200 301practice Test
200 301practice Test
200 301practice Test
2
Telegram Channel @nettrain
Cisco CCNA 200-301 Practice Tests 2020®
Published by: Examsdigest LLC., Holzmarktstraße 73, Berlin, Germany,
www.examsdigest.com Copyright © 2020 by Examsdigest LLC.
3
Telegram Channel @nettrain
4
Telegram Channel @nettrain
CONTENTS AT A GLANCE
Answers 41-63------------------------------------------------------70
Answers 137-153--------------------------------------------------209
Answers 154-178--------------------------------------------------239
Answers 194-203-------------------------------------------------293
Answers 218-230-------------------------------------------------336
6
Telegram Channel @nettrain
THE END ..............................................................................................
349
7
Telegram Channel @nettrain
INTRODUCTION
The Cisco CCNA 200-301 examination is intended for individu-
als who perform a network engineer role and have one or more
years of hands-on experience in the IT field.
This book has been designed to help you prepare for the style
of questions you will receive on the CCNA 200-301 exams. It
also helps you understand the topics you can expect to be
tested on for each exam.
The online practice that comes free with this book offers you
the same questions and answers that are available here and
more.
The online practice that comes free with this book offers you
the same questions and answers that are available here and
more.
Exam Content
Content Outline
The Cisco Certified Network Associate v1.0 (CCNA 200-301)
exam is a 120-minute exam associated with the CCNA certifi-
cation. This exam tests a candidate's knowledge and skills re-
11
Telegram Channel @nettrain
lated to network fundamentals, network access, IP connectivity,
IP services, security fundamentals, and automation and pro-
grammability. The course, Implementing and Administering
Cisco Solutions (CCNA), helps candidates prepare for this
exam.
The following topics are general guidelines for the content likely
to be included on the exam. However, other related topics may
also appear on any specific delivery of the exam. To better re-
flect the contents of the exam and for clarity purposes, the
guidelines below may change at any time without notice.
12
Telegram Channel @nettrain
13
Telegram Channel @nettrain
CHAPTER 1
THE INTRO TO NETWORKING
QUESTIONS 1-20
14
Telegram Channel @nettrain
channel simultaneously and encounter a data collision.
(A) CSMA/CD
(B) CSMA/CA
(C) TCP/IP
(D) TCP/UDP
(A) A
(B) C
(C) D
(D) E
(E) F
(F) G
16
Telegram Channel @nettrain
through cables? (Choose all that apply)
(A) A
(B) C
(C) D
(D) E
(E) F
(F) G
17
Telegram Channel @nettrain
(A) SMTP
(B) TCP
(C) Ethernet
(D) IP
Question 17. When you open a web browser and type in the
hostname www.examsdigest.com, your computer does not
send an IP packet with a destination IP address www.examsdi-
gest.com; it sends an IP packet to an IP address used by the
web server for Examsdigest. TCP/IP needs a way to let a com-
puter find the IP address used by the listed hostname. That
method uses the Domain Name System (DNS).
(A) TRUE
(B) FALSE
Question 19. TCP and ______________ are the two most com-
monly used TCP/IP transport layer protocols.
(A) UDP
20
Telegram Channel @nettrain
(B) HTTP
(C) DNS
(D) SMTP
21
Telegram Channel @nettrain
Answers 1-20
22
Telegram Channel @nettrain
Explanation 2. Destination MAC address is the correct an-
swer. Broadcast address and multicast address are the only
type of addresses that can send frames to multiple devices on
the Local Area Network (LAN).
23
Telegram Channel @nettrain
Question 4. Ethernet standard ___________ BASE-T defines Gi-
gabit Ethernet over UTP cabling.
(A) 100
(B) 10
(C) 1000
(D) 1
24
Telegram Channel @nettrain
their receiver clocks.
Start Frame Delimiter (SFD): Signifies that the next byte be-
gins the Destination MAC Address field.
25
Telegram Channel @nettrain
If IPv4 hosts send an IP packet to another host on the same IP
network or subnet that is on the same LAN, then the sender
sends the IP packet directly to that host.
(A) A
(B) C
(C) D
(D) E
(E) F
(F) G
26
Telegram Channel @nettrain
A crossover cable is a type of twisted-pair copper wire cable
for LANs (local area network) in which the wires on the cable
are crossed over so that the receive signal pins on the RJ-45
connector on one end are connected to the transmit signal pins
on the RJ-45 connector on the other end.
The application layer does not define the application itself, but
it defines services that applications need. In short, the applica-
tion layer provides an interface between software running on a
computer and the network itself.
31
Telegram Channel @nettrain
Explanation 14. B and D are the correct answers. Straight-
through cable is a type of twisted-pair copper wire cable for
local area network (LAN) use for which the RJ-45 connectors at
each end have the same pinout.
32
Telegram Channel @nettrain
ernet defines both physical and data-link protocols, PPP is a
data-link protocol.
Question 16. Which of the following statements are functions
of a routing protocol? (Choose two answers.)
(A) Learning routes and putting those routes into the
routing table for routes advertised to the router by its
neighboring routers
(B) Advertising known routes to neighboring routers
(C) Learning routes for subnets directly connected to the
router
(D) Forwarding IP packets based on a packet’s destination
IP address
Question 17. When you open a web browser and type in the
hostname www.examsdigest.com, your computer does not
send an IP packet with a destination IP address www.examsdi-
gest.com; it sends an IP packet to an IP address used by the
web server for Examsdigest. TCP/IP needs a way to let a com-
puter find the IP address used by the listed hostname. That
method uses the Domain Name System (DNS).
(A) TRUE
(B) FALSE
Question 19. TCP and ______________ are the two most com-
monly used TCP/IP transport layer protocols.
(A) UDP
(B) HTTP
(C) DNS
(D) SMTP
38
Telegram Channel @nettrain
CHAPTER 2
ETHERNET LANS
Questions 21-40
41
Telegram Channel @nettrain
Question 29. Which of the following commands lists the con-
tent of the startup-config (initial config) file.
(A) show startup-config
(B) show initial-config
(C) show content-config
(D) show file-config
42
Telegram Channel @nettrain
Question 31. You want to configure the telnet password for all
vty lines with password examsdigest. Which of the following
commands will you type to meet the requirement?
(A) Examsdigest#(config)# line console 0
Examsdigest#(config-line)# password examsdigest
Examsdigest#(config-line)# login
Examsdigest#(config-line)# exit
43
Telegram Channel @nettrain
Question 33. You have been tasked to configure the IPv4 ad-
dress on the switch only on the VLAN 1 following the details
below.
Configuration details:
IP address: 199.255.240.100
Subnet mask: 255.255.255.0
Default gateway: 199.255.240.1
45
Telegram Channel @nettrain
Question 35. Which of the following command will you type to
produce the output below?
48
Telegram Channel @nettrain
Answers 21-40
49
Telegram Channel @nettrain
Question 23. Which of the following commands copies the
configuration from RAM into NVRAM
(A) copy running-config startup-config
(B) copy startup-config running-config
(C) copy ram nvram
(D) copy nvram ram
Question 33. You have been tasked to configure the IPv4 ad-
dress on the switch only on the VLAN 1 following the details
below.
