Dumps

0%
0 votes, 0 avg
73
Created by Md Hedaet Shake

CCNA 200-301

1 / 10

1. Which type of Category 5 unshielded twisted-pair (UTP) cable is used to work as a trunk between
two switches?

2 / 10

2. What is the valid host address range for the subnet 172.25.4.0 /23?

3 / 10

3. What two devices can be connected to a router WAN serial interface that can provide clocking?
(Choose two.)

4 / 10

4. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

5 / 10

5. Which of the following cables would be used to connect a router to a switch?

6 / 10

6. Which statement is NOT true regarding Internet Control Message Protocol (ICMP)?

7 / 10

7. What command should you use to quickly view the HSRP state of the switch for all HSRP groups
of which the switch is a member?

8 / 10

8. What command was used to generate the output shown below?

Question Image

9 / 10

9. Which device can break Collision domain?

10 / 10

10. Which of the following are port roles in the Rapid Spanning Tree Protocol (RSTP)? (Choose
three.)

0%
0 votes, 0 avg
0
Created by Md Hedaet Shake

CCNP 350-401 ENCOR

1 / 1

1. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

0%
0 votes, 0 avg
0
Created by Md Hedaet Shake

CCNP 300-410 ENARSI

1 / 1

1. Which Cisco Internetwork Operating System (IOS) command is used to view the number of
Enhanced Interior Gateway Routing Protocol (EIGRP) packets that are sent and received?

0%
0 votes, 0 avg
7
Created by Md Hedaet Shake

NSE 4

1 / 30

1. If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does
FortiGate take?

2 / 30

2. Which of the following statements about NTLM authentication are correct? (Choose two.)

3 / 30

3. During the digital verification process, comparing the original and fresh hash results satisfies
which security requirement?

4 / 30

4. Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

5 / 30

5. Which statement is true regarding the policy ID number of a firewall policy?

6 / 30

6. When using WPAD DNS method, which FQDN format do browsers use to query the DNS
server?

7 / 30

7. In a high availability (HA) cluster operating in active-active mode, which of the following
correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a
secondary FortiGate?

8 / 30

8. How can you block or allow to Twitter using a firewall policy?

9 / 30

9. Which of the following features is supported by web filter in flow-based inspection mode
with NGFW mode set to profile-based?

10 / 30

10. Examine the routing database shown in the exhibit, and then answer the following question:

Which of the following statements are correct? (Choose two.)

Question Image

11 / 30

11. Which of the following services can be inspected by the DLP profile? (Choose three.)

12 / 30

12. An administrator needs to strengthen the security for SSL VPN access. Which of the following
statements are best practices to do so? (Choose three.)

13 / 30

13. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

14 / 30

14. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

15 / 30

15. What files are sent to FortiSandbox for inspection in flow-based inspection mode?

16 / 30

16. Which of the following route attributes must be equal for static routes to be eligible for equal
cost multipath (ECMP) routing? (Choose two.)

17 / 30

17. How does FortiGate verify the login credentials of a remote LDAP user?

18 / 30

18. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

19 / 30

19. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

20 / 30

20. What is the limitation of using a URL list and application control on the same firewall policy,
in NGFW policy-based mode?

21 / 30

21. Which configuration objects can be selected for the Source field of a firewall policy? (Choose
two.)

22 / 30

22. Why must you use aggressive mode when a local FortiGate IPSec gateway hosts multiple
dialup tunnels?

23 / 30

23. Which statement about DLP on FortiGate is true?

24 / 30

24. If the Issuer and Subject values are the same in a digital certificate, which type of entity was
the certificate issued to?

25 / 30

25. On a FortiGate with a hard disk, how can you upload logs to FortiAnalyzer or FortiManager?
(Choose two.)

26 / 30

26. Which of the following statements about converse mode are true? (Choose two.)

27 / 30

27. Which Statements about virtual domains (VDOMs) arc true? (Choose two.)

28 / 30

28. company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?

29 / 30

29. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

30 / 30

30. What criteria does FortiGate use to look for a matching firewall policy to process traffic?
(Choose two.)

0%
0 votes, 0 avg
3
Created by Md Hedaet Shake

NSE4 Valid Dumps

1 / 184

1. An administrator Is configuring an IPsec VPN between site A and site
B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site
A. the local quick mode selector is 192.160.1.0/24 and the remote quick mode selector is 192.168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?

2 / 184

2. Examine this FortiGate configuration:

How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires
authorization?

Question Image

3 / 184

3. What files are sent to FortiSandbox for inspection in flow-based inspection mode?

4 / 184

4. Refer to the exhibit.

The global settings on a FortiGate device must be changed to align with company security policies.
What does the Administrator account need to access the FortiGate global settings?
A. Change password

5 / 184

5. Which certificate value can FortiGate use to determine the relationship between the issuer and the
certificate?

6 / 184

6. 141.Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic?
(Choose three.)

7 / 184

7. By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard
servers.
Which two CLI commands will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering? (Choose two.)

8 / 184

8. Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

9 / 184

9. Which two policies must be configured to allow traffic on a policy-based next-generation firewall
(NGFW) FortiGate? (Choose two.)

10 / 184

10. View the exhibit.

Which of the following statements are correct? (Choose two.)

Question Image

11 / 184

11. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

12 / 184

12. Which three options are the remote log storage options you can configure on FortiGate? (Choose
three.)

13 / 184

13. Which engine handles application control traffic on the next-generation firewall?

14 / 184

14. Refer to the exhibit.

The exhibit contains a network diagram, firewall policies, and a firewall address object configuration.
An administrator created a Deny policy with default settings to deny Webserver access for Remote-user2.
Remote-user2 is still able to access Webserver.
Which two changes can the administrator make to deny Webserver access for Remote-User2? (Choose
two.)

Question Image

15 / 184

15. Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

16 / 184

16. Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL
certificate inspection is enabled? (Choose three.)

17 / 184

17. Which two inspection modes can you use to configure a firewall policy on a profile-based next-generate?

18 / 184

18. Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

19 / 184

19. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

20 / 184

20. Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

Question Image

21 / 184

21. A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec

VPN tunnels and static routes.
* All traffic must be routed through the primary tunnel when both tunnels are up
* The secondary tunnel must be used only if the primary tunnel goes down
* In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover
Which two key configuration changes are needed on FortiGate to meet the design requirements? (Choose
two,)

22 / 184

22. Which of the following features is supported by web filter in flow-based inspection mode
with NGFW mode set to profile-based?

23 / 184

23. Refer to the exhibits.

The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor
Facebook.
Users are given access to the Facebook web application. They can play video content hosted on
Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

Question Image

24 / 184

24. Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)

Question Image

25 / 184

25. Examine the routing database shown in the exhibit, and then answer the following question:

Which of the following statements are correct? (Choose two.)

Question Image

26 / 184

26. Refer to the exhibit to view the firewall policy.

Which statement is correct if well-known viruses are not being blocked?

Question Image

27 / 184

27. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

28 / 184

28. Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

29 / 184

29. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

30 / 184

30. D18912E1457D5D1DDCBD40AB3BF70D5D
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

31 / 184

31. Refer to the exhibit

Examine the intrusion prevention system (IPS) diagnostic command.
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a
decrease in the CPU usage?

Question Image

32 / 184

32. What is the limitation of using a URL list and application control on the same firewall policy,
in NGFW policy-based mode?

33 / 184

33. Which two statements are true about collector agent standard access mode? (Choose two.)

34 / 184

34. Examine the exhibit, which contains a virtual IP and firewall policy configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP
address 10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is
configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

Question Image

35 / 184

35. Which two types of traffic are managed only by the management VDOM? (Choose two.)

36 / 184

36. Refer to the exhibit.

The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).

Central NAT is enabled, so NAT settings from matching Central SNAT policies will be
applied.
Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP
address of Remote-FortiGate (10.200.3.1)?

Question Image

37 / 184

37. An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both
sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and
the remote quick mode selector is 192.16.2.0/24.
How must the administrator configure the local quick mode selector for site B?

38 / 184

38. What is the primary FortiGate election process when the HA override setting is disabled?

39 / 184

39. Refer to the exhibit.

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?

Question Image

40 / 184

40. When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is
used as the source of the HTTP request?

41 / 184

41. Refer to the exhibit

The exhibit shows proxy policies and proxy addresses, the authentication rule and authentication scheme,
users, and firewall address.
An explicit web proxy is configured for subnet range 10.0.1.0/24 with three explicit web proxy policies.
The authentication rule is configured to authenticate HTTP requests for subnet range 10.0.1.0/24 with a
form-based authentication scheme for the FortiGate local user database.
Users will be prompted for authentication.
How will FortiGate process the traffic when the HTTP request comes from a machine with the source IP
10.0.1.10 to the destination http://www.fortinet.com? (Choose two.)

Question Image

42 / 184

42. Why must you use aggressive mode when a local FortiGate IPSec gateway hosts multiple
dialup tunnels?

43 / 184

43. Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

Question Image

44 / 184

44. An administrator has configured a strict RPF check on FortiGate.
Which statement is true about the strict RPF check?

45 / 184

45. On a FortiGate with a hard disk, how can you upload logs to FortiAnalyzer or FortiManager?
(Choose two.)

46 / 184

46. Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides
(client and server) have terminated the session?

47 / 184

47. Which of statement is true about SSL VPN web mode?

48 / 184

48. When using WPAD DNS method, which FQDN format do browsers use to query the DNS
server?

49 / 184

49. An administrator has configured outgoing Interface any in a firewall policy.
Which statement is true about the policy list view?

50 / 184

50. An administrator does not want to report the logon events of service accounts to FortiGate.
What setting on the collector agent is required to achieve this?

51 / 184

51. Refer to the exhibit

The exhibits show a network diagram and the explicit web proxy configuration.
In the command diagnose sniffer packet, what filter can you use to capture the traffic between the client
and the explicit web proxy?

Question Image

52 / 184

52. An administrator wants to configure timeouts for users Regardless of the user's behavior, the timer should start and expire after the configured value.
Which timeout option should be configured on FortiGate?

53 / 184

53. In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy.
Instead of separate policies.
Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)

54 / 184

54. If the Issuer and Subject values are the same in a digital certificate, which type of entity was the
certificate issued to?

55 / 184

55. Which three security features require the intrusion prevention system (IPS) engine to function? (Choose
three.)

56 / 184

56. A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added
to the physical interface.
Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP
addresses in different subnets.

57 / 184

57. Which statement is true regarding the policy ID number of a firewall policy?

58 / 184

58. Refer to the exhibit, which contains a redious server configuration.

An administration added a configuration for a new RADIUS server.
While configuring, the administrator selected the include eery user group option.

