Composite Quiz 102 Questions: Type Text To Search Here..
Composite Quiz 102 Questions: Type Text To Search Here..
Total Questions Full Score Passing Rate Your Score Correct Answer Percentage Elapsed
102 1255 80% 575 45.82% 00:40:06
Sorry!
If you want to retake this quiz, please press Ctrl + F5 on Windows or press CMD + R on Mac.
Question 1
A network engineer must configure router R1 with a host route to the server. Which command must the engineer configure?
Explanation
Question 2
A. 255.255.255.128
B. 255.255.255.240
C. 255.255.255.248
D. 255.255.248.0
Explanation
https://www.9tut.com/composite-quiz 1/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
The 10.10.13.160 prefix has subnet mask of /29 which is 255.255.255.248.
Question 3
Drag and drop the characteristic from the left onto the IPv6 address type on the right.
Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1324 (which means 13
for first group, 24 for second group).
Explanation
Answer:
Link-Local Address
+ serves as the next-hop addresses
+ required on all IPv6 devices
Explanation
To be an IPv6-enabled device, a device must have an IPv6 link-local address. The device doesn’t have to have an IPv6 global unicast address, but it must have a
link-local address.
Reference: https://www.ciscopress.com/articles/article.asp?p=2803866&seqNum=4
Question 4
What is the difference regarding reliability and communication type between TCP and UDP?
A. TCP is reliable and is a connectionless protocol; UDP is not reliable and is a connection-oriented protocol
B. TCP is not reliable and is a connection-oriented protocol; UDP is reliable and is a connectionless protocol
C. TCP is reliable and is a connection-oriented protocol UDP is not reliable and is a connectionless protocol
D. TCP is not reliable and is a connectionless protocol; UDP is reliable and is a connection-oriented protocol
Question 5
Traffic sourced from the loopback0 interface is trying to connect via ssh to the host at 10.0.1.15. What is the next hop to the destination address?
A. 192.168.0.7
B. 192.168.0.40
C. 192.168.3.5
D. 192.168.0.4
https://www.9tut.com/composite-quiz 2/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Explanation
10.0.1.0/28 is always preferred over 10.0.1.0/24 because of longest prefix match. 10.0.0.15 belongs to 10.0.1.0/28 subnet so the next hop is 192.168.0.7 (learned via
EIGRP).
Note: Although our destination IP is 10.0.0.1.15 which is the broadcast address of subnet 10.0.1.0/28 in the routing table and we may think that the local router
would not use this route but in fact the router still uses this route.
"The broadcast is really a concept that is relevant only to a router directly connected to the network whose broadcast address you are referring to. Other routers do
not care at all. As long as the destination IP address of a packet AND the netmask produces the network address in the respective row of the routing table, the packet
is destined for that network so let's forward it there."
Question 6
Which type of network attack overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are
exhausted?
A. reflection
B. amplification
C. teardrop
D. SYN flood
Explanation
A SYN flood (half-open attack) is a type of denial-of-service (DDoS) attack which aims to make a server unavailable to legitimate traffic by consuming all available
server resources. By repeatedly sending initial connection request (SYN) packets, the attacker is able to overwhelm all available ports on a targeted server machine,
causing the targeted device to respond to legitimate traffic sluggishly or not at all.
Question 7
Explanation
System logs are the product of a communications protocol (RFC 5424) for transmitting event messages and alerts across an IP network. Facility is defined by the
syslog protocol, and provides a rough clue of where in a system the message originated.
Reference: https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/security-analytics/8-2-1/_reference_home/syslog.html
Question 8
A. underlay
B. overlay
C. southbound
D. northbound
Explanation
Question 9
Refer to the exhibit. Which action is expected from SW1 when the untagged frame is received on the GigabitEthernet0/1 interface?
SW1#show run int gig 0/1
interface GigabitEthernet0/1
switchport access vlan 11
switchport trunk allowed vlan 1-10
switchport trunk encapsulation dot1q
https://www.9tut.com/composite-quiz 3/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
switchport trunk native vlan 5
switchport mode trunk
speed 1000
duplex full
Question 10
Which subnet summarizes and gives the most efficient distribution of IP addresses for the router configuration?
Explanation
We see the maximum number of user per floor is 29 users (Floor 2) < 32 so the best subnet mask should be 1110 0000 which allows 25 – 2 = 30 hosts per subnet.
Question 11
Question 12
In software defined architectures, which plane is distributed and responsible for traffic forwarding?
A. data plane
B. management plane
C. policy plane
D. control plane
Explanation
The Open Networking Foundation identifies three main parts of the Software-defined networking (SDN): Application layer; Control layer and Infrastructure layer.
SDN separates a router’s control plane from the data (forwarding) plane. The control plane makes routing decisions. The data plane forwards data (packets) through
the router. With SDN routing, decisions are made remotely instead of on each individual router.
Question 13
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)
https://www.9tut.com/composite-quiz 4/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
C. It can identify different flows with a high level of granularity
D. It can mitigate congestion by preventing the queue from filling up
E. It supports protocol discovery
Explanation
Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers
assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur:
WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show
signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is
full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be
used fully at all times.
WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower
precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered (-> answer 'It drops lower-priority packets before it
drops higher-priority packets' is correct).
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-cfg-wred.html
Question 14
Drag and drop the wireless standards from the left onto the number of nonoverlapping channels they support on the right.
Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 13425 (which means 134
for first group, 25 for second group).
Please type your answer here: 12 (correct answer: 23415)
Question 15
Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
A. active
B. auto
C. passive
D. mode on
Explanation
From the neighbor status, we notice the “Flags” are SP. “P” here means the neighbor is in Passive mode. In order to create an Etherchannel interface, the (local) SW1
ports should be in Active mode. Moreover, the “Port State” in the exhibit is “0x3c” (which equals to “00111100″ in binary format). Bit 3 is “1” which means the
ports are synchronizing -> the ports are working so the local ports should be in Active mode.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3se/consolidated_guide/command_reference/b_consolidated_3650_3se_cr/b_consol
Comments (17)
https://www.9tut.com/composite-quiz 5/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Question 16
A network engineer must migrate a router loopback interface to the IPv6 address space. If the current IPv4 address of the interface is 10.54.73.1/32, and
the engineer configures IPv6 address 0:0:0:0:0:ffff:a36:4901, which prefix length must be used?
A. /64
B. /128
C. /96
D. /124
Explanation
The format for IPv4 Mapped address has the first 80 bits set to zeros, followed by the next 16 bits set to all ones and finally, the last 32 bits written in dotted decimal
appended to then end forming 128 bit IPv6 address.
An example of an IPv4 Class A address of 12.155.166.101 would look like this in IPv4 Mapped address 0000:0000:0000:0000:0000:FFFF:12.155.166.101 or
::FFFF:12.155.166.101 in IPv6’s short form.
But in this question we are migrate a /32 IP address to IPv6 so the IPv6 address should be /128.
Question 17
What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?
A. forwarding mode and provides the lowest-cost path to the root bridge for each VLAN
B. blocking mode and provides an alternate path toward the designated bridge
C. listening mode and provides an alternate path toward the root bridge
D. learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN
Explanation
An alternate port and a backup port are in a blocking state (or discarding state) to prevent loops.
