CCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020

CCNA-200-125-Exam-Dump-300Q-Lite-version-from-ITExamAnswers.
net
Number: 314
Passing Score: 800
Time Limit: 120 min
File Version: 1.8
LITE VERSION 300Q

Compiled by ITExamAnswers.net
February 19, 2020 | Fixed some answers
9 Feb 2020 - Fix some answers
28 Jan 2020 - Added new questions
------------------- ITExamAnswers.Net --------------------
ITExamAnswers.net
Multiple Choice
QUESTION 1
Which two technologies can combine multiple physical switches into one logical switch? (Choose two.)
A. GLBP
B. HSRP
C. VRRP
D. VSS
E. StackWise
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. Which two statements about router R1 are true?
ITExamAnswers.net
A. At least three IGP routing protocols are running on the router
B. At least two IGP routing protocols are running on the router
C. The router has two EIGRP neighbors and one OSPF neighbor
D. The router has an OSPF Area 0 adjacency with the device at 10.82.4.42
E. The router is learning external OSPF and EIGRP routes
Correct Answer: BE
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 3
Which plane handles switching traffic through a Cisco router?
A. data
B. performance
C. control
D. management
Correct Answer: A
Section: (none)
Explanation
QUESTION 4
Which command must you enter to enable OSPFV2 in an IPV4 network?
A. ip ospf hello-interval seconds

B. router ospfv2 process-id
C. router ospf value
D. router ospf process-id
Correct Answer: D
Section: (none)
Explanation
QUESTION 5
Which command should you enter to configure a single port to bypass the spanning-tree Forward and Delay
timers?
A. spanning-tree portfast bpdufilter default

B. spanning-tree portfast
C. spanning-tree portfast default
D. spanning-tree portfast bpduguard default
Correct Answer: B
Section: (none)
Explanation
QUESTION 6
Which two options are fields in an Ethernet frame?(choose two)
A. frame check sequence

B. header
C. source IP address
D. destination IP address
E. type
ITExamAnswers.net
Correct Answer: AE
Section: (none)
Explanation
At the end of each frame there is a Frame Check Sequence (FCS) field. FCS can be analyzed to determine if
errors have occurred. FCS uses cyclic redundancy check (CRC) algorithm to detect errors in the transmitted
frames. Before sending data, the sending host generates a CRC based on the header and data of that frame.
When this frame arrives, the receiving host uses the same algorithm to generate its own CRC and compare
them. If they do not match then a CRC error will occur.
The “Type/Length” field is used to indicate the “Type”of the payload (Layer 3 protocol) Which is indicated as a
Hexadecimal value.
Note: Ethernet II uses “Type” while the old Ethernet version use “Length”
QUESTION 7
Which two tasks can help you gather relevant facts when you troubleshoot a network problem? (Choose two.)
A. Collect technical data from network management system and logging servers
B. Ask question of the users who are effected by the problem
C. Eliminate known issues first
D. Define the problem in temrs of symtoms and causes
E. Change one setting or component and then analyze the result
Correct Answer: AB
Section: (none)
Explanation
QUESTION 8
Which command should you use to display detailed information about EBGP peers?
A. show ip bgp paths

B. show ip bgp neighbors
C. show ip bgp
D. show ip bgp summary
Correct Answer: D
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 9
Which are two common types of copper cable? (Choose two)
A. Unshielded twisted pair

B. Single-mode
C. OM4
D. Shieled twisted pair
E. Multimode
Correct Answer: AD
Section: (none)
Explanation
QUESTION 10
Which port status does the interface enter when UDLD detects a unidirectional link?
A. Errdisable
B. Down/down
C. Up/up
D. Shutdown
Correct Answer: A
Section: (none)
Explanation
QUESTION 11
Refer to the exhibit. How will switch SW2 handle traffic from VLAN 10 on SW1?
A. It drops the traffic
ITExamAnswers.net
B. It sends the traffic to VLAN 10
C. It sends the traffic to VLAN 1
D. It sends the traffic to VLAN 100
Correct Answer: D
Section: (none)
Explanation
QUESTION 12
Which VLAN ID is associated with the native VLAN?
A. VLAN 1
B. VLAN 5
C. VLAN 10
D. VLAN 20
Correct Answer: A
Section: (none)
Explanation
QUESTION 13
Which type of frame is larger than 9000 bytes?
A. Baby giant
B. Runt
C. Giant
D. Jumbo
Correct Answer: D
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 14
Which command should you enter to configure an LLDP delay of 5 seconds?
A. lldp reinit 5
B. lldp reinit 5000
C. lldp holdtime 5
D. lldp timer 5000
Correct Answer: A
Section: (none)
Explanation
QUESTION 15
Which command must you use to test DNS connectivity?
A. Show interfaces
B. Show hosts
C. Ipconfig
D. telnet
Correct Answer: D
Section: (none)
Explanation
QUESTION 16
Which effect does the switchport trunk native vlan 10 command have?
A. It configures the interface as a trunk port

B. It sets VLAN 10 as the native VLAN on the trunk
C. It prevents traffic on VLAN 1 from passing on the trunk
D. It allows traffic from native VLAN 10 on the trunk
Correct Answer: B
Section: (none)
Explanation
QUESTION 17
Which two TCP messages use a 32-bit number as part of the initial TCP handshake? (Choose two.)
A. ACK
ITExamAnswers.net
B. RST
C. SYN
D. SYN-ACK
E. FIN
Correct Answer: AC
Section: (none)
Explanation
QUESTION 18
How does a Cisco IP phone handle untagged traffic that it receives from an attached PC?
A. It allows the traffic to pass through unchanged

B. It tags the traffic with the native VLAN
C. It tags the traffic with the default VLAN
D. It tags the traffic with the default VLAN
Correct Answer: A
Section: (none)
Explanation
QUESTION 19
Which feature or protocol determines whether the QoS on the network is sufficient to support IP services?
A. LLDP
B. IP SLA
C. CDP
D. EEM
Correct Answer: B
Section: (none)
Explanation
QUESTION 20
Which feature or protocol must you enable so that the output of the show interface trunk command include
information about native VLAN mismatch?
A. CDP
B. RSTP
C. DTP
D. PortFast
Correct Answer: A
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 21
Which two types of NAT addresses are used in a Cisco NAT device? (Choose two.)
A. inside local
B. inside global
C. inside private
D. outside private
E. external global
F. external local
Correct Answer: AB
Section: (none)
Explanation
NAT use four types of addresses:
* Inside local address – The IP address assigned to a host on the inside network. The address is usually not an
IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is
likely to be an RFC 1918 private address.
* Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents
one or more inside local IP addresses to the outside world.
* Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
* Outside global address – The IP address assigned to a host on the outside network. The owner of the host
assigns this address.
QUESTION 22
Refer to the exhibit. What is the effect of the configuration?
ITExamAnswers.net
A. Traffic from PC A is dropped when it uses the trunk to communicate with PC B
B. Traffic from PC A is sent untagged when it uses the trunk to communicate with PC B
C. Traffic from PC B is dropped when it uses the trunk to communicate with PC A
D. Traffic from PC B is sent untagged when it uses the trunk to communicate with PCA
Correct Answer: C
Section: (none)
Explanation
QUESTION 23
Which task should you perform before you use the APIC-EM Path Trace tool to perform ACL analysis?
A. Verify that DNS is configured on the controller

B. Execute a standard traceroute to the destination
C. Verify that the devices of interest are included in the device inventory
D. Configure the IP address from which to generate the trace
Correct Answer: C
Section: (none)
Explanation
QUESTION 24
Which protocols does the internet layer in the TCP/IP model encapsulate? (Choose two.)
A. TCP
B. ICMP
ITExamAnswers.net
C. DNS
D. ARP
E. SMTP
Correct Answer: BD
Section: (none)
Explanation
QUESTION 25
Which two pins does an RJ-45 connector use to transmit data? (Choose two.)
A. 1
B. 2
C. 3
D. 4
E. 6
Correct Answer: AB
Section: (none)
Explanation
QUESTION 26
Which IOS troubleshooting tool should you use to direct system messages to your screen?
A. Log events
B. APIC-EM
C. Terminal monitor
D. Local SPAN
Correct Answer: C
Section: (none)
Explanation
QUESTION 27
Which two VLAN IDs indicate a default VLAN? (Choose two.)
A. 0
B. 1
C. 1005
D. 1006
E. 4096
Correct Answer: BC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 28
You notice that packets that are sent from a local host to a well-known service on TCP port 80 of a remote host
are sometimes lost. You suspect an ACL issue. Which two APIC-EM Path Trace ACL-analysis options should
you use to troubleshoot the problem? (Choose two.)
A. Destination port
B. Debug
C. Performance Protocol
D. QoS
E. Protocol
Correct Answer: AE
Section: (none)
Explanation
QUESTION 29
Refer to the exhibit. When PC1 sends a packet to PC2, the packet has which source and destination IP
addresses when it arrives at interface Gi0/0 on router R2?
A. Source 192.168.20.10 and destination 192.168.20.1

B. Source 192.168.10.10 and destination 192.168.20.10
C. Source 10.10.1.1 and destination 10.10.2.2
D. Source 192.168.10.10 and destination 10.10.10.2
Correct Answer: B
Section: (none)
Explanation
QUESTION 30
ITExamAnswers.net
According to security best practices, which two actions must you take to protect an unused switch port?
(Choose two.)
A. Configure the port as an access port on a VLAN other than VLAN 1

B. Configure the port as a trunk port
C. Enable CDP
D. Configure the port to automatically come online
E. Administratively shut down the port
Correct Answer: AE
Section: (none)
Explanation
QUESTION 31
Which two statements correctly describe distance-vector routing protocols? ( Choose two.)
A. they specify the next hop toward the destination subnet

B. they require quick network convergence to support normal operations
C. they generate a complete topology of the network
D. they update other devices on the network when one device detects a topology change
E. they use variety of metrics to identify the distance to a destination network
Correct Answer: AD
Section: (none)
Explanation
QUESTION 32
In which three ways is an IPv6 header simpler than an IPv4 header? (Choose three)
A. Unlike IPv4 headers, IPv6 headers have a fixed length.

B. IPv6 uses an extension header instead of the IPv4 Fragmentation field.
C. IPv6 headers eliminate the IPv4 Checksum field.
D. IPv6 headers use the Fragment Offset field in place of the IPv4 Fragmentation field.
E. IPv6 headers use a smaller Option field size than IPv4 headers.
F. IPv6 headers use a 4-bit TTL field, and IPv4 headers use an 8-bit TTL field.
Correct Answer: ABC

Section: (none)
Explanation
The IPv4 and IPv6 headers are shown below for your comparison:
ITExamAnswers.net
IPv6 eliminates the Header Checksum field, which handles error checking in IPv4. IPv6 depends on reliable
transmission in the data link protocols and on error checking in upper-layer protocols instead -> Answer C is
correct.
While IPv4 header’s total length comprises a minimum of 20 octets (8 bits per octet), IPv6 header has only 8
fields with a fixed length of 40 octets -> Answer A is correct.
IPv4 header does not have a fixed length because of the Options fields. This field is used to convey additional
information on the packet or on the way it should be processed. Routers, unless instructed otherwise, must
process the Options in the IPv4 header. The processing of most header options pushes the packet into the
slow path leading to a forwarding performance hit.
IPv4 Options perform a very important role in the IP protocol operation therefore the capability had to be
preserved in IPv6. However, the impact of IPv4 Options on performance was taken into consideration in the
development of IPv6. The functionality of Options is removed from the main header and implemented through a
set of additional headers called extension headers. The “Next Header” field in IPv6 can be used to point to the
extension headers.
ITExamAnswers.net
Reference: http://www.cisco.com/en/US/technologies/tk648/tk872/
technologies_white_paper0900aecd8054d37d.html
QUESTION 33
Which two statements about exterior routing protocols are true? (Choose two.)
A. BGP is the current standard exterior routing protocol

B. Most modern networking supports both EGP and BGP for external routing
C. Most modern networking supports both EGP and EIGRP for external routing
D. They determine the optimal path between autonomous systems
E. They determine the optimal path within an autonomous system
Correct Answer: AD
Section: (none)
Explanation
QUESTION 34
Which two actions must you take to correctly configure PPPoE on a client? (Choose two.)
A. Create a BBA group and link it to the dialer interface

B. Define a dialer interface
C. Define a virtual template interface
D. Create a dialer pool and bind it to the physical interface
E. Create a dialer pool and bind it to the virtual template
Correct Answer: BE
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/xe-3s/bba-xe-3s-book/bba-
ITExamAnswers.net
pppoe-client-xe.html
QUESTION 35
Which two statements about MPLS are true? (Choose two)
A. It provides automatic authentication

B. It can carry multiple protocols, including IPv4 and IPv6
C. It encapsulates all traffic in an IPv4 header
D. It uses labels to separate and foward customer traffic
E. It tags customer traffic using 802.1q
Correct Answer: BD
Section: (none)
Explanation
MPLS supports IPv4, IPv6, IPX, AppleTalk at the network layer. MPLS supports Ethernet, Token Ring, FDDI,
ATM, FR, PPP at the link layer.
MPLS uses label switching to forward packets over Ethernet. Labels are assigned to packets based on
groupings or forwarding equivalence classes (FECs). The label is added between the Layer 2 and the Layer 3
header.
QUESTION 36
Frame flooding can occur in which circumstance?
A. The destination IP address is missing from the route table

B. The source IP address is missing from the route table
C. The destination MAC address is missing from the CAM table
D. The source MAC address is missing from the CAM table
Correct Answer: C
Section: (none)
Explanation
QUESTION 37
Which three circumstances can cause a GRE tunnel to be in an up/down state? (Choose three.)
A. The tunnel interface IP address is misconfigured.

B. The tunnel interface is down.
C. A valid route to the destination address is missing from the routing table.
D. The tunnel address is routed through the tunnel itself.
E. The ISP is blocking the traffic.
F. An ACL is blocking the outbound traffic.
Correct Answer: BCD

Section: (none)
Explanation
QUESTION 38
ITExamAnswers.net
Which command should you enter to view the error log in an EIGRP for Ipv6 enviroment?
A. Show ipv6 eigrp neighbors

B. Show ipv6 eigrp traffic
C. Show ipv6 eigrp topology
D. Show ipv6 eigrp events
Correct Answer: D
Section: (none)
Explanation
QUESTION 39
Which add prefix does OSPFv3 use when multiple IPv6 address are configured on a single interface?
A. all prefix on the interface

B. the prefix that the administrator configure for OSPFv3 use
C. the lowest prefix on the interface
D. the highest prefix on the interface
Correct Answer: A
Section: (none)
Explanation
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-
routeospfv3.html#GUID-05F3F09C-FE3E-41D6-9845-111FB17AD030 “In IPv6, you can configure many
address prefixes on an interface. In OSPFv3, all address prefixes on an interface are included by default. You
cannot select some address prefixes to be imported into OSPFv3; either all address prefixes on an interface
are imported, or no address prefixes on an interface are imported.”
QUESTION 40
Which function does traffic shaping perform?
A. It buffers and queues excess packets

B. It buffers traffic without queuing it
C. It queues traffic without buffering it
D. It drops packets to control the output rate
Correct Answer: A
Section: (none)
Explanation
The following diagram illustrates the key difference between traffic policing and traffic shaping. Traffic policing
propagates bursts. When the traffic rate reaches the configured maximum rate (or committed information rate),
excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests and
troughs. In contrast to policing, traffic shaping retains excess packets in a queue and then schedules the
excess for later transmission over increments of time. The result of traffic shaping is a smoothed packet output
rate.
ITExamAnswers.net
QUESTION 41
Which two statements about RFC 1918 addresses are true? (Choose two.)
A. They require Network Address Translation or Port Address Translation to access the Internet.
B. They have reserved address space for Class A and Class B networks only.
C. They must be registered.
D. They provide security to end users when the users access the Internet.
E. They increase network performance.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 42
Which command can you use to test whether a switch supports secure connections and strong authentication?
A. Router#ssh –v 1 –l admin 10.1.1.1

B. Switch>ssh –v 1 –l admin 10.1.1.1
C. Switch#ssh –l admin 10.1.1.1
D. Router>ssh –v 2 –l admin10.1.1.1
Correct Answer: D
Section: (none)
Explanation
QUESTION 43
Which feature or protocol is required for an IP SLA to measure UDP jitter?
A. CDP
ITExamAnswers.net
B. LLDP
C. EEM
D. NTP
Correct Answer: D
Section: (none)
Explanation
QUESTION 44
Refer to the exhibit. If all routers on this network run RIPv2, Which two configurations can you apply to router
R3 to produce this routing table? (Choose two.)
A. router rip version 2

network 192.168.4.0
network 192.168.23.0
B. router rip version 2
network 192.168.3.0
network 192.168.4.0
network 192.168.23.0
passive-interface default
C. router rip version 2
network 192.168.3.0
network 192.168.4.0
D. router rip version 2
network 192.168.3.0
network 192.168.4.0
network 192.168.23.0
E. router rip version 2network 192.168.3.0
network 192.168.23.0
ITExamAnswers.net
passive-interface default
Correct Answer: DE
Section: (none)
Explanation
QUESTION 45
Refer to the exhibit. The network administrator must establish a route by which London workstations can
forward traffic to the Manchester workstations. What is the simplest way to accomplish this?
A. Configure a dynamic routing protocol on London to advertise all routes to Manchester.

