Abstract image of a woman sitting on books and studying on a laptop

Pass Cisco 200-301 CCNA Exam with Certifiedumps – Latest Dumps Cover Networking, IP Connectivity, Security, and Automation for Guaranteed Success in Your Cisco Networking Certification Journey.

2
24servicehub

Certifiedumps helps you build real-world security knowledge with SY0-601 dumps that mirror actual exam scenarios and performance-based question types.

Education
1 of 34
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Questions & Answers (Demo Version - Limited Content) Cisco 200-301 Exam Cisco Certified Network Associate https://www.certifiedumps.com/cisco/200-301-dumps.html Thank you for Downloading 200-301 exam PDF Demo Get Full File:
Refer to Exhibit. Topic 1, Exam Pool A Questions & Answers PDF Explanation: Forward time : Determines how long each of the listening and learning states last before the port begins forwarding. Switch(config)# [ no ] spanning-tree vlan vlan_ID forward-time forward_time Configures the forward time of a VLAN. The forward_time value can be from 4 to 30 seconds. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/15- 02SG/configuration/guide/config/spantree.html#56177 Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period? A. switch(config)#spanning-tree vlan 1 max-age 6 B. switch(config)#spanning-tree vlan 1 hello-time 10 C. switch(config)#spanning-tree vlan 1 priority 4096 D. switch(config)#spanning-tree vlan 1 forward-time 20 Page 2 Version: 58.0 Question: 1 Question: 2 Answer: D www.certifiedumps.com
A. Option A B. Option B C. Option C D. Option D Explanation: Refer to Exhibit. Questions & Answers PDF Refer to the exhibit. All routers in the network are configured R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configure on R2 to Be elected as the DR in the network? Page 3 Question: 3 Answer: B www.certifiedumps.com
A. Option A B. Option B C. Option C D. Option D Explanation: Refer to Exhibit. Questions & Answers PDF Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down? Page 4 Question: 4 Answer: B www.certifiedumps.com
Explanation: Explanation: Questions & Answers PDF What is a benefit of using a Cisco Wireless LAN Controller? A. Central AP management requires more complex configurations B. Unique SSIDs cannot use the same authentication method C. It supports autonomous and lightweight APs D. It eliminates the need to configure each access point individually Which network allows devices to communicate without the need to access the Internet? Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue? A. set the default network as 20.20.20.0/24 B. set the default gateway as 20.20.20.2 C. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network D. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network Page 5 Question: 5 Question: 6 Answer: D Answer: D www.certifiedumps.com
Questions & Answers PDF A. 1729.0.0/16 B. 172.28.0.0/16 C. 192.0.0.0/8 D. 209.165.201.0/24 When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two) A. ASCII B. base64 C. binary D. decimal E. hexadecimal Explanation: The private ranges of each class of IPv4 are listed below: Class A private IP address ranges from 10.0.0.0 to 10.255.255.255 Class B private IP address ranges from 172.16.0.0 to 172.31.255.255 Class C private IP address ranges from 192.168.0.0 to 192.168.255.255 Only the network 172.28.0.0/16 belongs to the private IP address (of class B). Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7- 4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_010 10001.html DRAG DROP Drag drop the descriptions from the left onto the correct configuration-management technologies on the right. Page 6 Question: 7 Question: 8 Answer: B Answer: A, E www.certifiedumps.com
Explanation: Questions & Answers PDF The focus of Ansible is to be streamlined and fast, and to require no node agent installation. Thus, Ansible performs all functions over SSH. Ansible is built on Python, in contrast to the Ruby Page 7 Answer: www.certifiedumps.com
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service DRAG DROP Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right. Explanation: Below are the 3 cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a thirdparty vendor and whose interface is accessed on the clients’ side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a thirdparty provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In general, IaaS provides hardware so that an organization can install their own operating system. Questions & Answers PDF Page 8 foundation of Puppet and Chef. TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file . This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server. Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach. A Puppet piece of code is called a manifest, and is a file with .pp extension. Question: 9 Question: 10 Answer: B www.certifiedumps.com
Explanation: Refer to exhibit. Questions & Answers PDF Which statement explains the configuration error message that is received? A. It is a broadcast IP address B. The router does not support /28 mask. C. It belongs to a private IP address range. D. IT is a network IP address. Page 9 Question: 11 Answer: www.certifiedumps.com
Explanation: Explanation: Explanation: Questions & Answers PDF A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts B. giants C. frame D. CRC E. input errors Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols. A. dual algorithm B. metric C. administrative distance D. hop count Explanation: Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines the reliability of a routing protocol. Which command prevents passwords from being stored in the configuration as plain text on a router or switch? A. enable secret B. service password-encryption C. username Cisco password encrypt D. enable password Page 10 Question: 12 Question: 13 Question: 14 Answer: C Answer: B Answer: A Answer: DE www.certifiedumps.com
Explanation: DRAG DROP Drag and drop the WLAN components from the left onto the correct descriptions on the right. Questions & Answers PDF Page 11 Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The “input errors” includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the “show interface s0/0/0” command: Question: 15 Answer: www.certifiedumps.com
Explanation: Questions & Answers PDF Which command enables a router to become a DHCP client? A. ip address dhcp B. ip helper-address C. ip dhcp pool D. ip dhcp client Which two encoding methods are supported by REST APIs? (Choose two) A. YAML B. JSON C. EBCDIC D. SGML E. XML Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/12- 4/dhcp-12-4-book/config-dhcp-client.html If we want to get an IP address from the DHCP server on a Cisco device, we can use the command “ip address dhcp”. Note: The command “ip helper-address” enables a router to become a DHCP Relay Agent. Page 12 Question: 16 Question: 17 Answer: A Answer: BE www.certifiedumps.com