Reference: https://www.ciscopress.com/articles/article.asp?p=2832407&seqNum=4
Question 18
When deploying a new network that includes both Cisco and third-party network devices, which redundancy protocol avoids the interruption of network
traffic if the default gateway router fails?
A. HSRP
B. FHRP
C. VRRP
D. GLBP
Explanation
Question 19
Which two transport layer protocols carry syslog messages? (Choose two)
A. ARP
https://www.9tut.com/composite-quiz 6/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
B. RTP
C. TCP
D. UDP
E. IP
Explanation
In case of logging significant events, the syslog messages needs to be transported over a reliable channel for it to be stored safely in a server. Usually syslog
messages are transported using UDP protocol to the server which is not reliable. This calls for the need for a reliable transport protocol like TCP to transfer the
messages to the syslog server.
Reference: https://support.citrix.com/article/CTX205824/how-to-enable-syslog-over-tcp-in-adc
Question 20
Drag and drop the IPv6 address type characteristics from the left to the right.
Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 1423 (which means 14
for first group, 23 for second group).
Please type your answer here: 2314
Explanation
A IPv6 Unique Local Address is an IPv6 address in the block FC00::/7. It is the approximate IPv6 counterpart of the IPv4 private address. It is not routable on the
global Internet.
Note: In the past, Site-local addresses (FEC0::/10) are equivalent to private IP addresses in IPv4 but now they are deprecated.
Link-local addresses only used for communications within the local subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit
interface identifier (based on 48-bit MAC address).
Question 21
The link between PC1 and the switch is up, but it is performing poorly. Which interface condition is causing the performance problem?
Question 22
https://www.9tut.com/composite-quiz 7/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
D. Assign a DNS domain name
Explanation
In order to generate an RSA key for SSH, we need to configure the hostname and a DNS domain name on the router (a username and password is also required).
Therefore in fact both answer 'Create a user with a password' and answer 'Assign a DNS domain name' are correct.
Question 23
Which switch technology establishes a network connection immediately when it is plugged in?
A. UplinkFast
B. BPDU guard
C. PortFast
D. BackboneFast
Explanation
Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast enabled will go to forwarding state immediately without passing the
listening and learning state. Therefore it can save about 30 to 45 seconds to transition through these states.
UplinkFast is a Cisco specific feature that improves the convergence time of the Spanning-Tree Protocol (STP) in the event of the failure of an uplink.
Question 24
A. IPv6 unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration
B. Unlike an IPv6 anycast address, an IPv6 unicast address is assigned to a group of interfaces on multiple nodes
C. An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on
multiple nodes.
D. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration
Question 25
Question 26
Explanation
Use the ip address dhcp command to obtain IP address information for the configured interface.
Question 27
Refer to the exhibit. What commands are needed to add a subinterface to Ethernet0/0 on R1 to allow for VLAN 20, with IP address 10.20.20.1/24?
SW1:
SW2:
interface Ethernet0/0
interface Ethernet0/1
switchport trunk encapsulation dot1q
switchport trunk encapsulation dot1q
R1 switchport mode trunk
switchport mode trunk
interface Ethernet0/0 !
!
no ip address interface Ethernet0/1
interface Ethernet0/2
switchport trunk allowed vlan 10
switchport access vlan 20
switchport trunk encapsulation dot1q
switchport mode access
switchport mode trunk
A. R1 (config)#interface ethernet0/0
R1(config)#ip address 10.20.20.1 255.255.255.0
https://www.9tut.com/composite-quiz 8/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
B. R1 (config)#interface ethernet0/0
R1 (config)#encapsulation dot1q 20
R1(config)#ip address 10.20.20.1 255.255.255.0
C. R1 (config)#interface ethernet0/0.20
R1 (config)#encapsulation dot1q 20
R1(config)#ip address 10.20.20.1 255.255.255.0
D. R1 (config)#interface ethernet0/0.20
R1(config)#ip address 10.20.20.1 255.255.255.0
Question 28
An engineer must configure router R2 so it is elected as the DR on the WAN subnet. Which command sequence must be configured?
A. interface gigabitethernet0/0
ip address 10.0.1.1 255.255.255.0
ip ospf priority 255
B. interface gigabitethernet0/0
ip address 10.0.0.34 255.255.255.224
ip ospf priority 100
C. interface gigabitethernet0/0
ip address 10.0.0.34 255.255.255.248
ip ospf priority 0
D. interface gigabitethernet0/0
ip address 10.0.1.1 255.255.255.224
ip ospf priority 98
Explanation
The OSPF priority of R1 is 99 so we have to set the OSPF priority to a higher value. Also the IP address must be 10.0.0.34/27.
Question 29
Which QoS per-hop behavior changes the value of the ToS field in the IPv4 packet header?
A. shaping
B. policing
C. marking
D. classification
Question 30
Question 31
A packet is destined for 10.10.1.22. Which static route does the router choose to forward the packet?
https://www.9tut.com/composite-quiz 9/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Explanation
The subnet 10.10.1.20/30 covers the destination 10.10.1.22 as this subnet ranges from 10.10.1.20 to 10.10.1.23 so it is the correct answer.
Question 32
Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be implemented between two switches with
these requirements:
+ using an industry-standard trunking protocol
+ permitting VLANs 1-10 and denying other VLANs
Explanation
Question 33
Refer to the exhibit. What action establishes the OSPF neighbor relationship without forming an adjacency?
A. modify process ID
B. modify priority
C. modify hello interval
D. modify network type
Explanation
In this question, R1 & R2 will not establish OSPF neighbor relationship because the hello & dead intervals are not the same.
If we modify the hello & dead intervals to the same values then R1 & R2 will become OSPF neighbors. But they will establish OSPF adjacency too.
Answer 'modify process ID' is not correct as the process ID is only locally significant.
Answer 'modify hello interval' is partially correct as we need to change both “hello and dead” interval, not “hello” interval only.
Answer 'modify priority' is a good answer because if we change both the priorities to 0 then they cannot elect DR/BDR so the adjacency cannot be complete.
Answer 'modify network type' is a good answer too because if we change one of the network type to “point to point” then OSPF neighbor relationship can still come
up but adjacency cannot (no routes are getting exchanged).
But two good answers are only correct after fixing the hello & dead intervals to the same value (so that OSPF neighbor relationship can come up) so answer 'modify
hello interval' should be the best choice here.
Note:
https://www.9tut.com/composite-quiz 10/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Neighbors
Routers that share a common segment become neighbors on that segment. Neighbors are elected via the Hello protocol. Hello packets are sent periodically out of
each interface using IP multicast (Appendix B). Routers become neighbors as soon as they see themselves listed in the neighbor’s Hello packet.
Two routers will become neighbors if they agree on the following: Same Area ID, same authentication (if used), same hello & dead intervals, same subnet mask
and same stub area flag.
Adjacencies
Adjacency is the next step after the neighboring process. Adjacent routers are routers that go beyond the simple Hello exchange and proceed into the database
exchange process.
The adjacency building process takes effect after multiple stages have been fulfilled. Routers that become adjacent will have the exact link-state database. The states
an interface passes through before becoming adjacent to another router are: Down -> Attempt (optional) -> Init -> 2-Way -> Exstart -> Exchange -> Loading ->
Full.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7039-1.html#t22
-> Two OSPF neighbors do not exchange any routing information – the only packets they exchange is Hello packets.
