passed only if the destination is a DHCP server.
  • C. All ingress and egress traffic is dropped because the interface is untrusted.
  • D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.

Correct Answer: D
Section: Security Fundamentals

41. Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP?

  • A. 10.4.4.4
  • B. 10.4.4.5
  • C. 172.23.103.10
  • D. 172.23.104.4

Correct Answer: C
Section: IP Services

42. Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?

  • A. 192.168.16.0/21
  • B. 192.168.16.0/24
  • C. 192.168 26.0/26
  • D. 192.168.16.0/27

Correct Answer: D
Section: IP Connectivity

43. Which IPv6 address block sends packets to a group address rather than a single address?

  • A. 2000::/3
  • B. FC00::/7
  • C. FE80::/10
  • D. FF00::/8

Correct Answer: D
Section: Network Fundamentals

44. Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN Controller GUI? (Choose two)

  • A. management interface settings
  • B. QoS settings
  • C. Ip address of one or more access points
  • D. SSID
  • E. Profile name

Correct Answer: DE
Section: Network Access

45. Which two actions influence the EIGRP route selection process? (Choose two)

  • A. The router calculates the reported distance by multiplying the delay on the exiting Interface by 256.
  • B. The router calculates the best backup path to the destination route and assigns it as the feasible successor.
  • C. The router calculates the feasible distance of all paths to the destination route.
  • D. The advertised distance is calculated by a downstream neighbor to inform the local router of the bandwidth on the link.
  • E. The router must use the advertised distance as the metric for any given route.

Correct Answer: BC
Section: IP Connectivity

46. Refer to Exhibit. Which action do the switches take on the trunk link?

  • A. The trunk does not form and the ports go into an err-disabled status.
  • B. The trunk forms but the mismatched native VLANs are merged into a single broadcast domain.
  • C. The trunk does not form, but VLAN 99 and VLAN 999 are allowed to traverse the link.
  • D. The trunk forms but VLAN 99 and VLAN 999 are in a shutdown state.

Correct Answer: B
Section: Network Access

47. Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

  • A. lldp timer
  • B. lldp holdtimt
  • C. lldp reinit
  • D. lldp tlv-select

Correct Answer: C
Section: Network Access

48. An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is in the proper mode?

  • A. Exchange
  • B. 2-way
  • C. Full
  • D. Init

Correct Answer: C
Section: IP Connectivity

49. Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

  • A. The interface is not participating in OSPF.
  • B. A point-to-point network type is configured.
  • C. The default Hello and Dead timers are in use.
  • D. There are six OSPF neighbors on this interface.

Correct Answer: C
Section: IP Connectivity

50. An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two)

  • A. Configure the ports in an EtherChannel.
  • B. Administratively shut down the ports.
  • C. Configure the port type as access and place in VLAN 99.
  • D. Configure the ports as trunk ports.
  • E. Enable the Cisco Discovery Protocol.

Correct Answer: BC
Section: Security Fundamentals

51. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

  • A. Bronze
  • B. Platinum
  • C. Silver
  • D. Gold

Correct Answer: B
Section: Network Access

52. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1. The new circuit uses eBGP and teams the route to VLAN25 from the BGP path. Whats the expected behavior for the traffic flow for route 10.10.13.0/25?

  • A. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces.
  • B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gio/1.
  • C. Traffic to 10.10.13.0/25 is asymmeteical.
  • D. Route 10.10.13.0/25 learned via the Gi0/0 interface remains in the routing table.

Correct Answer: D
Section: IP Connectivity

53. Which statement identifies the functionality of virtual machines?

  • A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
  • B. The hypervisor can virtualize physical components including CPU, memory, and storage.
  • C. Each hypervisor can support a single virtual machine and a single software switch.
  • D. The hypervisor communicates on Layer 3 without the need for additional resources.

Correct Answer: B
Section: Network Fundamentals

54. Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?

  • A. floating static route
  • B. host route
  • C. default route
  • D. network route

Correct Answer: D
Section: Network Fundamentals

55. Refer to the exhibit. Which configuration when applied to switch A accomplishes this task?

  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D

Correct Answer: B
Section: Security Fundamentals

56. Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable. What is the result of this configuration?

  • A. The link is in a down state.
  • B. The link is in an error disables state
  • C. The link is becomes an access port.
  • D. The link becomes a trunk port.

Correct Answer: D
Section: Network Access

57. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?

  • A. CPU ACL
  • B. TACACS
  • C. Flex ACL
  • D. RADIUS

Correct Answer: A
Section: Security Fundamentals

58. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is running encapsulation PPP, by default, which OSPF network type is seen on this interface when the user types show ip ospf interface on R1 or R2?

  • A. port-to-multipoint
  • B. broadcast
  • C. point-to-point
  • D. nonbroadcast

Correct Answer: C
Section: IP Connectivity

59. Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

  • A. passive
  • B. mode on
  • C. auto
  • D. active

Correct Answer: D
Section: Network Access

60. A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF, by default, which type of OSPF network does this interface belong to?

  • A. point-to-multipoint
  • B. point-to-point
  • C. broadcast
  • D. nonbroadcast

Correct Answer: C
Section: IP Connectivity

61. An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?

  • A. platform-as-a-service
  • B. software-as-a-service
  • C. network-as-a-service
  • D. infrastructure-as-a-service

Correct Answer: D
Section: Automation and Programmability

62. Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

  • A. autonomous
  • B. lightweight
  • C. bridge
  • D. mobility express

Correct Answer: B
Section: Network Access

63. Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?

