Composite Quiz 102 Questions: Type Text To Search Here..

06/08/2023 00:31 CCNA Training » Composite Quiz 102 Questions
Type text to search here...

Home > Composite Quiz 102 Questions
Composite Quiz 102 Questions

June 7th, 2020
Result of Composite Quiz 102 Questions:
Total Questions Full Score Passing Rate Your Score Correct Answer Percentage Elapsed
102 1425 80% 895 62.81% 01:00:55
Sorry!
You failed :( but surely you will do it better next time!
If you want to retake this quiz, please press Ctrl + F5 on Windows or press CMD + R on Mac.
Your answers are shown below:
Question 1
Which functionality is provided by the console connection on a Cisco WLC?
A. HTTP-based GUI connectivity

B. out-of-band management
C. unencrypted in-band connectivity for file transfers
D. secure In-band connectivity for device administration
Explanation
The console port is used for out-of-band management, system recovery, and early boot operations.
Question 2
Refer to the exhibit.
Switch#show etherchannel summary

[output omitted]
Group Port-channel Protocol Ports

-------+--------------+---------+---------------------
10 Po10(SU) LACP Gi0/0(P) Gi0/1(P)
20 Po20(SU) LACP Gi0/2(P) Gi0/3(P)
Which two commands when used together create port channel 10? (Choose two)
A. int range g0/0-1

channel-group 10 mode on
B. int range g0/0-1
channel-group 10 mode auto
C. int range g0/0-1
channel-group 10 mode passive
D. int range g0/0-1
channel-group 10 mode desirable
E. int range g0/0-1
channel-group 10 mode active
https://www.9tut.com/composite-quiz 1/47
Question 3
What is the purpose of the ip address dhcp command?
A. to configure an interface as a DHCP server

B. to configure an interface as a DHCP helper
C. to configure an interface as a DHCP client
D. to configure an interface as a DHCP relay
Explanation
Use the ip address dhcp command to obtain IP address information for the configured interface.
Question 4
Which two functions are performed by the core layer in a three-tier architecture? (Choose two)
A. Police traffic that is sent to the edge of the network

B. Provide uninterrupted forwarding service
C. Provide direct connectivity for end user devices
D. Inspect packets for malicious activity
E. Ensure timely data transfer between layers
Explanation
Considerations at the core layer include

+ Providing high-speed switching (i.e., fast transport)
+ Providing reliability and fault tolerance
+ Scaling by using faster, and not more, equipment
+ Avoiding CPU-intensive packet manipulation caused by security, inspection, quality of service (QoS) classification, or other
processes
Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4
Question 5
What are two descriptions of three-tier network topologies? (Choose two)
A. The core layer maintains wired connections for each host

B. The distribution layer runs Layer 2 and Layer 3 technologies
C. The core and distribution layers perform the same functions
D. The access layer manages routing between devices in different domains
E. The network core is designed to maintain continuous connectivity when devices fail
Question 6
Which characteristic differentiates the concept of authentication from authorization and accounting?
A. user-activity logging
B. identity verification
C. consumption-based billing
D. service limitations
Question 7
What is the primary purpose of a First Hop Redundancy Protocol?
A. It reduces routing failures by allowing Layer 3 load balancing between OSPF neighbors that have the same link metric
B. It allows a router to use bridge priorities to create multiple loop-free paths to a single destination
C. It allows directly connected neighbors to share configuration information
D. It reduces routing failures by allowing more than one router to represent itself, as the default gateway of a
network
Question 8
Wireless LAN access must be set up to force all clients from the NA WLAN to authenticate against the local database.
The WLAN is configured for local EAP authentication. The time that users access the network must not be limited.
Which action completes this configuration?
A. Check the Guest User Role check box