Configuration details:
IP address: 199.255.240.100
Subnet mask: 255.255.255.0
Default gateway: 199.255.240.1
58
Telegram Channel @nettrain
Explanation 35. C is the correct answer.
61
Telegram Channel @nettrain
CHAPTER 3
IPv4 ADDRESSING
Questions 41-63
Question 42. Why does the formula for the number of hosts
per subnet (2H – 2) require the subtraction of two hosts?
(A) To reserve two addresses for redundant default gate-
ways (routers)
(B) To reserve the two addresses required for DHCP opera-
tion
(C) To reserve addresses for the subnet broadcast address
and subnet ID
(D) To reserve addresses for the subnet ID and default
62
Telegram Channel @nettrain
gateway (router)
Question 48. The first octet range from the Class A IP net-
works is 1 - 126.
(A) TRUE
(B) FALSE
64
Telegram Channel @nettrain
Question 50. Which of the following ranges is a valid class B
network numbers?
(A) 128.0.0.0 - 191.255.0.0
(B) 1.0.0.0 - 126.0.0.0
(C) 192.0.0.0 - 223.255.255.0
(D) 224.0.0.0 - 254.255.255.0
(A) 172.28.255.254
(B) 172.255.255.255
(C) 172.28.200.255
(D) 172.28.255.255
66
Telegram Channel @nettrain
Question 56. The address 130.0.0.0 is a Class ____________
network ID
(A) A
(B) B
(C) C
(D) D
(A) 9.255.255.254
(B) 10.255.255.254
(C) 11.255.255.254
(D) 12.255.255.254
Question 61. The first octet range from the Class B IP networks
is 1 - 126.
(A) TRUE
(B) FALSE
69
Telegram Channel @nettrain
Answers 41-63
Question 42. Why does the formula for the number of hosts
per subnet (2H – 2) require the subtraction of two hosts?
(A) To reserve two addresses for redundant default gate-
ways (routers)
(B) To reserve the two addresses required for DHCP opera-
70
Telegram Channel @nettrain
tion
(C) To reserve addresses for the subnet broadcast ad-
dress and subnet ID
(D) To reserve addresses for the subnet ID and default
gateway (router)
For example:
72
Telegram Channel @nettrain
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
73
Telegram Channel @nettrain
Then, comparing any two IP addresses in one network, the fol-
lowing observations can be made:
1. The addresses in the same network have the same values in
the network part.
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
75
Telegram Channel @nettrain
Question 48. The first octet range from the Class A IP net-
works is 1 - 126.
(A) TRUE
(B) FALSE
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
76
Telegram Channel @nettrain
Valid 1.0.0.0 – 128.0.0.0 – 192.0.0.0 –
net- 126.0.0.0 191.255.0.0 223.255.255.
work 0
num-
bers
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
77
Telegram Channel @nettrain
Valid 1.0.0.0 – 128.0.0.0 – 192.0.0.0 –
net- 126.0.0.0 191.255.0.0 223.255.255.0
work
num-
bers
For example:
25 = 32 < 100 is not large enough
26 = 64 < 100 is not large enough
27 = 128 > 100 is enough
First subnet
Subnet Network: 172.28.0.0
IP Addresses: 172.28.0.1 – 172.28.0.254
Broadcast Address: 172.28.0.255
Second subnet
Subnet Network: 172.28.1.0
IP Addresses: 172.28.1.1 – 172.28.1.254
Broadcast Address: 172.28.1.255
Third subnet
Subnet Network: 172.28.3.0
IP Addresses: 172.28.3.1 – 172.28.3.254
Broadcast Address: 172.28.3.255
81
Telegram Channel @nettrain
Skipping many subnets…
Last subnet
Subnet Network: 172.28.255.0
IP Addresses: 172.28.255.1 – 172.28.255.254
Broadcast Address: 172.28.255.255
(A) A
(B) B
(C) C
(D) D
The network ID has any value in the 128–191 range in the first
octet, and any value from 0 to 255 inclusive in the second
octet, with decimal 0s in the final two octets.
82
Telegram Channel @nettrain
Question 57. Which of the following is the default mask of the
IP 178.25.3.0?
(A) 255.0.0.0
(B) 255.255.0.0
(C) 255.255.255.0
(D) 255.255.255.255
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
83
Telegram Channel @nettrain
Valid 1.0.0.0 – 128.0.0.0 – 192.0.0.0 –
net- 126.0.0.0 191.255.0.0 223.255.255.0
work
num-
bers
The network ID has any value in the 192–223 range in the first
octet, and any value from 0 to 255 inclusive in the second
octet, with decimal 0s in the final two octets.
84
Telegram Channel @nettrain
Question 59. The range of the Class C public IP Networks is
_________________ - _________________
(A) 10.0.0.0 - 140.255.255.0
(B) 192.0.0.0 - 223.255.255.0
(C) 200.0.0.0 - 223.255.255.0
(D) 224.0.0.0 - 254.255.255.0
(A) 9.255.255.254
(B) 10.255.255.254
(C) 11.255.255.254
(D) 12.255.255.254
First subnet
85
Telegram Channel @nettrain
Subnet Network: 9.0.0.0
First IP Address: 9.0.0.1
Last IP Address: 9.0.255.254
Broadcast Address: 9.0.255.255
Second subnet
Subnet Network: 9.1.0.0
First IP Address: 9.1.0.1
Last IP Address: 9.1.0.254
Broadcast Address: 9.1.255.255
Third subnet
Subnet Network: 9.2.0.0
First IP Address: 9.2.0.1
Last IP Address: 9.2.0.254
Broadcast Address: 9.2.255.255
Forth subnet
Subnet Network: 9.3.0.0
First IP Address: 9.3.0.1
Last IP Address: 9.3.0.254
Broadcast Address: 9.3.255.255
Skipping many subnets…
Last subnet
86
Telegram Channel @nettrain
Subnet Network: 9.255.0.0
First IP Address: 9.255.0.1
Last IP Address: 9.255.255.254
Broadcast Address: 9.255.255.255
Question 61. The first octet range from the Class B IP networks
is 1 - 126.
(A) TRUE
(B) FALSE
De-
scrip-
tion Class A Class B Class C
First 1 – 126 128 – 191 192 – 223
octet
range
87
Telegram Channel @nettrain
De- 255.0.0.0 255.255.0.0 255.255.255.0
fault
mask
For example:
21 = 2 < 5 is not large enough
22 = 4 < 5 is not large enough
23 = 8 > 5 is enough
89
Telegram Channel @nettrain
CHAPTER 4
ADVANCED IPv4 ADDRESSING
Questions 64-90
99
Telegram Channel @nettrain
Answers 64-90
Use the following steps for each of the four octets to find the
subnet ID:
Step 1) If the mask octet = 255, copy the decimal IP address.
Step 2) If the mask octet = 0, write a decimal 0.
Use the following steps for each of the four octets to find the
100
Telegram Channel @nettrain
subnet broadcast address:
Step 1) If the mask octet = 255, copy the decimal IP address.