  • A. ipv6 address dhcp
  • B. ipv6 address 2001:DB8:5:112::/64 eui-64
  • C. ipv6 address autoconfig
  • D. ipv6 address 2001:DB8:5:112::2/64 link-local

Correct Answer: C
Section: Network Fundamentals

64. Refer to Exhibit. An engineer is configuring the NEW York router to reach the Lot interface of the Atlanta router using interface Se0/0/0 as the primary path. Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

 

  • A. ipv6 router 2000::1/128 2012::1
  • B. ipv6 router 2000::1/128 2012:1 5
  • C. ipv6 router 2000::1/128 2012::2
  • D. ipv6 router 2000::1/128 2023:2 5
  • E. ipv6 router 2000::1/128 2023::3 5

Correct Answer: AE
Section: IP Connectivity

65. Refer to the exhibit. Which command provides this output?

  • A. show ip route
  • B. show ip interface
  • C. show interface
  • D. show cdp neighbor

Correct Answer: D
Section: Network Access

66. Which two outcomes are predictable behaviors for HSRP? (Choose two)

  • A. The two routers share a virtual IP address that is used as the default gateway for devices on the LAN.
  • B. The two routers negotiate one router as the active router and the other as the standby router.
  • C. Each router has a different IP address both routers act as the default gateway on the LAN, and traffic is load balanced between them.
  • D. The two routers synchronize configurations to provide consistent packet forwarding.
  • E. The two routed share the same IP address, and default gateway traffic is load-balanced between them.

Correct Answer: AB
Section: IP Connectivity

67. Which action is taken by a switch port enabled for PoE power classification override?

  • A. When a powered device begins drawing power from a PoE switch port a syslog message is generated.
  • B. As power usage on a PoE switch port is checked data flow to the connected device is temporarily paused.
  • C. If a switch determines that a device is using less than the minimum configured power it assumes the device has failed and disconnects.
  • D. If a monitored port exceeds the maximum administrative value for power, the port is shutdown and err disabled.

Correct Answer: D
Section: Network Fundamentals

68. Which 802.11 frame type is association response?

  • A. management
  • B. protected frame
  • C. control
  • D. action

Correct Answer: A
Section: Network Fundamentals

Explanation/Reference:
Reference: https://en.wikipedia.org/wiki/802.11_Frame_Types

69. Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network device? (Choose two)

  • A. Enable NTP authentication.
  • B. Verify the time zone.
  • C. Disable NTP broadcasts.
  • D. Specify the IP address of the NTP server.
  • E. Set the NTP server private key.

Correct Answer: DE
Section: IP Services

70. Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)

  • A. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router.
  • B. Configure the ipvô route 2023::/126 2012::1 command on the Atlanta router.
  • C. Configure the Ipv6 route 2012::/126 s0/0/0 command on the Atlanta router.
  • D. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router.
  • E. Configure the ipv6 route 2012::/126 2023::2 command on the Washington router.

Correct Answer: DE
Section: IP Connectivity

71. Which result occurs when PortFast is enabled on an interface that is connected to another switch?

  • A. Spanning tree may fail to detect a switching loop in the network that causes broadcast storms.
  • B. VTP is allowed to propagate VLAN configuration information from switch to switch automatically.
  • C. Root port choice and spanning tree recalculation are accelerated when a switch link goes down.
  • D. After spanning tree converges PortFast shuts down any port that receives BPDUS.

Correct Answer: A
Section: Network Access

72. Refer to exhibit. Which statement explains the configuration error message that is received?

  • A. It is a broadcast IP address.
  • B. The router does not support/28 mask.
  • C. It belongs to a private IP address range.
  • D. It is a network IP address.

Correct Answer: A
Section: Network Fundamentals

73. When a floating static route is configured, which action ensures that the backup route is used when the primary route fails?

  • A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup.
  • B. The administrative distance must be higher on the primary route so that the backup route becomes secondary
  • C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup.
  • D. The default-information originate command must be configured for the route to be installed into the routing table.

Correct Answer: A
Section: IP Connectivity

74. What makes Cisco DNA Center different from traditional network management applications and their management of networks?

  • A. It only supports auto-discovery of network elements in a greenfield deployment.
  • B. It modular design allows someone to implement different versions to meet the specific needs of an organization.
  • C. It abstracts policy from the actual device configuration.
  • D. It does not support high availability of management functions when operating in cluster mode.

Correct Answer: C
Section: Automation and Programmability

75. Which network allows devices to communicate without the need to access the Internet?

  • A. 172.9.0.0/16
  • B. 172.28.0.0/16
  • C. 192.0.0.0/8
  • D. 209.165.201.0/24

Correct Answer: B
Section: Network Fundamentals

76. Refer to the exhibit. What does router R1 use as its OSPF router-ID?

  • A. 10.10.1.10
  • B. 10.10.10.20
  • C. 172.16.15.10
  • D. 192.168.0.1

Correct Answer: C
Section: IP Connectivity

77. Refer to the exhibit. If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

  • A. It sends packets out of interface Fa0/2 only.
  • B. It sends packets out of interface Fa0/1 only.
  • C. It cannot send packets to 10.10.13 128/25.
  • D. It load-balances traffic out of Fa0/1 and Fa0/2.