B. Clear the Lifetime (seconds) value
C. Uncheck the Guest User check box
D. Set the Lifetime (seconds) value to 0
Explanation
The users created in the “Local Net Users” are stored in the local database. With the “Guest User” check box enabled, we have to
set the time for that user. The “Lifetime” is the amount of time that the guest user account is to remain active. The valid range is
60 to 2,592,000 seconds (30 days) inclusive, and the default setting is 86,400 seconds.
If we don’t want to limit the time for that user, uncheck the “Guest User” check box.
Question 9
Which function is performed by the collapsed core layer in a two-tier architecture?
A. attaching users to the edge of the network

B. enforcing routing policies
C. applying security policies
D. marking interesting traffic for data polices
Explanation
The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the network design.
However, many small enterprise networks do not grow significantly larger over time. Therefore, a two-tier hierarchical design
where the core and distribution layers are collapsed into one layer is often more practical. A “collapsed core” is when the
distribution layer and core layer functions are implemented by a single device. The primary motivation for the collapsed
core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model.
Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4
A collapsed core network is shown below. The collapsed core network may be deployed with redundant core/distribution router,
or consolidated core/distribution router.
Deploying a collapsed core network results in the distribution layer and core layer functions being implemented in a single
device. The collapsed core/distribution device must provide the following:
+ High speed physical and logical paths connecting to the network
+ Layer-2 aggregation and demarcation point
+ Define routing and network access policies -> Answer 'enforcing routing policies' is correct
+ Intelligent network services—QoS, Network virtualization, etc.
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_Profile/SEDP/chap2.html
Question 10
What are two improvements provided by automation for network management in an SDN environment? (Choose two)
A. Artificial intelligence identifies and prevents potential design failures

B. Machine learning minimizes the overall error rate when automating troubleshooting processes
C. Proprietary Cisco APIs leverage multiple network management tools
D. New devices are onboarded with minimal effort
E. Data collection and analysis tools establish a baseline for the network
Question 11
What is the benefit of using FHRP?
A. reduced management overhead on network routers

B. higher degree of availability
C. balancing traffic across multiple gateways in proportion to their loads
D. reduced ARP traffic on the network
Question 12
SW2 is replaced due to a hardware failure. A network engineer starts to configure SW2 by copying the Fa0/1 interface
configuration from SW1. Which command must be configured on the Fa0/1 interface of SW2 to enable PC1 to connect to
PC2?
A. switchport trunk allowed remove 10
B. switchport mode access
C. switchport trunk native vlan 10
D. switchport mode trunk
Question 13
When configuring a WLAN with WPA2 PSK in the Cisco Wireless LAN Controller GUI, which two formats are available
to select? (Choose two)
A. binary
B. hexadecimal
C. base64
D. ASCII
E. decimal
Explanation
When configuring a WLAN with WPA2 Preshared Key (PSK), we can choose the encryption key format as either ASCII or
HEX.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/multi-preshared-
key.pdf
Question 14
What are two characteristics of an SSID? (Choose two)
A. It uniquely identifies an access point in a WLAN