What will be the impact of include in every user group option in a RADIUS configuration?

Question Image

59 / 184

59. Refer to the exhibit showing a debug flow output.

Which two statements about the debug flow output are correct? (Choose two.)

Question Image

60 / 184

60. What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall
(NGFW)?

61 / 184

61. How does FortiGate act when using SSL VPN in web mode?

62 / 184

62. Which security feature does FortiGate provide to protect servers located in the internal networks from
attacks such as SQL injections?

63 / 184

63. Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices.
The administrator has determined that phase 1 status is up. but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2
up?

Question Image

64 / 184

64. Refer to the exhibit.

Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate.
Which failed to generate any traffic.
Why is FortiGate not generating any traffic for the performance SLA?

Question Image

65 / 184

65. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

Question Image

66 / 184

66. When a firewall policy is created, which attribute is added to the policy to support recording logs to a
FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these
devices?

67 / 184

67. Refer to the exhibit
The exhibit shower the IPS sensor configuration.
If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two).

Question Image

68 / 184

68. Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

69 / 184

69. A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address
is dynamic, in addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should tie administrator configure on FortiGate for the new IPsec VPN tunnel
to work?

70 / 184

70. Which of the following statements about NTLM authentication are correct? (Choose two.)

71 / 184

71. In a high availability (HA) cluster operating in active-active mode, which of the following
correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a
secondary FortiGate?

72 / 184

72. If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is
used?

73 / 184

73. Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Which statement is correct if a user is unable to receive a block replacement message when downloading
an infected file for the first time?

Question Image

74 / 184

74. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

75 / 184

75. Which statement about the policy ID number of a firewall policy is true?

76 / 184

76. FortiGuard categories can be overridden and defined in different categories override must be configured using a specific syntax.

Which two syntaxes are correct to configure web rating override for the

77 / 184

77. Which three statements are true regarding session-based authentication? (Choose three.)

78 / 184

78. Refer to the exhibits.

The SSL VPN connection fails when a user attempts to connect to it.
What should the user do to successfully connect to SSL VPN?

Question Image

79 / 184

79. Which Statements about virtual domains (VDOMs) arc true? (Choose two.)

80 / 184

80. Which of the following SD-WAN load –balancing method use interface weight value to distribute traffic? (Choose two.)

81 / 184

81. In an explicit proxy setup, where is the authentication method and database configured?

82 / 184

82. Which of the following statements about central NAT are true? (Choose two.)

83 / 184

83. Examine the following web filtering log.

Which statement about the log message is true?

Question Image

84 / 184

84. Refer to the exhibit

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The
administrator has determined that phase 1 fails to come up. The administrator has also re-entered the
pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration
changes will bring phase 1 up? (Choose two.)

Question Image

85 / 184

85. Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)

86 / 184

86. Refer to the exhibit.

The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are
configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access internet.
The To_lnternet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)

Question Image

87 / 184

87. Which type of logs on FortiGate record information about traffic directly to and from the FortiGate
management IP addresses?

88 / 184

88. If Internet Service is already selected as Source in a firewall policy, which other configuration objects can
be added to the Source filed of a firewall policy?

89 / 184

89. Which two VDOMs are the default VDOMs created when FortiGate is set up in split VDOM mode?
(Choose two.)

90 / 184

90. Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)

91 / 184

91. View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based
on this configuration, which statement is true?

92 / 184

92. What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose
three.)

93 / 184

93. Refer to the exhibit.

The exhibit contains a network interface configuration, firewall policies, and a CLI console configuration.
How will FortiGate handle user authentication for traffic that arrives on the LAN interface?

Question Image

94 / 184

94. Refer to the exhibit.

Review the Intrusion Prevention System (IPS) profile signature settings.
Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

Question Image

95 / 184

95. Refer to the exhibit.

Which contains a session diagnostic output.
Which statement is true about the session diagnostic output?

Question Image

96 / 184

96. You have enabled logging on your FortiGate device for Event logs and all Security logs, and you have set
up logging to use the FortiGate local disk.

What is the default behavior when the local disk is full?

97 / 184

97. Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

98 / 184

98. An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

99 / 184

99. Refer to the exhibit

Given the routing database shown in the exhibit, which two statements are choose.

100 / 184

100. Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?

Question Image

101 / 184

101. Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine
whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is
still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

Question Image

102 / 184

102. Which statement about the IP authentication header (AH) used by IPsec is true?

103 / 184

103. Examine this FortiGate configuration

Based on the diagnostic outputs above, how is the FortiGate handling the traffic for new sessions that
require inspection?

Question Image

104 / 184

104. Which two configuration settings are synchronized when FortiGate devices are in an active-active HA
cluster? (Choose two.)

105 / 184

105. Examine the network diagram shown in the exhibit, then answer the following question:

Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation
to the Web server?

Question Image

106 / 184

106. Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN
Performance SLA? (Choose two.)

107 / 184

107. A network administrator has enabled SSL certificate inspection and antivirus on FortiGate detects the virus and blocks the file. When downloading the same file that's be downloaded.

What is the reason for the felled virus detection by FortiGate?

108 / 184

108. Which three statements about a flow-based antivirus profile are correct? (Choose three.)

109 / 184

109. Which of the following statements about converse mode are true? (Choose two.)

110 / 184

110. Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

111 / 184

111. Refer to the exhibit to view the application control profile.

Users who use Apple FaceTime video conferences are unable to set up meetings.
In this scenario, which statement is true?

Question Image

112 / 184

112. Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux
server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The
administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This
issue does not happen when the application establishes a Telnet connection to the Linux server directly
on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running
through FortiGate? (Choose two.)

113 / 184

113. Which statements are true regarding firewall policy NAT using the outgoing interface IP address with
fixed port disabled? (Choose two.)

114 / 184

114. Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

115 / 184

115. Which statement regarding the firewall policy authentication timeout is true?

116 / 184

116. Which of the following statements correctly describes FortiGates route lookup behavior when
searching for a suitable gateway? (Choose two)

117 / 184

117. Refer to the exhibit, which contains a static route configuration

An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?

Question Image

118 / 184

118. How can you block or allow to Twitter using a firewall policy?

119 / 184

119. Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address
conflict?

120 / 184

120. Which of the following route attributes must be equal for static routes to be eligible for equal
cost multipath (ECMP) routing? (Choose two.)

121 / 184

121. If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does
FortiGate take?

122 / 184

122. Which Security rating scorecard helps identify configuration weakness and best practice violations in
your network?

123 / 184

123. An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for DPD probes only when no traffic is observed in the tunnel.
Which DPO mode on FortiGate wtll meet the above requirement?

124 / 184

124. The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of
diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?

125 / 184

125. Which configuration objects can be selected for the Source field of a firewall policy? (Choose
two.)

126 / 184

126. Refer to the exhibit.

The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)

Question Image

127 / 184

127. Which two statements ate true about the Security Fabric rating? (Choose two.)

128 / 184

128. An organization’s employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?

129 / 184

129. Which downstream FortiGate VOOM is used to join the Security Fabric ?

130 / 184

130. How do you format the FortiGate flash disk?

131 / 184

131. To complete the final step of a Security Fabric configuration, an administrator must authorize all the
devices on which device?

132 / 184

132. Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The
administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.
What should the administrator do next to troubleshoot the problem?

Question Image

133 / 184

133. Which two statements are true when FortiGate is in transparent mode? (Choose two.)

134 / 184

134. Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

135 / 184

135. Which statement about DLP on FortiGate is true?

136 / 184

136. An administrator has configured a route-based IPsec VPN between two FortiGate devices.
Which statement about this IPsec VPN configuration is true?

137 / 184

137. Which three methods are used by the collector agent for AD polling? (Choose three.)

138 / 184

138. Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the
physical layer nor the link layer? (Choose three.)

139 / 184

139. 61.Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)

140 / 184

140. Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question
below.

When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?

141 / 184

141. Refer to the exhibit.

Based on the administrator profile settings, what permissions must the administrator set to run the
diagnose firewall auth list CLI command on FortiGate?

Question Image

142 / 184

142. Which two statements are true about the FGCP protocol? (Choose two.)

143 / 184

143. Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

Question Image

144 / 184

144. Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both
sides (client and server) have terminated the session?

145 / 184

145. NGFW mode allows policy-based configuration for most inspection rules.
Which security profile’s configuration does not change when you enable policy-based inspection?

146 / 184

146. What is the limitation of using a URL list and application control on the same firewall policy, in NGFW
policy-based mode?

147 / 184

147. An administrator is running the following sniffer command:
diagnose aniffer packer any "host 192.168.2.12" 5
Which three pieces of Information will be Included in me sniffer output? {Choose three.)

148 / 184

148. During the digital verification process, comparing the original and fresh hash results satisfies
which security requirement?

149 / 184

149. An administrator has configured two-factor authentication to strengthen SSL VPN access.
Which additional best practice can an administrator implement?

150 / 184

150. Which of the following statements about backing up logs from the CLI and downloading logs from the GUI
are true? (Choose two.)

151 / 184

151. Which two statements are correct about NGFW Policy-based mode? (Choose two)

152 / 184

152. company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?

153 / 184

153. Which two statements are correct about a software switch on FortiGate?

154 / 184

154. Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

Question Image

155 / 184

155. Which two statements are true about the RPF check? (Choose two.)

156 / 184

156. What criteria does FortiGate use to look for a matching firewall policy to process traffic?
(Choose two.)

157 / 184

157. An administrator needs to strengthen the security for SSL VPN access. Which of the following
statements are best practices to do so? (Choose three.)

158 / 184

158. Which two statements are correct about SLA targets? (Choose two.)

159 / 184

159. An administrator must disable RPF check to investigate an issue.
Which method is best suited to disable RPF without affecting features like antivirus and intrusion
prevention system?

160 / 184

160. Which two statements about antivirus scanning mode are true? (Choose two.)

161 / 184

161. FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering
and application control directly on the security policy.
Which two other security profiles can you apply to the security policy? (Choose two.)

162 / 184

162. Refer to the exhibit.

Which contains a session list output. Based on the information shown in the exhibit, which statement is
true?

Question Image

163 / 184

163. A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any
HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser
does not report errors.
What is the reason for the certificate warning errors?

164 / 184

164. View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

165 / 184

165. If the Issuer and Subject values are the same in a digital certificate, which type of entity was
the certificate issued to?