Correct Answer: C
Section: IP Connectivity

78. When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

  • A. IKEv2
  • B. IKEv1
  • C. IPsec
  • D. MD5

Correct Answer: C
Section: Security Fundamentals

79. Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration farted to work as intended. Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0 20 026 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose two)

  • A. Add a “permit ip any any” statement to the begining of ACL 101 for allowed traffic.
  • B. Add a “permit ip any any” statement at the end of ACL 101 for allowed traffic.
  • C. The source and destination IPs must be swapped in ACL 101.
  • D. The ACL must be configured the Gi0/2 interface inbound on R1.
  • E. The ACL must be moved to the Gio/1 interface outbound on R2.

Correct Answer: BC
Section: Security Fundamentals

80. Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol?

  • A. on
  • B. auto
  • C. active
  • D. desirable

Correct Answer: A
Section: Network Access

81. A router running EIGRP has learned the same route from two different paths. Which parameter does the router use to select the best path?

  • A. cost
  • B. adminstrative distance
  • C. metric
  • D. as-path

Correct Answer: C
Section: IP Connectivity

82. R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the routing table?

  • A. IS-IS
  • B. RIP
  • C. Internal EIGRP
  • D. OSPF

Correct Answer: C
Section: IP Connectivity

83. Which MAC address is recognized as a VRRP virtual address?

  • A. 0000.5E00.010a
  • B. 0005.3711.0975
  • C. 0000.0C07.AC99
  • D. 0007.C070/AB01

Correct Answer: A
Section: IP Connectivity

84. Which statement correctly compares traditional networks and controller-based networks?

  • A. Only traditional networks offer a centralized control plane.
  • B. Only traditional networks natively support centralized management.
  • C. Traditional and controller-based networks abstract policies from device configurations.
  • D. Only controller-based networks decouple the control plane and the data plane.

Correct Answer: D
Section: Automation and Programmability

85. If a notice-level messaging is sent to a syslog server, which event has occurred?

  • A. A network device has restarted.
  • B. An ARP inspection has failed.
  • C. A routing instance has flapped.
  • D. A debug operation is running.

Correct Answer: C
Section: IP Services

86. Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

  • A. 0
  • B. 110
  • C. 38443
  • D. 3184439

Correct Answer: C
Section: IP Connectivity

87. Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1 120 command, how does the router respond?

  • A. It ignores the new static route until the existing OSPF default route is removed.
  • B. It immediately replaces the existing OSPF route in the routing table with the newly configured static route.
  • C. It starts load-balancing traffic between the two default routes.
  • D. It starts sending traffic without a specific matching entry in the routing table to GigabitEthernet0/1.

Correct Answer: A
Section: IP Connectivity

88. Refer to the Exhibit. After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. Which error must be corrected?

  • A. There is a native VLAN mismatch.
  • B. Access mode is configured on the switch ports.
  • C. The PCs are in the incorrect VLAN.
  • D. All VLANs are not enabled on the trunk.

Correct Answer: A
Section: Network Access

89. An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills the configuration requirement?

  • A. WEP
  • B. RC4
  • C. AES
  • D. TKIP

Correct Answer: C
Section: Security Fundamentals

90. Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?

  • A. To pass client traffic two or more ports must be configured.
  • B. The EtherChannel must be configured in “mode active”.
  • C. When enabled, the WLC bandwidth drops to 500 Mbps.
  • D. One functional physical port is needed to pass client traffic.

Correct Answer: D
Section: Network Access

91. When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two)

  • A. ASCII
  • B. base64
  • C. binary
  • D. decimal
  • E. hexadecimal

Correct Answer: AE
Section: Security Fundamentals

92. Which API is used in controller-based architectures to interact with edge devices?

  • A. overlay
  • B. northbound
  • C. underlay
  • D. southbound

Correct Answer: D
Section: Automation and Programmability

93. Refer to the exhibit. A network administrator is configuring an EtherChannel between SW1 and SW2. The SW1 configuration is shown. What is the correct configuration for SW2?

  • A. interface FastEthernet 0/1
    channel-group 1 mode active
    switchport trunk encapsulation dot1q
    switchport mode trunk
    interface FastEthernet 0/2
    channel-group 1 mode active
    switchport trunk encapsulation dot1q
    switchport mode trunk
  • B. interface FastEthernet 0/1
    channel-group 2 mode auto
    switchport trunk encapsulation dot1q
    switchport mode trunk
    interface FastEthernet 0/2
    channel-group 2 mode auto
    switchport trunk encapsulation dot1q
    switchport mode trunk
  • C. interface FastEthernet 0/1
    channel-group 1 mode desirable
    switchport trunk encapsulation dot1q
    switchport mode trunk
    interface FastEthernet 0/2
    channel-group 1 mode desirable
    switchport trunk encapsulation dot1q
    switchport mode trunk
  • D. interface FastEthernet 0/1
    channel-group 1 mode passive
    switchport trunk encapsulation
    dot1q switchport mode trunk
    interface FastEthernet 0/2
    channel-group 1 mode passive
    switchport trunk encapsulation dot1q
    switchport mode trunk

Explanation: If the etherchannel was configured with mode “auto”, it was using PagP, so, we need to configure the other switch with “desirable” mode.