B. It uniquely identifies a client in a WLAN
C. It can be hidden or broadcast in a WLAN
D. It is at most 32 characters long
E. It provides secured access to a WLAN
Explanation
The SSID is a unique identifier that wireless networking devices use to establish and maintain wireless connectivity. The SSID
can consist of up to 32 alphanumeric, case-sensitive, characters.
We can hide a SSID by choosing “Disabled” in the Basic Wireless Settings/Wireless/SSID Broadcast section.
Question 15
Which action does the router take as it forwards a packet through the network?
A. The router replaces the original source and destination MAC addresses with the sending router MAC address as
the source and neighbor MAC address as the destination
B. The router encapsulates the original packet and then includes a tag that identifies the source router MAC address and
transmit transparently to the destination
C. The router replaces the source and destination labels with the sending router interface label as a source and the next
hop router label as a destination
D. The router encapsulates the source and destination IP addresses with the sending router IP address as the
source and the neighbor IP address as the destination
Explanation
While transferring data through many different networks, the source and destination IP addresses are not changed. Only the
source and destination MAC addresses are changed.
Question 16
An engineer is configuring an encrypted password for the enable command on a router where the local user database has
already been configured. Drag and drop the configuration commands from the left into the correct sequence on the right.
Not all commands are used.
Please type the corresponding numbers of each item on the left to the blank below. For example: 1362 (which means 1 for
"first", 3 for "second", 6 for "third" and 2 for "fourth").
Please type your answer here: 4231
Question 17
Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?
A. lldp tlv-select
B. lldp timer
C. lldp reinit
D. lldp holdtime
Explanation
+ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before
discarding it
+ lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface
+ lldp timer rate: Set the sending frequency of LLDP updates in seconds
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-
2_55_se/configuration/guide/3560_scg/swlldp.html
Question 18
Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, and automatically when edge
devices or access circuits fail?
A. HSRP
B. VRRP
C. FHRP
D. SLB
Question 19
Router R1 must send all traffic without a matching routing-table entry to 192.168.1.1. Which configuration accomplishes
this task?
A. R1#config t
R1(config)#ip routing
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
B. R1#config t
R1(config)#ip route default-route 192.168.1.1
C. 1#config t
R1(config)#ip default-gateway 192.168.1.1
D. R1#config t
R1(config)#ip route 192.168.1.1 0.0.0.0 0.0.0.0
Question 20
What are two features of the DHCP relay agent? (Choose two)
A. assigns DNS locally and then forwards request to DHCP server

B. is configured under the Layer 3 interface of a router on the client subnet
C. allows only MAC-to-IP reservations to determine the local subnet of a client
D. permits one IP helper command under an individual Layer 3 interface
E. minimizes the necessary number of DHCP servers
Explanation
With the DHCP relay agent, we can configure DHCP servers in different subnet of the DHCP client. Otherwise we have to place
one DHCP server in the same subnet of DHCP clients -> Answer "minimizes the necessary number of DHCP servers" is correct.
Note: We can configure more than one ip helper command under one Layer 3 interface:
To make a router a DHCP Relay Agent, simply put the “ip helper-address <IP-address-of-DHCP-Server>” command under the
interface that receives the DHCP messages from the DHCP Client -> Answer "is configured under the Layer 3 interface of a
router on the client subnet" is correct.
Question 21
What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz
frequency?
A. different overlapping channels

B. one overlapping channel
C. one nonoverlapping channel
D. different nonoverlapping channels
Explanation
In the 2.4 GHz band, 1, 6, and 11 are the only non-overlapping channels so they should be chosen while installing APs.
Question 22
On workstations running Microsoft Windows, which protocol provides the default gateway for the device?
A. SNMP
B. DNS
C. DHCP
D. STP
Question 23
Which switch becomes the root bridge?
A. SW3
Bridge Priority – 32768
mac-address 01:1c:6c:66:b7:70
B. SW2
mac-address 04:44:97:51:63:17
C. SW 4
mac-address 05:d8:33:09:8f:89
D. SW 1
mac-address 0fd7:9e:13:ab:82
Explanation
The switch with lowest bridge priority will be chosen the root bridge. If many switches have the same bridge priority then the
lowest MAC address would be chosen.
Question 24
Which IPv6 address block sends packets to a group address rather than a single address?
OR
Which IPv6 address block forwards packets to a multicast address rather than a unicast address?
A. FE80::/10
B. FC00::/7
C. FF00::/12
D. 2000::/3
Explanation
Well-known multicast addresses have the prefix ff00::/12.
FE80::/10 range is used for link-local addresses. Link-local addresses only used for communications within the local subnetwork
(automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the
current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on
48-bit MAC address).
Question 25
Drag and drop the device behaviors from the left onto the matching HSRP state on the right.
Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.
is waiting to hear from the neighbor device Learn