Explanation: Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable What is the result of this configuration? A. The link is in a down state. B. The link is in an error disables state C. The link is becomes an access port. D. The link becomes a trunk port. When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two) A. 2000::/3 B. 2002::5 C. FC00::/7 D. FF02::1 E. FF02::2 Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s- book/ip6-multicast.html When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all-node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer Questions & Answers PDF Page 13 https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2- x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configura tion_Guide_chapter_01.html Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_x/rest_api_config/b _Cisco_N1KV_VMware_REST_API_Config_5x/b_Cisco_N1KV_VMware_REST_API_Config_5x_chapter _010.pdf The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents. Question: 18 Question: 19 Answer: D Answer: DE www.certifiedumps.com
Which MAC address is recognized as a VRRP virtual address? A. 0000.5E00.010a B. 0005.3711.0975 C. 0000.0C07.AC99 D. 0007.C070/AB01 Which type of wireless encryption is used for WPA2 in preshared key mode? Questions & Answers PDF address resolution. Routers also join a third multicast group, the all-routers group (FF02::2). Explanation: With VRRP, the virtual router’s MAC address is 0000.5E00.01xx , in which xx is the VRRP group. in Which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them B. A spine switch can be added with at least 40 GB uplinks C. A leaf switch can be added with a single connection to a core spine switch. D. A leaf switch can be added with connections to every spine switch Explanation: Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and-leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches. Page 14 Question: 20 Question: 21 Question: 22 Answer: A Answer: D www.certifiedumps.com
Questions & Answers PDF A. TKIP with RC4 B. RC4 C. AES-128 D. AES-256 Explanation: We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-128. https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2- config.html Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two) A. It drops lower-priority packets before it drops higher-priority packets B. It can identify different flows with a high level of granularity C. It guarantees the delivery of high-priority packets D. It can mitigate congestion by preventing the queue from filling up E. it supports protocol discovery Page 15 Question: 23 Answer: D www.certifiedumps.com
Explanation: Refer to the exhibit. Questions & Answers PDF When a floating static route is configured, which action ensures that the backup route is used when the primary route fails? A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup B. The administrative distance must be higher on the primary route so that the backup route becomes secondary. C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup D. The default-information originate command must be configured for the route to be installed into the routing table Explanation: Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur: 1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic. 4. If the average queue size is greater than the maximum threshold, the packet is dropped. WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times. WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered Page 16 Question: 24 Question: 25 Answer: A Answer: AD www.certifiedumps.com
Explanation: Questions & Answers PDF Which password must an engineer use to enter the enable mode? A. adminadmin123 B. default C. testing 1234 D. cisco123 Which mode allows access points to be managed by Cisco Wireless LAN Controllers? A. autonomous B. lightweight C. bridge D. mobility express How do TCP and UDP differ in the way that they establish a connection between two endpoints? A. TCP uses synchronization packets, and UDP uses acknowledgment packets. B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits C. UDP provides reliable message transfer and TCP is a connectionless protocol D. TCP uses the three-way handshake and UDP does not guarantee message delivery Explanation: If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The “enable secret” will be used first if available, then “enable password” and line password. Page 17 Question: 26 Question: 27 Answer: C Answer: D www.certifiedumps.com
Questions & Answers PDF What are two southbound APIs? (Choose two ) If a notice-level messaging is sent to a syslog server, which event has occurred? A. A network device has restarted B. An ARP inspection has failed C. A routing instance has flapped D. A debug operation is running Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan- wlan/81831-qos-wlc-lap.html Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment? A. Bronze B. Platinum C. Silver D. Gold Explanation: Usually no action is required when a route flaps so it generates the notification syslog level message (level 5). Explanation: https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200-series/70278-lap-faq.html A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are “lightweight,” which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are “zero touch” deployed, and individual configuration of APs is not necessary. Page 18 Question: 28 Question: 29 Question: 30 Answer: C Answer: B Answer: B www.certifiedumps.com
Questions & Answers PDF A. OpenFlow B. NETCONF C. Thrift D. CORBA E. DSC An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place? A. Physical access control B. Social engineering attack C. brute force attack D. user awareness Explanation: OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices. An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria? Explanation: This is a training program which simulates an attack, not a real attack (as it says “The webpage that opens reports that it was safe”) so we believed it should be called a “user awareness” program. Therefore the best answer here should be “user awareness”. This is the definition of “User awareness” from CCNA 200- 301 Offical Cert Guide Book: “User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. ” Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked. Page 19 Question: 31 Question: 32 Answer: D Answer: AB www.certifiedumps.com
A. Option A B. Option B C. Option C D. Option D Explanation: Refer to the exhibit. Questions & Answers PDF Explanation: If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch drops the received frame B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning. D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table Page 20 Question: 33 Question: 34 Answer: B Answer: A www.certifiedumps.com
Questions & Answers PDF An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP? A. 10.4.4.4 B. 10.4.4.5 C. 172.23.103.10 D. 172.23.104.4 Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface? A. ipv6 address dhcp B. ipv6 address 2001:DB8:5:112::/64 eui-64 C. ipv6 address autoconfig Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71978- acl-wlc.html Explanation: NAT is used to send a packet to the outside network, using a public IP address to make it routable. The NAT logic is "inside-to-outside" FIRST and "outside-to-inside" THEN. This way, configuring NAT means "choosing a public IP address" for any outbound packet" IN THE FIRST PLACE, where "public IP address" translates to "inside global address". Among the given answers, the only inside global address is 172.123.104.4. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks? A. CPU ACL B. TACACS C. Flex ACL D. RADIUS Page 21 Question: 35 Question: 36 Answer: A Answer: D www.certifiedumps.com