B. Configure a dynamic routing protocol on London to advertise summarized routes to Manchester.
C. Configure a dynamic routing protocol on Manchester to advertise a default route to the London router.
D. Configure a static default route on London with a next hop of 10.1.1.1.
E. Configure a static route on London to direct all traffic destined for 172.16.0.0/22 to 10.1.1.2.
F. Configure Manchester to advertise a static default route to London.
Correct Answer: E
Section: (none)
Explanation
This static route will allow for communication to the Manchester workstations and it is better to use this more
specific route than a default route as traffic destined to the Internet will then not go out the London Internet
connection.
QUESTION 46
Which two statements about static routing are true? (Choose two.)
A. It provides only limited security unless the administrator performs additional configuration
ITExamAnswers.net
B. It allows packets to transit a different path if the topology changes
C. Its initial implementation is more complex than OSPF
D. Its default administrative distance is lower than EIGRP
E. It allows the administrator to determine the entire path of a packet
Correct Answer: DE
Section: (none)
Explanation
QUESTION 47
Which three options are types of Layer 2 network attack? (Choose three)
A. Spoofing attacks
B. Vlan Hopping
C. botnet attacks
D. DDOS attacks
E. ARP Attacks
F. Brute force attacks
Correct Answer: ABE

Section: (none)
Explanation
(DHCP) Spoofing attack is a type of attack in that the attacker listens for DHCP Requests from clients and
answers them with fake DHCP Response before the authorized DHCP Response comes to the clients. The
fake DHCP Response often gives its IP address as the client default gateway -> all the traffic sent from the
client will go through the attacker computer, the attacker becomes a “man-in-the-middle”.
The attacker can have some ways to make sure its fake DHCP Response arrives first. In fact, if the attacker is
“closer” than the DHCP Server then he doesn’t need to do anything. Or he can DoS the DHCP Server so that it
can’t send the DHCP Response.
VLAN Hopping: By altering the VLAN ID on packets encapsulated for trunking, an attacking device can send or
receive packets on various VLANs, bypassing Layer 3 security measures. VLAN hopping can be accomplished
by switch spoofing or double tagging.
1) Switch spoofing:
ITExamAnswers.net
The attacker can connect an unauthorized Cisco switch to a Company switch port. The unauthorized switch can
send DTP frames and form a trunk with the Company Switch. If the attacker can establish a trunk link to the
Company switch, it receives traffic to all VLANs through the trunk because all VLANs are allowed on a trunk by
default.
(Instead of using a Cisco Switch, the attacker can use a software to create and send DTP frames).
2) Double-Tagging:
In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native
VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack
(VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with
its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native
VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the
Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.
ARP attack (like ARP poisoning/spoofing) is a type of attack in Which a malicious actor sends falsified ARP
(Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s
MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on
ARP Which is at Layer 2.
QUESTION 48
A BPDU guard is configured on an interface that has PortFast enabled. Which state does the interface enter
when it receives a BPDU?
A. Blocking
B. Shutdown
C. Listening
D. Errdisable
Correct Answer: D
Section: (none)
Explanation
ITExamAnswers.net
PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a BPDU is
received on that port.In a valid configuration, PortFast-configured interfaces do not receive BPDUs (because
PortFast should only be configured on interfaces which are connected to hosts). If a PortFast-configured
interface receives a BPDU, an invalid configuration exists. BPDU guard provides a secure response to invalid
configurations because the administrator must manually put the interface back in service.Reference: http://
www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/stp_enha.html
QUESTION 49
Which three encapsulation layers in the OSI model are combined into the TCP/IP application layer? (Choose
three)
A. Session
B. transport
C. presentation
D. application
E. data-link
F. network
Correct Answer: ACD

Section: (none)
Explanation
QUESTION 50
Refer to the exhibit. If the router attempts to send a frame out of the interface, but the carrier is busy, which
counter will increment?
ITExamAnswers.net
A. Collisions
B. Late collision
C. Deferred
D. Lost carrier
Correct Answer: C
Section: (none)
Explanation
QUESTION 51
Which two statements about NTP operation are true? (Choose two.)
A. Cisco routers can act only as NTP clients

B. Cisco routers can act as both NTP authoritative servers and NTP clients
C. NTP uses UDP over IP
D. NTP uses TCP over IP
E. Cisco routers can act only as NTP server
Correct Answer: BC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 52
Which two pieces of information can you learn by viewing the routing table? (Choose two.)
A. whether a route was tagged

B. the interface on which traffic is sent
C. whether access lists are blocking incoming routes
D. whether routes were summarized
E. whether a route was learned via IGP or EGP
Correct Answer: DE
Section: (none)
Explanation
QUESTION 53
Which port security violation mode drop traffic from unknown MAC addresses and sends an SNMP trap?
A. Protect
B. Resrict
C. Shutdown
D. Shutdown VLAN
Correct Answer: B
Section: (none)
Explanation
QUESTION 54
Which two options are primary responsibilities of the APlC-EM controller? (Choose two.)
A. lt automates network actions between different device types.

B. lt provides robust asset management.
C. lt tracks license usage and Cisco lOS versions.
D. lt automates network actions between legacy equipment.
E. lt makes network functions programmable.
Correct Answer: AE
Section: (none)
Explanation
http://www.cisco.com/c/en/us/products/cloud-systems-management/application-policy-infrastructure-controller-
enterprise-module/index.html
Automate network configuration and setup

Deploy network devices faster
Automate device deployment and provisioning across the enterprise.
Provide a programmable network
ITExamAnswers.net
Enable developers to create new applications that use the network to fuel business growth.
QUESTION 55
Which component of an Ethernet frame is used to notify a host that traffic is coming?
A. Type
B. Preamable
C. Start of frame delimiter
D. Data field
Correct Answer: B
Section: (none)
Explanation
QUESTION 56
Which address class includes network 191.168.0.1/27?
A. Class C
B. Class B
C. Class D
D. Class A
Correct Answer: B
Section: (none)
Explanation
This is a tricky question if you don’t have a close look on the network. The first octet is 191, not 192 so it
belongs to class B, not class C.
QUESTION 57
What is the default Syslog facility level?
A. local4
B. local5
C. local6
D. local7
Correct Answer: D
Section: (none)
Explanation
QUESTION 58
What is the easiest way to verify the Layer 3 path from a router to host 192.168.2.1?
A. Execute a traceroute form the router to host 192.168.2.1

B. Add a static route for host 192.168.2.1 to the routing table of the router
C. Use Telnet to connect the router to host 192.168.2.1
D. Execute a ping form the router to host 192.168.2.1
ITExamAnswers.net
Correct Answer: A
Section: (none)
Explanation
QUESTION 59
Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuis and has built-in
security mechanisms?
A. HDLC
B. PPP
C. X.25
D. Frame Relay
Correct Answer: B
Section: (none)
Explanation
PPP supports both synchronous (like analog phone lines) and asynchronous circuits (such as ISDN or digital
links). With synchronous circuits we need to use clock rate.
Note: Serial links can be synchronous or asynchronous. Asynchronous connections used to be only available
on low-speed (<2MB) serial interfaces, but now, there are the new HWICs (High-Speed WAN Interface Cards)
which also support asynchronous mode. To learn more about them please visit
http://www.cisco.com/en/US/prod/collateral/modules/ps5949/ps6182/prod_qas0900aecd80274424.html.
QUESTION 60
Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP
primary router after it is reloaded?
A. standby 10 priority 150

B. standby 10 preempt
C. standby 10 version 2
D. standby 10 version 1
Correct Answer: A
Section: (none)
Explanation
QUESTION 61
Which command can you enter to display duplicate IP addresses that the DHCP server assigns?
A. show ip dhcp conflict 10.0.2.12

B. show ip dhcp database 10.0.2.12
C. show ip dhcp server statistics
D. show ip dhcp binding 10.0.2.12
Correct Answer: A
Section: (none)
ITExamAnswers.net
Explanation
The command “show ip dhcp conflict” is used to display address conflicts found by a Cisco IOS DHCP Server
when addresses are offered to the client. An example of the output of this command is shown below:
QUESTION 62
Which two server types are used to support DNS lookup? (Choose two.)
A. web server
B. ESX host
C. authoritative name server
D. file transfer server
E. name resolver
Correct Answer: CE
Section: (none)
Explanation
QUESTION 63
Which two statements about TACACS+ are true? (Choose two.)
A. lt can run on a UNlX server.

B. lt authenticates against the user database on the local device.
C. lt is more secure than AAA authentication.
D. lt is enabled on Cisco routers by default.
E. lt uses a managed database.
Correct Answer: AE
Section: (none)
Explanation
http://tacacs.net/docs/TACACS_Advantages.pdf
Many IT departments choose to use AAA (Authentication, Authorization and Accounting) protocols RADIUS or
TACACS+ to address these issues.
http://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-
tacacs-/13865-tacplus.pdf
This document describes how to configure a Cisco router for authentication with the TACACS+ that runs on
UNIX. TACACS+ does not offer as many features as the commercially available Cisco Secure ACS for
Windows or Cisco Secure ACS UNIX.
TACACS+ software previously provided by Cisco Systems has been discontinued and is no longer supported
by Cisco Systems.
ITExamAnswers.net
QUESTION 64
Which cloud service that usually provides software beyond the basic operating system is normally used for
development?
A. Platform-as-a-service
B. Database-as-a-service
C. Infrastructure-as-a-service
D. Software-as-a-service
Correct Answer: A
Section: (none)
Explanation
QUESTION 65
Which two statements describe key differences between single- and dual-homed WAN connections? (Choose
two)
A. Dual-homed WAN connections are more expensive than single-homed connections

B. Dual-homed WAN connections have more management-application overhead than single-homed
connections
C. Dual-homed WAN connections require more skill to administer than single-homed connections
D. Dual-homed WAN connections have a simpler topology than single-homed connections
E. Dual-homed WAN connections have higher WAN speed than single- homed connections
Correct Answer: AC
Section: (none)
Explanation
QUESTION 66
Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose
two.)
A. The spanning-tree priority

B. The spanning-tree protocol
C. The native VLAN
D. The VTP domain
E. The trunking protocol
Correct Answer: CD
Section: (none)
Explanation
QUESTION 67
Which keyboard shortcut can you use to exit the System Configuration Dialog on a Cisco networking device
and return to privileged EXEC mode without making changes?
ITExamAnswers.net
A. Shift – Esc
B. Ctrl-V
C. Ctrl-C
D. Ctrl-Alt-Delete
Correct Answer: C
Section: (none)
Explanation
QUESTION 68
After you configure a DHCP server on VLAN 10 to service clients on VLAN 10 and VLAN 20, clients on VLAN
10 are given IP address assignments, but clients on VLAN 20 fail to receive IP addresses. Which action must
you take to correct the problem?
A. Configure the default gateway in the DHCP server configuration.

B. Configure a separate DHCP server on VLAN 20.
C. Configure the DNS name option in the DHCP server configuration.
D. Configure the ip helper-address command in the DHCP server configuration.
Correct Answer: B
Section: (none)
Explanation
QUESTION 69
Which two benefits can you get by stacking Cisco switches?(choose two)
A. Each switch in the stack handles the MAC table independently from the others
B. You can add or remove switches without taking the stack down.
C. Each switch in the stack can use a different IOS image
D. The stack enables any active member to take over as the master switch if the existing master fails.
E. You can license the entire stack with a single master license
Correct Answer: BD
Section: (none)
Explanation
Each stack has only one configuration file, which is distributed to each member in the stack. This allows each
switch in the stack to share the same network topology, MAC address, and routing information. In addition, it
allows for any member to become the master, if the master ever fails -> Answer D is correct while answer A is
not correct.
Switches can be added and deleted to a working stack without affecting stack performance. When a new
switch is added, the master switch automatically configures the unit with the currently running Cisco IOS
Software image and configuration of the stack. The stack will gather information such as switching table
information and update the MAC tables as new addresses are learned. The network manager does not have to
do anything to bring up the switch before it is ready to operate. Similarly, switches can be removed from a
working stack without any operational effect on the remaining switches. When the stack discovers that a series
of ports is no longer present, it will update this information without affecting forwarding or routing. A working
stack can accept new members or delete old ones without service interruption -> Answer B is correct.
ITExamAnswers.net
Reference: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/
prod_white_paper09186a00801b096a.html
QUESTION 70
Refer to the exhibit. Which two statements about the network enviroment of router R1 must be true? (Choose
two)
A. A static default route to 10.85.33.14 was defined

B. There are 20 different network masks within the 10.0.0.0/8 network
C. Ten routes are equally load-balanced between Te0/1/0.100 and Te0/2/0.100
D. The 10.0.0.0/8 network was learned via external EIGRP
E. The EIGRP administrative distance was manually changed from 90 to 170
Correct Answer: BC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 71
Which NAT function can map multiple inside addresses to a single outside address?
A. PAT
B. SFTP
C. RARP
D. ARP
E. TFTP
Correct Answer: A
Section: (none)
Explanation
By adding the keyword “overload” at the end of a NAT statement, NAT becomes PAT (Port Address
Translation). This is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP
address (many-to-one) by using different ports.
QUESTION 72
interface Loopback0
ip address 172.16.1.33 255.255.255.224
router bgp 999
neighbor 10.1.5.2 remote-as 65001
Refer to the exhibit . Which Command do you enter so that R1 advertises the loopback0 interface to the BGP
Peers?
A. Network 172.16.1.32 mask 255.255.255.224

B. Network 172.16.1.0 0.0.0.255
C. Network 172.16.1.32 255.255.255.224
D. Network 172.16.1.33 mask 255.255.255.224
E. Network 172.16.1.32 mask 0.0.0.31
F. Network 172.16.1.32 0.0.0.31
Correct Answer: A
Section: (none)
Explanation
First please notice that unlike other routing protocols like OSPF or EIGRP, we have to use subnet mask, not
wildcard mask, to advertise the routes in the “network” command -> C is not correct.Secondly, with BGP, you
must advertise the correct network and subnet mask in the “network” command ( in this case network
172.16.1.32/27). BGP is very strict in the routing advertisements. In other words, BGP only advertises the
network which exists exactly in the routing table (in this case network x.x.x.32/27 exists in the routing table as
the Fa0/0 interface). If you put the command “network x.x.0.0 mask 255.255.0.0” or “network x.0.0.0 mask
255.0.0.0” or “network x.x.x.33 mask 255.255.255.255” then BGP will not advertise anything.Therefore the full
command in this question is “network 172.16.1.32 mask 255.255.255.224”.
For more information about BGP configuration, please read our Basic BGP Configuration tutorial.
QUESTION 73
Refer to the exhibit. Which statement about the interface that generated the output is true?
ITExamAnswers.net
A. one secure MAC address is dynamically learned on the intertace.
B. a syslog message is generated when a violation occurs
C. five secure MAC addresses are dynamically learned on the interface.
D. one secure MAC address is manually configured on the interface.
Correct Answer: D
Section: (none)
Explanation
QUESTION 74
Which two conditions can be used to elect the spanning-tree root bridge?(choose two）
A. the highest MAC address

B. the lowest MAC address
C. the highest port priority
D. the lowest system ID
E. the lowest switch priority
Correct Answer: BE
Section: (none)
Explanation
QUESTION 75
Which definition of default route is true?
A. A route that is manually configured.

B. A route used when a destination route is missing.
C. A route to the exact /32 destination address
ITExamAnswers.net
D. Dynamic route learned from the server.
Correct Answer: B
Section: (none)
Explanation
QUESTION 76
Which type of device should you use to preserve IP addresses on your network?
A. firewall
B. WLAN controller
C. load balancer
D. intrusion prevention device
Correct Answer: A
Section: (none)
Explanation
QUESTION 77
Refer to the exhibit. Users in your office complaining that they cannot connect to the servers at a remote site.
When troubleshooting, you find that you can successfully reach the servers from router R2. What is the most
likely reason that the other users are experiencing connection failure?
ITExamAnswers.net
A. Interface ports are shut down on the remote servers
B. The DHCP address pool has been exhausted
C. VLSM is missconfigured between the router interface and the DHCP Pool
D. The ip helper-address command is missing on the R2 interface that connects to the switch
Correct Answer: C
Section: (none)
Explanation
QUESTION 78
Which network appliance checks the state of a packet to determine whether the packet is legitimate?
A. The LAN controller

B. The firewall
C. The Layer 2 switch
D. The load balancer
Correct Answer: B
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 79
You apply a new inbound access list to routers, blocking UDP packets to the HSRP group. Which two
effectsdoes this action have on the HSRP group process? (Choose two.)
A. HSRP redundancy works as expected

B. Both the active and standby routers become active
C. The active router immediately becomes the standby router.
D. HSRP redundancy fails.
E. The routers in the group generate duplicate IP address warnings
Correct Answer: BD
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/9281-3.html#q17
QUESTION 80
Which feature can cause a port to shut down immediately after a switch reboot?
A. COPP
B. PortFast
C. DTP
D. port security
Correct Answer: D
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/12027-53.html
QUESTION 81
What happens to new traffic that is sent to a destination MAC address after the MAC aging time expires?
A. It is dropped
B. It is flooded
C. It is queued
D. It is process-switched
Correct Answer: B
Section: (none)
Explanation
QUESTION 82
Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an
open-standard protocol? (choose two)
ITExamAnswers.net
A. interface GigabitEthernet0/0/1
channel-group 10 mode on
B. interface port-channel 10
switchport
switchport mode trunk
C. interface port-channel 10
no switchport
ip address 172.16.0.1 255.255.255.0
D. interface GigabitEthernet0/0/1
channel-group 10 mode auto
E. interface GigabitEthernet0/0/1
channel-group 10 mode active
Correct Answer: CE
Section: (none)
Explanation
QUESTION 83
Which two statements about IPv4 multicast traffic are true? (Choose two.)
A. It burdens the source host without affecting remote hosts.