166 / 184

166. What devices form the core of the security fabric?

167 / 184

167. Which statements about the firmware upgrade process on an active-active HA cluster are true?
(Choose two.)

168 / 184

168. Which three statements about security associations (SA) in IPsec are correct? (Choose three.)

169 / 184

169. Examine this PAC file configuration

Which of the following statements are true? (Choose two.)

Question Image

170 / 184

170. An administrator observes that the port1 interface cannot be configured with an IP address.
What can be the reasons for that? (Choose three.)

171 / 184

171. Refer to the exhibits.

Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default
configuration of high memory usage thresholds.
Based on the system performance output, which two statements are correct? (Choose two.)

Question Image

172 / 184

172. Refer to the FortiGuard connection debug output.

Based on the output shown in the exhibit, which two statements are correct? (Choose two.)

Question Image

173 / 184

173. Which scanning technique on FortiGate can be enabled only on the CLI?

174 / 184

174. Which of the following conditions must be met in order for a web browser to trust a web server certificate
signed by a third-party CA?

175 / 184

175. An administrator needs to configure VPN user access for multiple sites using the same soft FortiToken.
Each site has a FortiGate VPN gateway.
What must an administrator do to achieve this objective?

176 / 184

176. Examine the two static routes shown in the exhibit, then answer the following question.

Which of the following is the expected FortiGate behavior regarding these two routes to the same
destination?

Question Image

177 / 184

177. Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

178 / 184

178. Which CLI command will display sessions both from client to the proxy and from the proxy to the
servers?

179 / 184

179. How does FortiGate verify the login credentials of a remote LDAP user?

180 / 184

180. Refer to the exhibit.

Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

Question Image

181 / 184

181. The HTTP inspection process in web filtering follows a specific order when multiple features are
enabled in the web filter profile.

What order must FortiGate use when the web filter profile has features enabled, such as safe search?

182 / 184

182. Refer to the exhibit.

The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10 .0.1.254. /24.
The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP
address 10.0.1.10?

Question Image

183 / 184

183. Which of the following services can be inspected by the DLP profile? (Choose three.)

184 / 184

184. An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

Question Image
0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-1

1 / 100

1. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of
Router1. The new circuit uses eBGP and teams the route to VLAN25 from the BGP path.
Whats the expected behavior for the traffic flow for route 10.10.13.0/25?

2 / 100

2. Which configuration is needed to generate an RSA key for SSH on a router?

3 / 100

3. Which mode must be used to configure EtherChannel between two switches without using a negotiation
protocol?

4 / 100

4. Refer to the exhibit. What does router R1 use as its OSPF router-ID?

Question Image

5 / 100

5. Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct.
Which IP address is the source IP?

Question Image

6 / 100

6. When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)

7 / 100

7. Which 802.11 frame type is association response?

8 / 100

8. What are two benefits of network automation? (Choose two)

9 / 100

9. Which three are characteristics of an IPv6 anycast address? (Choose three.)

10 / 100

10. What is the alternative notation for the IPv6 address B514:82C3:0000:0000:0029:EC7A:0000:EC72?

11 / 100

11. Which result occurs when PortFast is enabled on an interface that is connected to another switch?

12 / 100

12. A router running EIGRP has learned the same route from two different paths. Which parameter does the router
use to select the best path?

13 / 100

13. Which IPv6 address is valid?

14 / 100

14. Which MAC address is recognized as a VRRP virtual address?

15 / 100

15. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is
running encapsulation PPP, by default, which OSPF network type is seen on this interface when the user types
show ip ospf interface on R1 or R2?

16 / 100

16. A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF by default, which type of OSPF
network does this interface belong to?

17 / 100

17. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific
networks?

18 / 100

18. Which command prevents passwords from being stored in the configuration as plaintext on a router or switch?

19 / 100

19. Which API is used in controller-based architectures to interact with edge devices?

20 / 100

20. In Which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports
are required?

21 / 100

21. Refer to exhibit. Which statement explains the configuration error message that is received?

Question Image

22 / 100

22. Which statement about Link Aggregation when implemented on a Cisco Wireless LAN Controller is true?

23 / 100

23. Refer to the exhibit. Which command provides this output?

Question Image

24 / 100

24. Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?

Question Image

25 / 100

25. Which set of action satisfy the requirement for multi-factor authentication?

26 / 100

26. Which statement correctly compares traditional networks and controller-based networks?

27 / 100

27. Refer to the exhibit. Which configuration when applied to switch A accomplishes this task?

Question Image

28 / 100

28. When a site-to-site VPN is used, which protocol is responsible for the transport of user data?

29 / 100

29. A frame that enters a switch fails the Frame Check Sequence.
Which two interface counters are incremented? (Choose two)

30 / 100

30. Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?

Question Image

31 / 100

31. Refer to the exhibit. A network administrator is configuring an EtherChannel between SW1 and SW2. The SW1
configuration is shown.

Question Image

32 / 100

32. Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?

33 / 100

33. Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)

34 / 100

34. Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington
sites.

Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers
can reach one another? (Choose two.)

Question Image

35 / 100

35. An engineer must configure a /30 subnet between two routers. Which usable IP address and subnet mask
combination meets this criteria?

36 / 100

36. Which two tasks must be performed to configure NTP to a trusted server in client mode on a single network
device? (Choose two)

37 / 100

37. Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration farted to
work as intended.

 

Refer to the exhibit. An extended ACL has been configured and applied to router R2 The configuration started
to work as intended.Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20.0/26 from the
10.0.10.0/26 subnet while still allowing all other traffic? (Choose two)

Question Image

38 / 100

38. Refer to the Exhibit. After the switch configuration the ping test fails between PC A and PC B Based on the
output for switch 1.

 

Which error must be corrected?

Question Image

39 / 100

39. Which command automatically generates an IPv6 address from a specified IPvô prefix and MAC address of an
interface?

40 / 100

40. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco
Wireless LAN Controller?

41 / 100

41. A Cisco IP phone receive untagged data traffic from an attached PC.
Which action is taken by the phone?

42 / 100

42. What are two reasons that cause late collisions to increment on an Ethernet interface? (Choose two)

43 / 100

43. Refer to Exhibit. How does SW2 interact with other switches in this VTP domain?

Question Image

44 / 100

44. Which two values or settings must be entered when configuring a new WLAN in the Cisco Wireless LAN
Controller GUI? (Choose two)

45 / 100

45. Which output displays a JSON data representation?

Question Image

46 / 100

46. Which two must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)

47 / 100

47. An organization has decided to start using cloud-provided services.
Which cloud service allows the organization to install its own operating system on a virtual machine?

48 / 100

48. Refer to Exhibit. Which action do the switches take on the trunk link?

Question Image

49 / 100

49. What is the primary different between AAA authentication and authorization?

50 / 100

50. What is the primary effect of the spanning-tree portfast command?

51 / 100

51. Which type of wireless encryption is used for WPA2 in pre-shared key mode?

52 / 100

52. Refer to the exhibit. The show ip ospf interface command has been executed on R1. How is OSPF configured?

Question Image

53 / 100

53. A network engineer must back up 20 network router configurations globally within a customer environment.
Which protocol allows the engineer to perform this function using the Cisco IOS MIB?

54 / 100

54. When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are
available to select? (Choose two)

55 / 100

55. Refer to the exhibit. If configuring a static default route on the router with the ip route 0.0.0.0 0.0.0.0 10.13.0.1
120 command, how does the router respond?

Question Image

56 / 100

56. Which design element is a best practice when deploying an 802.11b wireless infrastructure?

57 / 100

57. What are two enhancements that OSPFv3 supports over OSPFV2? (Choose two.)

58 / 100

58. Refer to Exhibit. An engineer is configuring the NEW York router to reach the Lot interface of the Atlanta router
using interface Se0/0/0 as the primary path.

Which two commands must be configured on the New York router so that it can reach the Lo1 interface of the
Atlanta router via Washington when the link between New York and Atlanta goes down? (Choose two)

Question Image

59 / 100

59. Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32?

Question Image

60 / 100

60. Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

61 / 100

61. Which type of address is the public IP address of a NAT device?

62 / 100

62. Which two encoding methods are supported by REST APIs? (Choose two)

63 / 100

63. When OSPF learns multiple paths to a network, how does it select a route?

64 / 100

64. R1 has learned route 192.168.12.0/24 via IS-IS. OSPF, RIP. and Internal EIGRP Under normal operating
conditions, which routing protocol is installed in the routing table?

65 / 100

65. Which two actions influence the EIGRP route selection process? (Choose two)

66 / 100

66. An email user has been lured into clicking a link in an email sent by their company’s security organization. The
webpage that opens reports that it was safe but the link could have contained malicious code. Which type of
security program is in place?

67 / 100

67. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is
received?

68 / 100

68. What are two southbound APIs? (Choose two)

69 / 100

69. Which IPv6 address block sends packets to a group address rather than a single address?

70 / 100

70. Which statement identifies the functionality of virtual machines?

71 / 100

71. Refer to the exhibit. Which password must an engineer use to enter the enable mode?

Question Image

72 / 100

72. Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable.
What is the result of this configuration?

73 / 100

73. Which attribute does a router use to select the best path when two or more different routes to the same
destination exist from two different routing protocols?

74 / 100

74. Which option is a valid IPv6 address?

75 / 100

75. What is a benefit of using a Cisco Wireless LAN Controller?

76 / 100

76. If a notice-level messaging is sent to a syslog server, which event has occurred?

77 / 100

77. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN
2.

What causes this behavior?

Question Image

78 / 100

78. An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two
steps will fulfill the request? (Choose two)

79 / 100

79. Which action is taken by a switch port enabled for PoE power classification override?

80 / 100

80. Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A?

Question Image

81 / 100

81. Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)

82 / 100

82. How does HSRP provide first hop redundancy?

83 / 100

83. Which IPv6 address type provides communication between subnets and cannot route on the Internet?

84 / 100

84. Refer to the exhibit. What is the effect of this configuration?

Question Image

85 / 100

85. Which two capacities of Cisco DNA Center make it more extensible? (Choose two)

86 / 100

86. Router A learns the same route from two different neighbors, one of the neighbor routers is an OSPF neighbor
and the other is an EIGRP neighbor. What is the administrative distance of the route that will be installed in the
routing table?

87 / 100

87. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN-2

Question Image

88 / 100

88. Which command enables a router to become a DHCP client?

89 / 100

89. When a floating static route is configured, which action ensures that the backup route is used when the primary
route fails?

90 / 100

90. An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills
the configuration requirement?

91 / 100

91. An engineer configured an OSPF neighbor as a designated router. Which state verifies the designated router is
in the proper mode?