Explanation: Questions & Answers PDF D. ipv6 address 2001:DB8:5:112::2/64 link-local Which output displays a JSON data representation? An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two) A. Configure the ports in an EtherChannel. B. Administratively shut down the ports C. Configure the port type as access and place in VLAN 99 D. Configure the ports as trunk ports E. Enable the Cisco Discovery Protocol Explanation: The “ipv6 address autoconfig” command causes the device to perform IPv6 stateless address autoconfiguration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages. The device will listen for RA messages which are transmitted periodically from the router (DHCP Server). This RA message allows a host to create a global IPv6 address from: + Its interface identifier (EUI-64 address) + Link Prefix (obtained via RA) Note: Global address is the combination of Link Prefix and EUI-64 address Page 22 Question: 37 Question: 38 Answer: C Answer: BC www.certifiedumps.com
A. Option A B. Option B C. Option C D. Option D Questions & Answers PDF Explanation: JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a Page 23 Answer: C www.certifiedumps.com
Questions & Answers PDF value: “name”:”Mark” JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example: { “name”:”John”, “age”:30, “cars”:[ “Ford”, “BMW”, “Fiat” ] } JSON can have empty object like “taskId”:{} Explanation: SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. The SNMP framework has three parts: A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB? A. CDP B. SNMP C. SMTP D. ARP Which command is used to specify the delay time in seconds for LLDP to initialize on any interface? A. lldp timer B. lldp holdtimt C. lldp reinit D. lldp tlv-select Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12- 2_37_ey/configuration/guide/scg/swlldp.pdf + lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it + lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface + lldp timer rate: Set the sending frequency of LLDP updates in seconds Page 24 Question: 39 Question: 40 Answer: C Answer: B www.certifiedumps.com
Explanation: Double-Tagging attack: DRAG DROP Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right. In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it Questions & Answers PDF Page 25 + An SNMP manager + An SNMP agent + A Management Information Base (MIB) The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects. With SNMP, the network administrator can send commands to multiple routers to do the backup Question: 41 Answer: www.certifiedumps.com
Explanation: DRAG DROP Drag and drop the network protocols from the left onto the correct transport services on the right. Questions & Answers PDF Page 26 wants to attack (VLAN 20). When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer. Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker. To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs. ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2. Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network which can be used to mitigate this type of attack. Question: 42 Answer: www.certifiedumps.com
Explanation: Questions & Answers PDF DRAG DROP A network engineer is configuring an OSPFv2 neighbor adjacency Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used Page 27 Question: 43 Answer: www.certifiedumps.com
Refer to the exhibit. Questions & Answers PDF An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose two ) A. Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic. B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic Page 28 Question: 44 www.certifiedumps.com
Explanation: Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32? A. floating static route B. host route C. default route D. network route Questions & Answers PDF C. The source and destination IPs must be swapped in ACL 101 D. The ACL must be configured the Gi0/2 interface inbound on R1 E. The ACL must be moved to the Gi0/1 interface outbound on R2 Explanation: From the output, we see R1 will use the entry “O 10.10.13.0/25 [110/4576] via 10.10.10.1, …” to reach host 10.10.13.10. This is a network route. Note: “B* 0.0.0.0/0 …” is a default route. Page 29 Question: 45 Answer: D Answer: BC www.certifiedumps.com
Questions & Answers PDF Which IPv6 address block sends packets to a group address rather than a single address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/8 Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. on B. auto C. active D. desirable DRAG DROP Drag and drop the functions from the left onto the correct network components on the right Explanation: The Static Persistence (or “on” mode) bundles the links unconditionally and no negotiation protocol is used. In this mode, neither PAgP nor LACP packets are sent or received. Explanation: FF00::/8 is used for IPv6 multicast and this is the IPv6 type of address the question wants to ask. FE80::/10 range is used for link-local addresses. Link-local addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address). Page 30 Question: 46 Question: 47 Question: 48 Answer: A Answer: D www.certifiedumps.com
Explanation: Explanation: Questions & Answers PDF Which two capacities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two) A. adapters that support all families of Cisco IOS software B. SDKs that support interaction with third-party network equipment C. customized versions for small, medium, and large enterprises D. REST APIs that allow for external applications to interact natively with Cisco DNA Center E. modular design that is upgradable as needed Page 31 Question: 49 Answer: Answer: BD www.certifiedumps.com
Explanation: DRAG DROP Drag and drop the AAA functions from the left onto the correct AAA services on the right Questions & Answers PDF Page 32 Cisco DNA Center offers 360-degree extensibility through four distinct types of platform capabilities: + Intent-based APIs leverage the controller and enable business and IT applications to deliver intent to the network and to reap network analytics and insights for IT and business innovation. + Process adapters, built on integration APIs, allow integration with other IT and network systems to streamline IT operations and processes. + Domain adapters, built on integration APIs, allow integration with other infrastructure domains such as data center, WAN, and security to deliver a consistent intent-based infrastructure across the entire IT environment. + SDKs allow management to be extended to third-party vendor’s network devices to offer support for diverse environments. Question: 50 Answer: www.certifiedumps.com
Questions & Answers PDF Page 33 www.certifiedumps.com
www.certifiedumps.com Thank You for trying 200-301 PDF Demo https://www.certifiedumps.com/cisco/200-301-dumps.html Test your 200-301 preparation with actual exam questions Start Your 200-301 Preparation