Step 2) If the mask octet = 0, write a decimal 255.
10000000 128 1
11000000 192 2
11100000 224 3
101
Telegram Channel @nettrain
11110000 240 4
11111000 248 5
11111100 252 6
11111110 254 7
11111111 255 8
102
Telegram Channel @nettrain
10000000 128 1
11000000 192 2
11100000 224 3
11110000 240 4
11111000 248 5
11111100 252 6
11111110 254 7
11111111 255 8
103
Telegram Channel @nettrain
Binary Mask Decimal Equiva- Number of Bina-
Octet lent ry 1s
0 0 0
10000000 128 1
11000000 192 2
11100000 224 3
11110000 240 4
11111000 248 5
11111100 252 6
11111110 254 7
11111111 255 8
104
Telegram Channel @nettrain
You have been tasked to:
Now you need to find the last 100 usable addresses to con-
figure the DHCP. The range of the last 100 usable IP addresses
is 12.5.5.155 – 12.5.5.254
The number of Host bits is the number of total address bits (32)
– Prefix length (27).
So, the host bits are 32 – 27 = 5.
10000000 128 1
11000000 192 2
11100000 224 3
11110000 240 4
11111000 248 5
109
Telegram Channel @nettrain
11111100 252 6
11111110 254 7
11111111 255 8
So start converting each octet one by one to get the final result.
The subnet mask can be found from the prefix length /24.
To find the subnet ID follow the steps for each of the four
octets.
Step 1) If the mask octet = 255, copy the decimal IP address.
Step 2) If the mask octet = 0, write a decimal 0.
The subnet mask can be found from the prefix length /17.
To convert that to DDN format, write down all the binary 1s (17
in this case), followed by binary 0s for the remainder of the 32-
bit mask.
To convert that to DDN format, write down all the binary 1s (17
in this case), followed by binary 0s for the remainder of the 32-
bit mask.
115
Telegram Channel @nettrain
Question 78. Subnet masks can be written as 32-bit binary
numbers, but not just any binary number. In particular, the bina-
ry subnet mask must follow these rules:
1. The value must not interleave 1s and 0s.
2. If 0s exist, they are on the left.
3. If 1s exist, they are on the right.
(A) TRUE
(B) FALSE
116
Telegram Channel @nettrain
Explanation 79. /23 is the correct answer.
Convert one octet at a time:
The first octet (255) convert to an 8-bit binary 11111111 total 8.
The second octet (255) convert to an 8-bit binary 11111111 to-
tal 8.
The third octet (254) convert to an 8-bit binary 11111110 total
7.
The fourth octet (0) convert to an 8-bit binary 00000000 total
0.
123
Telegram Channel @nettrain
Explanation 85. 255.255.192.0 is the correct answer.
/18 is the equivalent of the mask that in binary has 18 bina-
ry 1s. To convert that to DDN format, write down all the binary
1s (18 in this case), followed by binary 0s for the remainder of
the 32-bit mask. Then take 8 bits at a time and convert from
binary to decimal.
126
Telegram Channel @nettrain
The mask 255.255.255.0, converted to prefix format is /24.
The number of subnet bits is the difference between the prefix
length(24) and N(8).
S = prefix – N
S = 24 – 8 bits
S = 16
127
Telegram Channel @nettrain
Binary Mask Decimal Equiva- Number of Bina-
Octet lent ry 1s
0 0 0
10000000 128 1
11000000 192 2
11100000 224 3
11110000 240 4
11111000 248 5
11111100 252 6
11111110 254 7
11111111 255 8
128
Telegram Channel @nettrain
Explanation 90. 11111111.11000000.00000000.00000000
is the correct answer. There are only nine possible values in
one octet of a subnet mask as shown in the table below. So
start converting each octet one by one to get the final result.
10000000 128 1
11000000 192 2
11100000 224 3
11110000 240 4
11111000 248 5
11111100 252 6
129
Telegram Channel @nettrain
11111110 254 7
11111111 255 8
130
Telegram Channel @nettrain
CHAPTER 5
IPv4 ROUTING
Questions 91-105
131
Telegram Channel @nettrain
(B) A different access VLAN (switchport access vlan vlan-
id)
(C) A different speed (speed value)
(D) A default setting for switchport (switchport)
Question 93. A network engineer has configured a Layer 3
switch with SVIs for VLANs 4 and 5. Hosts in the subnets using
VLANs 4 and 5 can ping each other with the Layer 3 switch
routing the packets. The next week, the network engineer re-
ceives a call that those same users can no longer ping each
other. If the problem is with the Layer 3 switching function,
which of the following could have caused the problem?
(Choose two answers.)
(A) A shutdown command issued from VLAN 4 configura-
tion mode
(B) VTP on the switch removing VLAN 5 from the switch’s
VLAN list
(C) 1 out of 10 working VLAN 4 access ports failing due to
physical problems
(D) A shutdown command issued from VLAN 6 configura-
tion mode
Output:
132
Telegram Channel @nettrain
Global values:
Internet Protocol routing is enabled
Embedded-Service-Engine0/0 is administratively down, line
protocol is down
GigabitEthernet0/0 is up, line protocol is up
Internet address is 158.16.1.1/24
GigabitEthernet0/1 is administratively down, line protocol is
down
Serial0/0/0 is up, line protocol is up
Internet address is 158.16.4.1/24
Serial0/0/1 is administratively down, line protocol is down
GigabitEthernet0/1/0 is up, line protocol is up
Internet address is 158.16.1.1/24
Question 98. A router lists the following partial output from the
show ip route command. Out which interface will the router
route packets destined to IP address 180.5.38.122?
10.0.0.0/8 is variably subnetted, 8 subnets, 5 masks
136
Telegram Channel @nettrain
R1(config-if)# ip address 158.159.160.1 255.255.255.0
R1(config-if)# no shutdown
137
Telegram Channel @nettrain
(D) R1# configure terminal
R1(config)# interface G0/0
R1(config-if)# ip address 158.159.162.1 255.255.0.0
R1(config-if)# no shutdown
R1(config-if)# interface G0/1
R1(config-if)# ip address 158.159.161.1 255.255.0.0
R1(config-if)# no shutdown
R1(config-if)# interface S0/0
R1(config-if)# ip address 158.159.160.1 255.255.0.0
R1(config-if)# no shutdown
Question 101. You have been tasked to set the router’s IPv4
address and mask. What command will you type to complete
the task?
(A) ip address [address mask]
(B) interface [address mask]
(C) set ip [address mask]
(D) add address [address mask]
Question 102. You have been tasked to list a single line of in-
formation about each interface, including the IP address, line
and protocol status, and the method with which the address
was configured. What command will you type to complete the
task?
(A) show ip protocol brief
138
Telegram Channel @nettrain
(B) show ip addresses brief
(C) show ip interface brief
(D) show ip status brief
140
Telegram Channel @nettrain
Answers 91-105
Question 91. You have noticed that a server with IP 145.45.3.2
doesn’t respond to requests. What command will you type first
in order to test connectivity between your device and the
server?
