Dumps

0%
0 votes, 0 avg
73
Created by Md Hedaet Shake

CCNA 200-301

1 / 10

1. Which type of Category 5 unshielded twisted-pair (UTP) cable is used to work as a trunk between
two switches?

2 / 10

2. What two devices can be connected to a router WAN serial interface that can provide clocking?
(Choose two.)

3 / 10

3. Which statement is NOT true regarding Internet Control Message Protocol (ICMP)?

4 / 10

4. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

5 / 10

5. What command should you use to quickly view the HSRP state of the switch for all HSRP groups
of which the switch is a member?

6 / 10

6. Which of the following cables would be used to connect a router to a switch?

7 / 10

7. Which of the following are port roles in the Rapid Spanning Tree Protocol (RSTP)? (Choose
three.)

8 / 10

8. Which device can break Collision domain?

9 / 10

9. What command was used to generate the output shown below?

Question Image

10 / 10

10. What is the valid host address range for the subnet 172.25.4.0 /23?

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
0
Created by Md Hedaet Shake

CCNP 350-401 ENCOR

1 / 1

1. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
0
Created by Md Hedaet Shake

CCNP 300-410 ENARSI

1 / 1

1. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
7
Created by Md Hedaet Shake

NSE 4

1 / 30

1. How can you block or allow to Twitter using a firewall policy?

2 / 30

2. An administrator needs to strengthen the security for SSL VPN access. Which of the following
statements are best practices to do so? (Choose three.)

3 / 30

3. What files are sent to FortiSandbox for inspection in flow-based inspection mode?

4 / 30

4. Which Statements about virtual domains (VDOMs) arc true? (Choose two.)

5 / 30

5. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

6 / 30

6. Which of the following statements about converse mode are true? (Choose two.)

7 / 30

7. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

8 / 30

8. Which of the following features is supported by web filter in flow-based inspection mode
with NGFW mode set to profile-based?

9 / 30

9. Which statement about DLP on FortiGate is true?

10 / 30

10. company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?

11 / 30

11. In a high availability (HA) cluster operating in active-active mode, which of the following
correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a
secondary FortiGate?

12 / 30

12. Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

13 / 30

13. What is the limitation of using a URL list and application control on the same firewall policy,
in NGFW policy-based mode?

14 / 30

14. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

15 / 30

15. How does FortiGate verify the login credentials of a remote LDAP user?

16 / 30

16. Which of the following services can be inspected by the DLP profile? (Choose three.)

17 / 30

17. Which statement is true regarding the policy ID number of a firewall policy?

18 / 30

18. Which of the following route attributes must be equal for static routes to be eligible for equal
cost multipath (ECMP) routing? (Choose two.)

19 / 30

19. During the digital verification process, comparing the original and fresh hash results satisfies
which security requirement?

20 / 30

20. If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does
FortiGate take?

21 / 30

21. Which of the following statements about NTLM authentication are correct? (Choose two.)

22 / 30

22. If the Issuer and Subject values are the same in a digital certificate, which type of entity was
the certificate issued to?

23 / 30

23. What criteria does FortiGate use to look for a matching firewall policy to process traffic?
(Choose two.)

24 / 30

24. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

25 / 30

25. When using WPAD DNS method, which FQDN format do browsers use to query the DNS
server?

26 / 30

26. Examine the routing database shown in the exhibit, and then answer the following question:

Which of the following statements are correct? (Choose two.)

Question Image

27 / 30

27. Which configuration objects can be selected for the Source field of a firewall policy? (Choose
two.)

28 / 30

28. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

29 / 30

29. Why must you use aggressive mode when a local FortiGate IPSec gateway hosts multiple
dialup tunnels?

30 / 30

30. On a FortiGate with a hard disk, how can you upload logs to FortiAnalyzer or FortiManager?
(Choose two.)

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
3
Created by Md Hedaet Shake

NSE4 Valid Dumps

1 / 184

1. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

2 / 184

2. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

3 / 184

3. How can you block or allow to Twitter using a firewall policy?

4 / 184

4. Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

5 / 184

5. What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose
three.)

6 / 184

6. Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the
physical layer nor the link layer? (Choose three.)

7 / 184

7. Which downstream FortiGate VOOM is used to join the Security Fabric ?

8 / 184

8. Which Security rating scorecard helps identify configuration weakness and best practice violations in
your network?

9 / 184

9. Which of the following services can be inspected by the DLP profile? (Choose three.)

10 / 184

10. D18912E1457D5D1DDCBD40AB3BF70D5D
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

11 / 184

11. Which security feature does FortiGate provide to protect servers located in the internal networks from
attacks such as SQL injections?

12 / 184

12. Refer to the exhibit.

The exhibit contains a network diagram, firewall policies, and a firewall address object configuration.
An administrator created a Deny policy with default settings to deny Webserver access for Remote-user2.
Remote-user2 is still able to access Webserver.
Which two changes can the administrator make to deny Webserver access for Remote-User2? (Choose
two.)

Question Image

13 / 184

13. You have enabled logging on your FortiGate device for Event logs and all Security logs, and you have set
up logging to use the FortiGate local disk.

What is the default behavior when the local disk is full?

14 / 184

14. If Internet Service is already selected as Source in a firewall policy, which other configuration objects can
be added to the Source filed of a firewall policy?

15 / 184

15. Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?

Question Image

16 / 184

16. Examine the routing database shown in the exhibit, and then answer the following question:

Which of the following statements are correct? (Choose two.)

Question Image

17 / 184

17. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

18 / 184

18. Examine the following web filtering log.

Which statement about the log message is true?

Question Image

19 / 184

19. Refer to the exhibit showing a debug flow output.

Which two statements about the debug flow output are correct? (Choose two.)

Question Image

20 / 184

20. What criteria does FortiGate use to look for a matching firewall policy to process traffic?
(Choose two.)

21 / 184

21. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

22 / 184

22. Which of the following conditions must be met in order for a web browser to trust a web server certificate
signed by a third-party CA?

23 / 184

23. Which two statements are correct about SLA targets? (Choose two.)

24 / 184

24. Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both
sides (client and server) have terminated the session?

25 / 184

25. In an explicit proxy setup, where is the authentication method and database configured?

26 / 184

26. Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

27 / 184

27. Which of the following features is supported by web filter in flow-based inspection mode
with NGFW mode set to profile-based?

28 / 184

28. Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

Question Image

29 / 184

29. Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

30 / 184

30. View the exhibit.

Which of the following statements are correct? (Choose two.)

Question Image

31 / 184

31. Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

Question Image

32 / 184

32. Refer to the exhibit

The exhibit shows proxy policies and proxy addresses, the authentication rule and authentication scheme,
users, and firewall address.
An explicit web proxy is configured for subnet range 10.0.1.0/24 with three explicit web proxy policies.
The authentication rule is configured to authenticate HTTP requests for subnet range 10.0.1.0/24 with a
form-based authentication scheme for the FortiGate local user database.
Users will be prompted for authentication.
How will FortiGate process the traffic when the HTTP request comes from a machine with the source IP
10.0.1.10 to the destination http://www.fortinet.com? (Choose two.)

Question Image

33 / 184

33. Which of the following statements about converse mode are true? (Choose two.)

34 / 184

34. An administrator does not want to report the logon events of service accounts to FortiGate.
What setting on the collector agent is required to achieve this?

35 / 184

35. A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec

VPN tunnels and static routes.
* All traffic must be routed through the primary tunnel when both tunnels are up
* The secondary tunnel must be used only if the primary tunnel goes down
* In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover
Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose
two,)

36 / 184

36. Which of the following SD-WAN load –balancing method use interface weight value to distribute traffic? (Choose two.)

37 / 184

37. Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)

38 / 184

38. Which of the following statements about central NAT are true? (Choose two.)

39 / 184

39. Which of the following statements about NTLM authentication are correct? (Choose two.)

40 / 184

40. Which of the following statements about backing up logs from the CLI and downloading logs from the GUI
are true? (Choose two.)

41 / 184

41. Refer to the exhibit

The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client
and the explicit web proxy?

Question Image

42 / 184

42. In a high availability (HA) cluster operating in active-active mode, which of the following
correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a
secondary FortiGate?

43 / 184

43. Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)

Question Image

44 / 184

44. Refer to the exhibit.

The exhibit contains a network interface configuration, firewall policies, and a CLI console configuration.
How will FortiGate handle user authentication for traffic that arrives on the LAN interface?

Question Image

45 / 184

45. Which scanning technique on FortiGate can be enabled only on the CLI?

46 / 184

46. Refer to the exhibit to view the firewall policy.

Which statement is correct if well-known viruses are not being blocked?

Question Image

47 / 184

47. An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for DPD probes only when no traffic is observed in the tunnel.
Which DPO mode on FortiGate wtll meet the above requirement?

48 / 184

48. An administrator wants to configure timeouts for users Regardless of the user's behavior, the timer should start and expire after the configured value.
Which timeout option should be configured on FortiGate?

49 / 184

49. What is the limitation of using a URL list and application control on the same firewall policy, in NGFW
policy-based mode?

50 / 184

50. Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode?
(Choose two.)