B. It uses a minimum amount of network bandwidth.
C. It is bandwidth-intensive.
D. It simultaneously delivers multiple streams of data.
E. It is the most efficient way to deliver data to multiple receivers.
Correct Answer: BE
Section: (none)
Explanation
http://www.cisco.com/c/dam/en_us/about/ciscoitatwork/downloads/ciscoitatwork/pdf/
cisco_it_case_study_multicast.pdf
Cisco IOS IP Multicast in the Cisco Network
“IP Multicast as defined in RFC1112, the standard for IP Multicast across networks and the Internet, supports
one-to-many content needs by delivering application-source traffic to multiple users without burdening the
source or the network, using a minimum amount of network bandwidth. At the point where paths diverge, Cisco
routers replace IP Multicast packets in the network, resulting in the most efficient delivery of data to multiple
receivers.”
Even low-bandwidth applications can benefit fro IP Multicast when there are thousands of receivers. High-
bandwidth applications, such as MPEG video, may need a large portion of the available network bandwidth for
a
single stream. In these applications, IP Multicast is the only way to efficiently send the same content to more
than one receiver simultaneously, because it makes sure that only one copy of the data stream is sent across
any one network link. It relies on each router in the stream to intelligently copy the data stream whenever it
needs to deliver it to multiple receivers.
QUESTION 84
Which command can you enter on a switch to display the IP addresses associated with connected devices?
A. Show cdp neighbors detail

B. Show cdp neighbor
C. Show cdp interface
ITExamAnswers.net
D. Show cdp traffic
Correct Answer: A
Section: (none)
Explanation
Only the “show cdp neighbor detail” gives us information about the IP address of the connected device. Below
is an example of this command.
QUESTION 85
Which two tasks should you perform to begin troubleshooting a network problem? (Choose two.)
A. Analyze the results

B. Implement an action plan
C. Define the problem as a set of symptoms and causes
D. Gather all the facts
E. Monitor and verify the resolution
Correct Answer: CD
Section: (none)
Explanation
QUESTION 86
Which IPv6 address is the all-router multicast group?
A. FF02::1
B. FF02::2
C. FF02::3
D. FF02::4
Correct Answer: B
Section: (none)
Explanation
Well-known IPv6 multicast addresses:
Address
Description
ITExamAnswers.net
ff02::1
All nodes on the local network segment
ff02::2
All routers on the local network segment
QUESTION 87
Which three statements about HSRP operation are true? (Choose three.)?
A. The virtual IP address and virtual MAC+K44C address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication
D. The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
E. The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.
Correct Answer: ABF

Section: (none)
Explanation
http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-62.html#topic5
“The active router sources hello packets from its configured IP address and the HSRP virtual MAC address.
The standby router sources hellos from its configured IP address and the burned-in MAC address (BIA).”
http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-62.html#topic14
“By default, these timers are set to 3 and 10 seconds, respectively…” http://www.cisco.com/c/en/us/support/
docs/switches catalyst-6000-series-switches/29545-168.html#q1
Load Sharing with HSRP
http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/13781-7.html#conf
“…has a 256 unique HSRP group ID limit.”
“…the allowed group ID range (0-255). … MSFC2A (Supervisor Engine 32) can use any number of group IDs
from that range.
QUESTION 88
Which protocol does ipv6 use to discover other ipv6 nodes on the same segment?
A. CLNS
B. TCPv6
C. NHRP
D. NDP
E. ARP
Correct Answer: D
Section: (none)
Explanation
QUESTION 89
Which value is used to build the CAM table?
A. destination IP address
B. source IP address
C. destination MAC address
D. source MAC address
ITExamAnswers.net
Correct Answer: D
Section: (none)
Explanation
QUESTION 90
How does a router handle an incoming packet whose destination network is missing from the routing table?
A. it broadcast the packet to each interface on the router

B. it discards the packet
C. it broadcasts the packet to each network on the router
D. it routes the packet to the default route
Correct Answer: B
Section: (none)
Explanation
Change from “it discards the packet” to “it routes the packet to the default route” because there is new question
Which definition of default route is true? with answer “A route used when a destination route is missing.”
QUESTION 91
Refer to the exhibit. The server on this network is configured with an MTU of 9216, and the two interfaces on
router R1 and configured for MTUs of 2000 and 3000, as shown. What is the largest packet size that can pass
between the workstation and the server?
A. 1500 bytes
B. 2000 bytes
C. 3000 bytes
D. 9216 bytes
Correct Answer: A
Section: (none)
Explanation
QUESTION 92
A national retail chain needs to design an IP addressing scheme to support a nationwide network. The
ITExamAnswers.net
company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per subnet. Working
with only one Class B address, which of the following subnet masks will support an appropriate addressing
scheme? (Choose two.)
A. 255.255.255.0
B. 255.255.255.128
C. 255.255.252.0
D. 255.255.255.224
E. 255.255.255.192
F. 255.255.248.0
Correct Answer: BE
Section: (none)
Explanation
Subnetting is used to break the network into smaller more efficient subnets to prevent excessive rates of
Ethernet packet collision in a large network. Such subnets can be arranged hierarchically, with the
organization’s network address space (see also Autonomous System) partitioned into a tree-like structure.
Routers are used to manage traffic and constitute borders between subnets. A routing prefix is the sequence of
leading bits of an IP address that precede the portion of the address used as host identifier. In IPv4 networks,
the routing prefix is often expressed as a “subnet mask”, which is a bit mask covering the number of bits used
in the prefix. An IPv4 subnet mask is frequently expressed in quad-dotted decimal representation, e.g.,
255.255.255.0 is the subnet mask for the 192.168.1.0 network with a 24-bit routing prefix (192.168.1.0/24).
QUESTION 93
Which two statements correctly describe the ping utility? (Choose two.)
A. It uses UDP
B. It can identify the source of an ICMP “time exceeded” message
C. It uses ICMP
D. It can identify the path that a packet takes to a remote device
E. It can verify connectivity to a remote device without identifying the path
Correct Answer: CE
Section: (none)
Explanation
QUESTION 94
Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.
2950Switch(config-if)# switchport port-security

2950Switch(config-if)# switchport port-security mac-address sticky
2950Switch(config-if)# switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is
received by 2950Switch? (Choose two.)
ITExamAnswers.net
A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded
out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded
out fa0/1.
Correct Answer: BD
Section: (none)
Explanation
The first command 2950Switch(config-if)#switchport port-security is to enable the port-security in a switch port.
In the second command 2950Switch(config-if)#switchport port-security mac-address sticky, we need to know
the full syntax of this command is switchport port-security mac-address sticky [MAC]. The STICKY keyword is
used to make the MAC address appear in the running configuration and you can save it for later use. If you do
not specify any MAC addresses after the STICKY keyword, the switch will dynamically learn the attached MAC
Address and place it into your running-configuration. In this case, the switch will dynamically learn the MAC
address 0000.00aa.aaaa of host A and add this MAC address to the running configuration.
In the last command 2950Switch(config-if)#switchport port-security maximum 1 you limited the number of
secure MAC addresses to one and dynamically assigned it (because no MAC address is mentioned, the switch
will get the MAC address of the attached MAC address to interface fa0/1), the workstation attached to that port
is assured the full bandwidth of the port.Therefore only host A will be allowed to transmit frames on fa0/1 -> B is
correct.
After you have set the maximum number of secure MAC addresses for interface fa0/1, the secure addresses
are included in the “Secure MAC Address” table (this table is similar to the Mac Address Table but you can only
view it with the show port-security address command). So in this question, although you don’t see the MAC
address of host A listed in the MAC Address Table but frames with a destination of 0000.00aa.aaaa will be
ITExamAnswers.net
forwarded out of fa0/1 interface -> D is correct.
QUESTION 95
Which two statements about stateful firewalls in an enterprise network are true?
A. They can use information about previous packets to make decisions about future packets.
B. They are most effective when placed in front of the router connected to the Internet.
C. they are more susceptible to DoS attacks than stateless firewalls.
D. they can track the number of active TCP connections.
E. They can filter HTTP and HTTPS traffic in the inbound direction only.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 96
Which three statements about IPv6 address fd14:920b:f83d:4079::/64 are true? (Choose two)
A. The subnet ID is 14920bf83d

B. The subnet ID is 4079
C. The global ID is 14920bf83d
D. The address is a link-local address
E. The global ID is 4079
F. The address is a unique local address
Correct Answer: BF
Section: (none)
Explanation
Let’s see an example of IPv6 prefix: 2001:0A3C:5437:ABCD::/64:
In this example, the RIR has been assigned a 12-bit prefix. The ISP has been assigned a 32-bit prefix and the
site is assigned a 48-bit site ID. The next 16-bit is the subnet field and it can allow 216, or 65536 subnets. This
number is redundant for largest corporations on the world!
The 64-bit left (which is not shown the above example) is the Interface ID or host part and it is much more
bigger: 64 bits or 264 hosts per subnet!
Therefore in this question 4079 is the subnet ID. The FD14 prefix belongs to FC00::/7 which is an IPv6 Unique
Local Address (The address block fc00::/7 is divided into two /8 groups which are FC00::/8 & FD00::/8)
QUESTION 97
Which two pieces of information can you determine from the output of the show ntp status command? (Choose
ITExamAnswers.net
two.)
A. whether the clock is synchronized*

B. the IP address of the peer to Which the clock is synchronized
C. the NTP version number of the peer
D. whether the NTP peer is statically configured
E. the configured NTP servers
Correct Answer: AB
Section: (none)
Explanation
QUESTION 98
Which QOS feature can drop traffic that exceeds the committed access rate?
A. weighted fair queuing

B. FIFO
C. policing
D. shaping
Correct Answer: C
Section: (none)
Explanation
QUESTION 99
Which two address spaces are valid Class B IPv4 ranges that are non-routable to the Internet? (Choose two.)
A. 10.0.0.0 through 10.0.255.255

B. 169.254.0.0 through 169.254.255.255
C. 172.16.0.0 through 172.31.255.255
D. 172.16.0.0 through 172.32.255.255
E. 192.168.0.0 through 192.168.255.255
Correct Answer: BC
Section: (none)
Explanation
QUESTION 100
Which two statements about the ip default-network command are true? (Choose two.)
A. It specifies the network that is used when the device finds an exact match in the routing table.
B. It requires IP routing to be disabled on the device.
C. It specifies the network that is used when the device cannot find an exact match in the routing table.
D. It requires IP routing to be enabled on the device.
E. It can be configured on a Layer 2 switch to specify the next hop.
ITExamAnswers.net
Correct Answer: CD
Section: (none)
Explanation
QUESTION 101
Which command can you enter to determine whether serial interface 0/2/0 has been configured using HDLC
encapsulation?
A. router#show platform
B. router#show interfaces Serial 0/2/0
C. router#show ip interface s0/2/0
D. router#show ip interface brief
Correct Answer: B
Section: (none)
Explanation
Output from real deviceRouter2901#sh int g0/0
GigabitEthernet0/0 is up, line protocol is up Hardware is CN Gigabit Ethernet, address is c471.fe99.9999 (bia
c471.fe99.9999)
Description: Lan
Internet address is 10.1.1.1/25
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/61/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 39000 bits/sec, 30 packets/sec
5 minute output rate 73000 bits/sec, 37 packets/sec
41068530 packets input, 3905407112 bytes, 0 no buffer
Received 8678853 broadcasts (0 IP multicasts)
0 runts, 0 giants, 45 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 79853 multicast, 0 pause input
39267208 packets output, 2262399504 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
79926 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Router2901#
Router2901 ip int g0/0
GigabitEthernet0/0 is up, line protocol is up
Internet address is 10.1.1.1/25
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
ITExamAnswers.net
Helper address is not set
Directed broadcast forwarding is disabled
Secondary address 192.168.1.7/24
Multicast reserved groups joined: 224.0.0.10
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain inside
BGP Policy Mapping is disabled
Input features: Common Flow Table, Stateful Inspection, Virtual Fragment Reassembly, Virtual Fragment
Reassembly After IPSec Decryption, CAR, MCI Check
Output features: NAT Inside, Common Flow Table, Stateful Inspection, NAT ALG proxy, CAR
Post encapsulation features: CAR
IPv4 WCCP Redirect outbound is disabled
IPv4 WCCP Redirect inbound is disabled
IPv4 WCCP Redirect exclude is disabled
Router2901#
QUESTION 102
Refer to the exhibit. Which two pieces of information can you determine from the EIGRP topology table?
(Choose two.)
ITExamAnswers.net
A. The EIGRP neighbor IP address is 10.111.253.216.
B. Route 10.42.91.0/24 has a tag of 28160.
C. The reported distance of 10.0.0.0/8 is 0.
D. Route 10.42.88.0/21 has an administrative distance of 28160.
E. Each route has only one best path.
Correct Answer: AC
Section: (none)
Explanation
QUESTION 103
Which value must you configure on a device before EIGRP for IPv6 can start running?
ITExamAnswers.net
A. public IP address
B. loopback interface
C. router ID
D. process ID
Correct Answer: C
Section: (none)
Explanation
QUESTION 104
Which two statements about link-state routing protocols are true? (Choose two.)
A. Link-state routing protocols use split horizon to avoid routing loops.

B. Each router determines its own path to a destination.
C. Each router maintains its own unique routing database.
D. Each router shares a database of known routes.
E. Each router is aware only of its neighbor routers.
Correct Answer: BD
Section: (none)
Explanation
QUESTION 105
Refer to the exhibit.
Which of these statements correctly describes the state of the switch once the boot process has been
completed?
ITExamAnswers.net
A. The switch will need a different IOS code in order to support VLANs and ST.
B. Remote access management of this switch will not be possible without configuration change.
C. As FastEthernet0/12 will be the last to come up, it will be blocked by STP.
D. More VLANs will need to be created for this switch.
Correct Answer: B
Section: (none)
Explanation
From the output we notice that the administrator has just shut down Interface Vlan1, which is the default VLAN
so no one can access it remotely (like telnet) -> B is correct.
Answer A is not correct as STP calculation does not depend on which port comes up first or last. STP
recalculates when there is a change in the network.
A normal switch can operate without VLAN -> C is not correct.
This IOS does support VLAN because it has VLAN 1 on it -> D is not correct.
QUESTION 106
Which effete does the aaa new-model coniguration commandhave?
A. It enables AAA services on the device

B. It configures the device to connect to a RADIUS server for AAA
C. It associates a RADIUS server to an AAA group.
D. It configures a local user on the device.
Correct Answer: A
Section: (none)
Explanation
QUESTION 107
What SNMP message alerts the manager to a condition on the network?
A. trap
B. get
C. response
D. capture
Correct Answer: A
Section: (none)
Explanation
QUESTION 108
Which three are valid modes for a switch port used as a VLAN trunk? (choose three)
A. Desirable
B. Auto
C. On
ITExamAnswers.net
D. Blocking
E. Transparent
F. Forwarding
Correct Answer: ABC

Section: (none)
Explanation
QUESTION 109
Which two statements about DNS lookup operations are true? (Choose two)
A. They use destination port 53

B. When the primary IP address of the destination is down, the DNS server can forward the client to an
alternative IP address
C. The client sends a request for IP address to domain name resolution to the DNS server
D. The client sends a request for domain name to IP address resolution to the DNS server
E. The DNS server pings the destination to verify that is available
Correct Answer: AD
Section: (none)
Explanation
QUESTION 110
Which configuration register value can you set on a Cisco device so that it ignores the NVRAM when it boots?
A. 0x2124
B. 0x2120
C. 0x2142
D. 0x2102
Correct Answer: C
Section: (none)
Explanation
To reset the password we can type “confreg 0x2142” under rommon mode to set the configuration register to
2142 in hexadecimal (the prefix 0x means hexadecimal (base 16)). With this setting when that router reboots, it
bypasses the startup-config.
QUESTION 111
Which IP address can send traffic to all hosts on network 10.101.0.0/16?
A. 10.101.0.1
B. 10.101.254.254
C. 10.101.255.255
D. 224.0.0.1
Correct Answer: C
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 112
Which command can you enter to configure a local username with an encrypted password and EXEC mode
user privileges?
A. Router(config)#username jdone privilege 1 password 7 08314D5D1A48

B. Router(config)#username jdone privilege 1 password 7 PASSWORD1
C. Router(config)#username jdone privilege 15 password 0 08314D5D1A48
D. Router(config)#username jdone privilege 15 password 0 PASSWORD1
Correct Answer: A
Section: (none)
Explanation
Usually we enter a command like this:
username bill password westward
And the system display this command as follows:
username bill password 7 21398211
The encrypted version of the password is 21398211. The password was encrypted by the Cisco-defined
encryption algorithm, as indicated by the “7”.
However, if you enter the following command: “username bill password 7 21398211”, the system determines
that the password is already encrypted and performs no encryption. Instead, it displays the command exactly as
you entered it.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/
scfpass.html#wp1001412
QUESTION 113
Which command would you configure globally on a Cisco router that would allow you to view directly connected
Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Correct Answer: C
Section: (none)
Explanation
CDP is enabled by default on all Cisco routers. If it is turned off by any reason, we can turn it on again with the
following command on global configuration mode:
Router(config)#cdp run
Note: CDP can be turned on or turned off on each interface. For example to turn off CDP on an interface we
use this command:
Router(config-if)#no cdp enable
ITExamAnswers.net
QUESTION 114
Which WAN topology is most appropriate for a centrally located server farm with several satellite branches?
A. star
B. hub and spoke
C. point-to-point
D. full mesh
Correct Answer: B
Section: (none)
Explanation
Star is the most popular topology for Ethernet topology but hub and spoke is the most appropriate WAN
topology.
In a Hub-and-spoke network topology, one physical site act as Hub (Example, Main Office or Head Quarter),
while other physical sites act as spokes. Spoke sites are connected to each other via Hub site. In Hub-and-
spoke topology, the network communication between two spokes always travel through the hub (except when
using DMVPN Phase II or Phase III where spokes can communicate with each other directly). The networking
device at Hub site is often much more powerful than the ones at spoke sites.
Hub and spoke is an ideal topology when most of the resources lie at the Hub site and the branch sites only
need to access to the Hub.
ITExamAnswers.net
Note: Although some books may say Hub-and-spoke and Star topologies are the same but in fact they have
difference. When talking about Hub-and-spoke we often think about the communication between Hub site and
Spoke sites. When talking about Star we think about the communication between end devices.
QUESTION 115
Which task must you perform to enable an IOS device to use DNS services?
A. configure a relay agent information reforwarding policy

B. configure manual bindings
C. configure the relay agent information option
D. configure a name server
Correct Answer: B
Section: (none)
Explanation
QUESTION 116
Which command allows you to set the administrative distance for EIGRP for IPv6?
A. ipv6 next-hop-self eigrp

B. ipv6 bandwidth-percent eigrp
C. metric weights
D. ipv6 summary-address eigrp
Correct Answer: D
Section: (none)
Explanation
QUESTION 117
On Which combinations are standard access lists based?
ITExamAnswers.net
A. destination address and wildcard mask
B. destination address and subnet mask
C. source address and subnet mask
D. source address and wildcard mask
Correct Answer: D
Section: (none)
Explanation
Standard ACL’s only examine the source IP address/mask to determine if a match is made. Extended ACL’s
examine the source and destination address, as well as port information.
QUESTION 118
Which command must you enter to configure a DHCP relay?
A. ip dhcp relay
B. ip address dhcp
C. ip helper-address
D. ip dhcp pool
Correct Answer: C
Section: (none)
Explanation
QUESTION 119
What are two reasons to use multicast to deliver video traffic, instead of unicast or broadcast? (Choose two.)
A. It provides reliable TCP transport

B. It enables multiple clients to send video streams simultaneously
C. It enables multiple clients to receive the video stream simultaneously
D. It enables multiple servers to send video streams simultaneously
E. It supports distributed applications
Correct Answer: CD
Section: (none)
Explanation
QUESTION 120
Which two criteria must be met to support the ICMP echo IP SLA? (Choose two)
A. The destination device must support the echo protocol