(A) request 145.45.3.2
(B) check 145.45.3.2
(C) ping 145.45.3.2
(D) ping 145.45.3.2
141
Telegram Channel @nettrain
1 used on both switches. SW1 uses ports G0/1 and G0/2 in the
channel. However, only interface G0/1 is bundled into the
channel and working. Think about the configuration settings on
port G0/2 that could have existed before adding G0/2 to the
EtherChannel. Which answers identify a setting that could pre-
vent IOS from adding G0/2 to the Layer 3 EtherChannel?
(Choose two answers.)
(A) A different STP cost (spanning-tree cost value)
(B) A different access VLAN (switchport access vlan vlan-id)
(C) A different speed (speed value)
(D) A default setting for switchport (switchport)
A Layer 3 switch needs only one access port or trunk port for-
warding for a VLAN to enable routing for that VLAN, so nine of
the ten access ports in VLAN 4 could fail, leaving one working
port, and the switch would keep routing for VLAN 4.
Output:
Global values:
Internet Protocol routing is enabled
Embedded-Service-Engine0/0 is administratively down, line
protocol is down
GigabitEthernet0/0 is up, line protocol is up
Internet address is 158.16.1.1/24
GigabitEthernet0/1 is administratively down, line protocol is
down
Serial0/0/0 is up, line protocol is up
Internet address is 158.16.4.1/24
Serial0/0/1 is administratively down, line protocol is down
144
Telegram Channel @nettrain
GigabitEthernet0/1/0 is up, line protocol is up
Internet address is 158.16.1.1/24
Question 98. A router lists the following partial output from the
show ip route command. Out which interface will the router
146
Telegram Channel @nettrain
route packets destined to IP address 180.5.38.122?
10.0.0.0/8 is variably subnetted, 8 subnets, 5 masks
(A) G0/3/0
(B) G0/2/0
(C) G0/1/0
(D) G0/0/0
The router will choose the matching route that has the longest
prefix length, that is, the prefix-style mask with the highest
147
Telegram Channel @nettrain
number. In this case, that route lists subnet 180.5.38.96 and
mask /27, which lists interface G0/3/0 as the outgoing inter-
face.
148
Telegram Channel @nettrain
Explanation 99. A is the correct answer. The ssh -l user-
name host command is used to connect on the R2 using SSH
client.
The -l flag means that the next parameter is the login user-
name.
149
Telegram Channel @nettrain
(A) R1# configure terminal
R1(config)# interface G0/0
R1(config-if)# ip address 158.159.162.1
255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# interface G0/1
R1(config-if)# ip address 158.159.161.1
255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# interface S0/0
R1(config-if)# ip address 158.159.160.1
255.255.255.0
R1(config-if)# no shutdown
Question 101. You have been tasked to set the router’s IPv4
address and mask. What command will you type to complete
the task?
(A) ip address [address mask]
(B) interface [address mask]
(C) set ip [address mask]
(D) add address [address mask]
Question 102. You have been tasked to list a single line of in-
formation about each interface, including the IP address, line
and protocol status, and the method with which the address
was configured. What command will you type to complete the
152
Telegram Channel @nettrain
task?
(A) show ip protocol brief
(B) show ip addresses brief
(C) show ip interface brief
(D) show ip status brief
The switchport tells the switch to treat the port like it is a port
on a switch that is, a Layer 2 port on a switch.
154
Telegram Channel @nettrain
To make the port stop acting like a switch port and instead act
like a router port, use the no switchport command on the inter-
face.
155
Telegram Channel @nettrain
156
Telegram Channel @nettrain
CHAPTER 5
OSPF ROUTING PROTOCOL
Questions 106-120
R1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)# interface g0/0/0
R1(config-if)# ip ospf cost 6
R1(config-if)# interface g0/1/0
R1(config-if)# ip ospf cost 7
R1(config-if)# ^Z
What command will you type in order to confirm the OSPF in-
terface costs?
(A) show ip ospf
(B) show ip ospf interface brief
(C) show ospf brief
(D) show ospf interface brief
157
Telegram Channel @nettrain
routers is router R4 full adjacent over its Gi0/1 interface?
(A) 1
(B) 5
(C) 2
(D) 0
Question 108. You have been tasked to list the OSPF neigh-
bors off interface serial 0/1. Which command will you type to
complete the task?
(A) show ip ospf neighbor serial 0/1
(B) show ip ospf neighbor serial 1/0
(C) show ip ospf neighbor fastethernet 0/1
(D) show ip ospf serial 0/1
Question 109. The routing protocol that was designed and in-
tended for use between different autonomous systems is called
____________________________.
(A) interior gateway protocol
(B) different gateway protocol
(C) autonomous gateway protocol
158
Telegram Channel @nettrain
(D) exterior gateway protocol
Which of the following wildcard mask will you use to meet the
requirement?
(A) 0.0.255.255
(B) 0.0.0.255
(C) 0.255.255.255
(D) 0.0.0.0
161
Telegram Channel @nettrain
Based on the diagram, configure the R2 following the details
below.
(A) R2
(B) R4
(C) R7
(D) R5
164
Telegram Channel @nettrain
Answers 106-120
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface g0/0/0
R1(config-if)#ip ospf cost 6
R1(config-if)#interface g0/1/0
R1(config-if)#ip ospf cost 7
R1(config-if)#^Z
What command will you type in order to confirm the OSPF in-
terface costs?
(A) show ip ospf
(B) show ip ospf interface brief
(C) show ospf brief
(D) show ospf interface brief
165
Telegram Channel @nettrain
R4# show ip ospf interface brief
(A) 1
(B) 5
(C) 2
(D) 0
Question 108. You have been tasked to list the OSPF neigh-
bors off interface serial 1/0. Which command will you type to
complete the task?
(A) show ip ospf neighbor serial 0/1
(B) show ip ospf neighbor serial 1/0
(C) show ip ospf neighbor fastethernet 0/1
(D) show ip ospf serial 0/1
Which of the following wildcard mask will you use to meet the
requirement?
167
Telegram Channel @nettrain
(A) 0.0.255.255
(B) 0.0.0.255
(C) 0.255.255.255
(D) 0.0.0.0
169
Telegram Channel @nettrain
Question 113. Routed protocol is a protocol that defines a
packet structure and logical addressing, allowing routers to
forward or route the packets.
(A) TRUE
(B) FALSE
171
Telegram Channel @nettrain
(A) R2# router ospf 3
R2# network 0.0.0.0 255.255.255.255 area 0
R2# interface GigabitEthernet0/0
R2(config-if)# ip address 158.159.170.2 255.255.255.0
R2# interface GigabitEthernet0/1/0
R2(config-if)# ip address 158.159.160.2 255.255.255.0
(A) R2
(B) R4
(C) R7
(D) R5
Route 2: R1-R4-R5-R6-R8
Cost: 20 + 30 + 10 + 20 = 80
Route 3: R1-R7-R8
Cost: 60 + 100 = 160
The two routers can use any OSPF process ID either the same
or a different value, making that answer incorrect.