Question 34
Refer to exhibit. The loopback1 interface of the Atlanta router must reach the loopback3 interface of the Washington router. Which two static host routes
must be configured on the NEW York router? (Choose two)
Configured interfaces:
New York:
Atlanta: Washington:
S0/0/0: 2012::2/126
S0/0/0: 2012::1/126 S0/0/0: 2023::3/126
S0/0/1: 2023::2/126
Loopback1: 2000::1/128 Loopback3: 2000::3/128
Loopback2:2000::2/128
A. ipv6 route 2000::1/128 s0/0/1
B. ipv6 route 2000::3/128 2023::3
C. ipv6 route 2000::3/128 s0/0/0
D. ipv6 route 2000::1/128 2012::2
E. ipv6 route 2000::1/128 2012::1
Explanation
Therefore if we use the destination-IPv6-address, we have to specify the IPv6 address of the remote (next-hop) router, not the local IPv6 address. If we use the exit-
interface, we have to use the local exit-interface, not remote interface.
In this question, we have to suppose that all IPv6 addresses of Atlanta ends with .1 and Washington ends with .3
Please notice that this question asks about the command used on NEW York router so answer "ipv6 route 2000::1/128 2012::1" is used to reach Atlanta router while
answer "ipv6 route 2000::3/128 2023::3" is used to reach Washington router.
Question 35
Question 36
Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP primary router after it is reloaded?
https://www.9tut.com/composite-quiz 11/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
D. standby 10 preempt
Explanation
The “preempt” command enables the HSRP router with the highest priority to immediately become the active router.
Question 37
Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right.
Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.
Explanation
The command “show snmp group” displays the names of groups on the router and the security model, the status of the different views, and the storage type of each
group. Below is an example of this command.
The “show snmp engineID” displays the identification of the local SNMP engine and all remote engines that have been configured on the router. The following
example specifies 00000009020000000C025808 as the local engineID and 123456789ABCDEF000000000 as the remote engine ID, 171.69.37.61 as the IP address
of the remote engine (copy of SNMP) and 162 as the port from which the remote device is connected to the local device:
The “show snmp community” command display the SNMP community strings configured on the switch.
The “show snmp host” command displays details such as IP address of the Network Management System (NMS), notification type, SNMP version, and the port
number of the NMS. The following is sample output from the show snmp host command.
The “show snmp chassis” command displays the SNMP server serial number. The output is self-explanatory.
Router# show snmp chassis
01506199
Question 38
Which Cisco IOS command will indicate that interface GigabitEthernet 0/0 is configured via DHCP?
Question 39
Match the functions to the corresponding layers. (Not all options are used)
https://www.9tut.com/composite-quiz 12/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Please type the corresponding numbers of each item on the left to the blank below and arrange them ascendingly. For example: 135724 (which means 13
for first group, 57 for second group and 24 for the last group)
Explanation
A typical enterprise hierarchical LAN campus network design includes the following three layers:
+ Access layer: Provides workgroup/user access to the network
+ Distribution layer: Provides policy-based connectivity and controls the boundary between the access and core layers
+ Core layer: Provides fast transport between distribution switches within the enterprise campus
Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4
Question 40
Which of the following dynamic routing protocols are Distance Vector routing protocols? (Choose two)
A. OSPF
B. EIGRP
C. BGP
D. RIP
E. IS-IS
Question 41
A. GigabitEthernet0/1
B. GigabitEthernet0/2
C. Null0
D. GigabitEthernet0/3
Explanation
The best match for the destination host 192.168.0.55 is the last statement in the output. But the exit interface of this entry has been hidden so we have to figure it out.
We only know the next hop IP address is 10.0.12.2.
We see only Gi0/1 belongs to this subnet from the entry “C 10.0.12.0/24 is directly connected, GigabitEthernet0/1″ so the best answer is Gi0/1.
Question 42
https://www.9tut.com/composite-quiz 13/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Which signal frequency appears 60 times per minute?
A. 60 Hz signal
B. 1 GHz signal
C. 1 Hz signal
D. 60 GHz signal
Explanation
Frequency of 1 Hz implies to 1 complete vibration per second. This means, 60 complete vibrations in 60 second, or, in 1 minute.
Question 43
An engineer must configure the IPv6 address 2001:0db8:0000:0000:0700:0003:400F:572B on the serial0/0 interface of the HQ router and wants to
compress it for easier configuration. Which command must be issued on the router interface?
Question 44
What are two differences between WPA2 and WPA3 wireless security? (Choose two)
A. WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key encryption
B. WPA2 uses 128-bit key encryption, and WPA3 supports 128-bit and 192-bit key encryption
C. WPA3 uses AES for stronger protection than WPA2, which uses TKIP
D. WPA3 uses AES for stronger protection than WPA2, which uses SAE
E. WPA3 uses SAE for stronger protection than WPA2, which uses AES
Explanation
WPA3 provides improvements to the general Wi-Fi encryption, thanks to Simultaneous Authentication of Equals (SAE) replacing the Pre-Shared Key (PSK)
authentication method used in prior WPA versions -> Answer 'WPA3 uses AES for stronger protection than WPA2, which uses SAE' and answer 'WPA3 uses AES
for stronger protection than WPA2, which uses TKIP' are not correct.
Reference: https://www.networkworld.com/article/3316567/what-is-wpa3-wi-fi-security-protocol-strengthens-connections.html
Most WPA2 implementations use 128-bit AES encryption keys. In WPA3, longer key sizes – the equivalent of 192-bit security – are mandated only for WPA3-
Enterprise -> Answer 'WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key encryption' is not correct.
WPA3-Enterprise supports 128-bit Advanced Encryption Standard Counter Mode with Cipher Block Chaining Message Authentication (AES-CCMP 128) as the
minimum requirement. It also offers an optional mode using 192-bit encryption.
Question 45
Which two conditions must be met before SSH can operate normally on a Cisco IOS switch? (Choose two)
Question 46
When configuring IPv6 on an interface, which two IPv6 multicast groups are joined? (Choose two)
A. 2000::/3
B. FF02::2
C. FF02::1
D. FC00::/7
E. 2002::5
Explanation
When an interface is configured with IPv6 address, it automatically joins the all nodes (FF02::1) and solicited-node (FF02::1:FFxx:xxxx) multicast groups. The all-
node group is used to communicate with all interfaces on the local link, and the solicited-nodes multicast group is required for link-layer address resolution. Routers
also join a third multicast group, the all-routers group (FF02::2).
Question 47
Which two characteristics are representative of virtual machines (VMs)? (Choose two)
https://www.9tut.com/composite-quiz 14/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
B. multiple VMs operate on the same underlying hardware.
C. A VM on a hypervisor is automatically interconnected to other VMs.
D. Each VM runs independently of any other VM in the same hypervisor.
E. A VM on an individual hypervisor shares resources equally.
Question 48
How do TCP and UDP differ in the way that they establish a connection between two endpoints?