51 / 184

51. Which three statements about a flow-based antivirus profile are correct? (Choose three.)

52 / 184

52. The HTTP inspection process in web filtering follows a specific order when multiple features are
enabled in the web filter profile.

What order must FortiGate use when the web filter profile has features enabled, such as safe search?

53 / 184

53. To complete the final step of a Security Fabric configuration, an administrator must authorize all the
devices on which device?

54 / 184

54. Which statement regarding the firewall policy authentication timeout is true?

55 / 184

55. Refer to the exhibit.

The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10 .0.1.254. /24.
The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP
address 10.0.1.10?

Question Image

56 / 184

56. Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The
administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question Image

57 / 184

57. An administrator must disable RPF check to investigate an issue.
Which method is best suited to disable RPF without affecting features like antivirus and intrusion
prevention system?

58 / 184

58. Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices.
The administrator has determined that phase 1 status is up. but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2
up?

Question Image

59 / 184

59. Refer to the exhibits.

Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default
configuration of high memory usage thresholds.
Based on the system performance output, which two statements are correct? (Choose two.)

Question Image

60 / 184

60. Refer to the exhibit
The exhibit shower the IPS sensor configuration.
If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two).

Question Image

61 / 184

61. Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question Image

62 / 184

62. Which of the following statements correctly describes FortiGates route lookup behavior when
searching for a suitable gateway? (Choose two)

63 / 184

63. Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

64 / 184

64. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

65 / 184

65. NGFW mode allows policy-based configuration for most inspection rules.
Which security profile’s configuration does not change when you enable policy-based inspection?

66 / 184

66. If the Issuer and Subject values are the same in a digital certificate, which type of entity was the
certificate issued to?

67 / 184

67. Which statement is true regarding the policy ID number of a firewall policy?

68 / 184

68. Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

69 / 184

69. An administrator needs to configure VPN user access for multiple sites using the same soft FortiToken.
Each site has a FortiGate VPN gateway.
What must an administrator do to achieve this objective?

70 / 184

70. Which of statement is true about SSL VPN web mode?

71 / 184

71. Which two statements are true about the RPF check? (Choose two.)

72 / 184

72. Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address
conflict?

73 / 184

73. Which Statements about virtual domains (VDOMs) arc true? (Choose two.)

74 / 184

74. Refer to the exhibits.

The SSL VPN connection fails when a user attempts to connect to it.
What should the user do to successfully connect to SSL VPN?

Question Image

75 / 184

75. Examine the network diagram shown in the exhibit, then answer the following question:

Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation
to the Web server?

Question Image

76 / 184

76. Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN
Performance SLA? (Choose two.)

77 / 184

77. In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy.
Instead of separate policies.
Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)

78 / 184

78. An administrator needs to strengthen the security for SSL VPN access. Which of the following
statements are best practices to do so? (Choose three.)

79 / 184

79. Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)

80 / 184

80. Which two policies must be configured to allow traffic on a policy-based next-generation firewall
(NGFW) FortiGate? (Choose two.)

81 / 184

81. During the digital verification process, comparing the original and fresh hash results satisfies
which security requirement?

82 / 184

82. Refer to the exhibit.

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?

Question Image

83 / 184

83. Which two statements ate true about the Security Fabric rating? (Choose two.)

84 / 184

84. An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

Question Image

85 / 184

85. FortiGuard categories can be overridden and defined in different categories override must be configured using a specific syntax.

Which two syntaxes are correct to configure web rating override for the

86 / 184

86. Refer to the FortiGuard connection debug output.

Based on the output shown in the exhibit, which two statements are correct? (Choose two.)

Question Image

87 / 184

87. Refer to the exhibit to view the application control profile.

Users who use Apple FaceTime video conferences are unable to set up meetings.
In this scenario, which statement is true?

Question Image

88 / 184

88. View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based
on this configuration, which statement is true?

89 / 184

89. When a firewall policy is created, which attribute is added to the policy to support recording logs to a
FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these
devices?

90 / 184

90. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

91 / 184

91. Which two types of traffic are managed only by the management VDOM? (Choose two.)

92 / 184

92. Examine this FortiGate configuration:

How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires
authorization?

Question Image

93 / 184

93. Which two inspection modes can you use to configure a firewall policy on a profile-based next-generate?

94 / 184

94. Which two statements are true when FortiGate is in transparent mode? (Choose two.)

95 / 184

95. Which statement about the IP authentication header (AH) used by IPsec is true?

96 / 184

96. Which three options are the remote log storage options you can configure on FortiGate? (Choose
three.)

97 / 184

97. Refer to the exhibit

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The
administrator has determined that phase 1 fails to come up. The administrator has also re-entered the
pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration
changes will bring phase 1 up? (Choose two.)

Question Image

98 / 184

98. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

99 / 184

99. A network administrator has enabled SSL certificate inspection and antivirus on FortiGate detects the virus and blocks the file. When downloading the same file that's be downloaded.

What is the reason for the felled virus detection by FortiGate?

100 / 184

100. What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall
(NGFW)?

101 / 184

101. An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

102 / 184

102. Refer to the exhibit.

The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)

Question Image

103 / 184

103. Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux
server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The
administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This
issue does not happen when the application establishes a Telnet connection to the Linux server directly
on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running
through FortiGate? (Choose two.)

104 / 184

104. By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard
servers.
Which two CLI commands will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering? (Choose two.)

105 / 184

105. Which two statements are true about collector agent standard access mode? (Choose two.)

106 / 184

106. What is the limitation of using a URL list and application control on the same firewall policy,
in NGFW policy-based mode?

107 / 184

107. Which two statements are true about the FGCP protocol? (Choose two.)

108 / 184

108. Examine this PAC file configuration

Which of the following statements are true? (Choose two.)

Question Image

109 / 184

109. Examine this FortiGate configuration

Based on the diagnostic outputs above, how is the FortiGate handling the traffic for new sessions that
require inspection?

Question Image

110 / 184

110. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

111 / 184

111. FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering
and application control directly on the security policy.
Which two other security profiles can you apply to the security policy? (Choose two.)

112 / 184

112. An administrator has configured outgoing Interface any in a firewall policy.
Which statement is true about the policy list view?

113 / 184

113. Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Which statement is correct if a user is unable to receive a block replacement message when downloading
an infected file for the first time?

Question Image

114 / 184

114. Which statements are true regarding firewall policy NAT using the outgoing interface IP address with
fixed port disabled? (Choose two.)

115 / 184

115. Which certificate value can FortiGate use to determine the relationship between the issuer and the
certificate?

116 / 184

116. An administrator Is configuring an IPsec VPN between site A and site
B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site
A. the local quick mode selector is 192.160.1.0/24 and the remote quick mode selector is 192.168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?

117 / 184

117. View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

118 / 184

118. Which two statements are correct about NGFW Policy-based mode? (Choose two)

119 / 184

119. The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of
diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?

120 / 184

120. Refer to the exhibits.

The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor
Facebook.
Users are given access to the Facebook web application. They can play video content hosted on
Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

Question Image

121 / 184

121. Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question
below.

When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?

122 / 184

122. Refer to the exhibit.

The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).

Central NAT is enabled, so NAT settings from matching Central SNAT policies will be
applied.
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP
address of Remote-FortiGate (10.200.3.1)?

Question Image

123 / 184

123. How does FortiGate act when using SSL VPN in web mode?

124 / 184

124. An administrator has configured two-factor authentication to strengthen SSL VPN access.
Which additional best practice can an administrator implement?

125 / 184

125. Refer to the exhibit, which contains a static route configuration

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question Image

126 / 184

126. An administrator has configured a strict RPF check on FortiGate.
Which statement is true about the strict RPF check?

127 / 184

127. An administrator is running the following sniffer command:
diagnose aniffer packer any "host 192.168.2.12" 5
Which three pieces of Information will be Included in me sniffer output? {Choose three.)

128 / 184

128. Which two statements are correct about a software switch on FortiGate?

129 / 184

129. Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine
whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is
still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

Question Image

130 / 184

130. Refer to the exhibit.

Which contains a session list output. Based on the information shown in the exhibit, which statement is
true?

Question Image

131 / 184

131. Which CLI command will display sessions both from client to the proxy and from the proxy to the
servers?

132 / 184

132. 141.Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic?
(Choose three.)

133 / 184

133. Why must you use aggressive mode when a local FortiGate IPSec gateway hosts multiple
dialup tunnels?

134 / 184

134. company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?

135 / 184

135. Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL
certificate inspection is enabled? (Choose three.)

136 / 184

136. If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is
used?

137 / 184

137. Refer to the exhibit.

Review the Intrusion Prevention System (IPS) profile signature settings.
Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Question Image

138 / 184

138. Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

139 / 184

139. Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

Question Image

140 / 184

140. Refer to the exhibit

Given the routing database shown in the exhibit, which two statements are choose.

141 / 184

141. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

142 / 184

142. When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is
used as the source of the HTTP request?

143 / 184

143. Which type of logs on FortiGate record information about traffic directly to and from the FortiGate
management IP addresses?