Static 1
IGRP 100
177
Telegram Channel @nettrain
OSPF 110
IS-IS 115
RIP 120
Unusable 250
178
Telegram Channel @nettrain
CHAPTER 6
IP VERSION 6
Questions 121-136
Question 123. You have been tasked to find the shortest valid
abbreviation address for 5000:0400:0030:0006:
179
Telegram Channel @nettrain
8000:0800:0010:0002.
(A) 5000:400:30:6:8000:800:10:0002
(B) 5000:400:30:6:8000:800:10:2
(C) 5000:0400:30:6:8000:800:10:2
(D) 5:4:3:6:8:8:1:2
Question 126. You have been tasked to give the router’s G0/1
interface a unicast IPv6 address of 2005:1:2:3:4:5:6:A, with a /
64 prefix length. What command will you type to mark the task
as done?
180
Telegram Channel @nettrain
(A) ipv6 address 2005:1:2:3:4:5:5:A/64
(B) ipv6 address 2005:1:2:3:4:5:6:A/46
(C) ipv4 address 2005:1:2:3:4:5:6:A/64
(D) ipv6 address 2005:1:2:3:4:5:6:A/64
184
Telegram Channel @nettrain
(A) ipv6 route 2000:1:1:1::/64 s0/1/1
(B) ipv6 route 2000:2:2:2::/64 s0/1/1
(C) ipv6 route 2000:1:2:3::/64 s0/1/1
(D) ipv6 route 2000:1:1:1::/64 g0/2
185
Telegram Channel @nettrain
Answers 121-136
Explanation 121.
8002:0AA3:0000:0000:0000:0000:0100:0030 is the
correct answer. The unabbreviated version of an IPv6 ad-
dress must have 32 digits, and only one answer has 32 hex
digits.
So, the :: was replaced with four quartets of 0000, making the
number have eight quartets. Then, for each quartet with fewer
than four digits, leading 0s were added so that each quartet
has four hex digits.
Unique local addresses begin with FD in the first two digits. So,
the correct answers are:
1. FDAD::2
2. FDBB::2
Question 123. You have been tasked to find the shortest valid
abbreviation address for 5000:0400:0030:0006:
187
Telegram Channel @nettrain
8000:0800:0010:0002.
(A) 5000:400:30:6:8000:800:10:0002
(B) 5000:400:30:6:8000:800:10:2
(C) 5000:0400:30:6:8000:800:10:2
(D) 5:4:3:6:8:8:1:2
Explanation 125.
1230:0000:0000:0000:0000:0000:0000:0000 is the
correct answer. The unabbreviated version of an IPv6 ad-
dress must have 32 digits. The :: was replaced with four quar-
tets of 0000, making the number have eight sets of hex digits
total (32 digits). Also, for each quartet with fewer than four dig-
its, leading 0s were added so that each quartet has four hex
digits.
Question 126. You have been tasked to give the router’s G0/1
interface a unicast IPv6 address of 2005:1:2:3:4:5:6:A, with a /
64 prefix length. What command will you type to mark the task
as done?
(A) ipv6 address 2005:1:2:3:4:5:5:A/64
(B) ipv6 address 2005:1:2:3:4:5:6:A/46
(C) ipv4 address 2005:1:2:3:4:5:6:A/64
(D) ipv6 address 2005:1:2:3:4:5:6:A/64
190
Telegram Channel @nettrain
Explanation 127. 1000:0:0:1::/64 is the correct answer.
The /64 prefix length means that the last 64 bits, or last 16 dig-
its, of the address, should be changed to all 0s.
The last four quartets (last four sets of four hex digits) are all 0s,
making that string of all 0s be the longest and best string of 0s
to replace with ::.
195
Telegram Channel @nettrain
It also adds a local host route (with a /128 prefix length) based
on the unicast address. The router does not add a route based
on the link-local address.
The router will add the following routes to its IPv6 routing
table:
1. A route for 2000:1:1:1::/64
2. A route for 2000:1:1:1::1/128
199
Telegram Channel @nettrain
CHAPTER 7
SECURITY FUNDAMENTALS
Questions 137-153
200
Telegram Channel @nettrain
Question 139. The senior network engineer assigns you a task
related to port security. He needs your help to configure the
fa0/1 from the SW-examsD to accept frames only from the
MAC 0200.1111.2222.
Type the commands that need to be configured on the SW-ex-
amsD following the requirements below:
1. configure the FastEthernet0/1 to be an access port
2. enable port security on that interface
3. define the allowed MAC address
208
Telegram Channel @nettrain
Answers 137-153
211
Telegram Channel @nettrain
2. enable port security on that interface
3. define the allowed MAC address
212
Telegram Channel @nettrain
SW-examsD(config-if)# switchport port-security
SW-examsD(config-if)# switchport port-security
mac-address 0200.1111.2222
213
Telegram Channel @nettrain
service (DoS) attack is a type of cyber attack in which a mali-
cious actor aims to render a computer or other device unavail-
able to its intended users by interrupting the device’s normal
functioning.
DoS attacks typically function by overwhelming or flooding a
targeted machine with requests until normal traffic is unable to
be processed, resulting in denial-of-service to additional users.
A DoS attack is characterized by using a single computer to
launch the attack.
214
Telegram Channel @nettrain
Trojan horse malware can spread from one computer to another
only through user interaction such as opening email attach-
ments, downloading software from the Internet, and inserting a
USB drive into a computer.
216
Telegram Channel @nettrain
Question 143. Which of the following Cisco Firepower
NGIPS’s features provides more insights into and control over
the users, applications, devices, threats, and vulnerabilities in
your network with real-time visibility?
(A) Security automation
(B) Granular application visibility and control
(C) Contextual awareness
(D) Superior effectiveness
218
Telegram Channel @nettrain
Question 146. Which of the following human security vulnera-
bilities attacks is a type of attack that targets high-profile em-
ployees, such as the CEO or CFO, in order to steal sensitive in-
formation from a company?
(A) Social engineering
(B) Phishing
(C) Whaling
(D) Pharming
220
Telegram Channel @nettrain
(B) SW1# configure terminal
SW1(config)# ip dhcp snooping
SW1(config)# ip dhcp snooping vlan 8
SW1(config)# interface GigabitEthernet1/1/2
SW1(config-if)# ip dhcp snooping trust
222
Telegram Channel @nettrain
The victim will end up receiving a large volume of response
packets it never had requested. With a large enough attack, the
victim may end up with a congested network.