A. TCP uses the three-way handshake and UDP does not guarantee message delivery
B. UDP provides reliable message transfer and TCP is a connectionless protocol
C. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits
D. TCP uses synchronization packets, and UDP uses acknowledgment packets
Question 49
What are two benefits of using the PortFast feature? (Choose two)
Explanation
Question 50
A. The source and destination MAC addresses of the frame are the same
B. The frame has zero destination MAC addresses
C. The destination MAC address of the frame is unknown
D. The source MAC address of the frame is unknown
Explanation
If the destination MAC address is not in the CAM table (that is, unknown unicast), the switch sends the frame out all other ports that are in the same VLAN as the
received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.
Question 51
Local access for R4 must be established and these requirements must be met:
– Only Telnet access is allowed.
– The enable password must be stored securely.
– The enable password must be applied in plain text
– Full access to R4 must be permitted upon successful login
Option A Option B
! conf t
conf t !
! username test1 password testpass1
username test1 password testpass1 enable secret level 15 0 Test123
enable password level 1 7 Test123 !
! line vty 0 15
line vty 0 15 login local
transport input telnet
https://www.9tut.com/composite-quiz 15/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
accounting exec default
transport input all
Option C
Option D
!
!
config t
config t
!
!
username test1 password testpass1
username test1 password testpass1
enable secret level 1 0 Test123
enable password level 15 0 Test123
!
!
line vty 0 15
line vty 0 15
login authentication
password Test123
password Test123
transport input all
transport input telnet
A. Option A
B. Option B
C. Option C
D. Option D
Explanation
“Only Telnet access is allowed” -> Only Option B and Option C are correct.
In fact the “login authentication” command in Option C can only be used when AAA is enabled (with the command “aaa new-model”). And we cannot use the “login
authentication” without specifying an authentication list:
Therefore only option B is left. But in fact option B is not totally correct as “Full access to R4 must be permitted upon successful login” but in option B we have to
type the secret password to have full access to R4 after logging in (with username “test1” and password “testpass1”).
Question 52
Which technology must be implemented to configure network device monitoring with the highest security?
A. IP SLA
B. syslog
C. NetFlow
D. SNMPv3
Explanation
SNMPv3—The most up-to-date protocol focuses on security. SNMPv3 defines a security model, user-based security model (USM), and a view-based access control
model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message
payload.
Reference: https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/network-monitoring-by-using-snmp.html
Question 53
EIGRP: 192.168.12.0/24
RIP: 192.168.12.0/27
OSPF: 192.168.12.0/26
A. It selects the OSPF route because it has the lowest cost
B. It selects the EIGRP route because it has the lowest administrative distance
C. It selects the IS-IS route because it has the shortest prefix inclusive of the destination address
D. It selects the RIP route because it has the longest prefix inclusive of the destination address
Question 54
Which action does the router take as it forwards a packet through the network?
A. The router replaces the original source and destination MAC addresses with the sending router MAC address as the source and neighbor MAC
address as the destination
B. The router encapsulates the source and destination IP addresses with the sending router IP address as the source and the neighbor IP address
as the destination
C. The router replaces the source and destination labels with the sending router interface label as a source and the next hop router label as a destination
D. The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and transmit transparently to the
destination
https://www.9tut.com/composite-quiz 16/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Explanation
While transferring data through many different networks, the source and destination IP addresses are not changed. Only the source and destination MAC addresses
are changed.
Question 55
What role does a hypervisor provide for each virtual machine in server virtualization?
A. software-as-a-service
B. services as a hardware controller
C. control and distribution of physical resources
D. infrastructure-as-a-service
Explanation
Each virtual machine has its own set of virtual hardware (RAM, CPU, NIC) upon which an operating system and fully configured applications are loaded. The
operating system sees a consistent, normalized set of hardware regardless of the actual physical hardware components.
Question 56
A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2 GigabitEthernet1/1 interface. For the
configuration to be applied the engineer must compress the address 2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the
interface?
Question 57
Explanation
The 2.4 GHz band is subdivided into multiple channels each allotted 22 MHz bandwidth and separated from the next channel by 5 MHz.
-> A best practice for 802.11b/g/n WLANs requiring multiple APs is to use non-overlapping channels such as 1, 6, and 11.
https://www.9tut.com/composite-quiz 17/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
If you use channels that overlap, RF interference can occur.
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/aironet-340-series/8117-connectivity.html
If other Wi-Fi sources such as neighboring wireless access points are using the same wireless channel, this may cause intermittent connectivity issues.
Reference: https://arris.secure.force.com/consumers/articles/General_FAQs/SBG8300-Troubleshooting-Intermittent-Wi-Fi-Connections/?
l=en_US&fs=RelatedArticle
In this question, both Zone 3 & Zone 4 use Channel 11 so interference can occur.
Question 58
A network engineer is upgrading a small data center to host several new applications, including server backups that are expected to account for up to 90%
of the bandwidth during peak times. The data center connects to the MPLS network provider via a primary circuit and a secondary circuit. How does the
engineer inexpensively update the data center to avoid saturation of the primary circuit by traffic associated with the backups?
A. Advertise a more specific route for the backup traffic via the secondary circuit.
B. Assign traffic from the backup servers to a dedicated switch.
C. Configure a dedicated circuit for the backup traffic.
D. Place the backup servers in a dedicated VLAN.
Explanation
Answer 'Place the backup servers in a dedicated VLAN' is not correct as a dedicated VLAN does not affect how the traffic goes. It only helps separate Layer 2 traffic
at the data center side.
Answer 'Configure a dedicated circuit for the backup traffic' and answer 'Assign traffic from the backup servers to a dedicated switch' are not correct as using a
dedicated circuit and dedicated switch are expensive.
Only answer 'Advertise a more specific route for the backup traffic via the secondary circuit' is left and this solution is “inexpensive”. By routing a group of
customer to use the secondary circuit we can avoid saturation of the primary circuit during the peak times.
Question 59
Which IPv6 address range is suitable for anycast addresses for distributed services such DHCP or DNS?
A. FE80::1/10
B. FF00:1/12
C. 2001:db8:0234:ca3e::1/128
D. 2002:db84:3f37:ca98:be05:8/64
Explanation
FF00::/8 range is used for IPv6 multicast -> The first octet is FF (1111 1111) -> Answer 'FF00:1/12' is not correct.
The 2002::/16 prefix is used for 6to4, which requires the next 32 bits (after the 16 bit prefix) to be a global unicast IPv4 address -> Answer
'2002:db84:3f37:ca98:be05:8/64' is not correct.
Note: Anycast addresses are syntactically indistinguishable from unicast addresses, because anycast addresses are allocated from the unicast address space.
Assigning a unicast address to more than one interface makes a unicast address an anycast address. Nodes to which the anycast address is assigned must be explicitly
configured to recognize that the address is an anycast address.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/xe-3se/5700/ip6-anycast-add-xe.html
Question 60
Which channel-group mode must be configured when multiple distribution switch interfaces connected to a WLC are bundled?
Explanation
Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single
802.3ad port channel. This reduces the number of IP addresses required to configure the ports on your controller. When LAG is enabled, the system dynamically
manages port redundancy and load balances access points transparently to the user.