is forwarding packets Active
has heard from the neighbor device and is receiving hello packets Listen
is transmitting and receiving hello packets Speak
is ready to forward packets if the device that is currently forwarding packets fails Standby
Explanation
When in operation, HSRP devices are configured into one of many states:
Active – This is the state of the device that is actively forwarding traffic.
Init or Disabled – This is the state of a device that is not yet ready or able to participate in HSRP.
Learn – This is the state of a device that has not yet determined the virtual IP address and has not yet seen a hello message from
an active device.
Listen – This is the state of a device that is receiving hello messages.
Speak – This is the state of a device that is sending and receiving hello messages.
Standby – This is the state of a device that is prepared to take over the traffic forwarding duties from the active device.
Reference: https://www.pearsonitcertification.com/articles/article.aspx?p=2141271
Question 26
Two switches have been implemented and all interfaces are at the default configuration level. A trunk link must be
implemented between two switches with these requirements:
+ using an industry-standard trunking protocol
+ permitting VLANs 1-10 and denying other VLANs
How must the interconnecting ports be configured?
A. switchport mode dynamic

channel-protocol lacp
switchport trunk allowed vlans 1-10
B. switchport mode dynamic desirable
switchport trunk encapsulation isl
switchport trunk allowed vlan except 11-4094
C. switchport mode trunk
switchport trunk native vlan 11
D. switchport mode trunk
switchport trunk encapsulation dot1q
Explanation
"Using an industry-standard trunking protocol" so we have to use 802.1Q, not ISL.
Question 27
Which two functions does a WLC perform in the lightweight access-point architecture that an AP performs
independently in an autonomous architecture? (Choose two)
A. handling the association, authentication, and roaming of wireless clients

B. preventing collisions between wireless clients on the same RF channel
C. sending and processing beacon frames
D. managing RF channels, including transmission power
E. encrypting and decrypting traffic that uses the WAP protocol family
Explanation
This question asks what the WLC can do for the AP or which functions are moved from AP to WLC in lightweight access-point
architecture.
The wireless clients encrypt and decrypt the traffic, not the AP -> Answer 'encrypting and decrypting traffic that uses the WAP
protocol family' is not correct.
The wireless clients also run CSMA/CA to prevent collisions between them, not the AP -> Answer 'preventing collisions between
wireless clients on the same RF channel' is not correct.
With wireless networking, we have real-time and management functions. The AP should handle real-time functions, but
everything that is not delay-sensitive can do from a central location. We separate the following management and real-time
functions of the AP:
+ Management functions:
++ Client authentication (-> Answer 'handling the association, authentication, and roaming of wireless clients ' is correct)
++ Security management
++ Association and reassociation (roaming)
++ Quality of Service (QoS)
+ Real-time functions:
++ Transmission of 802.11 frames
++ MAC management
++ Encryption
Since these functions are not real-time, we can move them to a central point, the WLC. We take away some of the intelligence of
the AP, which is why we call them lightweight APs (LAP). We move this intelligence to the WLC.
Reference: https://networklessons.com/cisco/ccna-200-301/cisco-wireless-network-architectures
Radio Resource Management (RRM) allows the controller to dynamically control power and channel assignment of APs ->
Answer 'managing RF channels, including transmission power ' is correct.
Reference: https://what-when-how.com/deploying-and-troubleshooting-cisco-wireless-lan-controllers/lightweight-compared-to-
traditional-autonomous-aps-cisco-wireless-lan-controllers/
Question 28
Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options
are used.
Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For
example: 1625 (which means 16 for first group, 25 for second group).
Please type your answer here: 1426 (correct answer: 4523)
Explanation
Answer:
Accounting
+ It records the amount of time for which a user accesses the network on a remote server
+ It uses TACACS+ to log the configuration commands entered by a network administrator
Authorization
+ It enables the device to allow user- or group-based access
+ It restricts the CLI commands that a user is able to perform
Explanation
To use RADIUS server to allow a reverse Telnet session we have to use such command “aaa authentication login reverse-access
group radius”.
Note: Reverse telnet allows you to telnet to a device then from that device connect to the console of another device.
Question 29
A network engineer is in the process of establishing IP connectivity between two sites. Routers R1 and R2 are partially
configured with IP addressing. Both routers have the ability to access devices on their respective LANs. Which command
set configures the IP connectivity between devices located on both LANs in each site?
A. R1
ip route 0.0.0.0 0.0.0.0 209.165.200.225
R2
ip route 0.0.0.0 0.0.0.0 209.165.200.226
B. R1
ip route 192.168.1.1 255.255.255.0 GigabitEthernet0/1
R2
C. R1
ip route 0.0.0.0 0.0.0.0 209.165.200.226
R2
ip route 0.0.0.0 0.0.0.0 209.165.200.225
D. R1
R2
Explanation
On R1, by using the default route ("ip route 0.0.0.0 0.0.0.0 209.165.200.226"), we tell R1 to send all unknown destination
packets to R2 so all packets with destination to 10.1.1.0/24 will be forwarded to R2. The same thing is configured on R2 so this
configuration works well in this question.
We cannot type the command "ip route 10.1.1.1 255.255.255.0 ..." which causes an "inconsistent mask and address" error as
shown in the figure below (while the command "ip route 10.1.1.0 255.255.255.0 ..." is accepted):
Comments (17)
Question 30
Which protocol does an access point use to draw power from a connected switch?
A. Internet Group Management Protocol