PagP modes: auto | Desirable
LACP modes: active | pasive

94. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN 2. What causes this behavior?

  • A. trunk mode mismatches
  • B. allowing only VLAN 2 on the destination
  • C. native VLAN mismatches
  • D. VLANs that do not correspond to a unique IP subnet

Explanation: Untagged frames are encapsulated with the native VLAN. In this case, the native VLANs are different so although S1 will tag it as VLAN 1 it will be received by S2.

95. What are two enhancements that OSPFv3 supports over OSPFV2? (Choose two.)

  • A. It requires the use of ARP.
  • B. It can support multiple IPv6 subnets on a single link.
  • C. It supports up to 2 instances of OSPFv3 over a common link.
  • D. It routes over links rather than over networks.

96. Which option is a valid IPv6 address?

  • A. 2001:0000:130F::099a::12a
  • B. 2002:7654:A1AD:61:81AF:CCC1
  • C. FEC0:ABCD:WXYZ:0067::2A4
  • D. 2004:1:25A4:886F::1

Explanation: An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). An example of an IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
The leading 0’s in a group can be collapsed using ::, but this can only be done once in an IP address.

97. Which three are characteristics of an IPv6 anycast address? (Choose three.)

  • A. one-to-many communication model
  • B. one-to-nearest communication model
  • C. any-to-many communication model
  • D. a unique IPv6 address for each device in the group
  • E. the same address for multiple devices in the group
  • F. delivery of packets to the group interface that is closest to the sending device

Explanation: A new address type made specifically for IPv6 is called the Anycast Address. These IPv6 addresses are global addresses, these addresses can be assigned to more than one interface unlike an IPv6 unicast address. Anycast is designed to send a packet to the nearest interface that is a part of that anycast group. The sender creates a packet and forwards the packet to the anycast address as the destination address which goes to the nearest router. The nearest router or interface is found by using the metric of a routing protocol currently running on the network. However in a LAN setting the nearest interface is found depending on the order the neighbors were learned. The anycast packet in a LAN setting forwards the packet to the neighbor it learned about first.

98. Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)

  • A. Global addresses start with 2000::/3.
  • B. Link-local addresses start with FE00:/12.
  • C. Link-local addresses start with FF00::/10.
  • D. There is only one loopback address and it is ::1.
  • E. If a global address is assigned to an interface, then that is the only allowable address for the interface.

Explanation: Below is the list of common kinds of IPv6 addresses:

Loopback address ::1
Link-local address FE80::/10
Site-local address FEC0::/10
Global address 2000::/3
Multicast address FF00::/8

99. What is the alternative notation for the IPv6 address B514:82C3:0000:0000:0029:EC7A:0000:EC72?

  • A. B514 : 82C3 : 0029 : EC7A : EC72
  • B. B514 : 8203 :: 0029 : EC7A : EC72
  • C. B514 : 82C3 : 0029 :: EC7A : 0000 : EC72
  • D. B514 : 8203 :: 0029 : EC7A : 0 : EC72

Explanation: There are two ways that an IPv6 address can be additionally compressed: compressing leading zeros and substituting a group of consecutive zeros with a single double colon(::). Both of these can be used in any number of combinations to notate the same address. It is important to note that the double colon (::) can only be used once within a single IPv6 address notation. So, the extra 0’s can only be compressed once.

100. Which IPv6 address is valid?

  • A. 2001:0db8:0000:130F:0000:0000:08GC:140B
  • B. 2001:0db8:0:130H::87C:140B
  • C. 2031::130F::9C0:876A:130B
  • D. 2031:0:130F::9C0:876A:130B

Explanation: An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). An example of an IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
The leading O’s in a group can be collapsed using ::, but this can only be done once in an IP address.

101. Which two are features of IPv6? (Choose two.)

  • A. anycast
  • B. broadcast
  • C. multicast
  • D. podcast
  • E. allcast

Explanation: IPv6 addresses are classified by the primary addressing and routing methodologies common in networking: unicast addressing, anycast addressing, and multicast addressing. A unicast address identifies a single network interface. The Internet Protocol delivers packets sent to a unicast address to that specific interface. An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the member interfaces, typically the nearest host, according to the routing protocol’s definition of distance. Anycast addresses cannot be identified easily, they have the same format as unicast addresses, and differ only by their presence in the network at multiple points. Almost any unicast address can be employed as an anycast address.
A multicast address is also used by multiple hosts, which acquire the multicast address destination by participating in the multicast distribution protocol among the network routers. A packet that is sent to a multicast address is delivered to all interfaces that have joined the corresponding multicast group.

102. Which command enables IPv6 forwarding on a Cisco router?

  • A. ipv6 local
  • B. ipv6 host
  • C. ipv6 unicast-routing
  • D. ipv6 neighbor

Explanation: To enable IPv6 routing on the Cisco router use the following command: ipv6 unicast-routing
If this command is not recognized, your version of IOS does not support IPv6.

103. Which IPv6 address is the equivalent of the IPv4 interface loopback address 127.0.0.1?

  • A. : :1
  • B. ::
  • C. 2000::/3
  • D. 0::/10

Explanation: In IPv6 the loopback address is written as, ::1
This is a 128bit number, with the first 127 bits being ‘0’ and the 128th bit being ‘1’. It’s just a single address, so could also be written as ::1/128.