144 / 184

144. Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

145 / 184

145. Refer to the exhibit

Examine the intrusion prevention system (IPS) diagnostic command.
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a
decrease in the CPU usage?

Question Image

146 / 184

146. Refer to the exhibit.

Which contains a session diagnostic output.
Which statement is true about the session diagnostic output?

Question Image

147 / 184

147. An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both
sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and
the remote quick mode selector is 192.16.2.0/24.
How must the administrator configure the local quick mode selector for site B?

148 / 184

148. Which engine handles application control traffic on the next-generation firewall?

149 / 184

149. Refer to the exhibit.

Based on the administrator profile settings, what permissions must the administrator set to run the
diagnose firewall auth list CLI command on FortiGate?

Question Image

150 / 184

150. An organization’s employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?

151 / 184

151. What is the primary FortiGate election process when the HA override setting is disabled?

152 / 184

152. Which two statements about antivirus scanning mode are true? (Choose two.)

153 / 184

153. Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

154 / 184

154. A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added
to the physical interface.
Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP
addresses in different subnets.

155 / 184

155. If the Issuer and Subject values are the same in a digital certificate, which type of entity was
the certificate issued to?

156 / 184

156. Which statement about DLP on FortiGate is true?

157 / 184

157. On a FortiGate with a hard disk, how can you upload logs to FortiAnalyzer or FortiManager?
(Choose two.)

158 / 184

158. Refer to the exhibit.

Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

Question Image

159 / 184

159. What files are sent to FortiSandbox for inspection in flow-based inspection mode?

160 / 184

160. If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does
FortiGate take?

161 / 184

161. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

162 / 184

162. Refer to the exhibit.

Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate.
Which failed to generate any traffic.
Why is FortiGate not generating any traffic for the performance SLA?

Question Image

163 / 184

163. Which two configuration settings are synchronized when FortiGate devices are in an active-active HA
cluster? (Choose two.)

164 / 184

164. Examine the exhibit, which contains a virtual IP and firewall policy configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP
address 10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is
configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question Image

165 / 184

165. Which configuration objects can be selected for the Source field of a firewall policy? (Choose
two.)

166 / 184

166. Which three statements about security associations (SA) in IPsec are correct? (Choose three.)

167 / 184

167. Which statements about the firmware upgrade process on an active-active HA cluster are true?
(Choose two.)

168 / 184

168. Refer to the exhibit.

The global settings on a FortiGate device must be changed to align with company security policies.
What does the Administrator account need to access the FortiGate global settings?
A. Change password

169 / 184

169. How does FortiGate verify the login credentials of a remote LDAP user?

170 / 184

170. Refer to the exhibit.

The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are
configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access internet.
The To_lnternet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)

Question Image

171 / 184

171. Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

172 / 184

172. Which three statements are true regarding session-based authentication? (Choose three.)

173 / 184

173. When using WPAD DNS method, which FQDN format do browsers use to query the DNS
server?

174 / 184

174. How do you format the FortiGate flash disk?

175 / 184

175. What devices form the core of the security fabric?

176 / 184

176. Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides
(client and server) have terminated the session?

177 / 184

177. Which statement about the policy ID number of a firewall policy is true?

178 / 184

178. 61.Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)

179 / 184

179. Which three methods are used by the collector agent for AD polling? (Choose three.)

180 / 184

180. Which of the following route attributes must be equal for static routes to be eligible for equal
cost multipath (ECMP) routing? (Choose two.)

181 / 184

181. A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any
HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser
does not report errors.
What is the reason for the certificate warning errors?

182 / 184

182. Refer to the exhibit, which contains a redious server configuration.

An administration added a configuration for a new RADIUS server.
While configuring, the administrator selected the include eery user group option.

What will be the impact of include in every user group option in a RADIUS configuration?

Question Image

183 / 184

183. A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address
is dynamic, in addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should tie administrator configure on FortiGate for the new IPsec VPN tunnel
to work?

184 / 184

184. Which three security features require the intrusion prevention system (IPS) engine to function? (Choose
three.)

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-1

1 / 100

1. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of
Router1. The new circuit uses eBGP and teams the route to VLAN25 from the BGP path.
Whats the expected behavior for the traffic flow for route 10.10.13.0/25?

2 / 100

2. Which action is taken by a switch port enabled for PoE power classification override?

3 / 100

3. Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable.
What is the result of this configuration?

4 / 100

4. Which two actions influence the EIGRP route selection process? (Choose two)

5 / 100

5. Refer to the exhibit. What is the effect of this configuration?

Question Image

6 / 100

6. Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?

7 / 100

7. Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A?

Question Image

8 / 100

8. Refer to the exhibit. Which password must an engineer use to enter the enable mode?

Question Image

9 / 100

9. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

10 / 100

10. A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF by default, which type of OSPF
network does this interface belong to?

11 / 100

11. Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

12 / 100

12. Refer to the exhibit. A network administrator is configuring an EtherChannel between SW1 and SW2. The SW1
configuration is shown.

Question Image

13 / 100

13. Which statement identifies the functionality of virtual machines?

14 / 100

14. Which type of address is the public IP address of a NAT device?

15 / 100

15. Refer to the exhibit. What does router R1 use as its OSPF router-ID?

Question Image

16 / 100

16. Which network allows devices to communicate without the need to access the Internet?

17 / 100

17. Refer to the exhibit. Which configuration when applied to switch A accomplishes this task?

Question Image

18 / 100

18. What are two characteristics of a controller-based network? (Choose two)

19 / 100

19. Which command automatically generates an IPv6 address from a specified IPvô prefix and MAC address of an
interface?

20 / 100

20. Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?

Question Image

21 / 100

21. Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)

22 / 100

22. What is a benefit of using a Cisco Wireless LAN Controller?

23 / 100

23. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is
running encapsulation PPP, by default, which OSPF network type is seen on this interface when the user types
show ip ospf interface on R1 or R2?

24 / 100

24. Which API is used in controller-based architectures to interact with edge devices?

25 / 100

25. When a floating static route is configured, which action ensures that the backup route is used when the primary
route fails?

26 / 100

26. When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are
available to select? (Choose two)

27 / 100

27. What is the alternative notation for the IPv6 address B514:82C3:0000:0000:0029:EC7A:0000:EC72?

28 / 100

28. A Cisco IP phone receive untagged data traffic from an attached PC.
Which action is taken by the phone?

29 / 100

29. Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN
Controller GUI? (Choose two)

30 / 100

30. An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two
steps will fulfill the request? (Choose two)

31 / 100

31. When OSPF learns multiple paths to a network, how does it select a route?

32 / 100

32. R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating
conditions, which routing protocol is installed in the routing table?

33 / 100

33. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco
Wireless LAN Controller?

34 / 100

34. Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

Question Image

35 / 100

35. Which two capacities of Cisco DNA Center make it more extensible? (Choose two)

36 / 100

36. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is
received?

37 / 100

37. Refer to Exhibit. Which action do the switches take on the trunk link?

Question Image

38 / 100

38. Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington
sites.

Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers
can reach one another? (Choose two.)

Question Image

39 / 100

39. Which type of wireless encryption is used for WPA2 in pre-shared key mode?

40 / 100

40. When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

41 / 100

41. Which three are characteristics of an IPv6 anycast address? (Choose three.)

42 / 100

42. What are two benefits of network automation? (Choose two)

43 / 100

43. Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

Question Image

44 / 100

44. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN-2

Question Image

45 / 100

45. Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?

Question Image

46 / 100

46. What is the primary different between AAA authentication and authorization?

47 / 100

47. Refer to the exhibit. Which command provides this output?

Question Image

48 / 100

48. How does HSRP provide first hop redundancy?

49 / 100

49. Which mode must be used to configure EtherChannel between two switches without using a negotiation
protocol?

50 / 100

50. What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)

51 / 100

51. In Which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports
are required?

52 / 100

52. Refer to the Exhibit. After the switch configuration the ping test fails between PC A and PC B Based on the
output for switch 1.

 

Which error must be corrected?

Question Image

53 / 100

53. Which option is a valid IPv6 address?

54 / 100

54. An engineer must configure a /30 subnet between two routers. Which usable IP address and subnet mask
combination meets this criteria?

55 / 100

55. Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Question Image

56 / 100

56. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific
networks?

57 / 100

57. A frame that enters a switch fails the Frame Check Sequence.
Which two interface counters are incremented? (Choose two)

58 / 100

58. An organization has decided to start using cloud-provided services.
Which cloud service allows the organization to install its own operating system on a virtual machine?

59 / 100

59. Which IPv6 address is valid?

60 / 100

60. When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)

61 / 100

61. If a notice-level messaging is sent to a syslog server, which event has occurred?

62 / 100

62. What makes Cisco DNA Center different from traditional network management applications and their
management of networks?

63 / 100

63. Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor
and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the
routing table?

64 / 100

64. Which result occurs when PortFast is enabled on an interface that is connected to another switch?

65 / 100

65. Which MAC address is recognized as a VRRP virtual address?

66 / 100

66. Refer to Exhibit. How does SW2 interact with other switches in this VTP domain?

Question Image

67 / 100

67. A router running EIGRP has learned the same route from two different paths. Which parameter does the router
use to select the best path?