LAG requires the EtherChannel to be configured for ‘mode on’ on both the controller and the Catalyst switch.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-
4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_010100001.html
Question 61
https://www.9tut.com/composite-quiz 18/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
A. to determine the IP addresses of connected Cisco devices
B. to determine the hardware platform of the device
C. to allow a switch to discover the devices that are connected to its ports
D. all of the above
Question 62
A. full mesh
B. hub-and-spoke
C. router-on-a-stick
D. Point-to-point
Explanation
Full-mesh is a network topology in which there is a direct link between all pairs of nodes. Below is an example of full-mesh topology.
Question 63
A packet sourced from 10.10.10.32 is destined for the Internet. What is the administrative distance for the destination route?
A. 2
B. 1
C. 0
D. 32
Explanation
There is a trick in this question. It says the "source", not the destination of the packet is 10.10.10.32 but this information is not useful for finding the destination
route. This packet is destined for the Internet (with unknown destination) so it will match the default static route, which is the last entry "S* 0.0.0.0/0 [1/0] via
172.16.2.2". This entry has the Administrative Distance of 1.
Question 64
Explanation
VLAN Hopping: By altering the VLAN ID on packets encapsulated for trunking, an attacking device can send or receive packets on various VLANs, bypassing
Layer 3 security measures. VLAN hopping can be accomplished by switch spoofing or double tagging. One of a popular type of VLAN Hopping is
Double-Tagging attack:
https://www.9tut.com/composite-quiz 19/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and
the second matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed.
Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards
out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker. In other words, this attack is only successful if the
attacker belongs to the native VLAN of the trunk link. Another important point is, this attack is strictly one way as it is impossible to encapsulate the return packet.
To mitigate this type of attack, we can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic
to specific victims/servers); or implement Private VLANs; or keep the native VLAN of all trunk ports different from user VLANs.
Question 65
Question 66
R1 has learned route 10.10.10.0/24 via numerous routing protocols. Which route is installed?
Question 67
An engineer is configuring SSH version 2 exclusively on the R1 router. What is the minimum configuration required to permit remote management using
the cryptographic protocol?
Option A Option B
hostname R1 hostname R1
ip domain name cisco crypto key generate rsa general-keys modulus 1024
crypto key generate rsa general-keys modulus 1024 username cisco privilege 15 password 0 cisco123
username cisco privilege 15 password 0 cisco123 ip ssh version 2
ip ssh version 2 line vty 0 15
line vty 0 15 transport input all
transport input all login local
login local
Option C Option D
hostname R1 hostname R1
service password-encryption ip domain name cisco
crypto key generate rsa general-keys modulus 1024 crypto key generate rsa general-keys modulus 1024
username cisco privilege 15 password 0 cisco123 username cisco privilege 15 password 0 cisco123
ip ssh version 2 ip ssh version 2
line vty 0 15 line vty 0 15
transport input ssh transport input ssh
login local login local
A. Option A
B. Option B
C. Option C
D. Option D
Explanation
This question said “configuring SSH version 2 exclusively” so only SSHv2 should be configured to remote access to this router -> We must use the command
“transport input ssh”, not “transport input all” (which includes Telnet) -> Only Option C and Option D are correct.
We must create a domain-name too for SSH to work with the command “ip domain-name …” -> Only Option D is correct.
Note: There is a typo in this question in the command “ip domain name …”. It should be “ip domain-name …” instead.
Question 68
Refer to the exhibit. An engineer must add a subnet for a new office that will add 20 users to the network. Which IPv4 network and subnet mask
combination does the engineer assign to minimize wasting addresses?
https://www.9tut.com/composite-quiz 20/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
A. 10.10.225.32 255.255.255.224
B. 10.10.225.48 255.255.255.240
C. 10.10.225.32 255.255.255.240
D. 10.10.225.48 255.255.255.224
Explanation
We need a subnet with 20 users so we need 5 bits 0 in the subnet mask as 25 – 2 = 30 > 20. Therefore the subnet mask should be /27 (with last octet is 1110 0000 in
binary). The increment is 32 so the valid network address is 10.10.225.32.
Question 69
Which IP route command created the best path for a packet destined for 10.10.10.3?
Explanation
The static routes here were configured as "directly connected static routes" (only exit interfaces were configured, not the next-hop IP address) so we see the line "is
directly connected".
All four answers of this question were configured and generated the output as shown in the exhibit. This question asks which command created the best path for
packet destined to 10.10.10.3 so the correct one is answer "ip route 10.10.10.0 255.255.255.240 g0/0".
Question 70
A. Enterprise
B. Local
C. Client
D. Personal
Explanation
Both versions of Wi-Fi Protected Access (WPA/WPA2) can be implemented in either of two modes:
+ Personal or Pre-Shared Key (PSK) Mode: This mode is appropriate for most home networks—but not business networks. You define an encryption passphrase
on the wireless router and any other access points (APs). Then the passphrase must be entered by users when connecting to the Wi-Fi network.
Though this mode seems very easy to implement, it actually makes properly securing a business network nearly impossible. Unlike with the Enterprise mode,
wireless access can’t be individually or centrally managed. One passphrase applies to all users. If the global passphrase should need to be changed, it must be
manually changed on all the APs and computers. This would be a big headache when you need to change it; for instance, when an employee leaves the company or
when any computers are stolen or compromised. Unlike with the Enterprise mode, the encryption passphrase is stored on the computers. Therefore, anyone on the
computer—whether it be employees or thieves—can connect to the network and also recover the encryption passphrase.
Reference: https://www.ciscopress.com/articles/article.asp?p=1576225
Question 71
A. control plane
B. management plane
C. data plane
D. policy plane
Question 72
https://www.9tut.com/composite-quiz 21/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
A. to provide Layer 3 services to autonomous access points
B. to scan a network and generate a layer 2 network diagram
C. to secure physical access to a data center
D. to securely manage and deploy network devices
Question 73
An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?
Explanation
If you add a higher revision number switch to the network then all other switches in the current network will learn from the newly added one. And all current VLAN
databases will be overwritten.
Question 74
An engineer is configuring router R1 with an IPv6 static route for prefix 2019:C15C:0CAF:E001::/64. The next hop must be 2019:C15C:0CAF:E002::1
The route must be reachable via the R1 Gigabit 0/0 interface. Which command configures the designated route?
Question 75
Drag and drop the IPv6 address types from the left onto their description on the right.
Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.
Explanation
Answer:
Explanation
FF00::/8 range is used for IPv6 multicast -> The first octet is FF which indicates a multicast address.
Address that is automatically created on a link when IPv6 is enabled on an interface -> Link-local address in the range of FE80::/10
Address that is prohibited from routing to the Internet -> Site-local address (or Unique local address). They are analogous to IPv4’s private address classes. They
start with FC00::/7 (for used in private networks) -> The first octet can be FC or FD. However when you implement this you have to set the L-bit (the right-most bit
of the first octet) to 1 which means that the first two digits will be FD.
Question 76
Explanation
The following diagram illustrates the key difference between traffic policing and traffic shaping. Traffic policing propagates bursts. When the traffic rate reaches the
configured maximum rate (or committed information rate), excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests
and troughs. In contrast to policing, traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of
time. The result of traffic shaping is a smoothed packet output rate.
https://www.9tut.com/composite-quiz 22/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Note: Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the routing device.