226
Telegram Channel @nettrain
CHAPTER 8
IP ACCESS CONTROL LIST
Questions 154-178
229
Telegram Channel @nettrain
1. Enable the ACL inbound on R2’s G0/1 interface.
2. Permit packets coming from the host with IP 20.2.2.1
3. Deny packets coming from the rest subnet 20.2.2.0/24
4. Permit packets coming from a network with subnet
155.165.0.0/16
Criteria #2: Permit packets from hosts with 56.57.2 as the first
three octets
ACL command #2: ______________________
Criteria #3: Permit packets from hosts with 56.57 as the first
two octets
ACL command #3: ______________________
233
Telegram Channel @nettrain
(A) access-list 1 permit 56.57.0.0 0.255.255.255
(B) access-list 1 permit 56.57.0.0 0.0.255.255
(C) access-list 1 permit 56.58.0.0 0.0.255.255
(D) access-list 1 permit 56.57.0.0 0.0.0.0
234
Telegram Channel @nettrain
Criteria #5: Permit any and every IPv4 packet
ACL command #5: ______________________
238
Telegram Channel @nettrain
Answers 154-178
Protocol: HTTPS
Hostname: courses.examsdigest.com
Webpage name: ccna
239
Telegram Channel @nettrain
(C) SMTP
(D) SSH
241
Telegram Channel @nettrain
Explanation 158. SSH is the correct answer. Simple Mail
Transfer Protocol (SMTP) – Port 25. SMTP is the protocol
Note, that when you use POP3 to connect to your email ac-
count, messages are downloaded locally and removed from the
email server.
243
Telegram Channel @nettrain
Internet. Humans access information online through domain
names, like examsdigest.com or cisco.com. Web browsers in-
teract through Internet Protocol (IP) addresses.
Working example:
RouterExamsDigest# configure terminal
RouterExamsDigest(config)# ip access-list extended examsdi-
gestACL
RouterExamsDigest(config-ext-nacl)# permit tcp host 5.1.1.2 eq
www any
RouterExamsDigest(config-ext-nacl)# deny udp host 5.1.1.1
249
Telegram Channel @nettrain
10.1.2.0 0.0.0.255
RouterExamsDigest(config-ext-nacl)# deny ip 5.1.3.0
0.0.0.255 5.1.2.0 0.0.0.255
RouterExamsDigest(config-ext-nacl)# permit ip any any
RouterExamsDigest(config-ext-nacl)# interface g0/1
RouterExamsDigest(config-if)# ip access-group examsdigest-
ACL out
Criteria #3: Permit packets from hosts with 56.57 as the first
two octets
252
Telegram Channel @nettrain
ACL command #3: ______________________
Criteria #2: Permit packets from hosts with 56.57 as the first
two octets
ACL command #2: access-list 1 permit 56.57.2.0 0.0.0.255
255
Telegram Channel @nettrain
Question 170. Your task is to type a one-line extended ACL
that matches the following criteria. All access-list commands
use the number 101 in the command.
256
Telegram Channel @nettrain
Explanation 171. show ip access-lists and show access-
lists are the correct answers.
The show ip access-lists and show access-lists commands
both display the configuration of IPv4 access lists, including
ACL line numbers.
257
Telegram Channel @nettrain
access-list access-list-number {deny | permit} source [source-
wildcard]
you can just use a wildcard mask to match all the addresses
within that range with a single command.
258
Telegram Channel @nettrain
Question 173. Given the following access-list command ac-
cess-list 2 permit 192.168.4.0 0.0.0.255, choose the exact
range of IP addresses, matched by the command.
(A) 192.167.4.0 – 192.168.4.255
(B) 192.168.4.0 – 192.168.5.255
(C) 192.168.4.0 – 192.168.4.255
(D) 192.0.0.0 – 192.168.4.255
192.168.4.0 - 192.168.4.255
Rule #1. When the decimal is 0 then the router has to compare
the octet.
Rule #2. When the decimal is 255 then the router has to ignore
the octet.
259
Telegram Channel @nettrain
As you can see the wildcard mask is 0.0.0.255 which means
that the packets that come from the network 192.168.4 (firs
three octets) have to be compared once reach the router, and
the 0 (last octet) has to be ignored.
If so, then there is a match (it's a match). If not, then there isn't
a match.
If so, then there is a match. If not, then there isn't a match (it's
not a match).
262
Telegram Channel @nettrain
Explanation 176. access-list 101 deny udp any gt 10455
host 30.3.3.3 eq 25 is the correct answer. The configuration
process for extended ACLs mostly matches the same process
used for standard ACLs.
263
Telegram Channel @nettrain
Use numbers of 100–199 and 2000–2699 on the access-
list commands; no one number is inherently better than an-
other.
264
Telegram Channel @nettrain
(C) access-list 101 deny udp host 30.0.0.0 gt 10455 any eq
25
(D) access-list 101 deny udp host 30.3.3.3 gt 10455 any
eq 25
266
Telegram Channel @nettrain
CHAPTER 9
WIRELESS NETWORKS
Questions 179-193
Question 191. You are creating a new WLAN with the controller
GUI, which of the following parameters are necessary? (Choose
two)
(A) VLAN number
270
Telegram Channel @nettrain
(B) SSID
(C) Interface
(D) BSSID
(E) IP subnet
271
Telegram Channel @nettrain
Answers 179-193
272
Telegram Channel @nettrain
Question 180. A lightweight access point in which one of the
following architectures participate?
(A) Light-MAC
(B) Tunnel-MAC
(C) Big-MAC
(D) Split-MAC
The 802.11 AP at its simplest level is the 802.11 radio MAC layer
providing bridging to a wired network for the WLAN client as-
sociated to the AP Basic Service Set Identifier (BSSID).
273
Telegram Channel @nettrain
The LWAPP split MAC concept breaks the APs making up the
ESS into two component types: the LWAPP AP, and the WLC.
These are linked via the LWAPP protocol across a network to
provide the same functionality of radio services, as well as
bridging of client traffic in a package that is simpler to deploy
and manage than individual APs connected to a common net-
work.
You can think of a MIC as a way for the sender to add a secret
275
Telegram Channel @nettrain
stamp inside the encrypted data frame. The stamp is based on
the contents of the data bits to be transmitted.
Once the recipient decrypts the frame, it can compare the se-
cret stamp to its own idea of what the stamp should be, based
on the data bits that were received.
If the two stamps are identical, the recipient can safely assume
that the data has not been tampered with.
278
Telegram Channel @nettrain
Question 186. Which is the most preferred and secure way of
connecting to a WLC GUI to configure a new WLAN?
(A) SSH
(B) HTTP
(C) HTTPS
(D) FTP
(E) None of the above
IEEE Stan-
dard 2.4 GHz 5 GHz Max Data Rate
280
Telegram Channel @nettrain
802.11 Yes No 2 Mbps
The 2.4 GHz band is a pretty crowded place because it’s used
by more than just Wi-Fi. Old cordless phones, garage door
openers, baby monitors, and other devices tend to use the 2.4
GHz band, and this can cause dropped connections and slow-
er-than-expected speeds.
282
Telegram Channel @nettrain
An autonomous AP is self-contained; it is equipped with both
wired and wireless hardware so that the wireless client associa-
tions can be terminated onto a wired connection locally at the
AP.
Question 191. You are creating a new WLAN with the controller
GUI, which of the following parameters are necessary? (Choose
two)
(A) VLAN number
(B) SSID
(C) Interface
(D) BSSID
283
Telegram Channel @nettrain
(E) IP subnet
IEEE Stan-
dard 2.4 GHz 5 GHz Max Data Rate
802.11 Yes No 2 Mbps
285
Telegram Channel @nettrain
802.11ax Yes Yes 4x higher than
802.11ac
286
Telegram Channel @nettrain
CHAPTER 10
IP SERVICES
Questions 194-203
— Inside Source
access-list 1 pool examsdigest
pool examsdigest: netmask 255.255.255.240
start 190.1.1.1 end 190.1.1.10
type generic, total addresses 10, allocated 10 (100%), misses
595
You are responsible to find out why users are not being able to
reach the Internet.