104. In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose two.)

  • A. fd15:0db8:0000:0000:700:3:400F:527B
  • B. fd15::db8::700:3:400F:527B
  • C. fd15:db8:0::700:3:4F:527B
  • D. fd15:0db8::7:3:4F:527B
  • E. fd15:db8::700:3:400F:572B

105. Refer to the exhibit. The MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at the switch. What two operations will the switch perform when it receives this frame? (Choose two.)

  • A. The switch will not forward a frame with this destination MAC address.
  • B. The frame will be forwarded out of all the ports on the switch.
  • C. The MAC address of ffff.ffff.ffff will be added to the MAC address table.
  • D. The frame will be forwarded out of all the active switch ports except for port fa0/0.
  • E. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table.
  • F. The frame will be forwarded out of fa0/0 and fa0/1 only.

106. Refer to the exhibit. Which switch in this configuration becomes the root bridge?

  • A. SW1
  • B. SW2
  • C. SW3
  • D. SW4

107. Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB? (Choose two.)

  • A. It ensures that data will be forwarded by RouterB.
  • B. It provides stability for the OSPF process on RouterB.
  • C. It specifies that the router ID for RouterB should be 10.0.0.1.
  • D. It decreases the metric for routes that are advertised from RouterB.
  • E. It indicates that RouterB should be elected the DR for the LAN.

Explanation: A loopback interface never comes down even if the link is broken so it provides stability for the OSPF process (for example we use that loopback interface as the router-id) – The router-ID is chosen in the order below:
+ The highest IP address assigned to a loopback (logical) interface. + If a loopback interface is not defined, the highest IP address of all active router’s physical interfaces will be chosen.
-> The loopback interface will be chosen as the router ID of RouterB ?

108. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose two.)

  • A. Two secure MAC address are manually configured on the interface.
  • B. A syslog message is generated when the maximum number of secure MAC addresses is on the interface.
  • C. The interface is error -disabled.
  • D. The interface dynamic ally learned two secure MAC addresses.
  • E. An SNMP trap is generated when the maximum number of secure MAC addresses is reached on the interface.

109. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose two.)

  • A. learned MAC addresses are deleted after five minutes of inactivity
  • B. the interface is error-diabled if packets arrive from a new unknown source address
  • C. it has dynamically learned two secure MAC addresses
  • D. it has dynamically learned three secure MAC addresses
  • E. the security violation counter increments if packets arrive from a new unknown source address

110. Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address? (Choose two.)

  • A. The security violation counter dose not increment
  • B. The port LED turns off
  • C. The interface is error-disabled
  • D. A syslog message is generated
  • E. The interface drops traffic from unknown MAC address

111. Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.)

  • A. there are 20 different network masks within the 10.0.0.0/8 network
  • B. A static default route to 10.85.33.14 was defined
  • C. Ten routes are equally load balanced between Te0/1/0.100 and Te0/2/0.100
  • D. The 10.0.0.0/8 network was learned via external EIGRP
  • E. The EIGRP administrative distance was manually changed from 90 to 170

112. Refer to the exhibit. Which statement about the interface that generated the output is true?

  • A. Five secure MAC addresses are dynamically learned on the interface.
  • B. A syslog message is generated when a violation occurs.
  • C. One secure MAC address is manually configured on the interface.
  • D. One secure MAC address is dynamically configured on the interface.

113. Refer to the exhibit. When PC 1 sends a packet to PC2, the packet has which source and destination IP address when it arrives at interface Gi0/0 on router R2?

  • A. source 192.168.10.10 and destination 10.10.2.2
  • B. source 192.168.20.10 and destination 192.168.20.1
  • C. source 192.168.10.10 and destination 192.168.20.10
  • D. source 10.10.1.1 and destination 10.10.2.2

114. Refer to the exhibit Users in your office are complaining that they cannot connect to the severs at a remote site. When troubleshooting, you find that you can successfully reach the severs from router R2. What is the most likely reason that the other users are experiencing connection failure?

  • A. interface ports are shut down on the remote servers
  • B. The DHCP address pool has been exhausted
  • C. The ip helper-address command is missing on the R2 interface that connects to the switch
  • D. VLSM is misconfigured between the router interface and the DHCP pool.

115. An engineer must configure a /30 subnet between two routes. Which usable IP address and subnet mask combination meets this criteria?

  • A. interface e0/0
    description to HQ-A370:98968
    ip address 10.2.1.3 255.255.255.252
  • B. interface e0/0
    description to HQ-A370:98968
    ip address 192.168.1.1 255.255.255.248
  • C. interface e0/0
    description to HQ-A370:98968
    ip address 172.16.1.4 255.255.255.248
  • D. interface e0/0
    description to HQ-A370:98968
    ip address 209.165.201.2 225.255.255.252

Correct Answer: D
Section: Network Fundamentals

116. Refer to the exhibit. The default-information originate command is configured under the R1 OSPF configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet.
Which action corrects the configuration issue?

  • A. Add the default-information originate command on R2.
  • B. Add the always keyword to the default-information originate command on R1.
  • C. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.18 command on R1.
  • D. Configure the ip route 0.0.0.0 0.0.0.0 10.10.10.2 command on R2.