B. default gateway must be configured for the source and destination devices
C. The source device must be running Layer 2 services.
D. The source and destination devices must be Cisco devices
E. The source device must be a Cisco device but the destination device can be from any vendor
ITExamAnswers.net
Correct Answer: AE
Section: (none)
Explanation
QUESTION 121
In a CDP enviroment, what happens when the CDP interface on an adjacent device is configured without an IP
address?
A. CDP operates normally, but it cannot provide IP address information for that neighbor
B. CDP uses the IP address of another interface for that neighbor
C. CDP operates normally, but it cannot provide any information for that neighbor
D. CDP becomes inoperable on that neighbor
Correct Answer: B
Section: (none)
Explanation
QUESTION 122
Which benefit of implementing a dual-homed WAN connection instead of a single-homed connection is true?
A. Only dual-homed connections support recursive routing

B. Only dual-homed connections enable an individual router to tolerate the loss of a network link
C. Only dual-homed connections support split horizon with EIGRP
D. Only dual-homed connections support OSPF in conjunction with BGP
Correct Answer: B
Section: (none)
Explanation
QUESTION 123
Which three elements are field in a basic Ethernet data frame? (Choose three.)
A. Preamble
B. Frame Check Sequence
C. Header Checksum
D. Length/Type
E. Time to Live
F. Version
Correct Answer: ABD

Section: (none)
Explanation
ITExamAnswers.net
QUESTION 124
Which option is the primary purpose of traffic shaping?
A. providing best-effort service

B. enabling policy-based routing
C. enabling dynamic flow identification
D. limiting bandwidth usage
Correct Answer: D
Section: (none)
Explanation
QUESTION 125
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance

B. The Syslog server automatically notifies the network administrator of network problems
C. A Syslog server provides the storage space necessary to store log files without using router disk space
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap
messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping
F. A Syslog server helps in aggregation of logs and alerts.
Correct Answer: CDF

Section: (none)
Explanation
QUESTION 126
In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose
two.)
A. fd15:0db8:0000:0000:700:3:400F:527B
B. fd15:0db8::7:3:4F:527B
C. fd15::db8::700:3:400F:527B
D. fd15:db8::700:3:400F:572B
E. fd15:db8:0::700:3:4F:527B
Correct Answer: AD
Section: (none)
Explanation
In this case we use two rules:
+ Leading zeros in a field are optional
+ Successive fields of 0 are represented as ::, but only once in an address
If you are not sure about IPV6, please read our IPv6 tutorial.
QUESTION 127
ITExamAnswers.net
Which API uses HTTP messages to transfer data to applications residing on different hosts?
A. OpenStack
B. REST
C. OpenFlow
D. OpFlex
Correct Answer: B
Section: (none)
Explanation
QUESTION 128
Which Rapid PVST+ port role provides a different path to the root bridge?
A. backup
B. forwarding
C. alternate
D. designated
Correct Answer: C
Section: (none)
Explanation
QUESTION 129
It you change the weight and distance parameters on a device with an establshed BGP neighbor, Which
additional task must you perfom to allow the two devices to continue exchanging routes?
A. Reset the BGP connections on the device

B. Reset the gateway interface
C. Clear the IP routes on the device
D. Change the weight and distance settings on the other device to match
Correct Answer: A
Section: (none)
Explanation
QUESTION 130
Which address block identifies all link-local addresses?
A. FC00::/7
B. FC00::/8
C. FE80::/10
D. FF00::/8
Correct Answer: C
Section: (none)
ITExamAnswers.net
Explanation
Link-local addresses only used for communications within the local subnetwork (automatic address
configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the
current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface
identifier (based on 48-bit MAC address).
QUESTION 131
Which chassis-aggregation technology combines two physical switches into one virtual switch?
A. VSS
B. LACP
C. VRRP
D. StackWise
Correct Answer: A
Section: (none)
Explanation
QUESTION 132
Which functionality does split horizon provide?
A. It prevents switching loops in distance-vector protocols.

B. It prevents switching loops in link-state protocols.
C. It prevents routing loops in distance-vector protocols.
D. It prevents routing loops in link-state protocols.
Correct Answer: C
Section: (none)
Explanation
QUESTION 133
Which command can you execute to set the user inactivity timer to 10 seconds?
A. SW1(config-line)#exec-timeout 0 10
B. SW1(config-line)#exec-timeout 10
C. SW1(config-line)#absolute-timeout 0 10
D. SW1(config-line)#absolute-timeout 10
Correct Answer: A
Section: (none)
Explanation
The “exec-timeout” command is used to configure the inactive session timeout on the console port or the virtual
terminal. The syntax of this command is:
exec-timeout minutes [seconds]
Therefore we need to use the “exec-timeout 0 10” command to set the user inactivity timer to 10 seconds.
ITExamAnswers.net
QUESTION 134
Which two statements about stacking Cisco switches are true ?(choose two)
A. It enables the administrator to manage multiple switches from a single management interface
B. The administrator can create only one stack of switches in a network which is under the same
administrative domian
C. When a new master switch is elected,it queries the previous master for its running configuration
D. The administrator can add additional switches to the stack as demand increases
E. Each switch manages its own MAC address table
Correct Answer: AD
Section: (none)
Explanation
QUESTION 135
Which command can you enter on a Cisco IOS device to enable a scheduled algorithm that directs lookup calls
to multiple DNS hosts?
A. ip name-server 192.168.10.14 192.168.10.15

B. ip domain list
C. ip domain lookup
D. ip domain round-robin
Correct Answer: D
Section: (none)
Explanation
QUESTION 136
Which two benefits are provided by cloud resources to an enterprise network? (Choose two.)
A. complexity at higher cost

B. on-demand scalability
C. flexibility
D. easy access with low security
E. full control of infrastructure
Correct Answer: BC
Section: (none)
Explanation
QUESTION 137
Which IEEE mechanism is responsible for the authentication of devices when they attempt to connect to a local
network?
A. 802.1x
ITExamAnswers.net
B. 802.11
C. 802.2x
D. 802.3x
Correct Answer: A
Section: (none)
Explanation
IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1
group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN
or WLAN
QUESTION 138
Which command should you enter to configure a device as an NTP server?
A. ntp peer
B. ntp server
C. ntp master
D. ntp authenticate
Correct Answer: C
Section: (none)
Explanation
QUESTION 139
Which switching method checks for CRC errors?
A. Layer 3
B. Store-and-forward
C. fragment-free
D. cut-through
Correct Answer: B
Section: (none)
Explanation
QUESTION 140
Which type of address is the public IP address of a NAT device?
A. outside public
B. inside local
C. inside global
D. inside public
E. outside global
F. outside local
Correct Answer: C
Section: (none)
ITExamAnswers.net
Explanation
NAT use four types of addresses:
* Inside local address – The IP address assigned to a host on the inside network. The address is usually not an
IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is
likely to be an RFC 1918 private address.
* Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents
one or more inside local IP addresses to the outside world.
* Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
* Outside global address – The IP address assigned to a host on the outside network. The owner of the host
assigns this address.
QUESTION 141
Refer to the exhibit. What is the effect of the given configuration?
Switch#configuration terminal
Switch#interface VLAN 1
Switch(config-if)#ip address 192.168.2.2 255.255.255.0
Switch(config-if)#end
A. It configures an inactive switch virtual interface.

B. It configures an active management interface.
C. It configures the native VLAN.
D. It configures the default VLAN.
Correct Answer: A
Section: (none)
Explanation
In the configuration above, the “no shutdown” command was missing so interface Vlan 1 is still inactive. Notice
that only the loopback command does not need the “no shutdown” command to work.
QUESTION 142
Based on the output below from SwitchB, which statement is true?
A. The MAC address of the root bridge is 0017.596d.1580.

B. The Fa0/11 role confirms that SwitchB is the root bridge for VLAN 40.
C. SwitchB is not the root bridge, because not all of the interface roles are designated.
D. VLAN 40 is running the Per VLAN Spanning Tree Protocol.
Correct Answer: C
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 143
Refer to the exhibit
All of the routers in the network are configured with the ip subnet-zero command. Which network addresses
should be used for Link A and Network A? (Choose two.)
A. Link A 172.16.3.0/30
B. Link A 172.16.3.112/30
C. Network A 172.16.3.48/26
D. Network A 172.16.3.128/25
E. Link A 172.16.3.40/30
F. Network A 172.16.3.192/26
Correct Answer: AD
Section: (none)
Explanation
Network A needs 120 hosts < 128 = 27 -> Need a subnet mask of 7 bit 0s -> “/25″.
Because the ip subnet-zero command is used, network 172.16.3.0/30 can be used.
Answer E “Link A – 172.16.3.40/30″ is not correct because this subnet belongs to MARKETING subnet
(172.16.3.32/27).
Answer F “Link A – 172.16.3.112/30″ is not correct because this subnet belongs to ADMIN subnet
(172.16.3.96/27).
QUESTION 144
Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are operating
at the same bandwidth? (Choose three.)
ITExamAnswers.net
A. Switch A – Fa0/0
B. Switch A – Fa0/1
C. Switch B – Fa0/0
D. Switch B – Fa0/1
E. Switch C – Fa0/0
F. Switch C – Fa0/1
Correct Answer: BCD

Section: (none)
Explanation
This question is to check the spanning tree election problem.
1. First, select the root bridge, which can be accomplished by comparing the bridge ID, the smallest will be
selected. Bridge-id= bridge priority + MAC address. The three switches in the figure all have the default
priority, so we should compare the MAC address, it is easy to find that SwitchB is the root bridge.
2. Select the root port on the non-root bridge, which can be completed through comparing root path cost. The
smallest will be selected as the root port.
3. Next, select the Designated Port. First, compare the path cost, if the costs happen to be the same, then
compare the BID, still the smallest will be selected. Each link has a DP. Based on the exhibit above, we can
find DP on each link. The DP on the link between SwitchA and SwitchC is SwitchA’Fa0/1, because it has the
smallest MAC address.
QUESTION 145
Which symbol in the APIC-EM Path Trace tool output indicates that an ACL is present and might deny packets?
ITExamAnswers.net
A.
B.
C.
D.
Correct Answer: C
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policyinfrastructure-
controller-enterprise-module/1-6-x/path_trace/user-guide/
b_Cisco_Path_Trace_User_Guide_1_6_0_x/b_Cisco_Path_Trace_User_Guide_1_6_0_x_chapter_0111.html
QUESTION 146
When you are troubleshooting an ACL issue on a router, Which command would you use to verify Which
interfaces are affected by the ACL?
A. show ip access-lists
B. show access-listsC. show interface
C. show ip interface
D. list ip interface
Correct Answer: C
Section: (none)
Explanation
show ip access-lists does not show interfaces affected by an ACL.
QUESTION 147
Which two tasks does a router perform when it receives a packet that is being forwarded from one network to
another? (Choose two.)
A. It removes the Layer 2 frame header and trailer

B. It encapsulates the Layer 2 packet
C. It removes the Layer 3 frame header and trailer
D. It examines the routing table for the best path to the destination IP address of the packet
E. It examines the MAC address table for the forwarding interface
Correct Answer: AD
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 148
Which circumstances is a common cause of late collisions?
A. overload hardware queues

B. native VLAN mismatch
C. duplex mismatch
D. software misconfiguration
Correct Answer: C
Section: (none)
Explanation
QUESTION 149
Which PPP subprotocol negotiates authentication options?
A. NCP
B. LCP
C. ISDN
D. DLCI
E. SLIP
Correct Answer: B
Section: (none)
Explanation
QUESTION 150
What are two requirements for an HSRP group? (Choose two.)
A. exactly one active router

B. one or more standby routers
C. one or more backup virtual routers
D. exactly one standby active router
E. exactly one backup virtual router
Correct Answer: AB
Section: (none)
Explanation
From this paragraph:
“A set of routers that run HSRP works in concert to present the illusion of a single default gateway router to the
hosts on the LAN. This set of routers is known as an HSRP group or standby group. A single router that is
elected from the group is responsible for the forwarding of the packets that hosts send to the virtual router. This
router is known as the active router. Another router is elected as the standby router. If the active router fails, the
ITExamAnswers.net
standby assumes the packet forwarding duties. Although an arbitrary number of routers may run HSRP, only
the active router forwards the packets that are sent to the virtual router IP address.
In order to minimize network traffic, only the active and the standby routers send periodic HSRP messages
after the protocol has completed the election process. Additional routers in the HSRP group remain in the
Listen state. If the active router fails, the standby router takes over as the active router. If the standby router
fails or becomes the active router, another router is elected as the standby router.”
Reference: https://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-
62.html#anc6
-> There is exactly one active router and one standby router in an HSRP group. Answer A is surely a correct but
other answers are not correct. Answers C, D and E are wrong terminologies so they are surely not correct.
Therefore answer B is a best choice left (although it is not totally correct).
QUESTION 151
Which three statements about IPv6 prefixes are true? (Choose three.)
A. FEC0::/10 is used for IPv6 broadcast.

B. FC00::/7 is used in private networks.
C. FE80::/8 is used for link-local unicast.
D. FE80::/10 is used for link-local unicast.
E. 2001::1/127 is used for loopback addresses.
F. FF00::/8 is used for IPv6 multicast.
Correct Answer: BDF

Section: (none)
Explanation
Below is the list of common kinds of IPv6 addresses:
QUESTION 152
Which technology in a service provider environment can use labels to tunnel custormer data?
A. Metro Ethernet
B. DMVPN
C. MPLS
D. PPPOE
ITExamAnswers.net
Correct Answer: C
Section: (none)
Explanation
QUESTION 153
Which two statements about IGP and EGP routing protocols are true? (Choose two.)
A. Service providers use OSPF and IS-IS for intra-AS routing

B. EGP routing protocols are used to connect multiple IGP networks
C. IGP routing protocols are used within internal networks
D. OSPF, EIGRP, and BGP are categorized as IGP routing protocols.
E. Service providers use EGP and BGP for intra-AS routing
Correct Answer: BC
Section: (none)
Explanation
QUESTION 154
Which configuration register setting do you use to bypass the password that is stored in the startup
configuration?
A. 0xFFFF
B. 1×2102
C. 0x2102
D. 0x2142
Correct Answer: D
Section: (none)
Explanation
QUESTION 155
Which LLDP extension provides additional support for VoIP?
A. TLV
B. LLDP-MED
C. LLDP-VOIP
D. LLDPv3
Correct Answer: B
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/switches/blades/3030/software/release/12-2_37_se/
configuration_/guide/swlldp.html
ITExamAnswers.net
QUESTION 156
Which command is needed to send RIPv2 updates as broadcast when configured for RIPv2?
A. ip rip v2-broadcast
B. ip rip receive version 1
C. ip rip receive version 2
D. version 2
Correct Answer: A
Section: (none)
Explanation
Reference: https://www.cisco.com/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfrip.html
QUESTION 157
Which two statements about private addresses are true? (Choose two.)
A. By default, Class C private networks support up to 255 subnets.

B. Network 192.168.25.0/28 supports 14 usable private host addresses.
C. The 172.16.X.X/16 private Class B network supports over 1 millon addresses.
D. Addresses in the range 172.16.0.1 to 172.32.255.254 are defined as Class B private addresses.
E. Network 10.1.1.0/29 supports 16 usable private host addresses.
Correct Answer: BC
Section: (none)
Explanation
QUESTION 158
Which option is the benefit of implementing an intelligent DNS for a cloud computing solution?
A. It reduces the need for a backup data center.

B. It can redirect user requests to locations that are using fewer network resources.
C. It enables the ISP to maintain DNS records automatically.
D. It eliminates the need for a GSS.
Correct Answer: B
Section: (none)
Explanation
QUESTION 159
Which two characteristics of an ICMP echo-based IP SLA are true? (Choose two)
A. It can use RSPAN to report network statistics to a designated remote port

B. It aggregates traffic statistics for reporting on a configurable basis
C. It requires a remote device to log and maintain collected data
D. It measures traffic to determine the reliability of a connection from a Cisco router to a designated end device
E. It generates continuous traffic to monitor network performance
ITExamAnswers.net
Correct Answer: DE
Section: (none)
Explanation
QUESTION 160
Which two values must you specify to define a static route? (Choose two.)
A. destination network and mask

B. incoming interface
C. administrative distance of the route
D. source network and mask
E. next-hop address or exit interface
Correct Answer: AE
Section: (none)
Explanation
QUESTION 161
To enable router on a stick on a router subinterface, which two steps must you perform? (Choose two.)
A. Configure an IP route to the VLAN destination network.