(A) The cause is not related to dynamic NAT
(B) The command output does not provide any clue to iden-
tify the problem
(C) Dynamic NAT can't use Standard ACLs
(D) The NAT pool does not have enough entries to fulfill the
user's requests
287
Telegram Channel @nettrain
Question 195. Log messages may tell you about some events,
either critical or not. To help you make sense of the importance
of each message, IOS assigns each message a severity level.
Which of the following severity level means Warning - Warn-
ing condition?
(A) 2
(B) 3
(C) 4
(D) 5
Question 196. Log messages may tell you about some events,
either critical or not. To help you make sense of the importance
of each message, IOS assigns each message a severity level.
Which of the following severity level means Informational: In-
formational message only?
(A) 1
(B) 6
(C) 4
(D) 5
288
Telegram Channel @nettrain
Configuration snippet
R1# show running-config
! Lines omitted for brevity !
interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.0
ip nat inside
interface GigabitEthernet0/0
ip address 190.2.2.21 255.255.255.0
ip ____________________ (missing command)
ip nat inside source static 192.168.1.2 200.1.1.2
ip nat inside source static 192.168.1.1 200.1.1.1
(A) nat source
(B) nat enable
(C) nat address
(D) nat outside
289
Telegram Channel @nettrain
Question 198. One of the features of SNMPv3 is called mes-
sage integrity.
(A) TRUE
(B) FALSE
Question 199. You have been tasked to find out whether the
Cisco Discovery Protocol (CDP) is enabled globally. Which
command will you type?
(A) show protocols
(B) show cdp
(C) show running-config
(D) show interface brief
292
Telegram Channel @nettrain
Answers 194-203
— Inside Source
access-list 1 pool examsdigest
pool examsdigest: netmask 255.255.255.240
start 190.1.1.1 end 190.1.1.10
type generic, total addresses 10, allocated 10 (100%), misses
595
You are responsible to find out why users are not being able to
reach the Internet.
(A) The cause is not related to dynamic NAT
(B) The command output does not provide any clue to iden-
tify the problem
(C) Dynamic NAT can't use Standard ACLs
(D) The NAT pool does not have enough entries to fulfill
the user's requests
Explanation 194. The NAT pool does not have enough en-
tries to fulfill the user's requests is the correct answer. As
293
Telegram Channel @nettrain
you can see, the last line mentions that the pool has ten ad-
dresses, with all ten allocated, with the misses counter 595,
meaning that 595 new flows were rejected because of insuffi-
cient space in the NAT pool.
Question 195. Log messages may tell you about some events,
either critical or not. To help you make sense of the importance
of each message, IOS assigns each message a severity level.
Which of the following severity level means Warning - Warn-
ing condition?
(A) 2
(B) 3
(C) 4
(D) 5
The two top levels (Emergency and Alerts) are the most se-
vere. Messages from this level mean a serious and immediate
issue exists.
294
Telegram Channel @nettrain
The next three levels (Critical, Error, and Warning), tell about
events that impact the device, but they are not as immediate
and severe. For instance, one common log message about an
interface failing to a physically down state shows as a severity
level 3 message.
Numeral Description
0 Emergency: System unusable
295
Telegram Channel @nettrain
7 Debugging: Appears during debugging only
Question 196. Log messages may tell you about some events,
either critical or not. To help you make sense of the importance
of each message, IOS assigns each message a severity level.
Which of the following severity level means Informational: In-
formational message only?
(A) 1
(B) 6
(C) 4
(D) 5
Numeral Description
0 Emergency: System unusable
296
Telegram Channel @nettrain
5 Notification: Normal but significant condition
Configuration snippet
R1# show running-config
297
Telegram Channel @nettrain
! Lines omitted for brevity !
interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.0
ip nat inside
interface GigabitEthernet0/0
ip address 190.2.2.21 255.255.255.0
ip ____________________ (missing command)
ip nat inside source static 192.168.1.2 200.1.1.2
ip nat inside source static 192.168.1.1 200.1.1.1
(A) nat source
(B) nat enable
(C) nat address
(D) nat outside
interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.0
ip nat inside
interface GigabitEthernet0/0
ip address 190.2.2.21 255.255.255.0
ip nat outside
ip nat inside source static 192.168.1.2 200.1.1.2
298
Telegram Channel @nettrain
Static NAT configuration requires only a few configuration
steps. Each static mapping between a local (private) address
and a global (public) address must be configured.
299
Telegram Channel @nettrain
Explanation 198. TRUE is the correct answer. Simple Net-
work Management Protocol (SNMP) is a way for different de-
vices on a network to share information with one another. It al-
lows devices to communicate even if the devices are different
hardware and run different software.
300
Telegram Channel @nettrain
1. Message integrity: This mechanism, applied to all SNMPv3
messages, confirms whether or not each message has been
changed during transit.
Question 199. You have been tasked to find out whether the
Cisco Discovery Protocol (CDP) is enabled globally. Which
command will you type?
(A) show protocols
(B) show cdp
(C) show running-config
(D) show interface brief
NTP is a built-on UDP, where port 123 is used for NTP server
communication and NTP clients use port 1023 (for example, a
desktop). Unfortunately, like many legacy protocols, NTP suf-
fers from security issues.
Explanation 201. If one router fails, both hosts will use the
one remaining router as a default router
is the correct answer. The use of an FHRP in this design pur-
posefully allows either router to fail and still support off-subnet
traffic from all hosts in the subnet. Both routers can attach to
the same LAN subnet per IPv4 addressing rules.
304
Telegram Channel @nettrain
FHRPs make this design work better. The two routers appear
to be a single default router. The users never have to do any-
thing: their default router setting remains the same, and their
ARP table even remains the same.
1. All hosts act like they always have, with one default router
setting that never has to change
2. The default routers share a virtual IP address in the subnet,
defined by the FHRP
3. Hosts use the FHRP virtual IP address as their default router
address
4. The routers exchange FHRP protocol messages so that both
agree as to which router does what works at any point in time
5. When a router fails or has some other problem, the routers
use the FHRP to choose which router takes over responsibilities
from the failed router
(A) TRUE
(B) FALSE
Step 2.
As with dynamic and static NAT, configure the ip nat outside
interface subcommand to identify outside interfaces.
Step 3.
As with dynamic NAT, configure an ACL that matches the
packets entering inside interfaces.
Step 4.
Configure the ip nat inside source list acl-number interface
type/number overload global configuration command, refer-
ring to the ACL created in step 3 and to the interface whose IP
307
Telegram Channel @nettrain
address will be used for translations.
1) Bandwidth
2) Delay
3) Jitter
4) Loss
308
Telegram Channel @nettrain
Delay refers to the time between sending one packet and that
same packet arriving at the destination host. Also, delay refers
to the time between sending one packet and that same packet
arriving at the destination host plus the time for the receiver of
that packet to send back a packet.