Correct Answer: C
Section: IP Connectivity

117. Which of the following is the JSON encoding of a dictionary or hash?

  • A. {“key”:”value”}
  • B. [“key”,”value”]
  • C. {“key”,”value”}
  • D. (“key”:”value”)

118. Which option best describes an API?

  • A. A contract that describes how various components communicate and exchange data with each other.
  • B. an architectural style (versus a protocol) for designing applications;
  • C. a stateless client-server model
  • D. request a certain type of data by specifying the URL path that models the data

119. Which command verifies whether any IPv6 ACLs are configured on a router?

  • A. show ipv6 interface
  • B. show access-list
  • C. show ipv6 access-list
  • D. show ipv6 route

120. Which command can you enter to allow Telnet to be supported in addition to SSH?

  • A. transport input telnet ssh
  • B. transport input telnet
  • C. no transport input telnet
  • D. privilege level 15

121. AAA stands for authentication, authorization, and accounting

  • A. False
  • B. True

122. What will happen if you configure the logging trap debug command on a router?

  • A. It causes the router to send messages with lower severity levels to the syslog server.
  • B. It causes the router to send all messages with the severity levels Warning, Error, Critical, and Emergency to the syslog server.
  • C. It causes the router to send all messages to the syslog server
  • D. It causes the router to stop sending all messages to the syslog server.

123. Which Cisco IOS command will indicate that interface Gigabit Ethernet 0/0 is configured via DHCP?

  • A. show ip interface GigabitEthernet 0/0 dhcp
  • B. show interface GigabitEthernet 0/0
  • C. show ip interface dhcp
  • D. show ip interface GigabitEthernet 0/0
  • E. show ip interface GigabitEthernet 0/0 brief

124. Which statement about the nature of NAT overload is true?

  • A. applies a one-to-many relationship to internal IP addresses
  • B. applies a one-to-one relationship to internal IP addresses
  • C. applies a many-to-many relationship to internal IP addresses
  • D. can be configured only on Gigabit interface

125. Which command is used to configure an IPv6 static default route?

  • A. ipv6 route ::/0 interface next-hop5
  • B. ipv6 route default interface next-hop
  • C. ipv6 route 0.0.0.0/0 interface next-hop
  • D. ip route 0.0.0.0/0 interface next-hop

126. Which statement about static and dynamic routes is true?

  • A. Dynamic routes are manually configured by a network administrator, while static routes are automatically learned and adjusted by a routing protocol.
  • B. Static routes are manually configured by a network administrator, while dynamic routes are automatically learned and adjusted by a routing protocol.
  • C. Static routes tell the router how to forward packets to networks that are not directly connected, while dynamic routes tell the router how to forward packets to networks that are directly connected.
  • D. Dynamic routes tell the router how to forward packets to networks that are not directly connected, while static routes tell the router how to forward packets to networks that are directly connected.

127. What is the purpose of the show ip ospf interface command?

  • A. displaying OSPF-related interface information
  • B. displaying general information about OSPF routing processes
  • C. displaying OSPF neighbor information on a per-interface basis
  • D. displaying OSPF neighbor information on a per-interface-type basis

128. How can the Cisco Discovery Protocol be used?

  • A. to allow a switch to discover the devices that are connected to its ports
  • B. to determine the hardware platform of the device
  • C. to determine the IP addresses of connected Cisco devices
  • D. all of the above

129. How does STP prevent forwarding loops at OSI Layer 2?

  • A. TTL
  • B. MAC address forwarding
  • C. Collision avoidance
  • D. Port blocking

130. Which two statements about EtherChannel technology are true? (Choose two.)

  • A. EtherChannel provides increased bandwidth by bundling existing FastEthernet or Gigabit Ethernet interfaces into a single EtherChannel.
  • B. STP does not block EtherChannel links.
  • C. You can configure multiple EtherChannel links between two switches, using up to a limit of sixteen physical ports.
  • D. EtherChannel does not allow load sharing of traffic among the physical links within the EtherChannel.
  • E. EtherChannel allows redundancy in case one or more links in the EtherChannel fail.

131. Which three statements about MAC addresses are correct? (Choose three.)

  • A. To communicate with other devices on a network, a network device must have a unique MAC address.
  • B. The MAC address is also referred to as the IP address.
  • C. The MAC address of a device must be configured in the Cisco IOS CLI by a user with administrative privileges.
  • D. A MAC address contains two main components, the first of which identifies the manufacturer of the hardware and the second of which uniquely identifies the hardware.
  • E. An example of a MAC address is 0A:26:38: D6:65:90.
  • F. A MAC address contains two main components, the first of which identifies the network on which the host resides and the second of which uniquely identifies the host on the network.

132. Which three statements about network characteristics are true? (Choose three.)

  • A. Speed is a measure of the data rate in bits per second of a given link in the network.
  • B. Scalability indicates how many nodes are currently on the network.
  • C. The logical topology is the arrangement of cables, network devices, and end systems.
  • D. Availability is a measure of the probability that the network will be available for use when it is required.
  • E. Reliability indicates the dependability of the components that make up the network.