More Related Content

PDF
Pass the Cisco 200-301 Exam with P2PCerts – 100% Success Guaranteed!
atkinson12111
 
PDF
200-301-demo.pdf
CiscoExamDumpsarticl1
 
PDF
Cisco 200-301 Exam Dumps
CiscoExamDumpsarticl2
 
PDF
Cisco 200-301 Exam Dumps
CiscoExamDumpsarticl
 
PDF
SK0-005 Success 2025: Certifiedumps Study Routine That Works
rl7159133
 
PDF
CCNA 200-120 Exam Questions
Eng. Emad Al-Atoum
 
PDF
640 802 exam
liemgpc2
 
PDF
Architecting HP FlexNetwork Solutions
Ellina Beckman
 
Pass the Cisco 200-301 Exam with P2PCerts – 100% Success Guaranteed!
atkinson12111
 
200-301-demo.pdf
CiscoExamDumpsarticl1
 
Cisco 200-301 Exam Dumps
CiscoExamDumpsarticl2
 
Cisco 200-301 Exam Dumps
CiscoExamDumpsarticl
 
SK0-005 Success 2025: Certifiedumps Study Routine That Works
rl7159133
 
CCNA 200-120 Exam Questions
Eng. Emad Al-Atoum
 
640 802 exam
liemgpc2
 
Architecting HP FlexNetwork Solutions
Ellina Beckman
 

Similar to Pass Cisco 200-301 CCNA Exam with Certifiedumps – Latest Dumps Cover Networking, IP Connectivity, Security, and Automation for Guaranteed Success in Your Cisco Networking Certification Journey. (20)

PDF
352-001-Exam-ADVDESIGN
KylieJonathan
 
PDF
Cisco CCNP Enterprise ENCOR 350-401 Real Questions
PassquestionExamTrai
 
PDF
Đề Thi Trắc Nghiệm CCNA Full
nataliej4
 
PDF
Hp0 s29 question answers
MarcoMCervantes
 
PDF
Ccn aquestions jul_7_2015
Carlos Humberto Rivera Mera
 
PDF
Cisco 200-301 Exam Dumps.pdf
CiscoExamDumpsarticl3
 
DOC
Ccna 4 chapter 2 v4.0 answers 2011
Dân Chơi
 
PDF
Nse4 fgt 6.0
Salem Trabelsi
 
PDF
CCNA_200_301_Dumps_Full_Questions_Exam_Study_Guide_ _Free.pdf
MahamadouSaniKAILOUY
 
PDF
H19-401_V1.0 HCSP-Presales-Campus Network Planning and Design V1.0 Exam Quest...
PassquestionExamTrai
 
DOCX
Ccna guide
Ramesh Kumar
 
PDF
Pass CCST-Networking Exam in 2025 with Updated Dumps PDF
24servicehub
 
PDF
CCNA_questions_2021.pdf
VUPHUONGTHAO9
 
PDF
Fortinet LAN Edge Architect FCSS_LED_AR-7.6 Certification Study Guide.pdf
sabrina pinto
 
PPT
h323oversmallpipesfirewalls.ppt
Videoguy
 
PPTX
CCNA 200-120 Latest Dumps
slotiopo
 
PDF
H12-811_V1.0-ENU HCIA-Datacom V1.0 Real Questions
williamLeo13
 
PDF
Unlock Success with Authentic Cisco CCNA 200-301 PDF Exam Dumps
education
 
PDF
The Network Ip Address Scheme
Erin Rivera
 
PDF
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Đồng Quốc Vương
 
352-001-Exam-ADVDESIGN
KylieJonathan
 
Cisco CCNP Enterprise ENCOR 350-401 Real Questions
PassquestionExamTrai
 
Đề Thi Trắc Nghiệm CCNA Full
nataliej4
 
Hp0 s29 question answers
MarcoMCervantes
 
Ccn aquestions jul_7_2015
Carlos Humberto Rivera Mera
 
Cisco 200-301 Exam Dumps.pdf
CiscoExamDumpsarticl3
 
Ccna 4 chapter 2 v4.0 answers 2011
Dân Chơi
 
Nse4 fgt 6.0
Salem Trabelsi
 
CCNA_200_301_Dumps_Full_Questions_Exam_Study_Guide_ _Free.pdf
MahamadouSaniKAILOUY
 
H19-401_V1.0 HCSP-Presales-Campus Network Planning and Design V1.0 Exam Quest...
PassquestionExamTrai
 
Ccna guide
Ramesh Kumar
 
Pass CCST-Networking Exam in 2025 with Updated Dumps PDF
24servicehub
 
CCNA_questions_2021.pdf
VUPHUONGTHAO9
 
Fortinet LAN Edge Architect FCSS_LED_AR-7.6 Certification Study Guide.pdf
sabrina pinto
 
h323oversmallpipesfirewalls.ppt
Videoguy
 
CCNA 200-120 Latest Dumps
slotiopo
 
H12-811_V1.0-ENU HCIA-Datacom V1.0 Real Questions
williamLeo13
 
Unlock Success with Authentic Cisco CCNA 200-301 PDF Exam Dumps
education
 
The Network Ip Address Scheme
Erin Rivera
 
Www ccnav5 net_ccna_3_v5_final_exam_answers_2014
Đồng Quốc Vương
 
Ad

More from 24servicehub (20)

PDF
Pass AWS AIF-C01 Easily with Certifiedumps Real Practice Dumps
24servicehub
 
PDF
Get Ready to Pass the Cisco 300-701 SCOR Exam with Confidence in 2025
24servicehub
 
PDF
Pass Your Cisco 200-301 CCNA Exam in 2025 with Confidence
24servicehub
 
PDF
Pass ADM-201 Exam in 2025 with Updated Dumps – Certifiedumps
24servicehub
 
PDF
Pass the CompTIA Security+ SY0-701 Exam in 2025 with Confidence – Certifiedumps
24servicehub
 
PDF
SAA-C03 Exam Dumps for 2025 – Pass Your AWS Associate Exam on First Attempt
24servicehub
 
PDF
Master CISSP in 2025: Practice with Purpose, Pass with Confidence
24servicehub
 
PDF
Pass the AZ-500 Exam Easily with Certifiedumps Updated Dumps and Practice Tests
24servicehub
 
PDF
Pass Cisco 350-601 DCCOR Exam with Certifiedumps – Real Dumps for Data Center...
24servicehub
 
PDF
Clear Cisco 200-901 DEVASC Exam with Certifiedumps – Trusted Dumps for Fast C...
24servicehub
 
PDF
"Pass Cisco 200-301 CCNA Exam with Certifiedumps – Verified Dumps for Guarant...
24servicehub
 
PDF
AZ-700: Comprehensive Guide to Designing and Implementing Microsoft Azure Net...
24servicehub
 
PDF
The AZ-104 exam certifies skills in managing Microsoft Azure cloud services, ...
24servicehub
 
PDF
Microsoft Azure AI Fundamentals: Introduction to AI Concepts and Azure AI Ser...
24servicehub
 