309
Telegram Channel @nettrain
CHAPTER 11
NETWORK DESIGN ARCHITEC-
TURE
Questions 204-217
Question 206. With PoE, a LAN switch can act as the Power
Sourcing Equipment (PSE).
(A) TRUE
(B) FALSE
310
Telegram Channel @nettrain
Question 207. Which of the following protocols or technolo-
gies do you use each time you connect remotely through VPN?
(A) TLS
(B) IPsec
(C) SSH
(D) Telnet
(E) FTPS
(A) TRUE
(B) FALSE
312
Telegram Channel @nettrain
Question 213. A company uses a Metro Ethernet WAN with an
Ethernet LAN (E-LAN) service, with the company headquarters
plus 20 remote sites connected to the service. The enterprise
uses OSPF at all sites, with one router connected to the service
from each site. Which of the following are true about the Layer
3 details most likely used with this service and design?
(Choose all that apply)
(A) The WAN uses one IP subnet
(B) The WAN uses 20 or more IP subnets
(C) A remote site router would have one OSPF neighbor
(D) A remote site router would have 20 OSPF neighbors
313
Telegram Channel @nettrain
(A) Software as a Service
(B) Platform as a Service
(C) Infrastructure as a Service
(D) Database as a Service
314
Telegram Channel @nettrain
Answers 204-217
Full mesh: For any set of network nodes, a design that con-
nects a link between each pair of nodes.
Partial mesh: For any set of network nodes, a design that con-
nects a link between some pairs of nodes, but not all. In other
words, a mesh that is not a full mesh.
Question 206. With PoE, a LAN switch can act as the Power
Sourcing Equipment (PSE).
(A) TRUE
(B) FALSE
317
Telegram Channel @nettrain
device, is called the Powered Device (PD).
319
Telegram Channel @nettrain
Question 209. Which of the following roles of campus switch-
es provides an aggregation point for access switches?
(A) Access
(B) Distribution
(C) Core
(D) Campus
320
Telegram Channel @nettrain
Question 210. Which of the following roles of campus switch-
es aggregates distribution switches in very large campus
LANs?
(A) Access
(B) Distribution
(C) Core
(D) Campus
321
Telegram Channel @nettrain
ing very high forwarding rates for the larger volume of traffic
due to the size of the network.
The pros is that you get the same benefits as when connecting
with a private WAN connection to a public cloud, and the mi-
323
Telegram Channel @nettrain
gration to a new cloud provider is easier.
The main con is that using an intercloud exchange introduces
another company into the mix.
For the two incorrect answers, both use the Internet, so both
cannot provide QoS services. The Internet VPN option does
encrypt the data to keep it private.
(A) TRUE
(B) FALSE
324
Telegram Channel @nettrain
the management. Your data is stored in the provider’s data
center and the provider is responsible for the management and
maintenance of the data center.
(A) Integration
(B) Isolation
(C) Virtualization
(D) Segmentation
Each virtual server can run its own applications and operating
system. This process increases the utilization of resources by
making each virtual server act as a physical server and increas-
es the capacity of each physical machine.
327
Telegram Channel @nettrain
Explanation 215. Infrastructure as a Service is the correct
answer. Infrastructure as a Service (IaaS) is a form of cloud
computing that delivers fundamental compute, network, and
storage resources to consumers on-demand, over the internet,
and on a pay-as-you-go basis.
IaaS solutions are highly flexible and highly scalable, and you
can replace it whenever you need without losing money on
your initial investment.
330
Telegram Channel @nettrain
CHAPTER 12
NETWORK AUTOMATION
Questions 218-230
Question 219. Given the following JSON object, how many ob-
ject keys found in the sample below?
{ “response”:
{ “id”: “3”,
“name”: “Cisco Catalyst”,
“ipAddress”: {
“private”: “192.168.1.1”,
“public” : “156.157.1.1”
}
331
Telegram Channel @nettrain
}
}
(A) 3
(B) 4
(C) 5
(D) 6
Question 223. Identify the hostname part from the given URI:
https://cluster.cisco.com/dna/intent/api/v1/business/sda/fabric?
ipaddress=10.1.2.3.
(A) https://
(B) cluster.cisco
(C) cluster.cisco.com
(D) dna/intent/api/v1/business/sda/fabric
(E) ?ipaddress=10.1.2.3
334
Telegram Channel @nettrain
1) You don’t know who engineer made the changes in the con-
figuration file.
2) You don’t know the changes in the configuration file over
time.
Which tool your company will use in order to solve these is-
sues?
(A) Version Control System
(B) Version Control Configuration
(C) Version Control Change
(D) Version Control Edit
336
Telegram Channel @nettrain
Question 219. Given the following JSON object, how many ob-
ject keys found in the sample below?
{
“response”: {
“id”: “3”,
“name”: “Cisco Catalyst”,
“ipAddress”: {
“private”: “192.168.1.1”,
“public” : “156.157.1.1”
}
}
}
(A) 3
(B) 4
(C) 5
(D) 6
Delete: Allows the client to delete from the server different in-
stances of data variables.
The Control plane refers to any action that controls the data
339
Telegram Channel @nettrain
plane. Most of these actions have to do with creating the tables
used by the data plane, tables like the IP routing table, an IP
Address Resolution Protocol (ARP) table, a switch MAC address
table, and so on. By adding to, removing, and changing entries
to the tables used by the data plane, the control plane process-
es control what the data plane does.
Telnet and Secure Shell (SSH) are two of the most obvious
management plane protocols.
Question 223. Identify the hostname part from the given URI:
https://cluster.cisco.com/dna/intent/api/v1/business/sda/fabric?
341
Telegram Channel @nettrain
ipaddress=10.1.2.3
(A) https://
(B) cluster.cisco
(C) cluster.cisco.com
(D) dna/intent/api/v1/business/sda/fabric
(E) ?ipaddress=10.1.2.3
In this case:
protocol: HTTPS
hostname: cluster.cisco.com
resource: dna/intent/api/v1/business/sda/fabric
parameters: ipaddress=10.1.2.3
Which tool your company will use in order to solve these is-
sues?
(A) Version Control System
(B) Version Control Configuration
(C) Version Control Change
(D) Version Control Edit
Telnet and Secure Shell (SSH) are two of the most obvious
management plane protocols. To emphasize the difference with
control plane protocols, think about two routers: one configured
to allow Telnet and SSH into the router and one that does not.
348
Telegram Channel @nettrain
THE END
Examsdigest includes:
✓ Access to 1000+ Questions
✓ Access to 150+ Quizzes
✓ 6+ Certification Paths
✓ 24/7 Support
✓ Interactive Interview Questions
✓ Access on the go
About examsdigest.
Examsdigest started in 2019 and haven’t stopped smashing it
since. Examsdigest is a global, education tech-oriented com-
pany that doesn’t sleep. Their mission is to be a part of your life
349
Telegram Channel @nettrain
transformation by providing you the necessary training to hit
your career goals.
350
Telegram Channel @nettrain