92 / 100

92. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?

93 / 100

93. What are two characteristics of a controller-based network? (Choose two)

94 / 100

94. Which network allows devices to communicate without the need to access the Internet?

95 / 100

95. Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?

Question Image

96 / 100

96. Which two outcomes are predictable behaviors for HSRP? (Choose two)

97 / 100

97. How do TCP and UDP differ in the way that they establish a connection between two endpoints?

98 / 100

98. Refer to the exhibit. What is the effect of this configuration?

Question Image

99 / 100

99. What makes Cisco DNA Center different from traditional network management applications and their
management of networks?

100 / 100

100. Refer to the exhibit. If OSPF is running on this network, how does Router 2 handle traffic from Site B to
10.10.13.128/25 at Site A?

Question Image
0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-2

1 / 124

1. Which three statements about MAC addresses are correct? (Choose three.)

2 / 124

2. Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1?

Question Image

3 / 124

3. Refer to the exhibit. C-router is to be used as a “router-on-a-stick” to route between the VLANs. All the
interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been
configured with the appropriate default gateway. What is true about this configuration?

Question Image

4 / 124

4. What is a difference between local AP mode and FiexConnet AP mode?

5 / 124

5. What are two fundamentals of virtualization? (choose two)

6 / 124

6. What is a characteristic of spine-and-leaf architecture?

7 / 124

7. How can the Cisco Discovery Protocol be used?

8 / 124

8. Which statements describe the routing protocol OSPF? (Choose three.)

9 / 124

9. Refer to the exhibit. Which switch in this configuration becomes the root bridge?

Question Image

10 / 124

10. Which effete does the aaa new-model configuration command have?

11 / 124

11. You have two paths for the 10.10.10.0 network – one that has a feasible distance of 3072 and the other of
6144. What do you need to do to load balance your EIGRP routes?

12 / 124

12. While examining excessive traffic on the network, it is noted that all incoming packets on an interface appear to
be allowed even though an IPv4 ACL is applied to the interface. Which two misconfigurations cause this
behavior? (Choose two)

13 / 124

13. Which two statements about NTP operations are true? (Choose two.)

14 / 124

14. Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address
arrive after the interface learns the maximum number of secure MAC address? (Choose two.)

Question Image

15 / 124

15. Which statement about the nature of NAT overload is true?

16 / 124

16. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)

Question Image

17 / 124

17. Change the IP addresses so both paths have the same source IP address

18 / 124

18. You are configuring your edge routers interface with a public IP address for Internet connectivity.
The router needs to obtain the IP address from the service provider dynamically. Which command is needed on
interface FastEthernet 0/0 to accomplish this?

19 / 124

19. Which two statements about VTP are true? (Choose two.)

20 / 124

20. Refer to the exhibit. An administrator configures four switches for local authentication using passwords that are
stored in a cryptographic hash. The four switches must also support SSH access for administrators to manage
the network infrastructure. Which switch is configured correctly to meet these requirements?

Question Image

21 / 124

21. What is an advantage of Cisco DNA Center versus traditional campus device management?

22 / 124

22. Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco
Wireless LAN Controller?

23 / 124

23. What is the purpose of the show ip ospf interface command?

24 / 124

24. A network engineer must create a diagram of a multivendor network. Which command must be configured on
the Cisco devices so that the topology of the network can be mapped?

25 / 124

25. Refer to the exhibit. Which rule does the DHCP server use when there is an IP address conflict?

Question Image

26 / 124

26. Refer to the exhibit. Which command would you use to configure a static route on Router1 to network
192.168.202.0/24 with a nondefault administrative distance?

Question Image

27 / 124

27. Which NAT term is defined as a group of addresses available for NAT use?

28 / 124

28. Refer to the exhibit. Given the output for this command, if the router ID has not been manually set, what router
ID will OSPF use for this router?

29 / 124

29. Refer to the exhibit. When running EIGRP, what is required for RouterA to exchange routing updates with
RouterC?

Question Image

30 / 124

30. Which statement about static and dynamic routes is true?

31 / 124

31. Which option best describes an API?

32 / 124

32. Which type does a port become when it receives the best BPDU on a bridge?

33 / 124

33. Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB?
(Choose two.)

Question Image

34 / 124

34. Which two commands were used to create port channel 10? (Choose two )

Question Image

35 / 124

35. Which action must be taken to assign a global unicast IPv6 address on an interface that is derived from the
MAC address of that interface?

36 / 124

36. What will happen if you configure the logging trap debug command on a router?

37 / 124

37. Refer to the exhibit. Which statement about the interface that generated the output is true?

Question Image

38 / 124

38. Which statement about Cisco Discovery Protocol is true?

39 / 124

39. Which function does the range of private IPv4 addresses perform?

40 / 124

40. What is the expected outcome when an EUI-64 address is generated?

41 / 124

41. Which IPv6 address is the equivalent of the IPv4 interface loopback address 127.0.0.1?

42 / 124

42. Which value can you modify to configure a specific interface as the preferred forwarding interface?

43 / 124

43. Refer to the exhibit. An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of
Router1 The new circuit uses eBGP and teams the route to VLAN25 from the BGP path What s the expected
behavior for the traffic flow for route 10.10.13.0/25?

Question Image

44 / 124

44. Refer to the exhibit Users in your office are complaining that they cannot connect to the severs at a remote site.
When troubleshooting, you find that you can successfully reach the severs from router R2. What is the most
likely reason that the other users are experiencing connection failure?

Question Image

45 / 124

45. Refer to the exhibit. What two conclusions should be made about this configuration? (Choose two)

Question Image

46 / 124

46. Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose
two.)

Question Image

47 / 124

47. Refer to exhibit. What Administrative distance has route to 192.168.10.1 ?

Question Image

48 / 124

48. Which two statements about exterior routing protocols are true? (Choose two.)

49 / 124

49. Which of the following is the JSON encoding of a dictionary or hash?

50 / 124

50. Refer to the exhibit. Router R1 is running three different routing protocols. Which route characteristic is used by
the router to forward the packet that it receives for destination IP 172.16.32.1?

Question Image

51 / 124

51. Refer to the exhibit. A network technician is asked to design a small network with redundancy. The exhibit
represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this
design?

52 / 124

52. Refer to the exhibit. Which Command do you enter so that R1 advertises the loopback0 interface to the BGP
Peers?

Question Image

53 / 124

53. Which technique can you use to route IPv6 traffic over an IPv4 infrastructure?

54 / 124

54. Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment?

Question Image

55 / 124

55. Refer to the exhibit. After you apply the give configurations to R1 and R2 you notice that OSPFv3 fails to start.
Which reason for the problem is most likely true ?

Question Image

56 / 124

56. How do AAA operations compare regarding user identification, user services and access control?

57 / 124

57. Which two statements about EtherChannel technology are true? (Choose two.)

58 / 124

58. Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose
two.)

59 / 124

59. Which command is used to configure an IPv6 static default route?

60 / 124

60. You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface.
Which action can you take to correct the problem in the least disruptive way?

61 / 124

61. Refer to the exhibit. If RTR01 is configured as shown, which three addresses will be received by other routers
that are running EIGRP on the network? (Choose three)

Question Image

62 / 124

62. Which value is used to determine the active router in an HSRP default configuration?

63 / 124

63. Which two circumstances can prevent two routers from establishing an OSPF neighbor adjacency? (Choose
two.)

64 / 124

64. Refer to the exhibit. How does router R1 handle traffic to 192.168.10.16?

Question Image

65 / 124

65. When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected?

66 / 124

66. Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP
primary router after it is reloaded?

67 / 124

67. Refer to the exhibit. The MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at
the switch.

What two operations will the switch perform when it receives this frame? (Choose two.)

Question Image

68 / 124

68. Refer to the exhibit. How does the router manage traffic to 192.168.12.16?

Question Image

69 / 124

69. Refer to the exhibit. A network associate has configured OSPF with the command:
City(config-router)# network 192.168.12.64 0.0.0.63 area 0.
After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF.
Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration
statement? (Choose three.)

Question Image

70 / 124

70. Which function does an SNMP agent perform?

71 / 124

71. Refer to the exhibit. The default-information originate command is configured under the R1 OSPF
configuration. After testing, workstations on VLAN 20 at Site B cannot reach a DNS server on the Internet.
Which action corrects the configuration issue?

Question Image

72 / 124

72. Which command should you enter to configure a device as an NTP sever?

73 / 124

73. Which command can you enter to allow Telnet to be supported in addition to SSH

74 / 124

74. Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration
accomplishes this task?

Question Image

75 / 124

75. What event has occurred if a router sends a notice level message to a syslog server?

76 / 124

76. Which two statements about the purpose of the OSI model are accurate? (Choose two.)

77 / 124

77. Network 172.16.1.32 0.0.0.31

78 / 124

78. Which configuration command can u apply to a HSRP router so that its local interface becomes active if all
other routers in the group fail?

79 / 124

79. Which component of an Ethernet frame is used to notify a host that traffic is coming?

80 / 124

80. Which feature or protocol is required for an IP SLA to measure UDP jitter?

81 / 124

81. Which two pieces of information can you learn by viewing the routing table? (Choose two)

82 / 124

82. Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?

Question Image

83 / 124

83. What are two descriptions of three-tier network topologies? (Choose two)

84 / 124

84. Which statement about the nature of NAT overload is true?

85 / 124

85. After you deploy a new WLAN controller on your network, which two additional tasks should you consider?
(Choose two)

86 / 124

86. Refer to the exhibit. Which address and mask combination represents a summary of the routes learned by
EIGRP?

Question Image

87 / 124

87. Which two commands can you use to configure an actively negotiate EtherChannel? (Choose two)

88 / 124

88. What is a difference between RADIUS and TACACS+?

89 / 124

89. Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)

Question Image

90 / 124

90. Which two VLAN IDs indicate a default VLAN? (Choose two.)

91 / 124

91. What is the binary pattern of unique ipv6 unique local address?

92 / 124

92. Which Cisco IOS command will indicate that interface GigabitEthernet 0/0 is configured via DHCP?

93 / 124

93. Which three describe the reasons large OSPF networks use a hierarchical design? (Choose Three)

94 / 124

94. AAA stands for authentication, authorization, and accounting

95 / 124

95. Refer to the exhibit. After you apply the given configuration to arouter, the DHCP clients behind the device
connot communicate with hosts outside of their subnet. Which action is most likely to correct the problem?