B. Configure encapsulation dot1q.
C. Configure a default to route traffic between subinterfaces.
D. Configure full duplex and speed.
E. Configure the subinterface with an IP address.
Correct Answer: BE
Section: (none)
Explanation
QUESTION 162
When a switch is running in VTP server mode, VLAN configuration information is stored in which file?
A. vlan.dat
B. startup-config
C. vlan.config
D. config.text
Correct Answer: A
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 163
Which two commands can you use to configure an LACP EtherChannel? (Choose two.)
A. channel-group 10 mode auto

B. channel-group 10 mode active
C. channel-group 10 mode on
D. channel-group 10 mode desirable
E. channel-group 10 mode passive
Correct Answer: BE
Section: (none)
Explanation
QUESTION 164
What is the first step in the NAT configuration process?
A. Define inside and outside interfaces

B. Define public and private IP addresses
C. Define IP address pools
D. Define global and local interfaces
Correct Answer: A
Section: (none)
Explanation
In NAT configuration we should specify the inside and outside interfaces first with the command “ip nat inside”
and “ip nat outside” under interface mode.
QUESTION 165
You are configuring a 100-Mb fast Ethernet connection between a PC and Switch. Which action must you take
to configure the speed one each of the two interfaces?
A. Set the switch port to auto-negotiate and the PC interface to 100 Mb

B. Set both interfaces to auto-negotiate.
C. Set the switch port to 100 Mb and the PC interface to auto-negotiate.
D. Set both interfaces to 100 Mb
Correct Answer: D
Section: (none)
Explanation
QUESTION 166
Which feature is automatically enabled on voice VLAN port?
A. 802.1x
B. 802.1Q
C. PortFast
D. Port Security
ITExamAnswers.net
Correct Answer: C
Section: (none)
Explanation
QUESTION 167
Which three commands can you use to set a router boot image? (Choose three.)
A. Router(config)# boot system flash c4500-p-mz.121-20.bin

B. Router(config)# boot system tftp c7300-js-mz.122-33.SB8a.bin
C. Router(config)#boot system rom c7301-advipservicesk9-mz.124-24.T4.bin
D. Router> boot flash:c180x-adventerprisek9-mz-124-6T.bin
E. Router(config)#boot flash:c180x-adventerprisek9-mz-124-6T.bin
F. Router(config)#boot bootldr bootflash:c4500-jk9s-mz.122-23f.bin
Correct Answer: ABC

Section: (none)
Explanation
The correct syntax of the “boot” command is “boot system” path. In Which the popular for path can be:
+ flash
+ rom
+ tftp
+ ftp
+ IP address (IP address of the server containing the system image file)
Therefore answers A, B, C are correct.
QUESTION 168
Which MAC protocol sets a random timer to reattempt communication ?
A. RARP
B. CSMA/CA
C. CSMA/CD
D. IEEE 802.1x
Correct Answer: C
Section: (none)
Explanation
QUESTION 169
Where does a switch maintain DHCP snooping information ?
A. in the MAC address table

B. in the CAM table
C. in the DHCP binding database
D. in the VLAN database
Correct Answer: C
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 170
A network administrator enters the following command on a router:logging trap 3 . What are three message
types that will be sent to the Syslog server?(choose three)
A. warning
B. informational
C. error
D. emergency
E. debug
F. critical
Correct Answer: CDF

Section: (none)
Explanation
QUESTION 171
Which two statements about RIPv2 are true? (Choose two.)
A. It does not support clear text authentication, similar to RIPv1

B. It supports CIDR and VLSM
C. It stores RIP neighbor adjacency information in a neighbor table
D. It uses the Bellman-Ford routing algorithm
E. It sends periodic updates via broadcast
Correct Answer: BD
Section: (none)
Explanation
QUESTION 172
Which two differences between distance-vector and link-state routing protocols are true? (Choose two.)
A. Only link-state routing use the Bellman-Ford algorithm

B. Only distance-vector routing protocols send full routing table updates
C. Distance-vector routing protocols are less susceptible to loops than link-state protocols
D. Link-state routing protocols offer faster convergence than distance-vector protocols during network changes
E. Only distance-vector routing protocols maintain identical topology tables on all connected neighbors
Correct Answer: BD
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 173
Which option is the main function of congestion management?
A. discarding excess traffic

B. queuing traffic based on priority
C. classifying traffic
D. providing long-term storage of buffered data
Correct Answer: B
Section: (none)
Explanation
QUESTION 174
Which two options describe benefits of aggregated chassis technology ( choose 2)?
A. it reduces management overhead.

B. switches can be located anywhere regardless of there physical location.
C. it requires only 1 IP add per VLAN.
D. it requires only 3 IP add per VLAN.
E. it supports HSRP VRRP GLBP.
F. it support redundant configuration files.
Correct Answer: AC
Section: (none)
Explanation
Chassis aggregation is a Cisco technology to make multiple switches operate as a single switch. It is similar to
stacking but meant for powerful switches (like the 6500 and 6800 series switches). Chassis aggregation is often
used in the core layer and distribution layer (while switching stacking is used for access layer).
The books do not mention about the benefits of chassis aggregation but they are the same as switch stacking.
+ The stack would have a single management IP address.

+ The engineer would connect with Telnet or SSH to one switch (with that one management IP address), not
multiple switches.
+ One configuration file would include all interfaces in all physical switches.
+ STP, CDP, VTP would run on one switch, not multiple switches.
+ The switch ports would appear as if all are on the same switch.
+ There would be one MAC address table, and it would reference all ports on all physical switches.
Reference: CCNA Routing and Switching ICND2 200-105 Official Cert Guide
VSS is a chassis aggregation technology but it is dedicated for Cisco Catalyst 6500 Series Switches. VSS
increases operational efficiency by simplifying the network, reducing switch management overhead by at least
50 percent -> A is correct
Single point of management, IP address, and routing instance for the Cisco Catalyst 6500 virtual switch
+ Single configuration file and node to manage. Removes the need to configure redundant switches twice with
identical policies.
+ Only one gateway IP address is required per VLAN, instead of the three IP addresses per VLAN used today -
> C is correct while D is not correct.
+ Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP),
and Gateway Load Balancing Protocol (GLBP)-> so maybe E is not correct.
ITExamAnswers.net
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-virtual-switching-system-
1440/prod_qas0900aecd806ed74b.html
QUESTION 175
Which three statements describe the reasons large OSPF networks use a hierarchical design? (Choose three.)
A. to confine network instability to single areas of the network.

B. to reduce the complexity of router configuration
C. to speed up convergence
D. to lower costs by replacing routers with distribution layer switches
E. to decrease latency by increasing bandwidth
F. to reduce routing overhead
Correct Answer: ACF

Section: (none)
Explanation
Hierarchical design of OSPF (basically means that you can separate the larger internetwork into smaller
internetworks called areas) helps us create a network with all features listed above (decrease routing overhead,
speed up convergence, confine network instability to single areas of the network).
QUESTION 176
When troubleshooting client DNS issues, which two tasks must you perform? (Choose two.)
A. Ping a public website IP address.

B. Ping the DNS server.
C. Determine whether the hardware address is correct.
D. Determine whether a DHCP address has been assigned.
E. Determine whether the name servers have been configured.
Correct Answer: BE
Section: (none)
Explanation
QUESTION 177
Which commands can you can enter to verify that a router is synced with a configured time source?
A. Show ntp associations

B. Show clock details
C. Show clock
D. Show time
E. Show ntp status
Correct Answer: A
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 178
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)
A. SNMPv3 enhanced SNMPv2 security features

B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP
D. SNMPv3 added the GetBulk protocol messages to SNMP
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.
Correct Answer: ACE

Section: (none)
Explanation
SNMPv1/v2 can neither authenticate the source of a management message nor provide encryption. Without
authentication, it is possible for nonauthorized users to exercise SNMP network management functions. It is
also possible for nonauthorized users to eavesdrop on management information as it passes from managed
systems to the management system. Because of these deficiencies, many SNMPv1/v2 implementations are
limited to simply a read-only capability, reducing their utility to that of a network monitor; no network control
applications can be supported. To correct the security deficiencies of SNMPv1/v2, SNMPv3 was issued as a
set of Proposed Standards in January 1998. -> A is correct.
(Reference: http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-3/snmpv3.html)
The two additional messages are added in SNMP2 (compared to SNMPv1)
GetBulkRequest The GetBulkRequest message enables an SNMP manager to access large chunks of data.
GetBulkRequest allows an agent to respond with as much information as will fit in the response PDU. Agents
that cannot provide values for all variables in a list will send partial information. -> E is correct.
InformRequest The InformRequest message allows NMS stations to share trap information. (Traps are issued
by SNMP agents when a device change occurs.) InformRequest messages are generally used between NMS
stations, not between NMS stations and agents. -> C is correct.
Note: These two messages are carried over SNMPv3.
QUESTION 179
Which two cable specifications can support 1-Gbps Ethernet? (choose two)
A. Category 5e
B. RG11
C. RG-6
D. Category 6
E. Category 3
Correct Answer: AD
Section: (none)
Explanation
QUESTION 180
Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a
BPDU?
ITExamAnswers.net
A. BackboneFast
B. UplinkFast
C. Root Guard
D. BPDU Guard
E. BPDU Filter
Correct Answer: D
Section: (none)
Explanation
We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not
know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being
transmitted and received on these ports. With BPDU Guard, when a PortFast receives a BPDU, it will be shut
down to prevent a loop.
QUESTION 181
Which two statements about EUI-64 addressing are true? (Choose two.)
A. The address includes the hex digits FFFE after the last 24 bits of the interface MAC address.
B. A 64-bit interface identifier is derived from the interface MAC address.
C. A locally administrated address has the universal/local bit set to 0.
D. A 96-bit interface identifier is derived from the interface MAC address.
E. The address includes the hex digits FFFE after the first 14 bits of the interface MAC address.
F. The address includes the hex digits FFFE after the first 24 bits of the interface MAC address
Correct Answer: CF
Section: (none)
Explanation
Extended Unique Identifier (EUI) allows a host to assign itself a unique 64-Bit IPv6 interface identifier (EUI-64).
This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the
world of IPv4. The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The MAC address
is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being
NIC specific. The 16-bit 0xFFFE is then inserted between these two 24-bits for the 64-bit EUI address. IEEE
has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC
address.
For example, suppose we have the MAC address of C601.420F.0007. It would be divided into two 24-bit parts,
which are “C60142” (OUI) and “0F0007” (NIC). Then “FFFE” is inserted in the middle. Therefore we have the
address: C601.42FF.FE0F.0007.
Then, according to the RFC 3513 we need to invert the Universal/Local bit (“U/L” bit) in the 7th position of the
first octet. The “u” bit is set to 1 to indicate Universal, and it is set to zero (0) to indicate local scope.
Therefore with the subnet of 2001:DB8:0:1::/64, the full IPv6 address is 2001:DB8:0:1:C601:42FF:FE0F:7/64
QUESTION 182
Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose
two.)
A. The spanning-tree priority

B. The spanning-tree protocol
C. The native VLAN
D. The VTP domain
ITExamAnswers.net
E. The trunking protocol
Correct Answer: CD
Section: (none)
Explanation
QUESTION 183
Which two statements about UTP cables are true? (Choose two.)
A. Category 6a Ethernet cable can transmit up to 10 Gbps

B. Category 6 Ethernet cables are appropriate for installations of up to 200m
C. Category 5 Ethernet cables support speeds up to 1000 Mbps beyond 100m
D. All Ethernet cable types from Category 1 through Category 6 are suitable for transmitting data in the
appropriate environments
E. Category 5e Ethernet cables support speeds up 1000 Mbps
Correct Answer: AE
Section: (none)
Explanation
QUESTION 184
Cisco IOS supports Which QoS models?
A. best-effort and integrated services

B. integrated services and differentiated services
C. best-effort and differentiated services
D. best-effort, integrated services, and differentiated services
Correct Answer: D
Section: (none)
Explanation
QUESTION 185
Which command disable DTP?
A. Switchport mode passive

B. Switchport mode active
C. Switchport nonegotiate
D. Switchport negotiate
Correct Answer: C
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 186
Which enterprise device provides centralized control of authentication and roaming?
A. A lightweight access point

B. A firewall
C. A Lan Switch
D. A wireless LAN controller
Correct Answer: D
Section: (none)
Explanation
QUESTION 187
How many bits can be used to identify unique hosts in the address range for network 10.0.0.0/8
A. 8
B. 16
C. 24
D. 32
Correct Answer: C
Section: (none)
Explanation
QUESTION 188
Which command must be present in a Cisco Device configuration to enable the device to resolve an FQDN?
A. Ip host
B. Ip name-server
C. Ip domain-lookup
D. Ip domain-name
Correct Answer: C
Section: (none)
Explanation
QUESTION 189
Which command must you enter to configure a DHCP relay?
A. ip dhcp relay
B. ip address dhcp
D. ip dhcp pool
Correct Answer: C
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 190
You are implementing WAN access for an enterprise network while running applications that require a fully
meshed network, Which two design standards are appropriate for such an environment? (Choose two.)
A. a dedicated WAN distribution layer, to consolidate connectivity to remote sites

B. a centralized DMVPN solution, to simplify connectivity for the enterprise
C. multiple MPLS VPN connections with static routing
D. a collapsed core and distribution layer, to minimize costs
E. multiple MPLS VPN connections with dynamic routing
Correct Answer: BE
Section: (none)
Explanation
QUESTION 191
Which two commands can you enter to configure an interface to actively negotiate an EtherChannel? (Choose
two.)

C. channel-group 10 mode on
D. channel-group 10 mode desirable
Correct Answer: BD
Section: (none)
Explanation
QUESTION 192
When troubleshooting a user complaint, you notice that two routers failed to establish an OSPF neighbor
adjacency. Which two issues are root causes for the problem? (Choose two.)
A. The two routers are configured with the same area ID

B. The two router are using the same router ID
C. The passive-interface command is configured on the connected interfaces
D. The two routers are configured with different process Ids
E. OSPF is configured on the primary network of the neighbor, but not on the secondary network
Correct Answer: BC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 193
Which two statements about how a router makes forwarding decisions are true? (Choose two.)
A. The control plane forwards traffic based on information that it receives from the data plane
B. The data plane gathers information from routing protocols
C. The management plane forwards traffic based on information that it receives from the data plane
D. The control plane gathers information from routing protocols
E. The data plane forwards traffic through the router
F. The management plane gathers information from routing protocols
Correct Answer: DE
Section: (none)
Explanation
QUESTION 194
Which action do you take to reset the VTP configuration revision number on a switch in VTP server made?
A. Change the VTP domain name to any new value, and then change the name back to the original name
B. Change the VTP mode to transparent, and then change it back to server mode
C. Change the VTP mode to off, and then change it back to server mode.
D. Change the VTP mode to transparent, and then change it to cent mode.
Correct Answer: A
Section: (none)
Explanation
QUESTION 195
Which two statements about southbound APIS are true? (Choose two.)
A. OpenFlow is a southbound API standard.

B. They communicate with the management plane.
C. They use HTTP messages to communicate.
D. They enable communication between the controller and the network device.
E. They enable communication between the controller and SDN applications.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 196
When you configure and boot a new device, when does the running configuration become active?
A. Immediately after the power-on self-test

B. When IOS is loaded into RAM.
ITExamAnswers.net
C. When the devices boots to ROMMON.
D. When the startup configuration is copied into RAM.
Correct Answer: B
Section: (none)
Explanation
QUESTION 197
Which command should you enter on an interface in a vendor-neutral EtherChannel so that it will be selected
first to transmit packets?
A. lacp system-priority 1024

B. pagp system-priority 1024
C. pagp port-priority 1024
D. lacp port-priority 1024
Correct Answer: D
Section: (none)
Explanation
QUESTION 198
After you deploy a new WLAN controller on your network, Which two additional tasks should you consider?
(Choose two.)
A. Configure multiple VRRP groups.

B. Configure additional VLANs.
C. Configure additional security policies.
D. Deploy load balancers.
E. Deploy POE switches.
Correct Answer: CE
Section: (none)
Explanation
QUESTION 199
Which two commands can you use to configure a PAgP EtherChannel? (Choose two.)

C. channel-group 10 mode desirable
D. channel-group 10 mode on
Correct Answer: AC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 200
Which command should you enter to configure a single port to enter an err-disabled state when it receives an
infenior BPDU?
A. spanning-tree portfast bpduguard

B. spanning-tree guard root
C. spanning-tree portfast default
D. spanning-tree portfast bpdufilter
Correct Answer: A
Section: (none)
Explanation
QUESTION 201
Which two statements about single and dual-homed links are true? ( choose two.)
A. Single-homed connections to a service provider require OSPF or EIGRP.

B. Dual-homed connections to multiple service providers can use OSPF or EIGRP for load balancing.
C. Single-homed connections to a service provider can use either static routing or BGP
D. Dual-homed connection to multiple service providers typically use BGP.
E. Dual-homed connections to a service provider most frequently use static routing.
Correct Answer: CD
Section: (none)
Explanation
QUESTION 202
After you configure the ip dns spoofing command globally on a device, under which two conditions is DNS
spoofing enabled on the device? (Choose two.)
A. The DNS server queue limit id disabled

B. The ip host command is disabled
C. All configured IP name server addresses are removed
D. The ip dns spoofing command is disabled on the local interface
E. The no ip domain lookup command is configured
Correct Answer: CE
Section: (none)
Explanation
DNS spoofing is designed to allow a router to act as a proxy DNS server and “spoof” replies to any DNS
queries using either the configured IP address in the ip dns spoofing ip-address command or the IP address of
the incoming interface for the query. This feature is useful for devices where the interface toward the Internet
service provider (ISP) is not up. Once the interface to the ISP is up, the router forwards DNS queries to the real
DNS servers. This feature turns on DNS spoofing and is functional if any of the following conditions are true:
ITExamAnswers.net
The no ip domain lookup command is configured. IP name server addresses are not configured. There are no
valid interfaces or routes for sending to the configured name server addresses.
QUESTION 203
Which command should you enter to verify the priority of a router in an HSRP group?
A. show standby
B. show interfaces
C. show sessions
D. show hsrp
Correct Answer: A
Section: (none)
Explanation
QUESTION 204
Which feature or method can you use to isolate physical layer problems on a serial link?
A. autonegotiation
B. protocol analyzer
C. loopback tests
D. UDLD
Correct Answer: C
Section: (none)
Explanation
QUESTION 205
Which algorithm is used for the frame check sequence in an Ethernet frame?
A. MD5
B. AES-256
C. CRC
D. SHA-1
Correct Answer: C
Section: (none)
Explanation
QUESTION 206
Which two features can you enable on a switch to capture network traffic and measure performance?(choose
two)
A. ACL
B. SPAN
C. IP SLA
ITExamAnswers.net
D. STP
E. SNMP
Correct Answer: BE
Section: (none)
Explanation
QUESTION 207
Which layer of the TCP/IP model manages the transmission of binary digits across an Ethernet cable?
A. network
B. data link
C. transport
D. physical
Correct Answer: D
Section: (none)
Explanation
QUESTION 208
Which statement about recovering a password on a Cisco router is true?
A. The default reset password is cisco

B. It requires a secure SSl/VPN connection
C. A factory resset is required if you forget the password
D. It requires physical access to the router
Correct Answer: D
Section: (none)
Explanation
Other choices are surely incorrect so only “physical access” answer is the correct one. In order to recover a
password on a Cisco router, the first thing you have to do is either switch off or shut down the router. For more
information about this process, please read http://www.cisco.com/c/en/us/support/docs/routers/2800-series-
integrated-services-routers/112033-c2900-password-recovery-00.html
QUESTION 209
What are two advantages of static routing? (Choose two.)
A. It can be implemented easily even in large environments

B. It allows the administrator to control the path of traffic
C. It produces minimal CPU load
D. It allows the network to respond immediately to changes
E. It cannot be used to load-balance traffic over multiple links
Correct Answer: BC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 210
Which two steps must you perform on each device that is configured for IPv4 routing before you implement
OSPFv3?(Choose two)
A. configure an autonomous system number

B. configure a loopback interface
C. configure a router ID
D. Enable IPv6 on an interface
E. Enable IPv6 unicast routing
Correct Answer: DE
Section: (none)
Explanation
Before you enable OSPF for IPv6 on an interface, you must perform the following:+ Complete the OSPF
network strategy and planning for your IPv6 network. For example, you must decide whether multiple areas are
required.
+ Enable IPv6 unicast routing.
+ Enable IPv6 on the interface.Reference: https://www.cisco.com/c/en/us/support/docs/ip/ip-version-6-
ipv6/112100-ospfv3-config-guide.html
Note: If we have already had an active interface, we don’t need to configure the router ID for OSPFv3 anymore
because the device will automatically choose that IPv4 address for its router ID).
QUESTION 211
What is the effect of PortFast on the MAC aging process?
A. It prevents fast aging of MAC addresses when IEEE 802.1D is in use