68 / 100

68. Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct.
Which IP address is the source IP?

Question Image

69 / 100

69. Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network
device? (Choose two)

70 / 100

70. What is the primary effect of the spanning-tree portfast command?

71 / 100

71. An email user has been lured into clicking a link in an email sent by their company’s security organization. The
webpage that opens reports that it was safe but the link could have contained malicious code. Which type of
security program is in place?

72 / 100

72. Which command prevents passwords from being stored in the configuration as plaintext on a router or switch?

73 / 100

73. Which statement correctly compares traditional networks and controller-based networks?

74 / 100

74. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN
2.

What causes this behavior?

Question Image

75 / 100

75. Which IPv6 address type provides communication between subnets and cannot route on the Internet?

76 / 100

76. Which command enables a router to become a DHCP client?

77 / 100

77. How do TCP and UDP differ in the way that they establish a connection between two endpoints?

78 / 100

78. Which 802.11 frame type is association response?

79 / 100

79. Which IPv6 address block sends packets to a group address rather than a single address?

80 / 100

80. Which two outcomes are predictable behaviors for HSRP? (Choose two)

81 / 100

81. Refer to exhibit. Which statement explains the configuration error message that is received?

Question Image

82 / 100

82. A network engineer must back up 20 network router configurations globally within a customer environment.
Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

83 / 100

83. An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is
in the proper mode?

84 / 100

84. Refer to Exhibit. An engineer is configuring the NEW York router to reach the Lot interface of the Atlanta router
using interface Se0/0/0 as the primary path.

Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the
Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Question Image

85 / 100

85. Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

86 / 100

86. Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1
120 command, how does the router respond?

Question Image

87 / 100

87. Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration farted to
work as intended.

 

Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration started
to work as intended.Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the
10.0.10.0/26 subnet while still allowing all other traffic? (Choose two)

Question Image

88 / 100

88. Refer to the exhibit. If OSPF is running on this network, how does Router 2 handle traffic from Site B to
10.10.13.128/25 at Site A?

Question Image

89 / 100

89. Which two encoding methods are supported by REST APIs? (Choose two)

90 / 100

90. Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

91 / 100

91. Which output displays a JSON data representation?

Question Image

92 / 100

92. Which set of action satisfy the requirement for multi-factor authentication?

93 / 100

93. Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)

94 / 100

94. Which configuration is needed to generate an RSA key for SSH on a router?

95 / 100

95. What are two southbound APIs? (Choose two)

96 / 100

96. Which attribute does a router use to select the best path when two or more different routes to the same
destination exist from two different routing protocols?

97 / 100

97. What are two enhancements that OSPFv3 supports over OSPFV2? (Choose two.)

98 / 100

98. Which design element is a best practice when deploying an 802.11b wireless infrastructure?

99 / 100

99. An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills
the configuration requirement?

100 / 100

100. Refer to the exhibit. What is the effect of this configuration?

Question Image

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-2

1 / 124

1. Which two commands can you use to configure an actively negotiate EtherChannel? (Choose two)

2 / 124

2. Which three describe the reasons large OSPF networks use a hierarchical design? (Choose Three)

3 / 124

3. Which three statements about network characteristics are true? (Choose three.)

4 / 124

4. When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected?

5 / 124

5. Refer to the exhibit. C-router is to be used as a “router-on-a-stick” to route between the VLANs. All the
interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been
configured with the appropriate default gateway. What is true about this configuration?

Question Image

6 / 124

6. Refer to the exhibit. On R1 which routing protocol is in use on the route to 192.168.10.1?

Question Image

7 / 124

7. Which feature or protocol is required for an IP SLA to measure UDP jitter?

8 / 124

8. Refer to the exhibit. Which rule does the DHCP server use when there is an IP address conflict?

Question Image

9 / 124

9. Which command is used to configure an IPv6 static default route?

10 / 124

10. What is an advantage of Cisco DNA Center versus traditional campus device management?

11 / 124

11. Refer to the exhibit. The default-information originate command is configured under the R1 OSPF
configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet.
Which action corrects the configuration issue?

Question Image

12 / 124

12. Which option best describes an API?

13 / 124

13. Which two statements about eBGP neighbor relationships are true? (Choose two)

14 / 124

14. Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address
arrive after the interface learns the maximum number of secure MAC address? (Choose two.)

Question Image

15 / 124

15. Which three statements about MAC addresses are correct? (Choose three.)

16 / 124

16. Refer to the exhibit. Which command would you use to configure a static route on Router1 to network
192.168.202.0/24 with a nondefault administrative distance?

Question Image

17 / 124

17. Which two commands were used to create port channel 10? (Choose two )

Question Image

18 / 124

18. You have two paths for the 10.10.10.0 network – one that has a feasible distance of 3072 and the other of
6144. What do you need to do to load balance your EIGRP routes?

19 / 124

19. Which two statements about exterior routing protocols are true? (Choose two.)

20 / 124

20. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is
running encapsulation PPP. By default which OSPF network type is seen on this interface when the user types
show ip ospf interface on R1 or R2?

21 / 124

21. Refer to the exhibit. The MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at
the switch.

What two operations will the switch perform when it receives this frame? (Choose two.)

Question Image

22 / 124

22. While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to
be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this
behavior? (Choose two)

23 / 124

23. Refer to the exhibit. A network associate has configured OSPF with the command:
City(config-router)# network 192.168.12.64 0.0.0.63 area 0.
After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF.
Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration
statement? (Choose three.)

Question Image

24 / 124

24. Refer to the exhibit. How does the router manage traffic to 192.168.12.16?

Question Image

25 / 124

25. Which command should you enter to view the error log in an EIGRP for IPv6 environment?

26 / 124

26. Refer to exhibit. What Administrative distance has route to 192.168.10.1 ?

Question Image

27 / 124

27. Which two statements about NTP operations are true? (Choose two.)

28 / 124

28. Which statement about the nature of NAT overload is true?

29 / 124

29. Which command is used to enable LLDP globally on a Cisco IOS ISR?

30 / 124

30. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of
Router1 The new circuit uses eBGP and teams the route to VLAN25 from the BGP path What s the expected
behavior for the traffic flow for route 10.10.13.0/25?

Question Image

31 / 124

31. Which function does an SNMP agent perform?

32 / 124

32. Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose
two.)

33 / 124

33. Refer to the exhibit. A network technician is asked to design a small network with redundancy. The exhibit
represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this
design?

34 / 124

34. A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot
establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip
ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause
of this problem?

Question Image

35 / 124

35. Which two statements about EtherChannel technology are true? (Choose two.)

36 / 124

36. In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose
two.)

37 / 124

37. Which command should you enter to configure an LLDP delay time of 5 seconds?

38 / 124

38. What will happen if you configure the logging trap debug command on a router?

39 / 124

39. Which configuration command can u apply to a HSRP router so that its local interface becomes active if all
other routers in the group fail?

40 / 124

40. How can the Cisco Discovery Protocol be used?

41 / 124

41. Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1?

Question Image

42 / 124

42. Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16?

Question Image

43 / 124

43. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco
Wireless LAN Controller?

44 / 124

44. Refer to the graphic. R1 is unable to establish an OSPF neighbor relationship with R3. What are possible
reasons for this problem? (Choose two.)

45 / 124

45. Which two are features of IPv6? (Choose two.)

46 / 124

46. Refer to the exhibit. Given the output for this command, if the router ID has not been manually set, what router
ID will OSPF use for this router?

47 / 124

47. Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?

Question Image

48 / 124

48. How does STP prevent forwarding loops at OSI Layer 2?

49 / 124

49. Change the IP addresses so both paths have the same source IP address

50 / 124

50. What benefit does controller-based networking provide versus traditional networking?

51 / 124

51. Which value is used to determine the active router in an HSRP default configuration?

52 / 124

52. What are two descriptions of three-tier network topologies? (Choose two)

53 / 124

53. Which Cisco IOS command will indicate that interface GigabitEthernet 0/0 is configured via DHCP?

54 / 124

54. Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose
two.)

Question Image

55 / 124

55. Refer to the exhibit. What two conclusions should be made about this configuration? (Choose two)

Question Image

56 / 124

56. Which value can you modify to configure a specific interface as the preferred forwarding interface?

57 / 124

57. Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment?

Question Image

58 / 124

58. What is a difference between RADIUS and TACACS+?

59 / 124

59. Which two VLAN IDs indicate a default VLAN? (Choose two.)

60 / 124

60. Refer to the exhibit. After you apply the give configurations to R1 and R2 you notice that OSPFv3 fails to start.
Which reason for the problem is most likely true ?

Question Image

61 / 124

61. Which command enables IPv6 forwarding on a Cisco router?

62 / 124

62. Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with
RouterC?

Question Image

63 / 124

63. How do AAA operations compare regarding user identification, user services and access control?

64 / 124

64. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)

Question Image

65 / 124

65. Which statements describe the routing protocol OSPF? (Choose three.)

66 / 124

66. Which IPv6 address is the equivalent of the IPv4 interface loopback address 127.0.0.1?

67 / 124

67. What is a characteristic of spine-and-leaf architecture?

68 / 124

68. Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the
MAC address of that interface?