Question 77
A network analyst is tasked with configured the date and time on a router using EXEC mode. The date must be set to 12:00am. Which command should be
used?
A. Clock timezone
B. Clock set
C. Clock summer-time-recurring
D. Clock summer-time date
Explanation
In this example, the clock time is set to 12:00 am with the clock date of January 1, 2020.
Question 78
Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR?
A. Router R3 will become the DR and router R2 will become the BDR.
B. Router R1 will become the DR and router R2 will become the BDR.
C. Router R3 will become the DR and router R1 will become the BDR.
D. Router R4 will become the DR and router R3 will become the BDR.
Explanation
After the new election, R3 and R1 have highest priority (of 2) so they will be elected DR and BDR. R3 will be elected DR because its has higher router ID (of
3.3.3.3).
Question 79
A. port security
B. STP
C. wrong cable type
D. shutdown command
https://www.9tut.com/composite-quiz 23/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Explanation
The “Status” of fa0/1 is “notconnect” so port security is not the issue or it would show the status of “err-disabled”.
“Shutdown” command is also not the issue as it would show “Administratively down” in the “Status” field of the “show ip interface brief” command.
With STP, even if the port is in “Block” (BLK) status but it is still in “up/up” state with the “show ip interface brief” command.
With wrong cable type, the port is in “down/down” state, same as there is no connected cable to the port.
Question 80
Which component controls and distributes physical resources for each virtual machine?
A. OS
B. hypervisor
C. CPU
D. physical enclosure
Explanation
The hypervisor abstracts and isolates the VMs and their programs from the underlying server hardware, enabling a more efficient use of physical resources, simpler
maintenance and operations, and reduced costs.
Reference: https://www.nutanix.com/info/hypervisor
Question 81
Shortly after SiteA was connected to SiteB over a new single-mode fiber path, users at SiteA report intermittent connectivity issues with applications hosted
at SiteB. What is the cause of the intermittent connectivity issue?
Explanation
The txload and rxload on both sites are 1/255 so the interfaces are not busy in transmitting and receiving traffic. But the reliability on SiteA is only 166/255 which
indicates input and output errors increase. Reliability is calculated by this formula: reliability = number of packets / number of total frames.
Question 82
What is the function of Cisco Advanced Malware protection for next-generation IPS?
Question 83
The service password-encryption command is entered on a router. What is the effect of this configuration?
https://www.9tut.com/composite-quiz 24/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Explanation
The service password-encryption command will encrypt all current and future passwords so any password existed in the configuration will be encrypted.
Note: With the “service password-encryption” command, administrators can still configure clear-text passwords but they will be encrypted in the configuration file.
So we cannot say “prevents network administrators from configuring clear-text passwords”.
Question 84
The router R1 is in the process of being configured. Routers R2 and R3 are configured correctly for the new environment. Which two commands must be
configured on R1 for PC1 to communicate to all PCs on the 10.10.10.0/24 network? (Choose two)
Question 85
An engineering team asks an implementer to configure syslog for warning conditions and error conditions. Which command does the implementer
configure to achieve the desired result?
A. logging trap 5
B. logging trap 3
C. logging trap 2
D. logging trap 4
Explanation
The highest level is level 0 (emergencies). The lowest level is level 7. If we configure syslog level 4 then it will send all the syslog messages from level 0 to 4.
Question 86
SW1#show etherchannel
Channel-group listing:
----------------------
Group: 2
--------
Group state = L2
Ports: 1 Maxports = 8
Port-channels: 1 Max Portchannels = 1
Protocol: PAGP
https://www.9tut.com/composite-quiz 25/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
A network engineer updates the existing configuration on interface fastethernet1/1 switch SW1. It must establish an EtherChannel by using the same group
designation with another vendor switch. Which configuration must be performed to complete the process?
A. interface port-channel 2
channel-group 2 mode desirable
B. interface fastethernet 1/1
channel-group 2 mode on
C. interface port-channel 2
channel-group 2 mode auto
D. interface fastethernet 1/1
channel-group 2 mode active
Question 87
Explanation
We don’t need to set high MTU between sites -> Answer 'It needs a high MTU between sites' is not correct.
We can use any connection types (broadcast, point-to-point…) between two devices -> Answer 'It must have point-to-point communication' is not correct.
We can use full-mesh topology with all routing protocols, not only BGP -> Answer 'It works only with BGP between sites' is not correct.
Question 88
interface GigabitEthernet0/1
ip address 192.168.1.2 255.255.255.0
ip access-group 2699 in
!
access-list 2699 deny icmp any 10.10.1.0 0.0.0.255 echo
access-list 2699 deny ip any 10.20.1.0 0.0.0.255
access-list 2699 permit ip any 10.10.1.0 0.0.0.255
access-list 2699 permit tcp any 10.20.1.0 0.0.0.127 eq 22
A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network.
Which command will accomplish this task?
Explanation
The operations team resides on 10.20.1.0/25 network which is a part of 10.20.1.0/24 network so we need to remove the “deny” statement of the 10.20.1.0/25
network to allow SSH.
Question 89
A network engineer started to configure port security on a new switch. These requirements must be met:
– MAC addresses must be learned dynamically.
– Log messages must be generated without disabling the interface when unwanted traffic is seen.
Which two commands must be configured to complete this task? (Choose two)
Explanation
https://www.9tut.com/composite-quiz 26/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
The requirement said MAC addresses must be learned dynamically so we cannot assign a specific MAC address or use the "sticky" keyword -> Answer "SW(config-
if)#switchport port-security mac-address 0010.7B84.45E6 "and answer "SW(config-if)#switchport port-security mac-address sticky" are not correct. Also the
requirement said "MAC addresses" in plural so we set the maximum to 2 -> Answer "SW(config-if)#switchport port-security maximum 2" is correct.
"Log messages must be generated without disabling the interface" -> use "restrict" keyword for violation, not "shutdown" keyword -> Answer "SW(config-
if)#switchport port-security violation restrict" is correct.
The “sticky” keyword does not mean the MAC addresses will be learned dynamically. It means the learned MAC addresses would be put into the running-config
only.
The question asks “MAC addresses must be learned dynamically” means we don’t configure static MAC learning only.
Note:
You can configure the interface for one of these violation modes, based on the action to be taken if a violation occurs:
+ Restrict – A port security violation restricts data, causes the SecurityViolation counter to increment, and causes an SNMP Notification to be generated.
+ Shutdown – A port security violation causes the interface to shut down immediately. When a secure port is in the error-disabled state, you can bring it out of this
state by entering the errdisable recovery cause psecure_violation global configuration command or you can manually reenable it by entering the shutdown and no
shut down interface configuration commands. This is the default mode.
Question 90
Which mode must be set for APs to communicate to a Wireless LAN Controller using the Control and Provisioning of Wireless Access Points (CAPWAP)
protocol?
A. lightweight
B. bridge
C. autonomous
D. route
Explanation
Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight
+ Autonomous: self-sufficient and standalone. Used for small wireless networks.
+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function. LAP and WLC communicate with each other via a logical
pair of CAPWAP tunnels.
Question 91
Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?
A. TACACS
B. RADIUS
C. CPU ACL
D. Flex ACL
Explanation
Whenever you want to control which devices can talk to the main CPU, a CPU ACL is used.
Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting or generated by the CPU.
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109669-secure-wlc.html
Question 92
interface g2/0/0
channel-group 1 mode active
interface g4/0/0
channel-group 1 mode active
interface Port-channel1
ip address 203.0.113.65 255.255.255.252
An engineer is configuring a Layer 3 port-channel interface with LACP. The configuration on the first device is complete, and it is verified that both
interfaces have registered the neighbor device in the CDP table. Which task on the neighbor device enables the new port channel to come up without
negotiating the channel?
Explanation
Our switch can see neighbor switch in the CDP table which means the interfaces of both ends have been turned on (with no shutdown command) -> Answer "Bring
up the neighboring interfaces using the no shutdown command" is not correct.
Our switch is using LACP (active/passive mode) so we cannot use PAgP (auto/desirable mode) on the neighboring interface -> Answer "Change the EtherChannel
mode on the neighboring interfaces to auto" is not correct.
https://www.9tut.com/composite-quiz 27/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
The error is at Layer 2 ("changed state to down") so it is not about "configuring the IP address" of the neighboring device which is at Layer 3 -> Answer "Configure
the IP address of the neighboring device" is not correct.
Therefore only answer "Modify the static EtherChannel configuration of the device to passive mode" is left. We have to change the Etherchannel mode of
neighboring device from static to passive for LACP.
Question 93
Refer to the exhibit. After the switch configuration the ping test fails between PC A and PC B. Based on the output for switch 1, which error must be
corrected?
Switch 1 Switch 2
Name: Gi0/1 Name: Gi0/1
Switchport: Enabled Switchport: Enabled
Administrative Mode: trunk Administrative Mode: trunk
Operational Mode: trunk Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off Negotiation of Trunking: Off
Access Mode VLAN: 1 (default) Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default) Trunking Native Mode VLAN: 99 (default)
Administrative Native VLAN tagging: enabled Administrative Native VLAN tagging: enabled
Voice VLAN: none Voice VLAN: none
<output omitted> <output omitted>
Trunking VLANs Enabled: 50-100 Trunking VLANs Enabled: 50-100
Pruning VLANs Enabled: 2-1001 Pruning VLANs Enabled: 2-1001
Capture Mode Disabled Capture Mode Disabled
Capture VLANs Allowed: ALL Capture VLANs Allowed: ALL
A. All VLANs are not enabled on the trunk
B. There is a native VLAN mismatch
C. Access mode is configured on the switch ports.
D. The PCs are in the incorrect VLAN
Explanation
From the output we see the native VLAN of Switch1 on Gi0/1 interface is VLAN 1 while that of Switch2 is VLAN 99 so there would be a native VLAN mismatch.
Question 94
A. ingress traffic
B. egress traffic
C. DTP
D. VTP
Explanation
The MAC addresses in the CAM table are the source MAC addresses only. Therefore it only learns MAC address from ingress traffic.
Question 95
Drag and drop the characteristics of device-management technologies from the left onto the corresponding deployment types on the right.
https://www.9tut.com/composite-quiz 28/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example: 136245 (which means
136 for first group, 245 for second group).
Please type your answer here: 124 (correct answer: 135246)
Question 96
Router1#show ip route
Gateway of last resort is 10.10.11.2 to network 0.0.0.0
209.165.200.0/27 is subnetted, 1 subnets
B 209.165.200.224 [20/0] via 10.10.12.2,03:32:14
209.165.201.0/27 is subnetted, 1 subnets
B 209.165.201.0 [20/0] via 10.10.12.2,02:26:53
209.165.202.0/27 is subnetted, 1 subnets
B 209.165.202.128 [20/0] via 10.10.12.2,02:46:03
10.0.0.0/8 is variably subnetted, 10 subnets, 4 masks
C 10.10.10.0/28 is directly connected, GigabitEthernet0/0
C 10.10.11.0/30 is directly connected, FastEthernet2/0
C 10.10.12.0/30 is directly connected, GigabitEthernet0/1
O 10.10.13.0/25 [110/2] via 10.10.10.1, 00:00:04, GigabitEthernet0/0
O 10.10.13.128/28 [110/2] via 10.10.10.1, 00:00:12, GigabitEthernet0/0
O 10.10.13.144/28 [110/2] via 10.10.10.1, 00:01:57, GigabitEthernet0/0
O 10.10.13.160/29 [110/2] via 10.10.10.1, 00:00:12, GigabitEthernet0/0
O 10.10.13.208/29 [110/2] via 10.10.10.1, 00:01:57, GigabitEthernet0/0
O 10.10.13.252/30 [110/2] via 10.10.10.1, 00:01:57, GigabitEthernet0/0
S* 0.0.0.0/0 [1/0] via 10.10.11.2
Drag and drop the subnet masks from the left onto the corresponding subnets on the right. Not all subnet masks are used.
Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. Also please match the unused subnet mask
with "unused" box.
10.10.13.0 255.255.255.128
(unused) 255.255.255.248
10.10.13.128
10.10.13.160 255.255.255.252
10.10.13.252 255.255.255.240
Question 97
A Cisco engineer notices that two OSPF neighbors are connected using a crossover Ethernet cable. The neighbors are taking too long to become fully
adjacent. Which command must be issued under the interface configuration on each router to reduce the time required for the adjacency to reach the
FULL state?
Explanation
OSPF detects neighbors by means of Hello packets. Maybe the reason for “The neighbors are taking too long to become fully adjacent” is hello packets are not sent
frequently.
With OSPF priority of 0, the OSPF router becomes ineligible for being the DR/BDR on that segment so they cannot reach the FULL state. They will be in
DROTHER state -> Answer 'ip ospf priority 0 ' is not correct.
Changing the Dead Interval does not automatically change the Hello Interval -> Answer 'ip ospf dead-interval 40 ' is not correct.
Set the network type to “point-to-point”, the OSPF routers will not elect DR/BDR -> Answer 'ip ospf network point-to-point'
Question 98
https://www.9tut.com/composite-quiz 29/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
What is a DHCP client?
A. a workstation that requests a domain name associated with its IP address
B. a server that dynamically assigns IP addresses to hosts
C. a host that is configured to request an IP address automatically
D. a router that statically assigns IP addresses to hosts
Question 99
Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites. Which two tasks must be
performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two)
Configured interfaces:
New York:
Atlanta: Washington:
S0/0/0: 2012::2/126
S0/0/0: 2012::1/126 S0/0/0: 2023::3/126
S0/0/1: 2023::2/126
Loopback1: 2000::1/128 Loopback3: 2000::3/128
Loopback2:2000::2/128
A. Configure the ipv6 route 2023::/126 2012::1 command on the Atlanta router
B. Configure the ipv6 route 2023::/126 2012::2 command on the Atlanta router
C. Configure the ipv6 route 2012::/126 2023::1 command on the Washington router
D. Configure the ipv6 route 2012::/126 2023:2 command on the Washington router
E. Configure the ipv6 route 2012::/126 s0/0/0 command on the Atlanta router
Explanation
Question 100
Which benefit does Cisco DNA Center provide over traditional campus management?