B. It prevents fast aging of MAC addresses when RSTP is in use
C. It ignores the MAC aging timer when RSTP is in use
D. It ignores the MAC aging timer when IEEE 802.1D is in use
Correct Answer: C
Section: (none)
Explanation
QUESTION 212
Which two TLVs does LLDP support ? (Choose two.)
A. system description
B. port duplex
C. management address
D. native VLAN
E. spanning tree
Correct Answer: AC
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 213
Which two circumstances can prevent two routers from establishing an EIGRP neighbor adjacency? (Choose
two.)
A. An ACL is blocking traffic from multicast address 224.0.05

B. Both routers have the same router ID
C. The routers are on different subnets
D. The two routers have the same autonomous system number
E. The routers have mismatched K values
Correct Answer: CE
Section: (none)
Explanation
QUESTION 214
Which two features can dynamically assign IPv6 addresses? (Choose two.)
A. IPv6 stateless autoconfiguration

B. DHCP
C. NHRP
D. IPv6 stateful autoconfiguration
E. ISATAP tunneling
Correct Answer: AD
Section: (none)
Explanation
Answer “DHCP” is not correct because DHCP can only assign IPv4 address. To assign IPv6 address, DHCPv6
should be used instead.
Answer “NHRP” is not correct because it is a protocol used in DMVPN.
Answer “ISATAP tunneling” is not correct because it is an IPv6 transition mechanism to transmit IPv6 packets
between dual-stack nodes on top of an IPv4 network.
The two types of autoconfiguration are “stateless” and “stateful.”
Stateful autoconfiguration is the IPv6 equivalent of DHCP. A new protocol, called DHCPv6 (and based closely
on DHCP), is used to pass out addressing and service information in the same way that DHCP is used in IPv4.
This is called “stateful” because the DHCP server and the client must both maintain state information to keep
addresses from conflicting, to handle leases, and to renew addresses over time -> Answer “IPv6 stateful
autoconfiguration” is correct.
Stateless Autoconfiguration allows an interface to automatically “lease” an IPv6 address and does not require
the establishment of an server to delve out address space. Stateless autoconfiguration allows a host to propose
an address which will probably be unique (based on the network prefix and its Ethernet MAC address) and
propose its use on the network. Because no server has to approve the use of the address, or pass it out,
stateless autoconfiguration is simpler. This is the default mode of operation for most IPv6 systems, including
servers. So answer “IPv6 stateless autoconfiguration” is correct too.
QUESTION 215
ITExamAnswers.net
Which type of routing protocol operates by using first information from each device peers?
A. link-state protocols
B. distance-vector protocols
C. path-vector protocols
D. exterior gateway protocols
Correct Answer: A
Section: (none)
Explanation
http://www.ciscopress.com/articles/article.asp?p=24090&seqNum=4
The reason is that unlike the routing-by-rumor approach of distance vector, link state routers have firsthand
information from all their peer routers. Each router originates information about itself, its directly connected
links, and the state of those links (hence the name). This information is passed around from router to router,
each router making a copy of it, but never changing it. The ultimate objective is that every router has identical
information about the internetwork, and each router will independently calculate its own best paths.
QUESTION 216
According to industry best practices, which length is the recommended maximum for a Category 6 cable in a
10GBASE-T environment?
A. 37 meters
B. 300 meters
C. 100 meters
D. 55 meters
Correct Answer: D
Section: (none)
Explanation
QUESTION 217
Which two statements about floating static routes are true? (Choose two)
A. They are routes to the exact /32 destination address

B. They are used when a route to the destination network is missing
C. They have a higher administrative distance than the default static route administrative distance
D. They are used as back-up routes when the primary route goes down
E. They are dynamic routes that are learned from a server
Correct Answer: CD
Section: (none)
Explanation
Floating static routes are static routes that have an administrative distance greater than the administrative
distance (AD) of another static route or dynamic routes. By default a static route has an AD of 1 then floating
static route must have the AD greater than 1. Floating static route has a manually configured administrative
distance greater than that of the primary route and therefore would not be in the routing table until the primary
route fails.
QUESTION 218
ITExamAnswers.net
Which two IP SLA operations can you use to measure the end-to-end response time for all IP traffic between a
Cisco router and an end device ?(choose two)
A. ICMP path echo

B. UDP echo
C. ICMP path jitter
D. UDP jitter
E. TCP connect
F. ICMP echo
Correct Answer: AF
Section: (none)
Explanation
To measure end-to-end reponse time we have to use ICMP echo to continuously ping to a remote device. The
difference between ICMP path echo and ICMP echo is the former can measure hop-by-hop response time on
its whole path while the latter can only measure to a specific destination.
QUESTION 219
Which type of port supports voice VLAN configuration?
A. Access switch port

B. Trunk switch port
C. Private VLAN switch port
D. Layer 3 Switch port
Correct Answer: A
Section: (none)
Explanation
QUESTION 220
Which two advantages do dynamic routing protocols provide over static routing? (Choose two.)
A. Dynamic routing requires fewer resources than static routing

B. Only dynamic routing is supported on all topologies that require multiple routers
C. Dynamic routing protocols are easier to manage on very large networks
D. Dynamic routing protocols automatically adapt to reroute traffic if possible
E. Dynamic routing is more secure than static routing
Correct Answer: CD
Section: (none)
Explanation
QUESTION 221
Which two statements about northbound and southbound APIs are true? (Choose two.)
A. Only southbound APIs allow program control of the network.

B. Only northbound APIs allow program control of the network.
ITExamAnswers.net
C. Only southbound API interfaces use a Service Abstraction Layer.
D. Only northbound API interfaces use a Service Abstraction Layer.
E. Both northbound and southbound API interfaces use a Service Abstraction Layer.
F. Both northbound and southbound APIs allow program control of the network.
Correct Answer: BC
Section: (none)
Explanation
A northbound interface is an interface that allows a particular component of a network to communicate with a
higher-level component. Conversely, a southbound interface allows a particular network component to
communicate with a lower-level component.
program the network and request services from it.
Southbound interfaces are implemented with a Service Abstraction Layer (SAL) Which speak to network
devices using SNMP and CLI (Command Line Interface) of the elements that make up the network. The main
functions of SAL are:
+ Expose device services and capabilities to apps
+ Determine how to fulfill requested service irrespective of the underlying protocol
Note:
+ An API is a method for one application (program) to exchange data with another application.
+ Interface here refers to the “software interface”, not the physical interfaces.
QUESTION 222
Which step in the router boot process searches for an IOS image to load into the router?
A. bootstrap
B. POST
C. mini-IOS
D. ROMMON mode
Correct Answer: A
Section: (none)
Explanation
ITExamAnswers.net
The following details the router boot process:
1. The router is powered on.
2. The router first runs Power-On Self Test (POST)
3. The bootstrap checks the Configuration Register value to specify where to load the IOS. By default (the
default value of Configuration Register is 2102, in hexadecimal), the router first looks for “boot system”
commands in startup-config file. If it finds these commands, it will run boot system commands in order they
appear in startup-config to locate the IOS. If not, the IOS image is loaded from Flash . If the IOS is not found in
Flash, the bootstrap can try to load the IOS from TFTP server or from ROM (mini-IOS).
4. After the IOS is found, it is loaded into RAM.
5. The IOS attempts to load the configuration file (startup-config) from NVRAM to RAM. If the startup-config is
not found in NVRAM, the IOS attempts to load a configuration file from TFTP. If no TFTP server responds, the
router enters Setup Mode (Initial Configuration Mode).
For more information about booting process please read our Cisco Router Boot Sequence tutorial.
QUESTION 223
What is the danger of the permit any entry in a NAT access list?
A. It can lead to overloaded resources on the router.

B. It can cause too many addresses to be assigned to the same interface.
C. It can disable the overload command.
D. It prevents the correct translation of IP addresses on the inside network.
Correct Answer: A
Section: (none)
Explanation
Using permit any can result in NAT consuming too many router resources, which can cause network problems.
You should only limit the NAT access list to a specific range of IP addresses.
QUESTION 224
Which command can you enter on a switch to determine the current SNMP security model?
A. show snmp group

B. show snmp pending
C. snmp-server contact
D. show snmp engineID
Correct Answer: A
Section: (none)
Explanation
Three security models are available: SNMPv1, SNMPv2c, and SNMPv3. The security model combined with the
security level determine the security mechanism applied when the SNMP message is processed.
The command “show snmp group” displays the names of groups on the router and the security model, the
status of the different views, and the storage type of each group. Below is an example of this command.
ITExamAnswers.net
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/
configuration/guide/sm_nx_os_cg/sm_9snmp.html
QUESTION 225
Which value is included in the initial TCP syn message?
A. a session ID
B. sequence number
C. a TTL number
D. an acknowledgment number
Correct Answer: B
Section: (none)
Explanation
QUESTION 226
Which circumstances is a common cause of late collisions?
A. overload hardware queues

B. native VLAN mismatch
C. duplex mismatch
D. software misconfiguration
Correct Answer: C
Section: (none)
Explanation
QUESTION 227
Which two approaches are common when troubleshooting network issues? (Choose two.)
A. top-down
B. policing
C. layer-by-layer
D. round-robin
E. divide and conquer
Correct Answer: AE
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 228
Which two descriptions of TACACS+ are true? (Choose two.)
A. It encrypts only the password.

B. It can authorize specific router commands.
C. It separates authentication, authorization, and accounting functions.
D. It uses UDP as its transport protocol.
E. It combines authentication and authorization.
Correct Answer: BC
Section: (none)
Explanation
QUESTION 229
What is a valid HSRP virtual MAC address?
A. 007.3313.9734
B. 0000.0C07.AC15
C. 0007.B400.AE01
D. 0000.5E00.01A3
Correct Answer: B
Section: (none)
Explanation
With HSRP, two or more devices support a virtual router with a fictitious MAC address and unique IP address.
There are two version of HSRP.
+ With HSRP version 1, the virtual router’s MAC address is 0000.0c07.ACxx , in which xx is the HSRP group.
Therefore C is correct.
+ With HSRP version 2, the virtual MAC address is 0000.0C9F.Fxxx, in which xxx is the HSRP group.
Note: Another case is HSRP for IPv6, in which the MAC address range from 0005.73A0.0000 through
0005.73A0.0FFF.
(Good resource for HSRP: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/unicast/

configuration/guide/l3_hsrp.html)
QUESTION 230
Which two statements about Ethernet standards are true?(choose two)
A. Ethernet is defined by IEEE standard 802.2

B. Ethernet is defined by IEEE standard 802.3
C. Ethernet 10BASE-T dose not support full-duplex.
D. When an Ethernet network uses CSMA/CD ,it terminates transmission as soon as collision occurs
E. When an Ethernet network uses CSMA/CA ,it terminates transmission as soon as collision occurs
Correct Answer: BD
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 231
Which two options are features of the extended ping command? (Choose two.)
A. It can send a specific number of packets

B. It can send packet from specified interface of IP address
C. It can resolve the destination host name
D. It can ping multiple host at the same time
E. It can count the number of hops to the remote host.
Correct Answer: AB
Section: (none)
Explanation
There are many options to choose when using extended ping. Below shows the options that we can choose:
In which:
+ Repeat count [5]: Number of ping packets that are sent to the destination address. The default is 5 -> A is
correct.
+ Source address or interface: The interface or IP address of the router to use as a source address for the
probes -> B is correct.
For more information about extended ping, please read: http://www.cisco.com/c/en/us/support/docs/ip/routing-

information-protocol-rip/13730-ext-ping-trace.html
QUESTION 232
Which frame type allows STP to compute the spanning-tree topology?
A. LSP
B. LSA
C. RSTP
ITExamAnswers.net
D. BPDU
Correct Answer: D
Section: (none)
Explanation
QUESTION 233
Which utility can you use to identify redundant or shadow rules?
A. The ACL trace tool in Cisco APIC-EM.

B. The ACL analysis tool in Cisco APIC-EM.
C. The Cisco APIC-EM automation scheduler.
D. The Cisco IWAN application.
Correct Answer: B
Section: (none)
Explanation
Cisco APIC-EM supports the following policy analysis features:
+ Inspection, interrogation, and analysis of network access control policies.
+ Ability to trace application specific paths between end devices to quickly identify ACLs in use and problem
areas.
+ Enables ACL change management with easy identification of conflicts and shadows -> Maybe B is the most
suitable answer.
Reference: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policy-infrastructure-
controller-enterprise-module/1-2-x/config-guide/b_apic-em_config_guide_v_1-2-x/b_apic-
em_config_guide_v_1-2-x_chapter_01000.pdf
The ACL trace tool can only help us to identify Which ACL on Which router is blocking or allowing traffic. It
cannot help identify redundant/shadow rules.
Note:
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) is a Cisco Software Defined
Networking (SDN) controller, Which uses open APIs for policy-based management and security through a
single controller, abstracting the network and making network services simpler. APIC-EM provides centralized
automation of policy-based application profiles.
Reference: CCNA Routing and Switching Complete Study Guide
Cisco Intelligent WAN (IWAN) application simplifies the provisioning of IWAN network profiles with simple
business policies. The IWAN application defines business-level preferences by application or groups of
applications in terms of the preferred path for hybrid WAN links. Doing so improves the application experience
over any connection and saves telecom costs by leveraging cheaper WAN links.
Shadow rules are the rules that are never matched (usually because of the first rules). For example two
access-list statements:
access-list 100 permit ip any any

access-list 100 deny tcp host A host B
Then the second access-list statement would never be matched because all traffic have been already allowed
by the first statement. In this case we call statement 1 shadows statement 2.
ITExamAnswers.net
QUESTION 234
Which two statements about IPv6 multicast addresses are true? (Choose two.)
A. They use the prefix FC80::/8

B. If the lifetime parameter is set to 1, the route is permanent
C. They identify a group of interfaces on different devices
D. They use the prefix FF00::/8
E. If the scope parameter is set to 5, the route is local to the node
Correct Answer: CD
Section: (none)
Explanation
QUESTION 235
What is the simplest IP SLA operation that can measure end-to-end response time between devices?
A. ICMP path jitter

B. ICMP path echo
C. ICMP echo
D. ICMP jitter
Correct Answer: C
Section: (none)
Explanation
QUESTION 236
Which tunneling mechanism embeds an IPv4 address within an IPv6 address?
A. Teredo
B. 6to4
C. 4to6
D. GRE
E. ISATAP
Correct Answer: B
Section: (none)
Explanation
QUESTION 237
Which command should you enter to configure a single port to prevent alternate ports from becoming
designated ports?
A. spanning-tree guard root

B. spanning-tree guard loop
C. spanning-tree loopguard default
ITExamAnswers.net
D. spanning-tree etherchannel misconfig
Correct Answer: B
Section: (none)
Explanation
QUESTION 238
What is the most efficient subnet mask for a point to point ipv6 connection?
A. /127
B. /128
C. /64
D. /48
E. /32
Correct Answer: A
Section: (none)
Explanation
On inter-router point-to-point links, it is useful, for security and other reasons, to use 127-bit IPv6 prefixes. Such
a practice parallels the use of 31-bit prefixes in IPv4.
Reference: https://tools.ietf.org/html/rfc6164
QUESTION 239
Which two goals are reasons to implement private IPv4 addressing on your network? (Choose two.)
A. Conserve IPv4 address

B. Reduce the size of the forwarding table on network routers
C. Reduce the risk of a network security breach
D. Comply with PCI regulations
E. Comply with local law
Correct Answer: AC
Section: (none)
Explanation
QUESTION 240
Which circumstance matches the description of an excessive collision?
A. The same frame is sent sixteen times.

B. The deferred counter value is greater than 1024.
C. Bit 512 of the frame is sent.
D. An interface receives fifteen or more alignment errors.
Correct Answer: A
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 241
Which two statements about GRE tunnels are true? (Choose two.)
A. They provide privacy, integrity, and authenticity.