69 / 124

69. Which command should you enter to verify the priority of a router in an HSRP group?

70 / 124

70. What is the expected outcome when an EUI-64 address is generated?

71 / 124

71. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)

Question Image

72 / 124

72. Refer to the exhibit. After you apply the given configuration to arouter, the DHCP clients behind the device
connot communicate with hosts outside of their subnet. Which action is most likely to correct the problem?

Question Image

73 / 124

73. Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an
open-standard protocol? (Choose two.)

74 / 124

74. Which command is used to display the collection of OSPF link states?

75 / 124

75. Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP
primary router after it is reloaded?

76 / 124

76. Which two options are the best reasons to use an IPV4 private IP space?(choose two)

77 / 124

77. You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface.
Which action can you take to correct the problem in the least disruptive way?

78 / 124

78. Which NAT term is defined as a group of addresses available for NAT use?

79 / 124

79. AAA stands for authentication, authorization, and accounting

80 / 124

80. Refer to the exhibit. Which statement about the interface that generated the output is true?

Question Image

81 / 124

81. What is the binary pattern of unique ipv6 unique local address?

82 / 124

82. Which two pieces of information can you learn by viewing the routing table? (Choose two)

83 / 124

83. What is the purpose of the show ip ospf interface command?

84 / 124

84. Which type does a port become when it receives the best BPDU on a bridge?

85 / 124

85. Refer to the exhibit Users in your office are complaining that they cannot connect to the severs at a remote site.
When troubleshooting, you find that you can successfully reach the severs from router R2. What is the most
likely reason that the other users are experiencing connection failure?

Question Image

86 / 124

86. R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

87 / 124

87. Which statement about Cisco Discovery Protocol is true?

88 / 124

88. Which feature or protocol determines whether the QOS on the network is sufficient to support IP services?

89 / 124

89. What is the destination MAC address of a broadcast frame?

90 / 124

90. What is a difference between local AP mode and FiexConnet AP mode?

91 / 124

91. Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet?

Question Image

92 / 124

92. Which two pieces of information can you determine from the output of the show ntp status command? (Choose
two)

93 / 124

93. Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are
stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage
the network infrastructure. Which switch is configured correctly to meet these requirements?

Question Image

94 / 124

94. Which command can you enter to allow Telnet to be supported in addition to SSH

95 / 124

95. Which statement about static and dynamic routes is true?

96 / 124

96. Which component of an Ethernet frame is used to notify a host that traffic is coming?

97 / 124

97. Which two statements about VTP are true? (Choose two.)

98 / 124

98. You are configuring your edge routers interface with a public IP address for Internet connectivity.
The router needs to obtain the IP address from the service provider dynamically. Which command is needed on
interface FastEthernet 0/0 to accomplish this?

99 / 124

99. In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an
IP address?

100 / 124

100. Refer to the exhibit. Which Command do you enter so that R1 advertises the loopback0 interface to the BGP
Peers?

Question Image

101 / 124

101. Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB?
(Choose two.)

Question Image

102 / 124

102. After you deploy a new WLAN controller on your network, which two additional tasks should you consider?
(Choose two)

103 / 124

103. Which function does the range of private IPv4 addresses perform?

104 / 124

104. Which statement about VLAN configuration is true?

105 / 124

105. Which command should you enter to configure a device as an NTP sever?

106 / 124

106. Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration
accomplishes this task?

Question Image

107 / 124

107. Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts?

108 / 124

108. Refer to the exhibit. Which switch in this configuration becomes the root bridge?

Question Image

109 / 124

109. Which command verifies whether any IPv6 ACLs are configured on a router?

110 / 124

110. Refer to the exhibit. If RTR01 is configured as shown, which three addresses will be received by other routers
that are running EIGRP on the network? (Choose three)

Question Image

111 / 124

111. Refer to the exhibit. Which feature is enabled by this configuration?

R1#(config)# ip nat pool cisco 10.1.1.0 10.1.1.50 255.255.255.0

112 / 124

112. Which effete does the aaa new-model configuration command have?

113 / 124

113. Refer to the exhibit. Which address and mask combination represents a summary of the routes learned by
EIGRP?

Question Image

114 / 124

114. Which statement about the nature of NAT overload is true?

115 / 124

115. Which of the following is the JSON encoding of a dictionary or hash?

116 / 124

116. Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by
the router to forward the packet that it receives for destination IP 172.16.32.1?

Question Image

117 / 124

117. What event has occurred if a router sends a notice level message to a syslog server?

118 / 124

118. What are two fundamentals of virtualization? (choose two)

119 / 124

119. Which technique can you use to route IPv6 traffic over an IPv4 infrastructure?

120 / 124

120. Which two statements about the purpose of the OSI model are accurate? (Choose two.)

121 / 124

121. Which two circumstances can prevent two routers from establishing an OSPF neighbor adjacency? (Choose
two.)

122 / 124

122. A network engineer must create a diagram of a multivendor network. Which command must be configured on
the Cisco devices so that the topology of the network can be mapped?

123 / 124

123. Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

124 / 124

124. Network 172.16.1.32 0.0.0.31

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
1
Created by Rabiul Islam

CCNA Question Part-3

1 / 110

1. What are two reasons a network administrator would use CDP? (Choose two.)

2 / 110

2. Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and
Switch 2 while all other VLANs are to remain tagged. Which command accomplishes this task?

Question Image

3 / 110

3. Which goal is achieved by the implementation of private IPv4 addressing on a network?

4 / 110

4. Refer to the exhibit. Refer to the exhibit. After the configuration is applied, the two routers fail to establish an
OSPF neighbor relationship. what is the reason for the problem?

Question Image

5 / 110

5. Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome
when a Cisco phone is connected to the GigabitEthernet 3/1/4 port on a switch?

interface GigabitEthernet 3/1/4

switchport voice vlan 50

!

6 / 110

6. What are two requirements for an HSRP group? (Choose two.)

7 / 110

7. What are two recommendations for protecting network ports from being exploited when located in an office
space outside of an IT closet? (Choose two)

8 / 110

8. A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes
of the frame is received interface counter increments?

9 / 110

9. Which state does the switch port move to when PortFast is enabled?

10 / 110

10. Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology?

11 / 110

11. Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers
will become the new DR and BDR?

Question Image

12 / 110

12. An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch.
What command must be configured?

13 / 110

13. What is a function of TFTP in network operations?

14 / 110

14. Which three statements are typical characteristics of VLAN arrangements? (Choose three.)

15 / 110

15. In which two ways does a password manager reduce the chance of a hacker stealing a users password?
(Choose two.)

16 / 110

16. What are two benefits of using VTP in a switching environment? (Choose two.)

17 / 110

17. Refer to Exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the
Washington router. Which two static host routes must be configured on the NEW York router? (Choose two)

Question Image

18 / 110

18. Which purpose does a northbound API serve in a controller-based networking architecture?

19 / 110

19. By default, how Does EIGRP determine the metric of a route for the routing table?

20 / 110

20. What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

21 / 110

21. When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of
characters that is required in ASCII format?

22 / 110

22. A company needs to interconnect several branch offices across a metropolitan area. The network engineer is
seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same
network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their
office locations. Which technology should be recommended?

23 / 110

23. An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication
configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What
are the next two steps to complete the configuration? (Choose two.)

24 / 110

24. Which technology is used to improve web traffic performance by proxy caching?

25 / 110

25. Which type of attack can be mitigated by dynamic ARP inspection?

26 / 110

26. Refer to the exhibit. After the election process what is the root bridge in the HQ LAN?

Question Image

27 / 110

27. The service password-encryption command is entered on a router. What is the effect of this configuration?

28 / 110

28. What is a characteristic of the REST API?

29 / 110

29. Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14. To which destination does the
router send the packet?

Question Image

30 / 110

30. What is a function of Wireless LAN Controller?

31 / 110

31. Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4? (Choose
two.)

32 / 110

32. Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard
designs are recommended? (Choose two.)

33 / 110

33. Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being
established between the two routers?

Question Image

34 / 110

34. An engineer needs to configure LLDP to send the port description time length value (TLV). What command
sequence must be implemented?

35 / 110

35. Which type of information resides on a DHCP server?

36 / 110

36. Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are
correctly configured, but there is no connectivity between the web server and users on the Internet. What is a
possible reason for this lack of connectivity?

Question Image

37 / 110

37. An office has 8 floors with approximately 30-40 users per floor What command must be configured on the
router Switched Virtual Interface to use address space efficiently?

38 / 110

38. How do TCP and UDP differ in the way they provide reliability for delivery of packets?

39 / 110

39. Which two WAN architecture options help a business scalability and reliability for the network? (Choose two)

40 / 110

40. Which IPv6 address block forwards packets to a multicast address rather than a unicast address?

41 / 110

41. What occurs to frames during the process of frame flooding?

42 / 110

42. Which type of ipv6 address is publicly routable in the same way as ipv4 public addresses?

43 / 110

43. Refer to the exhibit. Which route type is configured to reach the internet?

Question Image

44 / 110

44. The OSPF Hello protocol performs which of the following tasks? (Choose two.)

45 / 110

45. What are two roles of Domain Name Services (DNS)? (Choose Two)
A. builds

46 / 110

46. What is the name of the layer in the Cisco borderless switched network design that is considered to be the
backbone used for high-speed connectivity and fault isolation?