Question Image

96 / 124

96. R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?

97 / 124

97. Which command verifies whether any IPv6 ACLs are configured on a router?

98 / 124

98. What is the destination MAC address of a broadcast frame?

99 / 124

99. Which two statements about eBGP neighbor relationships are true? (Choose two)

100 / 124

100. Which command is used to display the collection of OSPF link states?

101 / 124

101. Which two options are the best reasons to use an IPV4 private IP space?(choose two)

102 / 124

102. Which command should you enter to configure an LLDP delay time of 5 seconds?

103 / 124

103. Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts?

104 / 124

104. Which two pieces of information can you determine from the output of the show ntp status command? (Choose
two)

105 / 124

105. Which statement about VLAN configuration is true?

106 / 124

106. Refer to the exhibit. Which feature is enabled by this configuration?

R1#(config)# ip nat pool cisco 10.1.1.0 10.1.1.50 255.255.255.0

107 / 124

107. A user configured OSPF in a single area between two routers A serial interface connecting R1 and R2 is
running encapsulation PPP. By default which OSPF network type is seen on this interface when the user types
show ip ospf interface on R1 or R2?

108 / 124

108. What benefit does controller-based networking provide versus traditional networking?

109 / 124

109. Refer to the graphic. R1 is unable to establish an OSPF neighbor relationship with R3. What are possible
reasons for this problem? (Choose two.)

110 / 124

110. A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot
establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip
ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause
of this problem?

Question Image

111 / 124

111. Which command should you enter to view the error log in an EIGRP for IPv6 environment?

112 / 124

112. Which command enables IPv6 forwarding on a Cisco router?

113 / 124

113. Which feature or protocol determines whether the QOS on the network is sufficient to support IP services?

114 / 124

114. Refer to the exhibit. On R1 which routing protocol is in use on the route to 192.168.10.1?

Question Image

115 / 124

115. Refer to the exhibit. If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet?

Question Image

116 / 124

116. Which WPA3 enhancement protects against hackers viewing traffic on the Wi-Fi network?

117 / 124

117. In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an
IP address?

118 / 124

118. Which command should you enter to verify the priority of a router in an HSRP group?

119 / 124

119. In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose
two.)

120 / 124

120. Which two are features of IPv6? (Choose two.)

121 / 124

121. Which command is used to enable LLDP globally on a Cisco IOS ISR?

122 / 124

122. Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an
open-standard protocol? (Choose two.)

123 / 124

123. How does STP prevent forwarding loops at OSI Layer 2?

124 / 124

124. Which three statements about network characteristics are true? (Choose three.)

0%
0 votes, 0 avg
1
Created by Rabiul Islam

CCNA Question Part-3

1 / 110

1. A manager asks a network engineer to advise which cloud service models are used so employees do not have
to waste their time installing, managing, and updating software which is only used occasionally Which cloud
service model does the engineer recommend?

2 / 110

2. What criteria is used first during the root port selection process?

3 / 110

3. Refer to the exhibit. Refer to the exhibit. After the configuration is applied, the two routers fail to establish an
OSPF neighbor relationship. what is the reason for the problem?

Question Image

4 / 110

4. Refer to the exhibit. What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN
20, with IP address 10.20.20.1/24?

Question Image

5 / 110

5. Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the
forwarding state?

6 / 110

6. Refer to Exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the
Washington router. Which two static host routes must be configured on the NEW York router? (Choose two)

Question Image

7 / 110

7. Which two minimum parameters must be configured on an active interface to enable OSPFv2 to operate?
(Choose two)

8 / 110

8. Anycompany has decided to reduce its environmental footprint by reducing energy costs, moving to a smaller
facility, and promoting telecommuting. What service or technology would support this requirement?

9 / 110

9. What is a characteristic of the REST API?

10 / 110

10. Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers
will become the new DR and BDR?

Question Image

11 / 110

11. A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes
of the frame is received interface counter increments?

12 / 110

12. The SW1 interface g0/1 is in the down/down state. Which two configurations are valid reasons for the interface
conditions?(choose two)

13 / 110

13. What are two differences between optical-fiber cabling and copper cabling? (Choose two)

14 / 110

14. What is a function of TFTP in network operations?

15 / 110

15. Which two functions are performed by the core layer in a three-tier architecture? (Choose two)

16 / 110

16. Which goal is achieved by the implementation of private IPv4 addressing on a network?

17 / 110

17. By default, how Does EIGRP determine the metric of a route for the routing table?

18 / 110

18. A port security violation has occurred on a switch port due to the maximum MAC address count being
exceeded Which command must be configured to increment the security-violation count and forward an SNMP
trap?

19 / 110

19. What is the primary purpose of a First Hop Redundancy Protocol?

20 / 110

20. What mechanism carries multicast traffic between remote sites and supports encryption?

21 / 110

21. When a WPA2-PSK WLAN is configured in the Wireless LAN Controller, what is the minimum number of
characters that is required in ASCII format?

22 / 110

22. What is the primary function of a Layer 3 device?

23 / 110

23. What is a function of Wireless LAN Controller?

24 / 110

24. An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch.
What command must be configured?

25 / 110

25. Refer to the exhibit. To which device does Router1 send packets that are destined to host 10.10.13.165?

Question Image

26 / 110

26. What is the difference regarding reliability and communication type between TCP and UDP?

27 / 110

27. The OSPF Hello protocol performs which of the following tasks? (Choose two.)

28 / 110

28. Which WAN access technology is preferred for a small office / home office architecture?

29 / 110

29. The service password-encryption command is entered on a router. What is the effect of this configuration?

30 / 110

30. Refer to the exhibit. Which type of configuration is represented in the output?

31 / 110

31. Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are
correctly configured, but there is no connectivity between the web server and users on the Internet. What is a
possible reason for this lack of connectivity?

Question Image

32 / 110

32. Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to
help resolve the configuration issue?

Question Image

33 / 110

33. What role does a hypervisor provide for each virtual machine in server virtualization?

34 / 110

34. Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?

35 / 110

35. Refer to the exhibit. Which two configurations would be used to create and apply a standard access list on R1,
so that only the 10.0.70.0/25 network devices are allowed to access the internal database server? (Choose
two.)

Question Image

36 / 110

36. Which two WAN architecture options help a business scalability and reliability for the network? (Choose two)

37 / 110

37. A company needs to interconnect several branch offices across a metropolitan area. The network engineer is
seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same
network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their
office locations. Which technology should be recommended?

38 / 110

38. Refer to the exhibit. What configuration on RTR-1 denies SSH access from PC-1 to any RTR-1 interface and
allows all other traffic?

39 / 110

39. Which configuration ensures that the switch is always the root for VLAN 750?

40 / 110

40. Which technology must be implemented to configure network device monitoring with the highest security?

41 / 110

41. Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the
GigabitEthernet0/1 interface?

Question Image

42 / 110

42. Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?

Question Image

43 / 110

43. What are two roles of the Dynamic Host Configuration Protocol (DHCP)? (Choose two)

44 / 110

44. Which step in the link-state routing process is described by a router sending Hello packets out all of the OSPFenabled
interfaces?

45 / 110

45. Which three statements are typical characteristics of VLAN arrangements? (Choose three.)

46 / 110

46. Refer to the exhibit Which outcome is expected when PC_A sends data to PC_B?

47 / 110

47. How do TCP and UDP differ in the way they provide reliability for delivery of packets?

48 / 110

48. How does CAPWAP communicate between an access point in local mode and a WLC?

49 / 110

49. How do TCP and UDP differ in the way they guarantee packet delivery?

50 / 110

50. Refer to the exhibit. An engineer deploys a topology in which R1 obtains its IP configuration from DHCP. If the
switch and DHCP server configurations are complete and correct. Which two sets of commands must be
configured on R1 and R2 to complete the task? (Choose two)

Question Image

51 / 110

51. A network administrator enabled port security on a switch interface connected to a printer. What is the next
configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table
automatically?

52 / 110

52. Refer to the exhibit. The network administrator wants VLAN 67 traffic to be untagged between Switch 1 and
Switch 2 while all other VLANs are to remain tagged. Which command accomplishes this task?

Question Image

53 / 110

53. What are two benefits of controller-based networking compared to traditional networking?

54 / 110

54. What software defined architecture plane assists network devices with making packet-forwarding decisions by
providing Layer 2 reachability and Layer 3 routing information?

55 / 110

55. Which state does the switch port move to when PortFast is enabled?

56 / 110

56. Which device performs stateful inspection of traffic?

57 / 110

57. Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14. To which destination does the
router send the packet?

Question Image

58 / 110

58. An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses
192.168.3.1, 192.168.3.2, 192.168.3.3 . Which configuration should be used?

Question Image

59 / 110

59. Which type of information resides on a DHCP server?

60 / 110

60. What are two functions of a Layer 2 switch? (Choose two)

61 / 110

61. What are two reasons for an engineer to configure a floating state route? (Choose two)

62 / 110

62. Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4? (Choose
two.)

63 / 110

63. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

64 / 110

64. Which type of API would be used to allow authorized salespeople of an organization access to internal sales
data from their mobile devices?

65 / 110

65. Refer to the exhibit. Which two commands were used to create port channel 10? (Choose two.)

Question Image

66 / 110

66. An engineer needs to configure LLDP to send the port description time length value (TLV). What command
sequence must be implemented?

67 / 110

67. What is the function of a server?

68 / 110

68. Which purpose does a northbound API serve in a controller-based networking architecture?

69 / 110

69. Refer to the exhibit. A network administrator assumes a task to complete the connectivity between PC A and
the File Server Switch A and Switch B have been partially configured with VLANs 10, 11, 12, and 13 What is the
next step in the configuration?

Question Image

70 / 110

70. An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or
desirable mode. What action should be taken?

71 / 110

71. A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz
network for their voice quality. What action must be taken to meet the requirement?

72 / 110

72. In which two ways does a password manager reduce the chance of a hacker stealing a users password?
(Choose two.)

73 / 110

73. Which IPv6 address block forwards packets to a multicast address rather than a unicast address?

74 / 110

74. What occurs to frames during the process of frame flooding?

75 / 110

75. Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the
192.168.1.0 subnet from accessing the server at 10.1.1.5:
access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5
access-list 100 permit ip any any

Where should the administrator place this ACL for the most efficient use of network resources?

Question Image

76 / 110

76. An office has 8 floors with approximately 30-40 users per floor What command must be configured on the
router Switched Virtual Interface to use address space efficiently?