B. Cisco Discovery Protocol
C. Adaptive Wireless Path Protocol
D. Neighbor Discovery Protocol
Explanation
Restrictions for Cisco Discovery Protocol

...
These TLVs are supported only by the access point:
+ Power Consumption TLV: 0x0010—The maximum amount of power consumed by the access point.
+ Power Request TLV:0x0019—The amount of power to be transmitted by a powerable device in order to negotiate a suitable
power level with the supplier of the network power
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-
guide/b_cg75/b_cg75_chapter_010001.pdf
CDP is the protocol used by Cisco access points to advertise their power requirements to power-sourcing devices.
Question 31
Drag and drop the Ansible terms from the left onto the right.
Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.
collection of actions to perform on target devices, expressed in YAML format playbook

device with Ansible installed that manages target devices managed node
network device, without Ansible installed, upon which commands can be executed module
specific action to be performed on one or more target devices inventory
unit of Python code to be executed task
Ansible file that defines the target devices upon which commands and tasks can be executed control node
Explanation
Once Ansible is installed, it creates several text files:
+ Playbooks: These files provide actions and logic about what Ansible should do. Ansible playbooks are files that contain tasks
to configure hosts. Ansible playbooks are written in YAML format.
+ Inventory: a file contains a list of the hosts (usually their IP addresses, ports) which you want to configure or manage. Hosts in
an inventory can be divided into smaller groups for easier management and configuration. Each group can run different tasks. An
example of a task is to ping all hosts in group [routers].
…
Modules (also referred to as “task plugins” or “library plugins”) are discrete units of code that can be used from the command
line or in a playbook task. Ansible executes each module, usually on the remote managed node, and collects return values.
The control node is a computer that runs Ansible. A managed node is any device being managed by the control node.
Reference: https://opensource.com/resources/what-ansible
Question 32
A network administrator is setting up a new IPv6 network using the 64-bit address
2001:0EB8:00C1:2200:0001:0000:0000:0331/64. To simplify the configuration, the administrator has decided to compress
the address. Which IP address must the administrator configure?
A. ipv6 address 2001:EB8:C1:2200:1::331/64

B. ipv6 address 2001:EB8:C1:2200:1:0000:331/64
C. ipv6 address 2001:EB8:C1:22:1::331/64
D. ipv6 address 21:EB8:C1:2200:1::331/64
Question 33
Refer to the exhibit. Which command provides this output?
Capability Codes: k - Router, I - Trans Bridge, B - source Route bridge