47 / 110

47. Refer to the exhibit. Which switch becomes the root bridge?

SW1: 0C:E0:38:00:36:75
SW2: 0C:0E:15:22:05:97
SW3: 0C:0E:15:1A:3C:9D
SW4: 0C:E0:18:A1:B3:19

Question Image

48 / 110

48. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

49 / 110

49. Which function dose the range of private IPv4 addresses perform?

50 / 110

50. Router R2 is configured with multiple routes to reach network 10 1.1.0/24 from router R1. What protocol is
chosen by router R2 to reach the destination network 10.1.1.0/24?

51 / 110

51. What are two differences between optical-fiber cabling and copper cabling? (Choose two)

52 / 110

52. Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate?
(Choose two)

53 / 110

53. A network administrator enabled port security on a switch interface connected to a printer. What is the next
configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table
automatically?

54 / 110

54. Refer to the exhibit Which outcome is expected when PC_A sends data to PC_B?

55 / 110

55. Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the
switch and DHCP server configurations are complete and correct. Which two sets of commands must be
configured on R1 and R2 to complete the task? (Choose two)

Question Image

56 / 110

56. Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the
192.168.1.0 subnet from accessing the server at 10.1.1.5:
access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5
access-list 100 permit ip any any

Where should the administrator place this ACL for the most efficient use of network resources?

Question Image

57 / 110

57. An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses
192.168.3.1, 192.168.3.2, 192.168.3.3 . Which configuration should be used?

Question Image

58 / 110

58. What role does a hypervisor provide for each virtual machine in server virtualization?

59 / 110

59. What is the primary function of a Layer 3 device?

60 / 110

60. What protocol allows an engineer to back up 20 network router configurations globally while using the copy
function?

61 / 110

61. What is the difference regarding reliability and communication type between TCP and UDP?

62 / 110

62. Which two functions are performed by the core layer in a three-tier architecture? (Choose two)

63 / 110

63. A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

64 / 110

64. Refer to the exhibit. What configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and
allows all other traffic?

65 / 110

65. An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or
desirable mode. What action should be taken?

66 / 110

66. Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165?

Question Image

67 / 110

67. Refer to the exhibit. Which path is used by the router for internet traffic?

Question Image

68 / 110

68. What is the function of a server?

69 / 110

69. Refer to the exhibit. A router reserved these five routes from different routing information sources. Which two
routes does the router install in its routing table? (Choose two)

Question Image

70 / 110

70. Which type of API would be used to allow authorized salespeople of an organization access to internal sales
data from their mobile devices?

71 / 110

71. The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface
conditions?(choose two)

72 / 110

72. A corporate office uses four floors in a building
* Floor 1 has 24 users
* Floor 2 has 29 users
* Floor 3 has 28 users
* Floor 4 has 22 users
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?

73 / 110

73. How do TCP and UDP differ in the way they guarantee packet delivery?

74 / 110

74. On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to
communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?

75 / 110

75. Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

76 / 110

76. What mechanism carries multicast traffic between remote sites and supports encryption?

77 / 110

77. Which WAN access technology is preferred for a small office / home office architecture?

78 / 110

78. What software defined architecture plane assists network devices with making packet-forwarding decisions by
providing Layer 2 reachability and Layer 3 routing information?

79 / 110

79. What are two functions of a Layer 2 switch? (Choose two)

80 / 110

80. Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the
forwarding state?

81 / 110

81. Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to
help resolve the configuration issue?

Question Image

82 / 110

82. Refer to the exhibit. Which two configurations would be used to create and apply a standard access list on R1,
so that only the 10.0.70.0/25 network devices are allowed to access the internal database server? (Choose
two.)

Question Image

83 / 110

83. Which technology must be implemented to configure network device monitoring with the highest security?

84 / 110

84. Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?

Question Image

85 / 110

85. Which configuration ensures that the switch is always the root for VLAN 750?

86 / 110

86. How does CAPWAP communicate between an access point in local mode and a WLC?

87 / 110

87. The OSPF Hello protocol performs which of the following tasks? (Choose two.)

88 / 110

88. Anycompany has decided to reduce its environmental footprint by reducing energy costs, moving to a smaller
facility, and promoting telecommuting. What service or technology would support this requirement?

89 / 110

89. What criteria is used first during the root port selection process?

90 / 110

90. Refer to the exhibit. Which type of configuration is represented in the output?

91 / 110

91. Which command can you enter to determine the addresses that have been assigned on a DHCP Server?

92 / 110

92. A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz
network for their voice quality. What action must be taken to meet the requirement?

93 / 110

93. What is the primary purpose of a First Hop Redundancy Protocol?

94 / 110

94. Refer to the exhibit. Which two commands were used to create port channel 10? (Choose two.)

Question Image

95 / 110

95. How does Cisco DNA Center gather data from the network?

96 / 110

96. A port security violation has occurred on a switch port due to the maximum MAC address count being
exceeded Which command must be configured to increment the security-violation count and forward an SNMP
trap?

97 / 110

97. What are two benefits of controller-based networking compared to traditional networking?

98 / 110

98. Refer to the exhibit. If the network environment is operating normally, which type of device must be connected
to interface FastEthernet 0/1?

Question Image

99 / 110

99. Refer to the exhibit. What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN
20, with IP address 10.20.20.1/24?

Question Image

100 / 110

100. Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and
the File Server Switch A and Switch B have been partially configured with VLANs 10, 11, 12, and 13 What is the
next step in the configuration?

Question Image

101 / 110

101. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)

102 / 110

102. Which step in the link-state routing process is described by a router sending Hello packets out all of the OSPFenabled
interfaces?

103 / 110

103. What are two reasons for an engineer to configure a floating state route? (Choose two)

104 / 110

104. A manager asks a network engineer to advise which cloud service models are used so employees do not have
to waste their time installing, managing, and updating software which is only used occasionally Which cloud
service model does the engineer recommend?

105 / 110

105. Which device performs stateful inspection of traffic?

106 / 110

106. If all OSPF routers in a single area are configured with the same priority value, what value does a router use for
the OSPF router ID in the absence of a loopback interface?

107 / 110

107. What are two functions of a server on a network? (Choose two)

108 / 110

108. Refer to the exhibit. Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users
to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize
wasting addresses?

Question Image

109 / 110

109. What is a recommended approach to avoid co-channel congestion while installing access points that use the
2.4 GHz frequency?

110 / 110

110. Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the
GigabitEthernet0/1 interface?

Question Image

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-4

1 / 47

1. Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL
certificate for GUI access?

2 / 47

2. A network administrator must enable DHCP services between two sites. What must be configured for the router
to pass DHCPDISCOVER messages on to the server?

3 / 47

3. Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is
taken by S1?

Question Image

4 / 47

4. Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network.
The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

Question Image

5 / 47

5. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

6 / 47

6. Which device tracks the state of active connections in order to make a decision to forward a packet through?

7 / 47

7. What is the purpose of traffic shaping?

8 / 47

8. Which state does the switch port move to when PortFast is enabled?

9 / 47

9. What is the maximum bandwidth of a T1 point-to-point connection?

10 / 47

10. Which network plane is centralized and manages routing decisions?

11 / 47

11. Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?

Question Image

12 / 47

12. An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which
command should be used?

13 / 47

13. What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

14 / 47

14. What does a switch use to build its MAC address table?

15 / 47

15. Where does a switch maintain DHCP snooping information?

16 / 47

16. A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2
connectivity to ports on another switch What must be configured when using active mode on both sides of the
connection?

17 / 47

17. What is a function of a remote access VPN?

18 / 47

18. Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link?

19 / 47

19. Refer to the exhibit. An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access
from all other hosts A Telnet attempt from PC-2 gives this message:”% Connection refused by remote host”
Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Question Image

20 / 47

20. In software defined architectures, which plane is distributed and responsible for traffic forwarding?

21 / 47

21. Where does the configuration reside when a helper address Is configured to support DHCP?

22 / 47

22. What is a role of wireless controllers in an enterprise network?

23 / 47

23. Which function is performed by the collapsed core layer in a two-tier architecture?

24 / 47

24. allows the users to access company internal network resources through a secure tunnel

25 / 47

25. Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

26 / 47

26. Which technology can prevent client devices from arbitrarily connecting to the network without state
remediation?

27 / 47

27. Which type of security program is violated when a group of employees enters a building using the ID badge of
only one person?

28 / 47

28. Which CRUD operation corresponds to the HTTP GET method?

29 / 47

29. Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)?
(Choose two)

30 / 47

30. Which device controls the forwarding of authentication requests for users when connecting to the network using
a lightweight access point?