PDF
AI-102: Designing and Implementing Azure AI Solutions
24servicehub
 
PDF
Pass Amazon CLF-C02 Exam with Certifiedumps
24servicehub
 
PDF
Clear Amazon ANS-C01 Exam with Certifiedumps
24servicehub
 
PDF
Pass Amazon AIF-C01 Exam with Certifiedumps
24servicehub
 
PDF
Certifiedumps SOA-C02 Exam Dumps – Prepare for AWS Certified SysOps Administr...
24servicehub
 
PDF
Get CompTIA Project+ PK0-005 Certified Quickly with Reliable and Verified Dum...
24servicehub
 
Pass AWS AIF-C01 Easily with Certifiedumps Real Practice Dumps
24servicehub
 
Get Ready to Pass the Cisco 300-701 SCOR Exam with Confidence in 2025
24servicehub
 
Pass Your Cisco 200-301 CCNA Exam in 2025 with Confidence
24servicehub
 
Pass ADM-201 Exam in 2025 with Updated Dumps – Certifiedumps
24servicehub
 
Pass the CompTIA Security+ SY0-701 Exam in 2025 with Confidence – Certifiedumps
24servicehub
 
SAA-C03 Exam Dumps for 2025 – Pass Your AWS Associate Exam on First Attempt
24servicehub
 
Master CISSP in 2025: Practice with Purpose, Pass with Confidence
24servicehub
 
Pass the AZ-500 Exam Easily with Certifiedumps Updated Dumps and Practice Tests
24servicehub
 
Pass Cisco 350-601 DCCOR Exam with Certifiedumps – Real Dumps for Data Center...
24servicehub
 
Clear Cisco 200-901 DEVASC Exam with Certifiedumps – Trusted Dumps for Fast C...
24servicehub
 
"Pass Cisco 200-301 CCNA Exam with Certifiedumps – Verified Dumps for Guarant...
24servicehub
 
AZ-700: Comprehensive Guide to Designing and Implementing Microsoft Azure Net...
24servicehub
 
The AZ-104 exam certifies skills in managing Microsoft Azure cloud services, ...
24servicehub
 
Microsoft Azure AI Fundamentals: Introduction to AI Concepts and Azure AI Ser...
24servicehub
 
AI-102: Designing and Implementing Azure AI Solutions
24servicehub
 
Pass Amazon CLF-C02 Exam with Certifiedumps
24servicehub
 
Clear Amazon ANS-C01 Exam with Certifiedumps
24servicehub
 
Pass Amazon AIF-C01 Exam with Certifiedumps
24servicehub
 
Certifiedumps SOA-C02 Exam Dumps – Prepare for AWS Certified SysOps Administr...
24servicehub
 
Get CompTIA Project+ PK0-005 Certified Quickly with Reliable and Verified Dum...
24servicehub
 
Ad

Recently uploaded (20)

PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
PDF
IP : I ; Unit I : Preformulation Studies
RAGHUNATH SAKHARE
 
PDF
LEARNERS WITH ADDITIONAL NEEDS ProfEd Topic
Johnlloyd489543
 
PDF
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
PDF
Skin Care and Cosmetic Ingredients Dictionary ( PDFDrive ).pdf
SahianAlondraPichard
 
PPTX
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
PDF
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
PDF
English Textual Question & Ans (12th Class).pdf
javaidpaswal33
 
PPTX
Education and Perspectives of Education.pptx
Central University of South Bihar, Gaya, Bihar
 
PDF
LIFE & LIVING TRILOGY - PART - (2) THE PURPOSE OF LIFE.pdf
sureshkumarsoni26
 
PPTX
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
DOCX
Cambridge-Practice-Tests-for-IELTS-12.docx
ssuser0d93ff
 
PPTX
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
PDF
CRP102_SAGALASSOS_Final_Projects_2025.pdf
City and Regional Planning, METU
 
PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
PDF
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
PDF
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PDF
Race Reva University – Shaping Future Leaders in Artificial Intelligence
RACE REVA University
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
IP : I ; Unit I : Preformulation Studies
RAGHUNATH SAKHARE
 
LEARNERS WITH ADDITIONAL NEEDS ProfEd Topic
Johnlloyd489543
 
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
Skin Care and Cosmetic Ingredients Dictionary ( PDFDrive ).pdf
SahianAlondraPichard
 
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
English Textual Question & Ans (12th Class).pdf
javaidpaswal33
 
Education and Perspectives of Education.pptx
Central University of South Bihar, Gaya, Bihar
 
LIFE & LIVING TRILOGY - PART - (2) THE PURPOSE OF LIFE.pdf
sureshkumarsoni26
 
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
Cambridge-Practice-Tests-for-IELTS-12.docx
ssuser0d93ff
 
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
CRP102_SAGALASSOS_Final_Projects_2025.pdf
City and Regional Planning, METU
 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
Race Reva University – Shaping Future Leaders in Artificial Intelligence
RACE REVA University
 

Pass Cisco 200-301 CCNA Exam with Certifiedumps – Latest Dumps Cover Networking, IP Connectivity, Security, and Automation for Guaranteed Success in Your Cisco Networking Certification Journey.