77 / 110

77. Which technology is used to improve web traffic performance by proxy caching?

78 / 110

78. Which type of ipv6 address is publicly routable in the same way as ipv4 public addresses?

79 / 110

79. Refer to the exhibit. After the election process what is the root bridge in the HQ LAN?

Question Image

80 / 110

80. Several new coverage cells are required to improve the Wi-Fi network of an organization. Which two standard
designs are recommended? (Choose two.)

81 / 110

81. How does Cisco DNA Center gather data from the network?

82 / 110

82. What is a recommended approach to avoid co-channel congestion while installing access points that use the
2.4 GHz frequency?

83 / 110

83. Which type of attack can be mitigated by dynamic ARP inspection?

84 / 110

84. What protocol allows an engineer to back up 20 network router configurations globally while using the copy
function?

85 / 110

85. Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology?

86 / 110

86. A corporate office uses four floors in a building
* Floor 1 has 24 users
* Floor 2 has 29 users
* Floor 3 has 28 users
* Floor 4 has 22 users
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?

87 / 110

87. Refer to the exhibit. If the network environment is operating normally, which type of device must be connected
to interface FastEthernet 0/1?

Question Image

88 / 110

88. An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication
configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What
are the next two steps to complete the configuration? (Choose two.)

89 / 110

89. The OSPF Hello protocol performs which of the following tasks? (Choose two.)

90 / 110

90. Refer to the exhibit. Which configuration issue is preventing the OSPF neighbor relationship from being
established between the two routers?

Question Image

91 / 110

91. Refer to the exhibit. Which switch becomes the root bridge?

SW1: 0C:E0:38:00:36:75
SW2: 0C:0E:15:22:05:97
SW3: 0C:0E:15:1A:3C:9D
SW4: 0C:E0:18:A1:B3:19

Question Image

92 / 110

92. Refer to the exhibit. A router reserved these five routes from different routing information sources. Which two
routes does the router install in its routing table? (Choose two)

Question Image

93 / 110

93. On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to
communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?

94 / 110

94. What are two functions of a server on a network? (Choose two)

95 / 110

95. What are two benefits of using VTP in a switching environment? (Choose two.)

96 / 110

96. Refer to the exhibit. Which route type is configured to reach the internet?

Question Image

97 / 110

97. What are two recommendations for protecting network ports from being exploited when located in an office
space outside of an IT closet? (Choose two)

98 / 110

98. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)

99 / 110

99. A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?

100 / 110

100. Refer to the exhibit. An administrator is tasked with configuring a voice VLAN. What is the expected outcome
when a Cisco phone is connected to the GigabitEthernet 3/1/4 port on a switch?

interface GigabitEthernet 3/1/4

switchport voice vlan 50

!

101 / 110

101. Refer to the exhibit. Which path is used by the router for internet traffic?

Question Image

102 / 110

102. What are two requirements for an HSRP group? (Choose two.)

103 / 110

103. If all OSPF routers in a single area are configured with the same priority value, what value does a router use for
the OSPF router ID in the absence of a loopback interface?

104 / 110

104. Which function dose the range of private IPv4 addresses perform?

105 / 110

105. Which command can you enter to determine the addresses that have been assigned on a DHCP Server?

106 / 110

106. What are two roles of Domain Name Services (DNS)? (Choose Two)
A. builds

107 / 110

107. What are two reasons a network administrator would use CDP? (Choose two.)

108 / 110

108. Refer to the exhibit. Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users
to the network. Which IPv4 network and subnet mask combination does the engineer assign to minimize
wasting addresses?

Question Image

109 / 110

109. Router R2 is configured with multiple routes to reach network 10 1.1.0/24 from router R1. What protocol is
chosen by router R2 to reach the destination network 10.1.1.0/24?

110 / 110

110. What is the name of the layer in the Cisco borderless switched network design that is considered to be the
backbone used for high-speed connectivity and fault isolation?

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-4

1 / 47

1. Which network plane is centralized and manages routing decisions?

2 / 47

2. Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link?

3 / 47

3. What does a switch use to build its MAC address table?

4 / 47

4. What is a practice that protects a network from VLAN hopping attacks?

5 / 47

5. How do servers connect to the network in a virtual environment?

6 / 47

6. allows the users to access company internal network resources through a secure tunnel

7 / 47

7. Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?

Question Image

8 / 47

8. Where does a switch maintain DHCP snooping information?

9 / 47

9. Refer to the exhibit. An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access
from all other hosts A Telnet attempt from PC-2 gives this message:”% Connection refused by remote host”
Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?

Question Image

10 / 47

10. What is a role of wireless controllers in an enterprise network?

11 / 47

11. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?

12 / 47

12. When implementing a router as a DHCP server, which two features must be configured? (Choose two)

13 / 47

13. What is the purpose of traffic shaping?

14 / 47

14. An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which
command should be used?

15 / 47

15. Which technology can prevent client devices from arbitrarily connecting to the network without state
remediation?

16 / 47

16. What is recommended for the wireless infrastructure design of an organization?

17 / 47

17. Refer to the exhibit. If OSPF Is running on this network, how does Router2 handle traffic from Site B to
10.10.13.128/25 at Site A?

Question Image

18 / 47

18. Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)?
(Choose two)

19 / 47

19. An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch.
Which action should be taken?

20 / 47

20. A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2
connectivity to ports on another switch What must be configured when using active mode on both sides of the
connection?

21 / 47

21. Which type of security program is violated when a group of employees enters a building using the ID badge of
only one person?

22 / 47

22. What is a function of a remote access VPN?

23 / 47

23. Where does the configuration reside when a helper address Is configured to support DHCP?

24 / 47

24. With REST API, which standard HTTP header tells a server which media type is expected by the client?

25 / 47

25. Which device controls the forwarding of authentication requests for users when connecting to the network using
a lightweight access point?

26 / 47

26. In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?

27 / 47

27. A network administrator must enable DHCP services between two sites. What must be configured for the router
to pass DHCPDISCOVER messages on to the server?

28 / 47

28. What is a DHCP client?

29 / 47

29. What is the same for both copper and fiber interfaces when using SFP modules?

30 / 47

30. What facilitates a Telnet connection between devices by entering the device name?

31 / 47

31. Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network.
The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?

Question Image

32 / 47

32. Which CRUD operation corresponds to the HTTP GET method?

33 / 47

33. In software defined architectures, which plane is distributed and responsible for traffic forwarding?

34 / 47

34. Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is
taken by S1?

Question Image

35 / 47

35. What is the maximum bandwidth of a T1 point-to-point connection?

36 / 47

36. How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?

37 / 47

37. How does the dynamically-learned MAC address feature function?

38 / 47

38. Which function is performed by the collapsed core layer in a two-tier architecture?

39 / 47

39. Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL
certificate for GUI access?

40 / 47

40. Refer to the exhibit. An engineer configured the New York router with state routes that point to the Atlanta and
Washington sites. When command must be configured on the Atlanta and Washington routers so that both
sites are able to reach the loopback2 interface on the New York router?

Question Image

41 / 47

41. Which device tracks the state of active connections in order to make a decision to forward a packet through?

42 / 47

42. Which 802.11 frame type is indicated by a probe response after a client sends a probe request?

43 / 47

43. Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router Which
access-list entry accomplishes this task?

Question Image

44 / 47

44. Which command must be entered to configure a DHCP relay?

45 / 47

45. Which configuration management mechanism uses TCP port 22 by default when communicating with managed
nodes?

46 / 47

46. Which state does the switch port move to when PortFast is enabled?

47 / 47

47. What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-5

1 / 99

1. What are two benefits of FHRPs? (Choose two.)

2 / 99

2. What are two characteristics of an SSID? (Choose Two)

3 / 99

3. What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

4 / 99

4. When a WLAN with WPA2 PSK is configured in the Wireless LAN Controller GUI which format is supported?

5 / 99

5. Why was the RFC 1918 address space defined?

6 / 99

6. A network administrator must to configure SSH for remote access to router R1 The requirement is to use a public and private key pair to encrypt
management traffic to and from the connecting client. Which configuration, when applied, meets the requirements?

Question Image

7 / 99

7. Where does wireless authentication happen?

8 / 99

8. What is the purpose of a southbound API in a control based networking architecture?

9 / 99

9. Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two.)

10 / 99

10. What is the difference in data transmission delivery and reliability between TCP and UDP?

11 / 99

11. What must be considered when using 802.11a?

12 / 99

12. Which switch technology establishes a network connection immediately when it is plugged in?

13 / 99

13. How are VLAN hopping attacks mitigated?

14 / 99

14. Which condition must be met before an NMS handles an SNMP trap from an agent?

15 / 99

15. What Is a syslog facility?

16 / 99

16. Which 802.11 management frame type is sent when a client roams between access points on the same SSID?

17 / 99

17. An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be
taken?

18 / 99

18. An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between
hardware and virtual machines?

19 / 99

19. After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless clients on a specific VLAN
based on their credentials?

20 / 99

20. Refer to the exhibit. What is the metric of the route to the 192.168.10.33/28 subnet?

Question Image

21 / 99

21. What is the benefit of using FHRP?

22 / 99

22. What is a function of the Cisco DNA Center Overall Health Dashboard?

23 / 99

23. Which switch becomes the permanent root bridge for VLAN 5?

Question Image

24 / 99

24. When a switch receives a frame for a known destination MAC address, how is the frame handed?

25 / 99

25. Which technology is appropriate for communication between an SDN controller and applications running over the network?

26 / 99

26. What does the switch do as it receives the frame from Sales-4?

Question Image

27 / 99

27. A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which
command should be used?

28 / 99

28. Which protocol does an access point use to draw power from a connected switch?

29 / 99

29. Which two protocols must be disabled to increase security for management connections to a Wireless LAN Controller? (Choose two)

30 / 99

30. What prevents a workstation from receiving a DHCP address?

31 / 99

31. How does QoS optimize voice traffic?

32 / 99

32. Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points
(CAPWAP) protocol?

33 / 99

33. What describes the operation of virtual machines?

34 / 99

34. An engineer configures interface Gi1/0 on the company PE router to connect to an ISP Neighbor discovery is disabled. Which action is
necessary to complete the configuration if the ISP uses third-party network devices?

Question Image

35 / 99

35. An engineer is configuring data and voice services to pass through the same port. The designated switch interface fastethernet0/1 must transmit
packets using the same priority for data when they are received from the access port of the IP phone. Which configuration must be used?

36 / 99

36. Refer to the exhibit. How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C?

Question Image

37 / 99

37. Which port type supports the spanning-tree portfast command without additional configuration?

38 / 99

38. Which HTTP status code is returned after a successful REST API request?

39 / 99

39. When a client and server are not on the same physical network, which device is used to forward requests and replies between client and server
for DHCP?