B. They can operate in tunnel mode and transport mode.
C. They add 8 bytes to the IP header of each packet.
D. They allow multicast traffic to traverse WAN circuits.
E. They encapsulate the payload
Correct Answer: DE
Section: (none)
Explanation
QUESTION 242
When you deploy multilink PPP on your network, where must you configure the group IP Address on each
device?
A. In the global config

B. Under serial interface
C. Under the routing protocol
D. Under the multilink interface
Correct Answer: D
Section: (none)
Explanation
Suppose R1 has two Serial interfaces which are directly connected to R2. This is how to configure multilink on
R1:
R1(config-if)# interface Serial 0/0

R1(config-if)# encapsulation ppp
R1(config-if)# ppp multilink
R1(config-if)# ppp multilink group 1
R1(config-if)# no shutdown
R1(config-if)# interface Serial 0/1

R1(config-if)# encapsulation ppp
R1(config-if)# no shutdown
R1(config)# interface multilink 1

R1(config-if)# ip address 192.168.42.1 255.255.255.252
Therefore we must configure IP address under multilink interface, not physical member interfaces.
QUESTION 243
Which two commands should you enter to view the PID and serial number of a router? (Choose two.)
ITExamAnswers.net
A. show license udi
B. show license feature
C. show license
D. show license status
E. show version
Correct Answer: AE
Section: (none)
Explanation
QUESTION 244
Which file-system management command is used frequently when IOS backups, upgrades, and restores are
performed?
A. delete
B. copy
C. show file
D. show dir
Correct Answer: B
Section: (none)
Explanation
QUESTION 245
Which specification supports full-duplex traffic only?
A. 100BASE-TX
B. 1000BASE-SX
C. 1000BASE-TX
D. 10BASE-T
Correct Answer: B
Section: (none)
Explanation
QUESTION 246
Which two statements about PDU encapsulation are true? (Choose two.)
A. During encapsulation, each layer adds a header and trailer to the PDU from the layer below
B. During encapsulation, each layer adds a header and sometimes adds a trailer to the PDU from the layer
above
C. In the TCP/IP reference model, PDU encapsulation occurs on the network layer
D. PDU encapsulation takes place only at the transport layer
E. In the TCP/IP reference model, PDU encapsulation starts on the Internet layer with the data from the
application layer
ITExamAnswers.net
Correct Answer: BE
Section: (none)
Explanation
QUESTION 247
Which statement about switch ports is true?
A. The default VLAN and native VLAN must be different on al ports

B. VLAN 1 is preconfigured as the native VLAN on trunk ports only.
C. VLAN 1 is preconfigured as the default VLAN on all switch ports.
D. VLAN 100 is preconfigured as the native VLAN on al switch ports
Correct Answer: C
Section: (none)
Explanation
QUESTION 248
Which protocol enables a Cisco IP phone to provide QoS instructions to a switch?
A. VTP
B. CDP
C. 802.1Q
D. DTP
Correct Answer: B
Section: (none)
Explanation
QUESTION 249
Which two statements about MPLS are true? (Choose two.)
A. It uses point-to-point physical circuits to provide logical full-mesh connections to the service provider.
B. It requires a hub in a large data center with a fast connection to the service provider.
C. All connections are full mesh with full redundancy.
D. It provides easily scalable bandwidth to support newer connectivity options for numerous remote sites.
E. Because it is a mature technology, it requires less skill to administer.
Correct Answer: CD
Section: (none)
Explanation
QUESTION 250
Which two statements about the routing table are true? (Choose two.)
ITExamAnswers.net
A. It displays information about the successor and the feasible successor.
B. It displays the administrative distance and metric of the routes that it learns
C. It displays the metric and the reported distance of the routes that it learns.
D. It uses letters such as O, I,and D to identify how a route is learned.
E. It uses the > symbol to indicate the best route.
Correct Answer: BD
Section: (none)
Explanation
QUESTION 251
Which chassis-aggregation technology combines two physical switches into one virtual switch?
A. VSS
B. LACP
C. VRRP
D. StackWise
Correct Answer: A
Section: (none)
Explanation
QUESTION 252
Which chassis-aggregation technology binds two individual Cisco switches at control and data planes to act as
one logical switch?
A. LACP
B. vPC
C. VRRP
D. VSS
Correct Answer: D
Section: (none)
Explanation
QUESTION 253
Which function can be centralized in software-defined networking?
A. data plane
B. application plane
C. control plane
D. services plane
Correct Answer: C
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 254
How many bits in length is a VLAN identifier?
A. 32
B. 48
C. 16
D. 64
Correct Answer: C
Section: (none)
Explanation
QUESTION 255
Which two features can mitigate spanning tree issues that are caused by broken fiber cables on interswitch
links? (Choose two)
A. UDLD
B. root guard
C. loop guard
D. BPDU guard
E. DTP
Correct Answer: AC
Section: (none)
Explanation
QUESTION 256
Which command must you use to verify hostname-to-IP-address mapping information?
A. Show sessions
B. Show arp
C. Show mac-address-table
D. Show hosts
Correct Answer: D
Section: (none)
Explanation
QUESTION 257
Which two are advantages of static routing when compared to dynamic routing? (Choose two.)
ITExamAnswers.net
A. Configuration complexity decreases as network size increases.
B. Security increases because only the network administrator may change the routing table.
C. Route summarization is computed automatically by the router.
D. Routing tables adapt automatically to topology changes.
E. An efficient algorithm is used to build routing tables, using automatic updates.
F. Routing updates are automatically sent to neighbors.
G. Routing traffic load is reduced when used in stub network links.
Correct Answer: BG
Section: (none)
Explanation
Since static routing is a manual process, it can be argued that it is more secure (and more prone to human
errors) since the network administrator will need to make changes to the routing table directly.
Also, in stub networks where there is only a single uplink connection, the load is reduced as stub routers just
need a single static default route, instead of many routes that all have the same next hop IP address.
QUESTION 258
Which two statements about the ip subnet-zero command are true? (Choose two.)
A. It specifies the broadcast IP addresses in the subnet.

B. It enables the network to make full use of the available IP address space.
C. It is enabled by default on Cisco routers.
D. It must be configured each time you reboot a router.
E. It must be configured before you activate NAT on a router.
Correct Answer: BC
Section: (none)
Explanation
QUESTION 259
Refer to the exhibit. Which BGP configuration do you need to apply to router R4 to allow traffic to flow normally
on this network?
A. Router bgp1
No synchronization
Neighbor 192.168.1.1 remote-as 1
Neighbor 192.168.1.1 ebgp-multihop 4
No auto-summary
B. Router bgp1
ITExamAnswers.net
No synchronization
No auto-summary
C. Router bgp1
No synchronization
No auto-summary
D. Router bgp1
No synchronization
No auto-summary
Correct Answer: B
Section: (none)
Explanation
QUESTION 260
Refer to the diagram. All hosts have connectivity with one another. Which statements describe the addressing
scheme that is in use in the network? (Choose three.)
A. The subnet mask in use is 255.255.255.192

B. The subnet mask in use is 255.255.255.128
C. The IP address 172.16.1.25 can be assigned to hosts in VLAN1
D. The IP address 172.16.1.205 can be assigned to hosts in VLAN1
E. The LAN interface of the router is configured with one IP address.
F. The LAN interface of the router is configured with multiple IP addresses.
ITExamAnswers.net
Correct Answer: BCF
Section: (none)
Explanation
QUESTION 261
Refer to the exhibit. Which port security violation mode is configured on interface FA0/1?
A. protect
B. shutdown VLAN
C. shutdown
D. restrict
Correct Answer: C
Section: (none)
Explanation
QUESTION 262
Refer to the exhibit. HostA cannot ping HostB. Assuming routing is properly configured, what is the cause of
this problem?
ITExamAnswers.net
A. HostA is not on the same subnet as its default gateway.
B. The address of SwitchA is a subnet address.
C. The Fa0/0 interface on RouterA is on a subnet that can’t be used.
D. The serial interfaces of the routers are not on the same subnet.
E. The Fa0/0 interface on RouterB is using a broadcast address.
Correct Answer: D
Section: (none)
Explanation
Now let’s find out the range of the networks on serial link:
For the network 192.168.1.62/27:
Increment: 32
Network address: 192.168.1.32
Broadcast address: 192.168.1.63
For the network 192.168.1.65/27:
Increment: 32
Network address: 192.168.1.64
Broadcast address: 192.168.1.95
-> These two IP addresses don’t belong to the same network and they can’t see each other
QUESTION 263
Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Which of the following are
true? (Choose two.)
A. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached.
B. Router C will use ICMP to inform Router B that Host 2 cannot be reached.
C. Router C will use ICMP to inform Host 1, Router A, and Router B that Host 2 cannot be reached.
D. Router C will send a Destination Unreachable message type.
E. Router C will send a Router Selection message type.
F. Router C will send a Source Quench message type.
Correct Answer: AD
Section: (none)
Explanation
Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Router C will send ICMP
packets to inform Host 1 that Host 2 cannot be reached.
QUESTION 264
When you troubleshoot an IPv4 connectivity issue on a router, which three router configuration checks you
must perform?
A. Verify that the router interface IP address is correct.

B. Verify that the DNS is configured correctly.
C. Verify that the router and the host use the same subnet mask.
D. Verify that the router firmware is up-to-date.
E. Verify that a default route is configured.
F. Verify that the route appears in the Routing table
Correct Answer: ACF

Section: (none)
Explanation
ITExamAnswers.net
QUESTION 265
Which 2 optns are requirements for configuring ripv2 for ipv4 (choose 2 )?
A. enabling RIP authentication.

B. connecting RIP to a WAN Interface.
C. enabling auto route sumamrization.
D. allowing unicast updates for RIP.
E. enabling RIP on the router.
Correct Answer: DE
Section: (none)
Explanation
To enable RIP surely we have to enable it first (with the “router rip” command in global configuration mode) -> E
is correct.
RIPv2 sends its updates via multicast but in Nonbroadcast Multiple Access (NBMA) environment, multicast is
not allowed so we have to use unicast to send RIPv2 updates -> D is correct.
QUESTION 266
Based on the output below, which two statements are true of the interfaces on Switch1? (Choose two.)
ITExamAnswers.net
A. A hub is connected directly to FastEthernet0/5
B. FastEthernet0/1 is configured as a trunk link.
C. FastEthernet0/5 has statically assigned mac address
D. Interface FastEthernet0/2 has been disable.
E. Multiple devices are connected directly to FastEthernet0/1.
F. FastEthernet0/1 is connected to a host with multiple network interface cards.
Correct Answer: AB
Section: (none)
Explanation
From the “show mac address-table” output, we see FastEthernet0/1 can receive traffic from multiple VLANs ->
it is configured as a trunk. Also from the “show cdp neighbors” output, we see Fa0/1 of this switch is connecting
to Switch2 so it is configured as a trunk.
There are two MAC addresses learned from FastEthernet0/5 while FastEthernet0/5 is not configured as trunk
(only Fa0/2 & Fa0/3 are configured as trunk links) -> a hub is used on this port.
QUESTION 267
ITExamAnswers.net
If computer A is sending traffic to computer B, which option is the source IP address when a packet leaves R1
on interface F0/1?
A. IP address of the R2 interface F0/1

B. Ip address of computer B
C. Ip address of R1 interface F0/1
D. Ip address of Computer A
Correct Answer: D
Section: (none)
Explanation
In all the way on the path, the source and destination IP addresses never change, only the source and
destination MAC address are changed on each segment.
QUESTION 268
Refer to the exhibit. Which two facts can you determine from the EIGRP topology table? (Choose two.)
ITExamAnswers.net
A. All successors are injecting into the routing table.
B. If a route has more than one successor, only one route is injected into the routing table.
C. The reported distance value is greater than the feasible distance.
D. The FD 28416 for route 10.242.0.148 is also the metric for the routing table.
E. The variance command must have been issued to allow route 10.85.184.0 to have two successors.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 269
Refer to the exhibit. Given the output shown from this Cisco Catalyst 2950, what is the reason that interface
FastEthernet 0/10 is not the root port for VLAN 2?
ITExamAnswers.net
A. This switch has more than one interface connected to the root network segment in VLAN 2.
B. This switch is running RSTP while the elected designated switch is running 802.1d Spanning Tree.
C. This switch interface has a higher path cost to the root bridge than another in the topology.
D. This switch has a lower bridge ID for VLAN 2 than the elected designated switch.
Correct Answer: C
Section: (none)
Explanation
Since the port is in the blocked status, we must assume that there is a shorter path to the root bridge
elsewhere.
QUESTION 270
Refer to the exhibit. A new subnet with 60 hosts has been added to the network. Which subnet address should
this network use to provide enough usable addresses while wasting the fewest addresses?
A. 192.168.1.56/27
B. 192.168.1.64/26
C. 192.168.1.64/27
D. 192.168.1.56/26
Correct Answer: B
Section: (none)
Explanation
QUESTION 271
Which two statements about the tunnel mode ipv6ip command are true? (Choose two.)
A. It enables the transmission of IPv6 packets within the configured tunnel.

B. It specifies IPv4 as the encapsulation protocol.
C. It specifies IPv6 as the encapsulation protocol.
D. It specifies IPv6 as the transport protocol.
E. It specifies that the tunnel is a Teredo tunnel.
Correct Answer: AB
ITExamAnswers.net
Section: (none)
Explanation
The “tunnel mode ipv6ip” command specifies IPv6 as the passenger protocol and IPv4 as both the
encapsulation and transport protocol for the manual IPv6 tunnel. Notice that the tunnel source and destination
are configured with IPv4 addressing and the tunnel interface is configured with IPv6.
An example of configuring using this command is shown below:
R1(config)#int tunnel 1
R1(config-if)#ipv6 address 1cde:7ea:348:1::3/127
R1(config-if)#tunnel source 10.1.1.1
R1(config-if)#tunnel destination 10.1.1.2
R1(config-if)#tunnel mode ipv6ip
QUESTION 272
Which two statements about LLDP are true ?(choose two)
A. It uses mandatory TLVs to discover the neighboring devices

B. It functions at Layer 2 and Layer 3
C. It is a Cisco-proprietary technology
D. It is implemented in accordance with the 802.11a specification
E. It enables systems to learn about one another over the data-link layer
Correct Answer: AE
Section: (none)
Explanation
QUESTION 273
Which two commands can you use to verify an IP SLA? (Choose two.)
A. show ip sla application

B. show ip sla history
C. show ip sla configuration
D. show ip sla reaction-configuration
E. show ip sla statistics
Correct Answer: AC
Section: (none)
Explanation
QUESTION 274
Which technology supports multiple dynamic secure connections over an unsecure transport network?
ITExamAnswers.net
A. Point-to-point
B. DMVPN
C. VPN
D. site-to-site VPN
Correct Answer: B
Section: (none)
Explanation
QUESTION 275
After an FTP session to ftp.cisco.com fails, you attempt to ping the server. A ping to ftp.cisco.com also fails, but
a ping to the IP address of the server is successful. What is a reason for the failed FTP session?
A. The assigned DNS server is down

B. A firewall is blocking traffic from the FTP site
C. An ACL is blocking the FTP request
D. The Internet connection is down
Correct Answer: A
Section: (none)
Explanation
QUESTION 276
Which command can you enter to display the operational status of the network ports on a router?
A. show interface switchport

B. show ip interface brief
C. show running-config interface fastethernet 0/1
D. show interface status
Correct Answer: B
Section: (none)
Explanation
QUESTION 277
Which three commands are required to enable NTP authentication on a Cisco router? (Choose three)
A. ntp peer
B. ntp max-associations
C. ntp authenticate
D. ntp trusted-key
E. ntp authentication-key
F. ntp refclock
Correct Answer: CDE
ITExamAnswers.net
Section: (none)
Explanation
+ The “ntp authenticate” command is used to enable the NTP authentication feature (NTP authentication is
disabled by default).
+ The “ntp trusted-key” command specifies one or more keys that a time source must provide in its NTP
packets in order for the device to synchronize to it. This command provides protection against accidentally
synchronizing the device to a time source that is not trusted.
+ The “ntp authentication-key” defines the authentication keys. The device does not synchronize to a time
source unless the source has one of these authentication keys and the key number is specified by the “ntp
trusted-key number” command.
QUESTION 278
Which two operational modes are supported on the members of a StackWise switch stack? (Choose two.)
A. power-sharing
B. passive
C. active
D. redundant
E. standby
Correct Answer: AD
Section: (none)
Explanation
QUESTION 279
In which STP state does MAC address learning take place on a PortFast-enabled port?
A. listening
B. forwarding
C. discarding
D. learning
Correct Answer: B
Section: (none)
Explanation
QUESTION 280
Which option describes a benefit of a point-to-point leased line?
A. Low cost
B. Full-mesh capability
C. Flexibillity of design
D. Simply of configuration
Correct Answer: D
Section: (none)
Explanation
ITExamAnswers.net
Point-to-point leased line is the most expensive interconnection between two ends as the line is dedicated to a
single user, the user should still pay for all available bandwidth, including those unused. -> A is not correct.
With the cost of point-to-point leased line, the full-mesh capability is only achieved when your company has very
very strong budget to pay all the bills. To create a full-mesh topology for n sites, we need n*(n-1)/2 leased line
connections. For example if we have 6 sites then we need 6*5/2 = 15 leased line connections -> It is nearly
impossible for a normal company to achieve full-mesh topology -> B is not correct.
Flexibility is not an advantage of leased line connection -> C is not correct.
Point-to-point leased line simplifies the configuration as the circuit is available on a permanent basis and does
not require a connection to be set up before traffic is passed. It does not require to define a permanent virtual
circuit (PVC) in the configuration either -> D is correct.
QUESTION 281
Which option is the industry-standard industrialized protocol for EtherChannel?
A. LACP
B. PAGP
C. PRP
D. REP
Correct Answer: A
Section: (none)
Explanation
QUESTION 282
Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)
ITExamAnswers.net
A. The interface dynamically learned two secure MAC addresses.
B. A syslog message is generated when the maximum number of secure MAC addresses is reached on the
interface.
C. Two secure MAC address are manually configured on the interface.
D. The interface is error-disabled.
E. An SNMP trap is generated when the maximum number of secure MAC addresses is reached on the
interface.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 283
While troubleshooting a GRE tunnel interface issue, show interface command output displays tunnel status up,
but line protocol is down. Which reason for this problem is the most likely?
A. The next hop server is misconfigured.

B. The route to the tunnel destination address is through the tunnel itself.
C. The tunnel was just reset.
D. The interface has been administratively shut down.
Correct Answer: B
Section: (none)
Explanation
QUESTION 284
Which two statements about IPv6 and routing protocols are true? (Choose two.)
A. Link-local addresses are used to form routing adjacencies.