  • 1. Questions & Answers (Demo Version - Limited Content) Cisco 200-301 Exam Cisco Certified Network Associate https://www.certifiedumps.com/cisco/200-301-dumps.html Thank you for Downloading 200-301 exam PDF Demo Get Full File:
  • 2. Refer to Exhibit. Topic 1, Exam Pool A Questions & Answers PDF Explanation: Forward time : Determines how long each of the listening and learning states last before the port begins forwarding. Switch(config)# [ no ] spanning-tree vlan vlan_ID forward-time forward_time Configures the forward time of a VLAN. The forward_time value can be from 4 to 30 seconds. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/15- 02SG/configuration/guide/config/spantree.html#56177 Which command entered on a switch configured with Rapid PVST* listens and learns for a specific time period? A. switch(config)#spanning-tree vlan 1 max-age 6 B. switch(config)#spanning-tree vlan 1 hello-time 10 C. switch(config)#spanning-tree vlan 1 priority 4096 D. switch(config)#spanning-tree vlan 1 forward-time 20 Page 2 Version: 58.0 Question: 1 Question: 2 Answer: D www.certifiedumps.com
  • 3. A. Option A B. Option B C. Option C D. Option D Explanation: Refer to Exhibit. Questions & Answers PDF Refer to the exhibit. All routers in the network are configured R2 must be the DR. After the engineer connected the devices, R1 was elected as the DR. Which command sequence must be configure on R2 to Be elected as the DR in the network? Page 3 Question: 3 Answer: B www.certifiedumps.com
  • 4. A. Option A B. Option B C. Option C D. Option D Explanation: Refer to Exhibit. Questions & Answers PDF Refer to the exhibit Routers R1 and R2 have been configured with their respective LAN interfaces The two circuits are operational and reachable across WAN Which command set establishes failover redundancy if the primary circuit goes down? Page 4 Question: 4 Answer: B www.certifiedumps.com
  • 5. Explanation: Explanation: Questions & Answers PDF What is a benefit of using a Cisco Wireless LAN Controller? A. Central AP management requires more complex configurations B. Unique SSIDs cannot use the same authentication method C. It supports autonomous and lightweight APs D. It eliminates the need to configure each access point individually Which network allows devices to communicate without the need to access the Internet? Refer to the exhibit Router R1 Fa0/0 is unable to ping router R3 Fa0'1. Which action must be taken in router R1 to help resolve the configuration issue? A. set the default network as 20.20.20.0/24 B. set the default gateway as 20.20.20.2 C. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network D. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network Page 5 Question: 5 Question: 6 Answer: D Answer: D www.certifiedumps.com
  • 6. Questions & Answers PDF A. 1729.0.0/16 B. 172.28.0.0/16 C. 192.0.0.0/8 D. 209.165.201.0/24 When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available to select? (Choose two) A. ASCII B. base64 C. binary D. decimal E. hexadecimal Explanation: The private ranges of each class of IPv4 are listed below: Class A private IP address ranges from 10.0.0.0 to 10.255.255.255 Class B private IP address ranges from 172.16.0.0 to 172.31.255.255 Class C private IP address ranges from 192.168.0.0 to 192.168.255.255 Only the network 172.28.0.0/16 belongs to the private IP address (of class B). Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7- 4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_010 10001.html DRAG DROP Drag drop the descriptions from the left onto the correct configuration-management technologies on the right. Page 6 Question: 7 Question: 8 Answer: B Answer: A, E www.certifiedumps.com
  • 7. Explanation: Questions & Answers PDF The focus of Ansible is to be streamlined and fast, and to require no node agent installation. Thus, Ansible performs all functions over SSH. Ansible is built on Python, in contrast to the Ruby Page 7 Answer: www.certifiedumps.com
  • 8. An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service DRAG DROP Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right. Explanation: Below are the 3 cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a thirdparty vendor and whose interface is accessed on the clients’ side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a thirdparty provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In general, IaaS provides hardware so that an organization can install their own operating system. Questions & Answers PDF Page 8 foundation of Puppet and Chef. TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file . This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server. Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach. A Puppet piece of code is called a manifest, and is a file with .pp extension. Question: 9 Question: 10 Answer: B www.certifiedumps.com
  • 9. Explanation: Refer to exhibit. Questions & Answers PDF Which statement explains the configuration error message that is received? A. It is a broadcast IP address B. The router does not support /28 mask. C. It belongs to a private IP address range. D. IT is a network IP address. Page 9 Question: 11 Answer: www.certifiedumps.com
  • 10. Explanation: Explanation: Explanation: Questions & Answers PDF A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts B. giants C. frame D. CRC E. input errors Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols. A. dual algorithm B. metric C. administrative distance D. hop count Explanation: Administrative distance is the feature used by routers to select the best path when there are two or more different routes to the same destination from different routing protocols. Administrative distance defines the reliability of a routing protocol. Which command prevents passwords from being stored in the configuration as plain text on a router or switch? A. enable secret B. service password-encryption C. username Cisco password encrypt D. enable password Page 10 Question: 12 Question: 13 Question: 14 Answer: C Answer: B Answer: A Answer: DE www.certifiedumps.com
  • 11. Explanation: DRAG DROP Drag and drop the WLAN components from the left onto the correct descriptions on the right. Questions & Answers PDF Page 11 Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The “input errors” includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the “show interface s0/0/0” command: Question: 15 Answer: www.certifiedumps.com
  • 12. Explanation: Questions & Answers PDF Which command enables a router to become a DHCP client? A. ip address dhcp B. ip helper-address C. ip dhcp pool D. ip dhcp client Which two encoding methods are supported by REST APIs? (Choose two) A. YAML B. JSON C. EBCDIC D. SGML E. XML Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/12- 4/dhcp-12-4-book/config-dhcp-client.html If we want to get an IP address from the DHCP server on a Cisco device, we can use the command “ip address dhcp”. Note: The command “ip helper-address” enables a router to become a DHCP Relay Agent. Page 12 Question: 16 Question: 17 Answer: A Answer: BE www.certifiedumps.com
  • 13. Explanation: Two switches are connected and using Cisco Dynamic Trunking Protocol SW1 is set to Dynamic Desirable What is the result of this configuration? A. The link is in a down state. B. The link is in an error disables state C. The link is becomes an access port. D. The link becomes a trunk port. When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two) A. 2000::/3 B. 2002::5 C. FC00::/7 D. FF02::1 E. FF02::2 Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/xe-3s/ipv6-xe-36s- book/ip6-multicast.html When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all-node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer Questions & Answers PDF Page 13 https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2- x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configura tion_Guide_chapter_01.html Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_x/rest_api_config/b _Cisco_N1KV_VMware_REST_API_Config_5x/b_Cisco_N1KV_VMware_REST_API_Config_5x_chapter _010.pdf The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents. Question: 18 Question: 19 Answer: D Answer: DE www.certifiedumps.com