40 / 99

40. When deploying syslog, which severity level logs informational message?

41 / 99

41. Which QoS tool is used to optimize voice traffic on a network that is primarily intended for data traffic?

42 / 99

42. An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the
implementer configure to achieve the desired result?

43 / 99

43. Which network action occurs within the data plane?

44 / 99

44. What is a characteristic of cloud-based network topology?

45 / 99

45. Refer to the exhibit. R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network engineer wants the
OSPF network to elect a different DR and BDR. Which set of configurations must the engineer implement?

Question Image

46 / 99

46. Refer to the exhibit. Router R4 is dynamically learning the path to the server. If R4 is connected to R1 via OSPF Area 20, to R2 via R2 BGP, and
to R3 via EIGRP 777, which path is installed in the routing table of R4?

Question Image

47 / 99

47. Where is the interface between the control plane and data plane within the softwaredefined architecture?

48 / 99

48. What is the function of a controller in controller-based networking?

49 / 99

49. Refer to the exhibit. Which change to the configuration on Switch allows the two switches to establish an GtherChannel?

Question Image

50 / 99

50. Which WLC port connects to a switch to pass normal access-point traffic?

51 / 99

51. Which global command encrypt all passwords in the running configuration?

52 / 99

52. What is the function of a hub-and-spoke WAN topology?

53 / 99

53. What occurs when overlapping Wi-Fi channels are implemented?

54 / 99

54. Which function is performed by DHCP snooping?

55 / 99

55. How does WPA3 improve security?

56 / 99

56. What does physical access control regulate?

57 / 99

57. Which plane is centralized by an SON controller?

58 / 99

58. What are network endpoints?

59 / 99

59. Refer to the exhibit. Which two prefixes are included in this routing table entry? (Choose two.)

Question Image

60 / 99

60. An administrator must secure the WLC from receiving spoofed association requests. Which steps must be taken to configure the WLC to
restrict the requests and force the user to wait 10 ms to retry an association request?

61 / 99

61. Refer to the exhibit. Which command must be executed for Gi1.1 on SW1 to become a trunk port if Gi1/1 on SW2 is configured in desirable or
trunk mode?

Question Image

62 / 99

62. What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

63 / 99

63. What uses HTTP messages to transfer data to applications residing on different hosts?

64 / 99

64. What is the role of a firewall in an enterprise network?

65 / 99

65. What are two improvements provided by automation for network management in an SDN environment? (Choose two)

66 / 99

66. Refer to the exhibit. When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-A verifying the IP
addresses, and forwarding the packet to PC-B?

Question Image

67 / 99

67. In QoS, which prioritization method is appropriate for interactive voice and video?

68 / 99

68. Which JSON data type is an unordered set of attribute- value pairs?

69 / 99

69. An engineer observes high usage on the 2.4GHz channels and lower usage on the 5GHz channels. What must be configured to allow clients to
preferentially use 5GHz access points?

70 / 99

70. A network administrator is asked to configure VLANS 2, 3 and 4 for a new implementation. Some ports must be assigned to the new VLANS
with unused remaining. Which action should be taken for the unused ports?

71 / 99

71. What is a similarity between OM3 and OM4 fiber optic cable?

72 / 99

72. What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?

73 / 99

73. Refer to the exhibit. An administrator must turn off the Cisco Discovery Protocol on the port configured with address last usable address in the
10.0.0.0/30 subnet. Which command set meets the requirement?

Question Image

74 / 99

74. What are two benefits of using the PortFast feature? (Choose two)

75 / 99

75. Which communication interaction takes place when a southbound API Is used?

76 / 99

76. What is a role of access points in an enterprise network?

77 / 99

77. Which protocol requires authentication to transfer a backup configuration file from a router to a remote server?

78 / 99

78. Which action does the router take as rt forwards a packet through the network?

79 / 99

79. A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the
configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be
issued on the interface?

80 / 99

80. When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

81 / 99

81. Which security program element involves installing badge readers on data-center doors to allow workers to enter and exit based on their job
roles?

82 / 99

82. What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two.)

83 / 99

83. An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants
to compress it for easier configuration. Which command must be issued on the router interface?

84 / 99

84. What Is the path for traffic sent from one user workstation to another workstation on a separate switch In a Ihree-lter architecture model?

85 / 99

85. What is the benefit of configuring PortFast on an interface?

86 / 99

86. Refer to the exhibit. Which two commands, when configured on router R1, fulfill these requirements? (Choose two.)
Packets towards the entire network 2001:db8:2::/64 must be forwarded through router R2.
Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

Question Image

87 / 99

87. Which access layer threat-mitigation technique provides security based on identity?

88 / 99

88. Which networking function occurs on the data plane?

89 / 99

89. Which level of severity must be set to get informational syslogs?

90 / 99

90. Which two events occur automatically when a device Is added to Cisco DNA Center? (Choose two.)

91 / 99

91. Refer to the exhibit. Shortly after SiteA was connected to SiteB over a new single-mode fiber path users at SiteA report intermittent connectivity
issues with applications hosted at SiteB What is the cause of the intermittent connectivity issue?

Question Image

92 / 99

92. Refer to me exhibit. Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

Question Image

93 / 99

93. Which two primary drivers support the need for network automation? (Choose two.)

94 / 99

94. Which technology allows for multiple operating systems to be run on a single host computer?

95 / 99

95. Which two QoS tools provides congestion management? (Choose two)

96 / 99

96. On workstations running Microsoft Windows, which protocol provides the default gateway for the device?

97 / 99

97. Which two protocols are supported on service-port interfaces? (Choose two.)

98 / 99

98. What is a characteristic of private IPv4 addressing?

99 / 99

99. What causes a port to be placed in the err-disabled state?

0%
0 votes, 0 avg
2
Created by Rabiul Islam

CCNA Question Part-6

1 / 109

1. Refer to the exhibit. Which configuration allows routers R14 and R86 to form an OSPFv2 adjacency while acting as a central point for exchanging OSPF

information between routers?

Question Image

2 / 109

2. What is a similarly between 1000BASE-LX and 1000BASE-T standards?

3 / 109

3. A network engineer must implement an IPv6 configuration on the vlan 2000 interface to create a routable locally-unique unicast address that is
blocked from being advertised to the internet. Which configuration must the engineer apply?

4 / 109

4. Which action implements physical access control as part of the security program of an organization?

5 / 109

5. A Cisco engineer must configure a single switch interface to meet these requirements
accept untagged frames and place them in VLAN 20
accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone
Which command set must the engineer apply?

6 / 109

6. Which value is the unique identifier that an access point uses to establish and maintain wireless connectivity to wireless network devices?

7 / 109

7. Refer to the exhibit. Host A sent a data frame destined for host D What does the switch do when it receives the frame from host A?

Question Image

8 / 109

8. Refer to the exhibit. An engineer is configuring the HO router. Which IPv6 address configuration must be applied to the router fa0’1 interface for
the router to assign a unique 64-brt IPv6 address to Itself?

Question Image

9 / 109

9. Refer to the exhibit. A static route must be configured on R14 to forward traffic for the 172 21 34 0/25 network that resides on R86 Which
command must be used to fulfill the request?

Question Image

10 / 109

10. Refer to the exhibit. An engineer assumes a configuration task from a peer Router A must establish an OSPF neighbor relationship with
neighbor 172.1.1.1 The output displays the status of the adjacency after 2 hours. What is the next step in the configuration process for the
routers to establish an adjacency?

Question Image

11 / 109

11. Which WLC management connection type is vulnerable to man-in-the-middle attacks?

12 / 109

12. What is the purpose of the ip address hcp command?

13 / 109

13. Which interface mode must be configured to connect the lightweight APs in a centralized architecture?

14 / 109

14. Which type of traffic Is sent with pure iPsec?

15 / 109

15. A network engineer is configuring a switch so that it is remotely reachable via SSH. The engineer has already configured the host name on the
router. Which additional command must the engineer configure before entering the command to generate the RSA key?

16 / 109

16. How does Rapid PVST+ create a fast loop-free network topology?

17 / 109

17. Refer to the exhibit. An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the
commands as shown and noticed that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate
normally?

Question Image

18 / 109

18. Refer to the exhibit. Switch A is newly configured. All VLANs are present in the VLAN database. The IP phone and PC A on Gi0/1 must be
configured for the appropriate VLANs to establish connectivity between the PCs. Which command set fulfills the requirement?

Question Image

19 / 109

19. Refer to the exhibit. A company is configuring a failover plan and must implement the default routes in such a way that a floating static route will
assume traffic forwarding when the primary link goes down. Which primary route configuration must be used?

Question Image

20 / 109

20. Refer to the exhibit. An engineer is configuring an EtherChannel using LACP between Switches 1 and 2. Which configuration must be applied so
that only Switch 1 sends LACP initiation packets?

Question Image

21 / 109

21. Which type of API allows SDN controllers to dynamically make changes to the network?

22 / 109

22. Which wireless security protocol relies on Perfect Forward Secrecy?

23 / 109

23. What is a requirement for nonoverlapping Wi-Fi channels?

24 / 109

24. What is a function of Opportunistic Wireless Encryption in an environment?

25 / 109

25. What is an expected outcome when network management automation is deployed?

26 / 109

26. Which PoE mode enables powered-device detection and guarantees power when the device is detected?

27 / 109

27. Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209.165.201.10. Each route is present within the
routing table. Which interface is used to forward traffic with a destination IP of 10.10.10.24?

Question Image

28 / 109

28. Refer to the exhibit. Which two commands must be added to update the configuration of router R1 so that it accepts only encrypted
connections? (Choose two)

Question Image

29 / 109

29. What is the difference between IPv6 unicast and anycast addressing?

30 / 109

30. A network administrator is setting up a new IPv6 network using the 64-bit address 2001 0EB8 00C1 2200:0001 0000 0000 0331/64 To simplify
the configuration the administrator has decided to compress the address Which IP address must the administrator configure?

31 / 109

31. How are the switches in a spine-and-leaf topology interconnected?

32 / 109

32. A Cisco engineer is configuring a factory-default router with these three passwords:
The user EXEC password for console access is p4ssw0rd1
The user EXEC password for Telnet access is s3cr3t2
The password for privileged EXEC mode is pnv4t3p4ss.

Which command sequence must the engineer configured

33 / 109

33. Refer to the exhibit. Which next-hop IP address does Routed use for packets destined to host 10.10.13.158?

Question Image

34 / 109

34. An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been
configured. Which configuration enables the traffic on the destination router?