133. Which two statements about the purpose of the OSI model are accurate? (Choose two.)

  • A. Defines the network functions that occur at each layer
  • B. Facilitates an understanding of how information travels throughout a network
  • C. Changes in one layer do not impact other layer

Drag & Drop Questions

1. Drag and Drop

Select and Place:

Correct Answer:

Must match:
– area ID
– netmask
– timers

Must be unique:
– IP address
– router ID

Section: IP Connectivity

2. Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Select and Place:

Correct Answer:

Section: Security Fundamentals

Configure VACL. –> 802.1q double tagging
Configure dynamic ARP inspection. –> ARP spoofing
Configure root guard. –> unwanted superior BPDUs
Configure BPDU guard. –> unwanted BPDUs on PortFast-enabled interfaces

3. Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right

Select and Place:

Correct Answer:

Layer 2 Security Mechanisms:
– WPA+WPA2
– 802.1X

Layer 3 Security Mechanisms (for WLAN):
– web policy
– Passthrough

Section: Security Fundamentals

4. Drag and drop the network protocols from the left onto the correct transport services on the right.

Select and Place:

Correct Answer:

Connection Oriented:
– FTP
– SMTP
– SSH

Connectionless:
– SNMP
– VoIP
– TFTP

Section: IP Services

5. Refer to the exhibit.

Drag and drop the networking parameters from the left onto the correct values on the right.

Select and Place:

Correct Answer:

NIC vendor OUI –> 00:0C:22
NIC MAC address –> 00:0C:22:83:79:A3
default gateway –> 192.168.1.193
host IP address –> 192.168.1.200
subnet mask –> 255.255.255.192

Section: Network Fundamentals

6. Drag and drop the AAA functions from the left onto the correct AAA services on the right.

Select and Place:

Correct Answer:

Authentication:
– verifies the password associated with a user
– identifies the user

Authorization:
– controls the actions that a user can perform
– restricts the services that are available to a user

Accounting:
– provides analytical Information for the network administrator
– records user activities

Section: Security Fundamentals

7. Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right.

Select and Place:

Correct Answer:

172.28.228.144/21 –> 172.28.224.1 – 172.28.231.254
172.28.228.144/29 –> 172.28.228.145 – 172.28.228.150
172.28.228.144/23 –> 172.28.228.1 – 172.28.229.254
172.28.228.144/25 –> 172.28.228.129 – 172.28.228.254
172.28.228.144/18 –> 172.28.192.1 – 172.28.255.254

8. Drag and drop the descriptions of file transfer protocols from the left onto the correct protocols on the right.

Select and Place:

Correct Answer:

FTP:
– provides reliability when loading an IOS image upon boot up
– uses ports 20 and 21
– uses TCP

TFTP:
– does not require user authentication
– uses port 69
– uses UDP

Section: Network Fundamentals

9. Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Select and Place:

Correct Answer:

Ansible:
– uses SSH for remote device communication
– uses YAML for fundamental configuration elements

Chef:
– uses TCP port 10002 for configuration push jobs
– uses Ruby for fundamental configuration elements

Puppet:
– fundamental configuration elements are stored in a manifest
– uses TCP 8140 for communication

Section: Automation and Programmability

10. Drag and drop the WLAN components from the left onto the correct descriptions on the right.

Select and Place:

Correct Answer:

Section: Network Access

wireless LAN controller –> device that manages access points
access point –> device that provides Wi-Fi devices with a connection to a wired network
service port –> used for out of band management of a WLC
virtual interface –> used to support mobility management of the WLC
dynamic interface –> applied to the WLAN for wireless client communication

11. Drag and drop the functions from the left onto the correct network components on the right.

Select and Place:

Correct Answer:

DHCP Server:
– assigns a default gateway to a client
– holds the TCP/IP settings to be distributed to the clients
– assigns IP addresses to enabled clients

DNS Server:
– resolves web URLs to IP addresses
– stores a list of IP addresses mapped to names

Section: IP Services

12. Refer to the exhibit

Drag and drop the routing table components on the left onto the corresponding letter from the exhibit on the right not all options are used.

Select and Place:

Correct Answer:

A: router source
B: administrative distance
C: metric
D: timestamp
E: outbound intercace

13. Drag and drop each broadcast IP address on the left to the Broadcast Address column on the right Not all options are used.

Select and Place:

Correct Answer:

14. An interface has been configured with the access list that is shown below.

access-list 107 deny tcp 207.16.12.0.0.0.3.255 any eq http
access-list 107 permit ip any any

On the basis of that access list, drag each information packet on the left to the appropriate category on the right.

Select and Place:

Correct Answer:

Permitted:
– source IP:207.16.32.14, destination application: http
– source IP:207.16.15.9, destination port: 23
– source IP:207.16.16.14, destination port: 53

Denied:
– source IP:207.16.14.7, destination port: 80
– source IP:207.16.13.14, destination application: http

15. Order the DHCP message types as they would occur between a DHCP client and a DHCP server.

Select and Place:

Correct Answer:

Download VCE file & Online test

Change/Update logs

  •  v1.2 (March 23, 2020): Fixed & Added 18 new questions
  •  v1.1 (March 14, 2020): Add 4 new questions
  •  v1.0 (March 13, 2020): 102 Questions released

Related Articles

57
Leave a Reply

avatar
32 Comment threads
26 Thread replies
4 Followers
 
Most reacted comment
Hottest comment thread
29 Comment authors
CCNA Questions AnswersJamesAhmedtomJames B Recent comment authors
newest oldest most voted
tom
Guest
tom

Admin, these answers for the Exam are enough for the Certification 200 – 301 .They will be come and others questions.I wait one question from CCNA Questions Answers, because I’m hurry up a lot of ,and I want to give as possible as fast .Also Can I prepare well with this material this moment.Need I to wait and other updates.When???