S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
10.1.1.2 Gig37/3 176 RI CPT 600 Gig36/41
10.1.1.2 Gig37/1 174 RI CPT 600 Gig36/43
10.1.1.2 Gig36/41 134 RI CPT 600 Gig37/3
10.1.1.2 Gig36/43 134 RI CPT 600 Gig37/1
10.1.1.2 Ten3/2 132 RI CPT 600 Ten4/2
10.1.1.2 Ten4/2 174 RI CPT 600 Ten3/2
A. show ip route
B. show cdp neighbor
C. show interface
D. show ip interface
Question 34
Which configuration establishes a Layer 2 LACP EtherChannel when applied to both switches?
A. interface range G1/1 -1/3
switchport mode trunk
no shutdown
B. interface range G1/1 -1/3
switchport mode access
channel-group 1 mode on
no shutdown
C. interface range G1/1 -1/3
switchport mode trunk
channel-group 1 mode active
no shutdown
D. interface range G1/1 -1/3
switchport mode access
channel-group 1 mode passive
no shutdown
Explanation
The question clear stated that we use LACP so we must use mode "active" on both interfaces.
Question 35
Which remote access protocol provides unsecured remote CLI access?
A. Bash
B. console
C. Telnet
D. SSH
Question 36
Which two QoS tools can provide congestion management? (Choose two)
A. PQ
B. CBWFQ
C. FRTS
D. CAR
E. PBR
Explanation
This module discusses the types of queueing and queueing-related features (such as bandwidth management) which constitute
the congestion management QoS features:
Class-based WFQ (CBWFQ): extends the standard WFQ functionality to provide support for user-defined traffic classes. For
CBWFQ, you define traffic classes based on match criteria including protocols, access control lists (ACLs), and input interfaces.
Packets satisfying the match criteria for a class constitute the traffic for that class.
Priority queueing (PQ): With PQ, packets belonging to one priority class of traffic are sent before all lower priority traffic to
ensure timely delivery of those packets.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conmgt/configuration/xe-3s/qos-conmgt-xe-3s-book/qos-
conmgt-oview.html
Note: Committed Access Rate (CAR) is only used for bandwidth limitation by dropping excessive traffic.
Question 37
Which interface is used to send traffic to the destination network?
O 10.139.120.253/29 [110/9443] via G0/20

O 10.139.120.253/29 [110/29560] via G0/16
R 10.139.120.253/29 [120/12] via G0/11
R 10.139120 253/29 [120/6] via G0/9
A. G0/11
B. G0/16
C. G0/9
D. G0/20
Explanation
The first entry has lowest AD (110) and lowest metric (9443) so it is the best route and will be installed into the routing table.
Question 38
How does a router behave when configured with the default DNS lookup settings, and a URL is entered on the CLI?
A. attempts to query a DNS server on the network.