B. OSPFv3 was developed to support IPv6 routing.
C. EIGRP, OSPF, and BGP are the only routing protocols that support IPv6.
D. Loopback addresses are used to form routing adjacencies.
E. EIGRPv3 was developed to support IPv6 routing.
Correct Answer: AB
Section: (none)
Explanation
Link-local addresses only used for communications within the local subnetwork (automatic address
configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the
current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface
identifier (based on 48-bit MAC address).
QUESTION 285
Which type of routing protocol operates by exchanging the entire routing information?
A. distance vector protocols
ITExamAnswers.net
B. link state protocols
C. path vector protocols
D. exterior gateway protocols
Correct Answer: A
Section: (none)
Explanation
Distance vector protocols (like RIP) exchanges the entire routing information each time the routers send the
updates.Note: EIGRP is considered an advanced distance vector protocol so it does not send the whole routing
table for each update.
QUESTION 286
At the end of an RSTP election process, which access layer switch port will assume the discarding role?
A. Switch3, port fa0/1

B. Switch3, port fa0/12
C. Switch4, port fa0/11
D. Switch4, port fa0/2
E. Switch3, port Gi0/1
F. Switch3, port Gi0/2
Correct Answer: C
Section: (none)
Explanation
In this question, we only care about the Access Layer switches (Switch3 & 4). Switch 3 has a lower bridge
ID than Switch 4 (because the MAC of Switch3 is smaller than that of Switch4) so both ports of Switch3
will be in forwarding state. The alternative port will surely belong to Switch4.
Switch4 will need to block one of its ports to avoid a bridging loop between the two switches. But how
does Switch4 select its blocked port? Well, the answer is based on the BPDUs it receives from Switch3. A
BPDU is superior to another if it has:
1. A lower Root Bridge ID
2. A lower path cost to the Root
ITExamAnswers.net
3. A lower Sending Bridge ID
4. A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by Switch3 have
the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only
parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). In this
case the port priorities are equal because they use the default value, so Switch4 will compare port index
values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/1, Switch4 will
select the port connected with Fa0/1 (of Switch3) as its root port and block the other port -> Port fa0/11
of Switch4 will be blocked (discarding role).
QUESTION 287
What are types of IPv6 static routes? (Choose Three )
A. Recursive routes
B. Directly connected routes
C. Fully specified routes
D. Advertised routes
E. Virtual links
F. Redistributed routes
Correct Answer: ABC

Section: (none)
Explanation
Directly connected routes: In directly attached static routes, only the output interface is specified. The
destination is assumed to be directly attached to this interface, so the packet destination is used as the next-
hop address. This example shows such a definition:
ipv6 route 2001:DB8::/32 gigabitethernet1/0/0
The example specifies that all destinations with address prefix 2001:DB8::/32 are directly reachable through
interface GigabitEthernet1/0/0.
Recursive Static Routes: In a recursive static route, only the next hop is specified. The output interface is
derived from the next hop. This example shows such a definition:
ipv6 route 2001:DB8::/32 2001:DB8:3000:1
This example specifies that all destinations with address prefix 2001:DB8::/32 are reachable via the host with
address 2001:DB8:3000:1.
Fully Specified Static Routes: In a fully specified static route, both the output interface and the next hop are
specified. This form of static route is used when the output interface is a multi-access one and it is necessary to
explicitly identify the next hop. The next hop must be directly attached to the specified output interface. The
following example shows a definition of a fully specified static route:
ipv6 route 2001:DB8:/32 gigabitethernet1/0/0 2001:DB8:3000:1
A fully specified route is valid (that is, a candidate for insertion into the IPv6 routing table) when the specified
IPv6 interface is IPv6-enabled and up.
Besides three of the static IPv routes, there is one more type of IPv6 static route, that is Floating Static Routes
(static route with a higher administrative distance than the dynamic routing protocol it is backing up)
For more information about these IPv6 routes, please read: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/
ipv6/configuration/xe-3s/ipv6-xe-36s-book/ip6-stat-routes.html
QUESTION 288
ITExamAnswers.net
Which two functions can be performed by a local DNS server? (Choose two.)
A. assigning IP addresses to local clients

B. copying updated IOS images to Cisco switches
C. resolving names locally
D. forwarding name resolution requests to an external DNS server
E. transferring split horizon traffic between zones
Correct Answer: CD
Section: (none)
Explanation
QUESTION 289
Which two benefits of implementing a full-mesh WAN topology are true?(Choose two
A. increased latency
B. redundancy
C. improved scalability
D. reliability
E. reduced itter
Correct Answer: BD
Section: (none)
Explanation
QUESTION 290
Which two statements about IPv6 anycast addresses are true?( Choose two)
A. They receive packets on the closest interface that is discovered by the routing protocol
B. They are allocated from the IPv6 broadcast address space
C. They are used in conjunction with source-specific multicast for IPv6
D. They use the prefix FC00::/8
E. They arr allocated from the IPv6 unicast address space
Correct Answer: AE
Section: (none)
Explanation
QUESTION 291
What is one benefit of PVST+?
A. PVST+ supports Layer 3 load balancing without loops.

B. PVST+ reduces the CPU cycles for all the switches in the network.
C. PVST+ allows the root switch location to be optimized per VLAN.
D. PVST+ automatically selects the root bridge location, to provide optimized bandwidth usage.
ITExamAnswers.net
Correct Answer: C
Section: (none)
Explanation
The PVST+ provides Layer 2 load-balancing for the VLAN on which it runs. You can create different logical
topologies by using the VLANs on your network to ensure that all of your links are used but that no one link is
oversubscribed. Each instance of PVST+ on a VLAN has a single root switch. This root switch propagates the
spanning-tree information associated with that VLAN to all other switches in the network. Because each switch
has the same information about the network, this process ensures that the network topology is maintained and
optimized per VLAN.
QUESTION 292
Which keyword enables an HSRP router to take the active role immediately what it comes online?
A. preempt
B. priority
C. version
D. IP address
Correct Answer: A
Section: (none)
Explanation
QUESTION 293
The network shown in the diagram is experiencing connectivity problems. Which of the following will correct the
problems? (Choose two.)
A. Configure the gateway on Host A as 10.1.1.1

B. Configure the gateway on Host B as 10.1.2.254
C. Configure the IP address of Host A as 10.1.2.2
D. Configure the IP address of Host B as 10.1.2.2
E. Configure the masks on both hosts to be 255.255.255.224
F. Configure the masks on both hosts to be 255.255.255.240
ITExamAnswers.net
Correct Answer: BD
Section: (none)
Explanation
The switch 1 is configured with two VLANs: VLAN1 and VLAN2. The IP information of member Host A in
VLAN1 is as follows:
Address : 10.1.1.126
Mask : 255.255.255.0
Gateway : 10.1.1.254
The IP information of member Host B in VLAN2 is as follows:
Address : 10.1.1.12
Mask : 255.255.255.0
Gateway : 10.1.1.254
The configuration of sub-interface on router 2 is as follows:
Fa0/0.1 — 10.1.1.254/24 VLAN1
Fa0/0.2 — 10.1.2.254/24 VLAN2
It is obvious that the configurations of the gateways of members in VLAN2 and the associated network
segments are wrong. The layer3 addressing information of Host B should be modified as follows:
Address : 10.1.2.X
Mask : 255.255.255.0
QUESTION 294
Which technology provides chassis redundancy in a VSS environment?
A. BFD
B. multichassis EtherChannels
C. VRRP
D. StackWise
Correct Answer: B
Section: (none)
Explanation
QUESTION 295
During which phase of PPPoE is PPP authentication performed?
A. the PPP Session phase

B. Phase 2
C. the Active Discovery phase
D. the Authentication phase
E. Phase 1
Correct Answer: A
Section: (none)
Explanation
PPPoE provides a standard method of employing the authentication methods of the Point-to-Point Protocol
(PPP) over an Ethernet network. When used by ISPs, PPPoE allows authenticated assignment of IP
addresses. In this type of implementation, the PPPoE client and server are interconnected by Layer 2 bridging
protocols running over a DSL or other broadband connection.
PPPoE is composed of two main phases:
+ Active Discovery Phase: In this phase, the PPPoE client locates a PPPoE server, called an access
ITExamAnswers.net
concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.
+ PPP Session Phase: In this phase, PPP options are negotiated and authentication is performed. Once the
link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred
over the PPP link within PPPoE headers.
Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/vpn/asa-vpn-cli/vpn-
pppoe.html
QUESTION 296
Which switching method helps mitigate late collissions?
A. Layer 3
B. Store-and-forward
C. fragment-free
D. cut-through
Correct Answer: C
Section: (none)
Explanation
QUESTION 297
Which two QoS tools can provide congestion management? (Choose two.)
A. CBWFQ
B. FRTS
C. CAR
D. PQ
E. PBR
Correct Answer: AD
Section: (none)
Explanation
QUESTION 298
Which command is configured on a switch to enable neighbor discovery in a multivendor environment?
A. lldp run
B. lldp transmit
C. lldp receive
D. cdp run
Correct Answer: A
Section: (none)
Explanation
QUESTION 299
What parameter can be different on ports within an EtherChannel?
ITExamAnswers.net
A. speed
B. DTP negotiation settings
C. trunk encapsulation
D. duplex
Correct Answer: B
Section: (none)
Explanation
All interfaces in an EtherChannel must be configured identically to form an EtherChannel. Specific settings that
must be identical include:
+ Speed settings
+ Duplex settings
+ STP settings
+ VLAN membership (for access ports)
+ Native VLAN (for trunk ports)
+ Allowed VLANs (for trunk ports)
+ Trunking Encapsulation (ISL or 802.1Q, for trunk ports)
QUESTION 300
At Which severity level can syslog logging begin to affect router performance?
A. debugging
B. emergency
C. notification
D. critical
Correct Answer: B
Section: (none)
Explanation
QUESTION 301
What are two benefits that the UDP protocol provide for application traffic? (Choose two.)
A. UDP traffic has lower overhead than TCP traffic

B. UDP provides a built-in recovery mechanism to retransmit lost packets
C. The TTL field in the UDP packet header enables a three-way handshake to establish the connection
D. The application can use checksums to verify the integrity of application data
E. UDP maintains the connection state to provide more stable connections than TCP
Correct Answer: AD
Section: (none)
Explanation
QUESTION 302
Which two facts about configuring EIGRPv6 are true? (Choose two.)
A. The variance command for EIGRPv6 is independent of EIGRPv4.
ITExamAnswers.net
B. If you change the interface delay, the EIGRPv4 delay remains unchanged.
C. You must configure neighboring devices with the same ipv6 hello-interval eigrp value.
D. If you change the interface bandwidth, the EIGRPv4 metric is affected.
E. The router ID must be an IPv6 address.
Correct Answer: AD
Section: (none)
Explanation
QUESTION 303
Which command can you enter to set the default route for all traffic to an interface?
A. router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1

B. router(config)#ip route 0.0.0.0 255.255.255.255 GigabitEthernet0/1
C. router(config-router)#default-information originate
D. router(config-router)#default-information originate always
Correct Answer: A
Section: (none)
Explanation
QUESTION 304
Which two statements about an Ethernet frame source address are true? (Choose two.)
A. The leftmost bit is always 0

B. The leftmost bit is always 1
C. The address is 4 bits long
D. The address is 4 bytes long
E. The address is 6 bytes long
Correct Answer: AE
Section: (none)
Explanation
QUESTION 305
Which command should you enter to configure a DHCP Client?
A. ip dhcp pool
B. ip dhcp client
D. ip address dhcp
Correct Answer: D
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 306
Refer to the exhibit. Which VLAN ID is associated with PC B?
A. VLAN 5
B. VLAN 20
C. VLAN 10
D. VLAN 1
Correct Answer: A
Section: (none)
Explanation
QUESTION 307
Refer to the exhibit. Which two configuration lines must you add to the Dialer1 interface configuration to enable
the two interfaces to establish a PPPoE connection (Choose two)
A. ppp enable group

B. no cdp enable
C. ppp chap hostname cisco
D. ppp authentication pap chap callin
ITExamAnswers.net
E. ip unnumbered GigabitEthernet0/0
Correct Answer: CD
Section: (none)
Explanation
QUESTION 308
Which characteristics are representative of a link-state routing protocol? (Choose two.)
A. calculates shortest path

B. exchanges routing tables with neighbors
C. provides common view of entire topology
D. utilizes frequent periodic updates
E. utilizes event-triggered updates
Correct Answer: CE
Section: (none)
Explanation
QUESTION 309
Refer to the exhibit. Users on the 10.120.26.x subnet can reach server 10.10.20.10, but they cannot reach
server 10.10.10.10. The network is using dynamic routing, and routers R1 and R2 are connected via EIGRP.
Which two actions must you take to begin troubleshooting the connectivity issue to server 10.10.10.10?
(Choose two.)
A. Verify the status of the interfaces between routers and switches

B. Verify that routers R1 and R2 have established an EIGRP neighbor relationship.
C. Verity that the route to the server is present in the topology table and routing table.
D. Verify that the inbound and outbound ACLs on each device permit traffic to and from the server.
E. Verify that the route to the server is present in the database table
ITExamAnswers.net
Correct Answer: CD
Section: (none)
Explanation
QUESTION 310
You are configuring port security on a Cisco switch. Which command must you enter so that only a certain
number of dynamically learned MAC addresses are permanently assigned to the interface?
A. switchport port-security maximum

B. switchport nonegotiate
C. switchport port-security
D. switchport port-security mac-address sticky
Correct Answer: D
Section: (none)
Explanation
QUESTION 311
When you configure DHCP on a router, Which command must you enter so that the default gateway is
automatically distributed?
A. dns-server
B. default-gateway
D. default-router
Correct Answer: D
Section: (none)
Explanation
QUESTION 312
Which statement about loopback testing on a router serial interface is true?
A. Traffic passes through the interface with both software loopbacks and hardware loopbacks
B. Traffic is dropped with a hardware loopback, but traffic passes through the interface with a software
loopback
C. Traffic is dropped with a software loopback, but traffic passes through the interface with a hardware
loopback
D. Traffic is dropped with both software loopbacks and hardware loopbacks
Correct Answer: C
Section: (none)
Explanation
ITExamAnswers.net
Drag and Drop
QUESTION 1
DRAG DROP. Drag and drop the STP features from the left onto the correct descriptions on the right.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 2
DRAG DROP. Drag and drop each WAN design option on the left onto the correct description on the right.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 3
DRAG DROP. Drag and drop each WAN design option on the left onto the correct description on the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 4
DRAG DROP. A user is unable to connect to the Internet. Based on the layered approach to troubleshooting
and beginning with the lowest layer, drag each procedure on the left to its proper category on the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 5
DRAG DROP. Drag and drop the BGP terms from the left onto the correct descriptions on the right.Select and
Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 6
DRAG DROP.
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 7
DRAG DROP. Drag and drop the QoS features from the left onto the correct descriptions on the right.Select
and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 8
Drag and drop the routing table components on the left onto the corresponding letter from the exhibit on the
right. Not all options are used.
Select and Place – Your Response
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 9
DRAG DROP. Drag and drop the DHCP client states from the left into the standard order in which the client
passes through
them on the right.
Select and Place:
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 10
DRAG DROP. Drag and drop the PPPoE message types from the left into the sequence in which PPPoE
messages are sent on the right.Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 11
DRAG DROP.
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 12
DRAG DROP. Drag the cable type on the left to the purpose for which is the best suited on the right. Not all
options are used.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 13
DRAG DROP. Drag and drop the DNS lookup commands from the left onto the correct effects on the right.
Select and Place:
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 14
DRAG DROP. Drag and drop the IEEE standard cable names from the left onto the correct cable types on the
right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 15
DRAG DROP. Drag and drop the IPv6 IP addresses from the left onto the correct IPv6 address types on the
right.
Select and Place:
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 16
DRAG DROP. Drag and drop the BGP components from the left onto the correct descriptions on the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
ITExamAnswers.net
Explanation
QUESTION 17
DRAG DROP. Drag and drop the values in a routing table from the left onto the correct meanings on the right.
Select and Place:
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 18
DRAG DROP. Drag and drop the extended traceroute options from the left onto the correct descriptions on the
right.
Select and Place:
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 19
DRAG DROP. Drag and drop the application protocols from the left onto the transport protocols that is uses on
the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 20
DRAG DROP
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 21
DRAG DROP. Drag and Drop the descriptions of IP protocol transmissions from the left onto the correct IP
traffic types on the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 22
DRAG DROP
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 23
DRAG DROP. Drag the terms on the left onto the appropriate OSI layer on the right. (Not all options are used.)
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 24
DRAG DROP. Drag the security features on the left to the specific security risks they help protect against on
the right. (Not all options are used.)
Select and Place:
Select and Place:
ITExamAnswers.net
Correct Answer:
Section: (none)
Explanation
QUESTION 25
DRAG DROP. Drag and drop the networking features of functions from the left onto the planes on which they
operate on the right.
Select and Place:
ITExamAnswers.net
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
QUESTION 26
DRAG DROP. Drag and drop each cable type from the left onto the type of connection for which it is best suited
on the right.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 27
DRAG DROP. Drag and drop the Ethernet terms from the left onto the correct descriptions on the right.
ITExamAnswers.net
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 28
Drag each WAN accesses connectivity option on a the left to the matching design goal on the right.
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
QUESTION 29
Drag and drop the source from the left to the numbers on the right. Beginning with the lowest and ending with
highest administrative distance.
ITExamAnswers.net
Select and Place:
Correct Answer:
Section: (none)
Explanation
ITExamAnswers.net
QUESTION 30
You are configuring a switch so that it accepts traffic from a maximum of two dynamic MAC address. Drag and
drop the required configuration commands on the left into the correct sequence on the right. (Not all commands
are used.)
Select and Place:
Correct Answer:
ITExamAnswers.net
Section: (none)
Explanation
ITExamAnswers.net

CCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020

Uploaded by

Copyright:

Available Formats

CCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA 200 125 300Q Lite Version - Update - ITExamAnswers Feb 19 2020

Uploaded by

Copyright:

Available Formats

CCNA-200-125-Exam-Dump-300Q-Lite-version-from-ITExamAnswers.

LITE VERSION 300Q

A. ip ospf hello-interval seconds

A. spanning-tree portfast bpdufilter default

A. frame check sequence

A. show ip bgp paths

A. Unshielded twisted pair

A. It drops the traffic

A. It configures the interface as a trunk port

A. It allows the traffic to pass through unchanged

A. Verify that DNS is configured on the controller

A. Source 192.168.20.10 and destination 192.168.20.1

A. Configure the port as an access port on a VLAN other than VLAN 1

A. they specify the next hop toward the destination subnet

A. Unlike IPv4 headers, IPv6 headers have a fixed length.

Correct Answer: ABC

A. BGP is the current standard exterior routing protocol

A. Create a BBA group and link it to the dialer interface

A. It provides automatic authentication

A. The destination IP address is missing from the route table

A. The tunnel interface IP address is misconfigured.

Correct Answer: BCD

A. Show ipv6 eigrp neighbors

A. all prefix on the interface

A. It buffers and queues excess packets

A. Router#ssh –v 1 –l admin 10.1.1.1

A. router rip version 2

A. Configure a dynamic routing protocol on London to advertise all routes to Manchester.

Correct Answer: ABE

Correct Answer: ACD

A. Cisco routers can act only as NTP clients

A. whether a route was tagged

A. lt automates network actions between different device types.

Automate network configuration and setup

Provide a programmable network

A. Execute a traceroute form the router to host 192.168.2.1

A. standby 10 priority 150

A. show ip dhcp conflict 10.0.2.12

A. lt can run on a UNlX server.

A. Dual-homed WAN connections are more expensive than single-homed connections

A. The spanning-tree priority

A. Configure the default gateway in the DHCP server configuration.

A. A static default route to 10.85.33.14 was defined

A. Network 172.16.1.32 mask 255.255.255.224

A. the highest MAC address

A. A route that is manually configured.

A. The LAN controller

A. HSRP redundancy works as expected

A. It burdens the source host without affecting remote hosts.

A. Show cdp neighbors detail

A. Analyze the results

Correct Answer: ABF

A. it broadcast the packet to each interface on the router

2950Switch(config-if)# switchport port-security

A. The subnet ID is 14920bf83d

A. whether the clock is synchronized*

A. weighted fair queuing

A. 10.0.0.0 through 10.0.255.255