  • 14. Which MAC address is recognized as a VRRP virtual address? A. 0000.5E00.010a B. 0005.3711.0975 C. 0000.0C07.AC99 D. 0007.C070/AB01 Which type of wireless encryption is used for WPA2 in preshared key mode? Questions & Answers PDF address resolution. Routers also join a third multicast group, the all-routers group (FF02::2). Explanation: With VRRP, the virtual router’s MAC address is 0000.5E00.01xx , in which xx is the VRRP group. in Which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them B. A spine switch can be added with at least 40 GB uplinks C. A leaf switch can be added with a single connection to a core spine switch. D. A leaf switch can be added with connections to every spine switch Explanation: Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and-leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches. Page 14 Question: 20 Question: 21 Question: 22 Answer: A Answer: D www.certifiedumps.com
  • 15. Questions & Answers PDF A. TKIP with RC4 B. RC4 C. AES-128 D. AES-256 Explanation: We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-128. https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2- config.html Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two) A. It drops lower-priority packets before it drops higher-priority packets B. It can identify different flows with a high level of granularity C. It guarantees the delivery of high-priority packets D. It can mitigate congestion by preventing the queue from filling up E. it supports protocol discovery Page 15 Question: 23 Answer: D www.certifiedumps.com
  • 16. Explanation: Refer to the exhibit. Questions & Answers PDF When a floating static route is configured, which action ensures that the backup route is used when the primary route fails? A. The floating static route must have a higher administrative distance than the primary route so it is used as a backup B. The administrative distance must be higher on the primary route so that the backup route becomes secondary. C. The floating static route must have a lower administrative distance than the primary route so it is used as a backup D. The default-information originate command must be configured for the route to be installed into the routing table Explanation: Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur: 1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic. 4. If the average queue size is greater than the maximum threshold, the packet is dropped. WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times. WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered Page 16 Question: 24 Question: 25 Answer: A Answer: AD www.certifiedumps.com
  • 17. Explanation: Questions & Answers PDF Which password must an engineer use to enter the enable mode? A. adminadmin123 B. default C. testing 1234 D. cisco123 Which mode allows access points to be managed by Cisco Wireless LAN Controllers? A. autonomous B. lightweight C. bridge D. mobility express How do TCP and UDP differ in the way that they establish a connection between two endpoints? A. TCP uses synchronization packets, and UDP uses acknowledgment packets. B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits C. UDP provides reliable message transfer and TCP is a connectionless protocol D. TCP uses the three-way handshake and UDP does not guarantee message delivery Explanation: If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The “enable secret” will be used first if available, then “enable password” and line password. Page 17 Question: 26 Question: 27 Answer: C Answer: D www.certifiedumps.com
  • 18. Questions & Answers PDF What are two southbound APIs? (Choose two ) If a notice-level messaging is sent to a syslog server, which event has occurred? A. A network device has restarted B. An ARP inspection has failed C. A routing instance has flapped D. A debug operation is running Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan- wlan/81831-qos-wlc-lap.html Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background. Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment? A. Bronze B. Platinum C. Silver D. Gold Explanation: Usually no action is required when a route flaps so it generates the notification syslog level message (level 5). Explanation: https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200-series/70278-lap-faq.html A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless LAN (WLAN) controller (WLC). APs are “lightweight,” which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are “zero touch” deployed, and individual configuration of APs is not necessary. Page 18 Question: 28 Question: 29 Question: 30 Answer: C Answer: B Answer: B www.certifiedumps.com
  • 19. Questions & Answers PDF A. OpenFlow B. NETCONF C. Thrift D. CORBA E. DSC An email user has been lured into clicking a link in an email sent by their company's security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place? A. Physical access control B. Social engineering attack C. brute force attack D. user awareness Explanation: OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices. An engineer must configure a/30 subnet between two routers. Which usable IP address and subnet mask combination meets this criteria? Explanation: This is a training program which simulates an attack, not a real attack (as it says “The webpage that opens reports that it was safe”) so we believed it should be called a “user awareness” program. Therefore the best answer here should be “user awareness”. This is the definition of “User awareness” from CCNA 200- 301 Offical Cert Guide Book: “User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. ” Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked. Page 19 Question: 31 Question: 32 Answer: D Answer: AB www.certifiedumps.com
  • 20. A. Option A B. Option B C. Option C D. Option D Explanation: Refer to the exhibit. Questions & Answers PDF Explanation: If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received. What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received? A. The Layer 2 switch drops the received frame B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN. C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning. D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC address table Page 20 Question: 33 Question: 34 Answer: B Answer: A www.certifiedumps.com
  • 21. Questions & Answers PDF An engineer configured NAT translations and has verified that the configuration is correct. Which IP address is the source IP? A. 10.4.4.4 B. 10.4.4.5 C. 172.23.103.10 D. 172.23.104.4 Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface? A. ipv6 address dhcp B. ipv6 address 2001:DB8:5:112::/64 eui-64 C. ipv6 address autoconfig Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71978- acl-wlc.html Explanation: NAT is used to send a packet to the outside network, using a public IP address to make it routable. The NAT logic is "inside-to-outside" FIRST and "outside-to-inside" THEN. This way, configuring NAT means "choosing a public IP address" for any outbound packet" IN THE FIRST PLACE, where "public IP address" translates to "inside global address". Among the given answers, the only inside global address is 172.123.104.4. Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks? A. CPU ACL B. TACACS C. Flex ACL D. RADIUS Page 21 Question: 35 Question: 36 Answer: A Answer: D www.certifiedumps.com