Ahmed
Guest
Ahmed

What is a good brain dump seller?

Jurchescu Nick
Guest
Jurchescu Nick

Hi,question 79 has two answer, A and C. I can see why C is correct, but A? won t it allow all access inclusive outbound traffic on TCP ports 25 and 80 if placed to the beginning?

James
Guest
James

Yes I also think the answer should be B instead of A, because we should first deny the specific ones and than permit all others.

dwyoon
Guest
dwyoon

Question 79,
i think “B” would be right(statement to the end of ACL 101) to permit all other traffic. Could you check this?

donald78
Guest
donald78

@admin will you be posting dumps for next-level ccnp/ccie core exams such as data center (350-601 DCCOR)?

Bob
Guest
Bob

And i’ve heard that there isn’t the lab part is it true ?

Bob
Guest
Bob

Hi are these the real questions ?
and are there all here ?

BOB
Guest
BOB

Question 36 has a problem ,

The B. its right but the D. isn´t

“As a correctly set up CSMA/CD network link should not have late collisions, the usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC.” –
Source- https://en.wikipedia.org/wiki/Carrier-sense_multiple_access_with_collision_detection#Late_collision

Cgg
Guest
Cgg

Hi admin, are you going to make some ccnp encore 350-401 guide ?

Mark
Guest
Mark

Hi guys, I heard that it is not practise part of this exam.. is it right? what do you think?

Cartuso
Guest
Cartuso

Hi all, hope you are doing good versus the coronavirus. Is it worth it to pay a 200-301 dump or with this free one is enogh?i guess there are the same questions. are anyone of you done the exam? could you tell us about the experience? I dont fint too much info in interent. regards and thanks to the website owner.

KALAA
Guest
KALAA

Im interested in the same question pls someone answer!!!

Tasbih Khaldi
Guest
Tasbih Khaldi

Hello everyone, hope it doing good with all of you and wish you the good health on this bad situation., I just passed my CCNA 200-125 exam in feb 21 -2020 with scor 944 thank you this web site is the best , however my problem is until now i cannot see my pdf certification on my cisco account .. i just sawit on the history where they put my certification with the validation time .. but for the part where they have to put your certification to download it pdf format , there is nothings .. anyone can help… Read more »

Tasbih Khaldi
Guest
Tasbih Khaldi

any help please ??

Roberto Devis
Guest
Roberto Devis

that happened to me as well, you can find the .pdf logging in http://www.cisco.com then click on MORE —-> then click on CERTIFICATIONS —-> then click on Track my certifications

there you can find the .pdf and the logos as well…

Lex
Guest
Lex

Why don’t you ask Cisco?

Qwerty
Guest
Qwerty

Hi admin, there is a question, tell me, I will only take an exam in the new version 200-301, what material will be enough to pass? Please answer, it is very important to know! Also interesting is there a final exam 200-301 this questions for the new exam?

donald78
Guest
donald78

i don’t use social media (no facebook, twitter or linkedin account). how can i access the vce file & online test?

cgg
Guest
cgg

you think that I can try the exam with this dump and 31 days book?

Sergey
Guest
Sergey

Just to make it clear for myself: if i will learn ALL those questions i will pass exam with high chance?

Lbb
Guest
Lbb

Will there be a Theory section? If so when will it be ready?

tom
Guest
tom

Admin, the rest of material of the answers of the Exam .Where is, only this is .I wait one question from the CCNA Questions Answers ,that I didn’t receive yet.

Mia
Guest
Mia

Thank you so much! Any idea when the online practice test will be available?

Brice
Guest
Brice

Thanks Admin, Great job !

tom
Guest
tom

Admin, the rest of material of the answers,I wait. When???.

tom
Guest
tom

Admin are there and others Multiple Choice Questions and Drag & Drop Questions, Please upload fast the material of the Exam ,if is there something else.

tom
Guest
tom

Hi, Admin ,it wiil be late a lot of, is there something else, is it only , that I see with my eyes. I wait one answer from the CCNA Questions Answers.

Tut
Guest
Tut

No Simulations? Need this cert quick. Thank you for the upload.

tom
Guest
tom

Thaks for all ,Exscuse me Admin, when will you post the labs Sim ,it will be late

tom
Guest
tom

Admin for this certification CCNA 200-301 they aren’t Labs Sim,It has been charged. I wait one quesiton from the CCNA Questions Answers

tom
Guest
tom

there are and others Multiple Choice Questions and Drag & Drop Questions, Please upload fast the material of the Exam ,if there isn’t something else.I wait with impatience from the CCNA Questions Answers

thomas
Guest
thomas

Hi admin, I wait the answers as soon as possible fast. When wil you be post

thomas
Guest
thomas

Hi , I wait the topics full exam CCNA 200-301 Dumps full questions ,when will post the answers .It will be late lot of .I wait with impatience.

Aloha
Guest
Aloha

any news ?

Gius Italy
Guest
Gius Italy

Please post answers as soon as possible

Sosman
Guest
Sosman

Hi! Where is dump?

Mandy
Guest
Mandy

Please post the dumps and labs as soon as possible

rosanx
Guest
rosanx

ok. waiting for full dumps of the new exam. thaanks.

Price
Guest
Price

Please how soon will the notes and assessments be available on your site?
As well as that of the bridge course. Or is the bridge course different from this?