Question Image

35 / 109

35. Refer to the exhibit. Which command configures OSPF on the point-to-point link between routers R1 and R2?

Question Image

36 / 109

36. What are two characteristics of a public cloud Implementation? (Choose two.)

37 / 109

37. What is the purpose of an SSID?

38 / 109

38. What is a function of a Next-Generation IPS?

39 / 109

39. Refer to the exhibit. A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the
information sent via LLDP is refreshed every 3 minutes Which configuration must the engineer apply?

Question Image

40 / 109

40. Refer to the exhibit. Users need to connect to the wireless network with IEEE 802. 11r-compatible devices. The connection must be maintained
as users travel between floors or to other areas in the building. What must be the configuration of the connection?

Question Image

41 / 109

41. An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be
2019:C15C:0CAF:E002::1 The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route?

42 / 109

42. What is a function of an endpoint on a network?

43 / 109

43. Which characteristic differentiates the concept of authentication from authorization and accounting?

44 / 109

44. Refer to the exhibit. An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the
management network must be blocked from pinging the default gateway of the new server. Which command must be configured on R1 to
complete the task?

Question Image

45 / 109

45. Refer to the exhibit. Packets received by the router from BGP enter via a serial interface at 209 165 201 1 Each route is present within the
routing table Which interface is used to forward traffic with a destination IP of 10.1.1.19?

Question Image

46 / 109

46. Refer to the exhibit. Which two configurations must the engineer apply on this network so that R1 becomes the DR? (Choose two.)

Question Image

47 / 109

47. Refer to the exhibit. How should the configuration be updated to allow PC1 and PC2 access to the Internet?

Question Image

48 / 109

48. Which type of organization should use a collapsed-core architecture?

49 / 109

49. An engineer must configure R1 for a new user account. The account must meet these requirements:
It must be configured in the local database.
The username is engineer.
It must use the strongest password configurable.

Which command must the engineer configure on the router?

50 / 109

50. Refer to the exhibit. What is a reason for poor performance on the network interface?

Question Image

51 / 109

51. Refer to the exhibit. Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the
issue?

Question Image

52 / 109

52. Refer to the exhibit. Site A was recently connected to site B over a new single-mode fiber path. Users at site A report Intermittent connectivity
Issues with applications hosted at site B. What is the reason for the problem?

Question Image

53 / 109

53. Refer to the exhibit. Router R1 currently is configured to use R3 as the primary route to the Internet, and the route uses the default
administrative distance settings. A network engineer must configure R1 so that it uses R2 as a backup, but only if R3 goes down. Which
command must the engineer configure on R1 so that it correctly uses R2 as a backup route, without changing the administrative distance
configuration on the link to R3?

Question Image

54 / 109

54. R1 as an NTP server must have:
NTP authentication enabled
NTP packets sourced from Interface loopback 0
NTP stratum 2

NTP packets only permitted to client IP 209.165.200.225
How should R1 be configured?

55 / 109

55. What is a requirement when configuring or removing LAG on a WLC?

56 / 109

56. Which type of IPv6 address is similar to a unicast address but is assigned to multiple devices on the same network at the same time?

57 / 109

57. Which protocol uses the SSL?

58 / 109

58. Which action is taken by the data plane within a network device?

59 / 109

59. Refer to the exhibit. The DHCP server and clients are connected to the same switch. What is the next step to complete the DHCP configuration
to allow clients on VLAN 1 to receive addresses from the DHCP server?

Question Image

60 / 109

60. Which Layer 2 switch function encapsulates packets for different VLANs so that the packets traverse the same port and maintain traffic
separation between the VLANs?

61 / 109

61. Which protocol is used for secure remote CLI access?

62 / 109

62. Refer to the exhibit. An engineer is asked to insert the new VLAN into the existing trunk without modifying anything previously configured. Which
command accomplishes this task?

Question Image

63 / 109

63. Refer to the exhibit. Traffic sourced from the loopback0 Interface is trying to connect via ssh to the host at 10.0.1.15. What Is the next hop to the
destination address?

Question Image

64 / 109

64. Refer to the exhibit. The entire MAC address table for SW1 is shown here:
SW1#show mac-address-table
Mac Address Table
Vlan Mac Address Type Ports
000c.8590.bb7d DYNAMIC Fa0/1
010a.7a17.45bc DYNAMIC FaO/3
7aa7.4037.8935 DYNAMIC FaO/4
SW1#

What does SW1 do when Br-4 sends a frame to Br-2?

65 / 109

65. Refer to the exhibit. A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially
configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command set configures the IP
connectivity between devices located on both LANs in each site?

Question Image

66 / 109

66. Refer to the exhibit. Which network prefix was learned via EIGRP?

Question Image

67 / 109

67. Refer to the exhibit. The link between PC1 and the switch is up. but it is performing poorly. Which interface condition is causing the performance
problem?

Question Image

68 / 109

68. Refer to the exhibit. Which command must be issued lo enable a floating static default route on router A?

Question Image

69 / 109

69. OSPF must be configured between routers R1 and R2. Which OSPF configuration must be applied to router R1 to avoid a DR/BDR election?

70 / 109

70. In software-defined architecture, which place handles switching for traffic through a Cisco router?

71 / 109

71. Which configuration must be used?

Question Image

72 / 109

72. A network engineer must configure two new subnets using the address block 10 70 128 0/19 to meet these requirements:
The first subnet must support 24 hosts
The second subnet must support 472 hosts
Both subnets must use the longest subnet mask possible from the address block.
Which two configurations must be used to configure the new subnets and meet a requirement to use the first available address in each subnetfor the router interfaces? (Choose two)

73 / 109

73. Refer to the exhibit. The router has been configured with a supernet to accommodate the requirement for 380 users on a subnet The
requirement already considers 30% future growth. Which configuration verifies the IP subnet on router R4?

Question Image

74 / 109

74. Refer to the exhibit. Which IPv6 configuration is required for R17 to successfully ping the WAN interface on R18?

Question Image

75 / 109

75. Refer to the exhibit. Which plan must be Implemented to ensure optimal QoS marking practices on this network?

Question Image

76 / 109

76. Refer to the exhibit. Which minimum configuration items are needed to enable Secure Shell version 2 access to R15?

Question Image

77 / 109

77. Refer to the exhibit. Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4?

Question Image

78 / 109

78. Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable
when OSPF goes down?

Question Image

79 / 109

79. Which two network actions occur within the data plane? (Choose two.)

80 / 109

80. What is a function of a Layer 3 switch?

81 / 109

81. Refer to the exhibit. An engineer built a new L2 LACP EtherChannel between SW1 and SW2 and executed these show commands to verify the
work. Which additional task allows the two switches to establish an LACP port channel?

Question Image

82 / 109

82. Refer to the exhibit. All VLANs are present in the VLAN database. Which command sequence must be applied to complete the configuration?

Question Image

83 / 109

83. Refer to the exhibit. Which action must be taken to ensure that router A is elected as the DR for OSPF area 0?

Question Image

84 / 109

84. A network engineer is Installing an IPv6-only capable device. The client has requested that the device IP address be reachable only from the
internal network. Which type of IPv6 address must the engineer assign?

85 / 109

85. Refer to the exhibit. Between which zones do wireless users expect to experience intermittent connectivity?

Question Image

86 / 109

86. Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target
are exhausted?

87 / 109

87. Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?

88 / 109

88. Refer to the exhibit. Which switch becomes the root of a spanning tree for VLAN 20 if all li links are of equal speed?

Question Image

89 / 109

89. What is the function of the controller in a software-defined network?

90 / 109

90. Refer to the exhibit. Which route must be configured on R1 so that OSPF routing is used when OSPF is up. but the server is still reachable
when OSPF goes down?

Question Image

91 / 109

91. Refer to the exhibit. Router R1 resides in OSPF Area 0. After updating the R1 configuration to influence the paths that it will use to direct traffic,
an engineer verified that each of the four Gigabit interfaces has the same route to 10.10.0.0/16. Which interface will R1 choose to send traffic to
reach the route?

Question Image

92 / 109

92. Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections?
(Choose two)

Question Image

93 / 109

93. Refer to the exhibit. An engineer is configuring a new router on the network and applied this configuration. Which additional configuration allows
the PC to obtain its IP address from a DHCP server?

Question Image

94 / 109

94. Refer to the exhibit. The following must be considered:
SW1 is fully configured for all traffic
The SW4 and SW9 links to SW1 have been configured
The SW4 interface Gi0/1 and Gi0/0 on SW9 have been configured

The remaining switches have had all VLANs added to their VLAN database.

Which configuration establishes a successful ping from PC2 to PC7 without interruption to traffic flow between other PCs?

Question Image

95 / 109

95. An engineer is installing a new wireless printer with a static IP address on the Wi-Fi network. Which feature must be enabled and configured to
prevent connection issues with the printer?

96 / 109

96. Which QoS traffic handling technique retains excess packets in a queue and reschedules these packets for later transmission when the
configured maximum bandwidth has been surpassed?

97 / 109

97. Which virtual MAC address is used by VRRP group 1?

98 / 109

98.

Which device permits or denies network traffic based on a set of rules?

99 / 109

99. Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?

Question Image

100 / 109

100. What is one reason to implement LAG on a Cisco WLC?

101 / 109

101. Which field within the access-request packet is encrypted by RADIUS?

102 / 109

102. Refer to the exhibit. Web traffic is coming in from the WAN interface. Which route takes precedence when the router is processing traffic
destined for the LAN network at 10.0.10.0/24?

Question Image

103 / 109

103. Which two components comprise part of a PKI? (Choose two.)

104 / 109

104. Refer to the exhibit. Users on existing VLAN 100 can reach sites on the Internet. Which action must the administrator take to establish
connectivity to the Internet for users in VLAN 200?

Question Image

105 / 109

105. Refer to the exhibit. An IP subnet must be configured on each router that provides enough addresses for the number of assigned hosts and
anticipates no more than 10% growth for now hosts. Which configuration script must be used?

Question Image

106 / 109

106. What is a capability of FTP in network management operations?

107 / 109

107. Refer to the exhibit. Routers R1 and R3 have the default configuration The router R2 priority is set to 99 Which commands on R3 configure it as
the DR in the 10.0 4.0/24 network?

Question Image

108 / 109

108. Refer to the exhibit. R1 learns all routes via OSPF Which command configures a backup static route on R1 to reach the 192.168.20.0/24
network via R3?

Question Image

109 / 109

109. Which two spanning-tree states are bypassed on an interface running PortFast? (Choose two.)

Scroll to Top