  • 22. Explanation: Questions & Answers PDF D. ipv6 address 2001:DB8:5:112::2/64 link-local Which output displays a JSON data representation? An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two) A. Configure the ports in an EtherChannel. B. Administratively shut down the ports C. Configure the port type as access and place in VLAN 99 D. Configure the ports as trunk ports E. Enable the Cisco Discovery Protocol Explanation: The “ipv6 address autoconfig” command causes the device to perform IPv6 stateless address autoconfiguration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages. The device will listen for RA messages which are transmitted periodically from the router (DHCP Server). This RA message allows a host to create a global IPv6 address from: + Its interface identifier (EUI-64 address) + Link Prefix (obtained via RA) Note: Global address is the combination of Link Prefix and EUI-64 address Page 22 Question: 37 Question: 38 Answer: C Answer: BC www.certifiedumps.com
  • 23. A. Option A B. Option B C. Option C D. Option D Questions & Answers PDF Explanation: JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a Page 23 Answer: C www.certifiedumps.com
  • 24. Questions & Answers PDF value: “name”:”Mark” JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example: { “name”:”John”, “age”:30, “cars”:[ “Ford”, “BMW”, “Fiat” ] } JSON can have empty object like “taskId”:{} Explanation: SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. The SNMP framework has three parts: A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB? A. CDP B. SNMP C. SMTP D. ARP Which command is used to specify the delay time in seconds for LLDP to initialize on any interface? A. lldp timer B. lldp holdtimt C. lldp reinit D. lldp tlv-select Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12- 2_37_ey/configuration/guide/scg/swlldp.pdf + lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it + lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface + lldp timer rate: Set the sending frequency of LLDP updates in seconds Page 24 Question: 39 Question: 40 Answer: C Answer: B www.certifiedumps.com
  • 25. Explanation: Double-Tagging attack: DRAG DROP Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right. In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it Questions & Answers PDF Page 25 + An SNMP manager + An SNMP agent + A Management Information Base (MIB) The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects. With SNMP, the network administrator can send commands to multiple routers to do the backup Question: 41 Answer: www.certifiedumps.com
  • 26. Explanation: DRAG DROP Drag and drop the network protocols from the left onto the correct transport services on the right. Questions & Answers PDF Page 26 wants to attack (VLAN 20). When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer. Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker. To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs. ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2. Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network which can be used to mitigate this type of attack. Question: 42 Answer: www.certifiedumps.com
  • 27. Explanation: Questions & Answers PDF DRAG DROP A network engineer is configuring an OSPFv2 neighbor adjacency Drag and drop the parameters from the left onto their required categories on the right. Not all parameters are used Page 27 Question: 43 Answer: www.certifiedumps.com
  • 28. Refer to the exhibit. Questions & Answers PDF An extended ACL has been configured and applied to router R2 The configuration failed to work as intended Which two changes stop outbound traffic on TCP ports 25 and 80 to 10.0.20 0 26 from the 10.0.10 0/26 subnet while still allowing all other traffic? (Choose two ) A. Add a "permit ip any any" statement to the begining of ACL 101 for allowed traffic. B. Add a "permit ip any any" statement at the end of ACL 101 for allowed traffic Page 28 Question: 44 www.certifiedumps.com
  • 29. Explanation: Refer to the exhibit. Which type of route does R1 use to reach host 10.10.13.10/32? A. floating static route B. host route C. default route D. network route Questions & Answers PDF C. The source and destination IPs must be swapped in ACL 101 D. The ACL must be configured the Gi0/2 interface inbound on R1 E. The ACL must be moved to the Gi0/1 interface outbound on R2 Explanation: From the output, we see R1 will use the entry “O 10.10.13.0/25 [110/4576] via 10.10.10.1, …” to reach host 10.10.13.10. This is a network route. Note: “B* 0.0.0.0/0 …” is a default route. Page 29 Question: 45 Answer: D Answer: BC www.certifiedumps.com
  • 30. Questions & Answers PDF Which IPv6 address block sends packets to a group address rather than a single address? A. 2000::/3 B. FC00::/7 C. FE80::/10 D. FF00::/8 Which mode must be used to configure EtherChannel between two switches without using a negotiation protocol? A. on B. auto C. active D. desirable DRAG DROP Drag and drop the functions from the left onto the correct network components on the right Explanation: The Static Persistence (or “on” mode) bundles the links unconditionally and no negotiation protocol is used. In this mode, neither PAgP nor LACP packets are sent or received. Explanation: FF00::/8 is used for IPv6 multicast and this is the IPv6 type of address the question wants to ask. FE80::/10 range is used for link-local addresses. Link-local addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address). Page 30 Question: 46 Question: 47 Question: 48 Answer: A Answer: D www.certifiedumps.com
  • 31. Explanation: Explanation: Questions & Answers PDF Which two capacities of Cisco DNA Center make it more extensible as compared to traditional campus device management? (Choose two) A. adapters that support all families of Cisco IOS software B. SDKs that support interaction with third-party network equipment C. customized versions for small, medium, and large enterprises D. REST APIs that allow for external applications to interact natively with Cisco DNA Center E. modular design that is upgradable as needed Page 31 Question: 49 Answer: Answer: BD www.certifiedumps.com
  • 32. Explanation: DRAG DROP Drag and drop the AAA functions from the left onto the correct AAA services on the right Questions & Answers PDF Page 32 Cisco DNA Center offers 360-degree extensibility through four distinct types of platform capabilities: + Intent-based APIs leverage the controller and enable business and IT applications to deliver intent to the network and to reap network analytics and insights for IT and business innovation. + Process adapters, built on integration APIs, allow integration with other IT and network systems to streamline IT operations and processes. + Domain adapters, built on integration APIs, allow integration with other infrastructure domains such as data center, WAN, and security to deliver a consistent intent-based infrastructure across the entire IT environment. + SDKs allow management to be extended to third-party vendor’s network devices to offer support for diverse environments. Question: 50 Answer: www.certifiedumps.com
  • 33. Questions & Answers PDF Page 33 www.certifiedumps.com
  • 34. www.certifiedumps.com Thank You for trying 200-301 PDF Demo https://www.certifiedumps.com/cisco/200-301-dumps.html Test your 200-301 preparation with actual exam questions Start Your 200-301 Preparation