A. Cisco DNA Center automates SSH access for encrypted entry, and SSH is absent from traditional campus management.
B. Cisco DNA Center leverages APIs, and traditional campus management requires manual data gathering.
C. Cisco DNA Center automates HTTPS for secure web access, and traditional campus management uses HTTP.
D. Cisco DNA Center leverages SNMPv3 for encrypted management, and traditional campus management uses SNMPv2.
Question 101
An engineer has started to configure replacement switch SW1. To verify part of the configuration, the engineer issued the commands as shown and noticed
that the entry for PC2 is missing. Which change must be applied to SW1 so that PC1 and PC2 communicate normally?
A. SW1(config-if)#interface fa0/2
SW1(config-if)#no switchport mode trunk
SW1(config-if)#no switchport trunk allowed vlan 3
SW1(config-if)#switchport mode access
https://www.9tut.com/composite-quiz 30/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
B. SW1(config)#interface fa0/2
SW1(config-if)#no switchport access vlan 2
SW1(config-if)#no switchport trunk allowed vlan 3
SW1 (config-if)#switchport trunk allowed vlan 2
C. SW1(config)#interface fa0/1
SW1(config-if)#no switchport access vlan 2
SW1(config-if)#switchport access vlan 3
SW1(config-if)#switchport trunk allowed vlan 2
D. SW1(config)#interface fa0/1
SW1(config-if)#no switchport access vlan 2
SW1(config-if)#switchport trunk native vlan 2
SW1(config-if)#switchport trunk allowed vlan 3
Question 102
Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?
A. Silver
B. Bronze
C. Gold
D. Platinum
Explanation
Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-
4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_01010111.html
1. ahmed
May 16th, 2020
tnk you
2. JC
May 24th, 2020
Hi, in the question about Drag and drop the networking parameters from the left on to the correct values on the right with connection oriented and connection
less, I put as a connection oriented SMTP, SSH and FTP and connectionless SNMP, VoIP and TFTP, I think its the correct answer but you put as I failed, could
you check it please?
3. op
May 27th, 2020
Hi,
Question 63
Drag and drop the networking parameters from the left on to the correct values on the right.
Connection_Oriented_Connectionless.jpg
Please type the corresponding numbers of each item on the left to the blank below and arrange them ascendingly. For example: 136245 (which means 136 for
first group, 245 for second group)
4. 9tut
May 27th, 2020
@op, @JC: Thanks for your detection, there was an error with Q.63. We have just updated it so please try again!
5. op
May 28th, 2020
Question 50
Drag and drop the application protocols from the left onto the suitable transport protocols on the right.
TCP_UDP_Protocols_2.jpg
Please type the corresponding numbers of each item on the left to the blank below and arrange them ascendingly. For example: 136245 (which means 136 for
first group, 245 for second group)
6. op
May 28th, 2020
https://www.9tut.com/composite-quiz 31/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
7. 9tut
May 28th, 2020
8. op
May 28th, 2020
Thanks.
9. op
June 1st, 2020
Question 72
Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface FastEthernet 0/1?
10. 9tut
June 1st, 2020
@op: We have just updated this question. Answer “C. router” is correct.
11. op
June 1st, 2020
12. op
June 3rd, 2020
Question 82
Refer to the exhibit. What configuration on R1 denies SSH access from PC-1 to any R1 interface and allows all other traffic?
access_list_ssh.jpg
Is this correct?
13. Pawel
June 3rd, 2020
@9tut
There is something wrong with 102q test – I had only 1 mistake but score was only 93% – some of the correct answers doesn’t count or something. (I think the
new ones because I didn’t had any problem before update)
14. JH
June 5th, 2020
15. TheMattMeister
June 6th, 2020
Hey all,
just passed exam with a 963/1000! if you can knock out the 102 composite quiz with an A several times (i think i ended up running through it 10 times), i’m
sure you can pass this test. With the exception of a few questions that i’ve either just seen less or were just new, the test is identical.
good luck!
https://www.9tut.com/composite-quiz 32/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
16. Mah
June 6th, 2020
Hi @9tut,
Im sorry to ask, can you kindly explain Q13 I think the answer is 10.4.4.4 which is C Please?
17. 9tut
June 7th, 2020
@Mah: Could you please post that question here as the questions in the Composite Quizzes are shuffled each time you take the quiz?
Comments are closed.
Composite Quiz 20 Questions CCNAv7 (2020) – New Questions Part 2 Question 38 to 43
Logout
CCNA 200-301
Basic Questions
Topology Architecture Questions
Cloud & Virtualization Questions
CDP & LLDP Questions
Switch Questions
VLAN & Trunking Questions
VLAN & Trunking Questions 2
STP & VTP Questions
EtherChannel Questions
TCP & UDP Questions
IP Address & Subnetting Questions
IP Routing Questions
IP Routing Questions 2
OSPF Questions
OSPF Questions 2
EIGRP Questions
NAT Questions
NTP Questions
Syslog Questions
HSRP Questions
Access-list Questions
AAA Questions
Security Questions
Security Questions 2
DAI Questions
IPv6 Questions
DNS Questions
QoS Questions
Port Security Questions
Wireless Questions
Wireless Questions 2
SDN Questions
DNA Center Questions
Drag Drop Questions
Drag Drop Questions 2
Drag Drop Questions 3
VPN Questions
DHCP Questions
Automation Questions
https://www.9tut.com/composite-quiz 33/34
05/08/2023 12:02 CCNA Training » Composite Quiz 102 Questions
Miscellaneous Questions
CCNA FAQs & Tips
Share your CCNA Experience
CCNA Self-Study
Practice CCNA GNS3 Labs
CCNA Knowledge
CCNA Lab Challenges
Puppet Tutorial
Chef Tutorial
Ansible Tutorial
JSON Tutorial
Layer 2 Threats and Security Features
AAA TACACS+ and RADIUS Tutorial
STP Root Port Election Tutorial
GRE Tunnel Tutorial
Basic MPLS Tutorial
TCP and UDP Tutorial
Border Gateway Protocol BGP Tutorial
Point to Point Protocol (PPP) Tutorial
WAN Tutorial
DHCP Tutorial
Simple Network Management Protocol SNMP Tutorial
Syslog Tutorial
Gateway Load Balancing Protocol GLBP Tutorial
EtherChannel Tutorial
Hot Standby Router Protocol HSRP Tutorial
InterVLAN Routing Tutorial
Cisco Command Line Interface CLI
Cisco Router Boot Sequence Tutorial
OSI Model Tutorial
Subnetting Tutorial – Subnetting Made Easy
Frame Relay Tutorial
Wireless Tutorial
Virtual Local Area Network VLAN Tutorial
VLAN Trunking Protocol VTP Tutorial
IPv6 Tutorial
Rapid Spanning Tree Protocol RSTP Tutorial
Spanning Tree Protocol STP Tutorial
Network Address Translation NAT Tutorial
Access List Tutorial
RIP Tutorial
EIGRP Tutorial
OSPF Tutorial
Network Resources
Free Router Simulators
CCNA Website
ENCOR Website
ENSDWI Website
ENARSI Website
DevNet Website
CCIE R&S Website
Security Website
Wireless Website
Design Website
Data Center Website
Service Provider Website
Collaboration Website
Top
https://www.9tut.com/composite-quiz 34/34