31 / 47

31. An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch.
Which action should be taken?

32 / 47

32. Which configuration management mechanism uses TCP port 22 by default when communicating with managed
nodes?

33 / 47

33. What is recommended for the wireless infrastructure design of an organization?

34 / 47

34. When implementing a router as a DHCP server, which two features must be configured? (Choose two)

35 / 47

35. How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?

36 / 47

36. What is a practice that protects a network from VLAN hopping attacks?

37 / 47

37. What facilitates a Telnet connection between devices by entering the device name?

38 / 47

38. Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router Which
access-list entry accomplishes this task?

Question Image

39 / 47

39. What is a DHCP client?

40 / 47

40. How does the dynamically-learned MAC address feature function?

41 / 47

41. What is the same for both copper and fiber interfaces when using SFP modules?

42 / 47

42. Refer to the exhibit. If OSPF Is running on this network, how does Router2 handle traffic from Site B to
10.10.13.128/25 at Site A?

Question Image

43 / 47

43. In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

44 / 47

44. With REST API, which standard HTTP header tells a server which media type is expected by the client?

45 / 47

45. How do servers connect to the network in a virtual environment?

46 / 47

46. Refer to the exhibit. An engineer configured the New York router with state routes that point to the Atlanta and
Washington sites. When command must be configured on the Atlanta and Washington routers so that both
sites are able to reach the loopback2 interface on the New York router?

Question Image

47 / 47

47. Which command must be entered to configure a DHCP relay?

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-5

1 / 99

1. A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair to encrypt
management traffic to and from the connecting client. Which configuration, when applied, meets the requirements?

Question Image

2 / 99

2. Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job
roles?

3 / 99

3. Which two protocols are supported on service-port interfaces? (Choose two.)

4 / 99

4. Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

5 / 99

5. What is the role of a firewall in an enterprise network?

6 / 99

6. What Is a syslog facility?

7 / 99

7. What are two characteristics of an SSID? (Choose Two)

8 / 99

8. What occurs when overlapping Wi-Fi channels are implemented?

9 / 99

9. How does QoS optimize voice traffic?

10 / 99

10. Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity
issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Question Image

11 / 99

11. Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic?

12 / 99

12. Which switch becomes the permanent root bridge for VLAN 5?

Question Image

13 / 99

13. When deploying syslog, which severity level logs informational message?

14 / 99

14. An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to
preferentially use 5GHz access points?

15 / 99

15. An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the
implementer configure to achieve the desired result?

16 / 99

16. Which technology allows for multiple operating systems to be run on a single host computer?

17 / 99

17. An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit
packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used?

18 / 99

18. Which plane is centralized by an SON controller?

19 / 99

19. Which two QoS tools provides congestion management? (Choose two)

20 / 99

20. Which global command encrypt all passwords in the running configuration?

21 / 99

21. Which action does the router take as rt forwards a packet through the network?

22 / 99

22. Which WLC port connects to a switch to pass normal access-point traffic?

23 / 99

23. When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server
for DHCP?

24 / 99

24. Which HTTP status code is returned after a successful REST API request?

25 / 99

25. Which condition must be met before an NMS handles an SNMP trap from an agent?

26 / 99

26. What is a similarity between OM3 and OM4 fiber optic cable?

27 / 99

27. Refer to the exhibit. An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the
10.0.0.0/30 subnet. Which command set meets the requirement?

Question Image

28 / 99

28. Where does wireless authentication happen?

29 / 99

29. An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between
hardware and virtual machines?

30 / 99

30. An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants
to compress it for easier configuration. Which command must be issued on the router interface?

31 / 99

31. What are two benefits of using the PortFast feature? (Choose two)

32 / 99

32. What is the function of a hub-and-spoke WAN topology?

33 / 99

33. Which technology is appropriate for communication between an SDN controller and applications running over the network?

34 / 99

34. What does physical access control regulate?

35 / 99

35. Refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the
OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement?

Question Image

36 / 99

36. What is a characteristic of cloud-based network topology?

37 / 99

37. What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

38 / 99

38. What must be considered when using 802.11a?

39 / 99

39. What causes a port to be placed in the err-disabled state?

40 / 99

40. What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

41 / 99

41. Which two primary drivers support the need for network automation? (Choose two.)

42 / 99

42. Which protocol does an access point use to draw power from a connected switch?

43 / 99

43. What is the benefit of configuring PortFast on an interface?

44 / 99

44. Which function is performed by DHCP snooping?

45 / 99

45. Which switch technology establishes a network connection immediately when it is plugged in?

46 / 99

46. Refer to the exhibit. Router R4 is dynamically learning the path to the server. If R4 is connected to R1 via OSPF Area 20, to R2 via R2 BGP, and
to R3 via EIGRP 777, which path is installed in the routing table of R4?

Question Image

47 / 99

47. Refer to the exhibit. How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C?

Question Image

48 / 99

48. What describes the operation of virtual machines?

49 / 99

49. In QoS, which prioritization method is appropriate for interactive voice and video?

50 / 99

50. On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

51 / 99

51. Which JSON data type is an unordered set of attribute- value pairs?

52 / 99

52. What uses HTTP messages to transfer data to applications residing on different hosts?

53 / 99

53. After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN
based on their credentials?

54 / 99

54. What is a role of access points in an enterprise network?

55 / 99

55. When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

56 / 99

56. Where is the interface between the control plane and data plane within the softwaredefined architecture?

57 / 99

57. What prevents a workstation from receiving a DHCP address?

58 / 99

58. Which communication interaction takes place when a southbound API Is used?

59 / 99

59. A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new VLANS
with unused remaining. Which action should be taken for the unused ports?

60 / 99

60. What are two improvements provided by automation for network management in an SDN environment? (Choose two)

61 / 99

61. What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

62 / 99

62. What is the purpose of a southbound API in a control based networking architecture?

63 / 99

63. What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two.)

64 / 99

64. Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

65 / 99

65. What is the benefit of using FHRP?

66 / 99

66. What does the switch do as it receives the frame from Sales-4?

Question Image

67 / 99

67. What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

68 / 99

68. What are network endpoints?

69 / 99

69. Which networking function occurs on the data plane?

70 / 99

70. What is the function of a controller in controller-based networking?

71 / 99

71. An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled. Which action is
necessary to complete the configuration if the ISP uses third-party network devices?

Question Image

72 / 99

72. What is a function of the Cisco DNA Center Overall Health Dashboard?

73 / 99

73. How does WPA3 improve security?

74 / 99

74. Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28 subnet?

Question Image

75 / 99

75. Which two events occur automatically when a device Is added to Cisco DNA Center? (Choose two.)

76 / 99

76. Which level of severity must be set to get informational syslogs?

77 / 99

77. Refer to the exhibit. Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)
Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.
Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

Question Image

78 / 99

78. Refer to the exhibit. Which change to the configuration on Switch allows the two switches to establish an GtherChannel?

Question Image

79 / 99

79. What is the difference in data transmission delivery and reliability between TCP and UDP?

80 / 99

80. An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be
taken?

81 / 99

81. Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two)

82 / 99

82. Refer to the exhibit. Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or
trunk mode?

Question Image

83 / 99

83. A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which
command should be used?

84 / 99

84. Refer to me exhibit. Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

Question Image

85 / 99

85. Why was the RFC 1918 address space defined?

86 / 99

86. What is a characteristic of private IPv4 addressing?

87 / 99

87. How are VLAN hopping attacks mitigated?

88 / 99

88. An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to
restrict the requests and force the user to wait 10 ms to retry an association request?

89 / 99

89. Which access layer threat-mitigation technique provides security based on identity?

90 / 99

90. What are two benefits of FHRPs? (Choose two.)

91 / 99

91. Which network action occurs within the data plane?

92 / 99

92. When a switch receives a frame for a known destination MAC address, how is the frame handed?

93 / 99

93. Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points
(CAPWAP) protocol?

94 / 99

94. Which port type supports the spanning-tree portfast command without additional configuration?

95 / 99

95. When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

96 / 99

96. A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the
configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be
issued on the interface?

97 / 99

97. Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A verifying the IP
addresses, and forwarding the packet to PC-B?

Question Image

98 / 99

98. Refer to the exhibit. Which two prefixes are included in this routing table entry? (Choose two.)

Question Image

99 / 99

99. Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

Your score is

LinkedIn Facebook Twitter VKontakte

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-6

1 / 109

1.

Which device permits or denies network traffic based on a set of rules?

2 / 109

2. An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be
2019:C15C:0CAF:E002::1 The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route?

3 / 109

3. Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

4 / 109

4. Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

5 / 109

5. Refer to the exhibit. Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Question Image

6 / 109

6. Refer to the exhibit. Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity
Issues with applications hosted at site B. What is the reason for the problem?

Question Image

7 / 109

7. Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?

Question Image

8 / 109

8. In software-defined architecture, which place handles switching for traffic through a Cisco router?

9 / 109

9. Refer to the exhibit. Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained
as users travel between floors or to other areas in the building. What must be the configuration of the connection?

Question Image

10 / 109

10. An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been
configured. Which configuration enables the traffic on the destination router?

Question Image

11 / 109

11. Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the
configured maximum bandwidth has been surpassed?

12 / 109

12. Refer to the exhibit. An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0’1 interface for
the router to assign a unique 64-brt IPv6 address to Itself?

Question Image

13 / 109

13. What is a function of a Next-Generation IPS?

14 / 109

14. What is an expected outcome when network management automation is deployed?

15 / 109

15. Which action implements physical access control as part of the security program of an organization?

16 / 109

16. What is a capability of FTP in network management operations?

17 / 109

17. Refer to the exhibit. Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish
connectivity to the Internet for users in VLAN 200?

Question Image

18 / 109

18. What are two characteristics of a public cloud Implementation? (Choose two.)

19 / 109

19. Refer to the exhibit. Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the
issue?

Question Image

20 / 109

20. Refer to the exhibit. Which command configures OSPF on the point-to-point link between routers R1 and R2?

Question Image

21 / 109

21. Refer to the exhibit. Which command must be issued lo enable a floating static default route on router A?

Question Image

22 / 109

22. Refer to the exhibit. An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the
commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate
normally?

Question Image

23 / 109

23. What is a function of a Layer 3 switch?

24 / 109

24. Refer to the exhibit. Which network prefix was learned via EIGRP?

Question Image

25 / 109

25. An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to
prevent connection issues with the printer?

26 / 109

26. A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:
The first subnet must support 24 hosts
The second subnet must support 472 hosts
Both subnets must use the longest subnet mask possible from the address block.
Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnetfor the router interfaces? (Choose two)

27 / 109

27. Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable
when OSPF goes down?

Question Image

28 / 109

28. Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

29 / 109

29. Refer to the exhibit. Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default
administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which
command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance
configuration on the link to R3?

Question Image

30 / 109

30. A Cisco engineer is configuring a factory-default router with these three passwords:
The user EXEC password for console access is p4ssw0rd1
The user EXEC password for Telnet access is s3cr3t2
The password for privileged EXEC mode is pnv4t3p4ss.

Which command sequence must the engineer configured

31 / 109

31. Which PoE mode enables powered-device detection and guarantees power when the device is detected?

32 / 109

32. Refer to the exhibit. Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic,
an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to
reach the route?

Question Image

33 / 109

33. Refer to the exhibit. R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192.168.20.0/24
network via R3?

Question Image

34 / 109

34. Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

Question Image

35 / 109

35. Refer to the exhibit. Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

Question Image

36 / 109

36. Refer to the exhibit. The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance
problem?

Question Image

37 / 109

37. Refer to the exhibit. The following must be considered:
SW1 is fully configured for all traffic
The SW4 and SW9 links to SW1 have been configured
The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

The remaining switches have had all VLANs added to their VLAN database.

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Question Image

38 / 109

38. Refer to the exhibit. Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as
the DR in the 10.0 4.0/24 network?

Question Image

39 / 109

39. Which type of API allows SDN controllers to dynamically make changes to the network?

40 / 109

40. A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify
the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

41 / 109

41. Refer to the exhibit. Which next-hop IP address does Routed use for packets destined to host 10.10.13.158?

Question Image

42 / 109

42. Refer to the exhibit. Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Question Image

43 / 109

43. Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4?

Question Image

44 / 109

44. Which type of organization should use a collapsed-core architecture?

45 / 109

45. Which field within the access-request packet is encrypted by RADIUS?

46 / 109

46. Refer to the exhibit. Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the
destination address?

Question Image

47 / 109

47. Refer to the exhibit. A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will
assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Question Image

48 / 109

48. Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

49 / 109

49. Refer to the exhibit. An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the
management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to
complete the task?

Question Image

50 / 109

50. What is a function of Opportunistic Wireless Encryption in an environment?

51 / 109

51. Refer to the exhibit. A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the
information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

Question Image

52 / 109

52. What is a similarly between 1000BASE-LX and 1000BASE-T standards?

53 / 109

53. Refer to the exhibit. Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic
destined for the LAN network at 10.0.10.0/24?

Question Image

54 / 109

54. How does Rapid PVST+ create a fast loop-free network topology?

55 / 109

55. An engineer must configure R1 for a new user account. The account must meet these requirements:
It must be configured in the local database.
The username is engineer.
It must use the strongest password configurable.

Which command must the engineer configure on the router?

56 / 109

56. What is a function of an endpoint on a network?

57 / 109

57. Refer to the exhibit. Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Question Image

58 / 109

58. A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is
blocked from being advertised to the internet. Which configuration must the engineer apply?

59 / 109

59. What is the difference between IPv6 unicast and anycast addressing?

60 / 109

60. What is the purpose of an SSID?

61 / 109

61. Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target
are exhausted?

62 / 109

62. Refer to the exhibit. Between which zones do wireless users expect to experience intermittent connectivity?

Question Image

63 / 109

63. Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the
routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Question Image

64 / 109

64. Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable
when OSPF goes down?

Question Image

65 / 109

65. Refer to the exhibit. A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially
configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP
connectivity between devices located on both LANs in each site?

Question Image

66 / 109

66. Refer to the exhibit. An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows
the PC to obtain its IP address from a DHCP server?

Question Image

67 / 109

67. Refer to the exhibit. The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration
to allow clients on VLAN 1 to receive addresses from the DHCP server?

Question Image

68 / 109

68. Which two network actions occur within the data plane? (Choose two.)

69 / 109

69. A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the
router. Which additional command must the engineer configure before entering the command to generate the RSA key?

70 / 109

70. A Cisco engineer must configure a single switch interface to meet these requirements
accept untagged frames and place them in VLAN 20
accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone
Which command set must the engineer apply?

71 / 109

71. Refer to the exhibit. Host A sent a data frame destined for host D What does the switch do when it receives the frame from host A?

Question Image

72 / 109

72. Refer to the exhibit. An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured. Which
command accomplishes this task?

Question Image

73 / 109

73. Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic
separation between the VLANs?

74 / 109

74. Refer to the exhibit. Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be
configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

Question Image

75 / 109

75. Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the
routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Question Image

76 / 109

76. OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

77 / 109

77. Which configuration must be used?

Question Image

78 / 109

78. What is a requirement for nonoverlapping Wi-Fi channels?

79 / 109

79. Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

80 / 109

80. How are the switches in a spine-and-leaf topology interconnected?

81 / 109

81. Refer to the exhibit. What is a reason for poor performance on the network interface?

Question Image

82 / 109

82. Which characteristic differentiates the concept of authentication from authorization and accounting?

83 / 109

83. What is the function of the controller in a software-defined network?

84 / 109

84. A network engineer is Installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the
internal network. Which type of IPv6 address must the engineer assign?

85 / 109

85. Which WLC management connection type is vulnerable to man-in-the-middle attacks?

86 / 109

86. Which protocol uses the SSL?

87 / 109

87. Refer to the exhibit. An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with
neighbor 172.1.1.1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the
routers to establish an adjacency?

Question Image

88 / 109

88. Refer to the exhibit. A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which
command must be used to fulfill the request?

Question Image

89 / 109

89. Refer to the exhibit. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF

information between routers?

Question Image

90 / 109

90. Refer to the exhibit. How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Question Image

91 / 109

91. Refer to the exhibit. An engineer is configuring an EtherChannel using LACP between Switches 1 and 2. Which configuration must be applied so
that only Switch 1 sends LACP initiation packets?

Question Image

92 / 109

92. Which protocol is used for secure remote CLI access?

93 / 109

93. What is a requirement when configuring or removing LAG on a WLC?

94 / 109

94. Which wireless security protocol relies on Perfect Forward Secrecy?

95 / 109

95. Refer to the exhibit. The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The
requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

Question Image

96 / 109

96. What is one reason to implement LAG on a Cisco WLC?

97 / 109

97. Refer to the exhibit. The entire MAC address table for SW1 is shown here:
SW1#show mac-address-table
Mac Address Table
Vlan Mac Address Type Ports
000c.8590.bb7d DYNAMIC Fa0/1
010a.7a17.45bc DYNAMIC FaO/3
7aa7.4037.8935 DYNAMIC FaO/4
SW1#

What does SW1 do when Br-4 sends a frame to Br-2?

98 / 109

98. Which action is taken by the data plane within a network device?

99 / 109

99. Refer to the exhibit. An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and
anticipates no more than 10% growth for now hosts. Which configuration script must be used?

Question Image

100 / 109

100. Refer to the exhibit. Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted
connections? (Choose two)

Question Image

101 / 109

101. R1 as an NTP server must have:
NTP authentication enabled
NTP packets sourced from Interface loopback 0
NTP stratum 2

NTP packets only permitted to client IP 209.165.200.225
How should R1 be configured?

102 / 109

102. What is the purpose of the ip address hcp command?

103 / 109

103. Which type of traffic Is sent with pure iPsec?

104 / 109

104. Refer to the exhibit. Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

Question Image

105 / 109

105. Refer to the exhibit. All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Question Image

106 / 109

106. Which virtual MAC address is used by VRRP group 1?

107 / 109

107. Refer to the exhibit. An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the
work. Which additional task allows the two switches to establish an LACP port channel?

Question Image

108 / 109

108. Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections?
(Choose two)

Question Image

109 / 109

109. Which two components comprise part of a PKI? (Choose two.)

Your score is

LinkedIn Facebook Twitter VKontakte

Scroll to Top