B. initiates a ping request to the URL.
C. prompts the user to specify the desired IP address.
D. continuously attempts to resolve the URL until the command is cancelled.
Explanation
By default, domain lookup function is enabled on the router so it treats every unrecognized command as a hostname, attempts to
make a telnet connection to that which, in turn, attempts to resolve a hostname to IP address by querying the DNS server.
Here is a typical sample.
R1#xyz
Translating “xyz”…domain server (255.255.255.255)
Translating “xyz”…domain server (255.255.255.255) (255.255.255.255)
Translating “xyz”…domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer address
Note: In order to save some time we can disable DNS lookup by the “no ip domain lookup” global command.
Question 39
What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API?
A. XML
B. REST
C. OpenFlow
D. Java
Explanation
OpenFlow and NETCONF are Southbound APIs used for most SDN implementations.
Note: SDN northbound APIs are usually RESTful APIs used to communicate between the SDN Controller and the services and
applications running over the network.
Question 40
Which two components are needed to create an Ansible script that configures a VLAN on a switch? (Choose two)
A. task
B. cookbook
C. recipe
D. model
E. playbook
Question 41
Refer to the exhibit. With which metric does router R1 learn the route to host 172.16.0.202?
R1#show ip route | begin gateway
Gateway of last resort is 209.165.200.246 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 209.165.200.246, Serial0/1/0
is directly connected, Serial0/1/0
172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks
S 172.16.0.0/24 [1/0] via 207.165.200.250, Serial0/0/0
O 172.16.0.128/25 [110/32445] via 207.165.200.254, 00:00:33, Serial0/0/1
D 172.16.0.192/29 [90/3184439] via 207.165.200.254, 00:00:33, Serial0/0/1
C 207.165.200.248/30 is directly connected, Serial0/0/0
L 207.165.200.249/32 is directly connected, Serial0/0/0
C 207.165.200.252/30 is directly connected, Serial0/0/1
L 207.165.200.253/32 is directly connected, Serial0/0/1
A. 3184439
B. 0
C. 32445
D. 110
Explanation
Both the line “O 172.16.0.128/25” and “S 172.16.0.0/24” cover the host 172.16.0.202 but with the “longest (prefix) match” rule
the router will choose the first route.
Note: Network 172.16.0.192/29 does not cover host 172.16.0.202. For network 172.16.0.192/29:
Increment: 8
Network address: 172.16.0.192
Broadcast address: 172.16.0.199
Question 42
Drag and drop the QoS congestion management terms from the left onto the description on the right.
services a specified number of bytes in one queue before continuing to the next queue FIFO
provides guaranteed bandwidth to a specified class of traffic PQ
places packets into one of four priority-based queues CBWFQ
provides minimum guaranteed bandwidth to one or more flows CQ
uses store-and-forward queuing WFQ
Explanation
+ services a specified number of bytes in one queue before continuing to the next queue: CQ
+ provides guaranteed bandwidth to a specified class of traffic: CBWFQ
+ places packets into one of four priority-based queues: PQ
+ provides minimum guaranteed bandwidth to one or more flows: WFQ
+ uses store-and-forward queuing: FIFO
First-in, first-out (FIFO): FIFO entails no concept of priority or classes of traffic. With FIFO, transmission of packets out the
interface occurs in the order the packets arrive, which means no QoS
Priority Queuing (PQ): schedules traffic such that the higher-priority queues “always” get serviced first
Custom Queuing (CQ): provide specific traffic guaranteed bandwidth at a potential congestion point, assuring the traffic a fixed
portion of available bandwidth and leaving the remaining bandwidth to other traffic.
Weighted fair queueing (WFQ): offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights.
In standard WFQ, packets are classified into flows according to one of four criteria: the source Internet Protocol address (IP
address), the destination IP address, the source Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port, or
the destination TCP or UDP port.
Class-based weighted fair queueing (CBWFQ) extends the standard WFQ functionality to provide support for user-defined
traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, access control lists (ACLs),
and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class. A queue is reserved for
each class, and traffic belonging to a class is directed to the queue for that class.
Once a class has been defined according to its match criteria, you can assign it characteristics. To characterize a class, you assign
it bandwidth, weight, and maximum packet limit. The bandwidth assigned to a class is the guaranteed bandwidth delivered to the
class during congestion.
Question 43
Which is a fact related to FTP?
A. It uses two separate connections for control and data traffic

B. It uses block numbers to identify and mitigate data-transfer errors
C. It relies on the well-known UDP port 69.
D. It always operates without user authentication
Explanation
FTP communicates using two TCP connections. Control traffic is exchanged over TCP/21, and data transmission is performed
over TCP/20.
Question 44
Drag and drop the 802.11 wireless standards from the left onto the matching statements on the right.
Supports a maximum data rate of 11 Mbps 802.11ac

Operates in the 5 GHz band only and supports a maximum data rate of 54 Mbps 802.11a
Operates in the 5 GHz band only and supports a maximum data rate that can exceed 100 Mbps 802.11g
Operates in the 2.4 GHz and 5 GHz bands 802.11n
Operates in the 2.4 GHz band only and supports a maximum data rate of 54 Mbps 802.11b
Explanation
+ 802.11b: Supports a maximum data rate of 11 Mbps

+ 802.11a: Operates in the 5 GHz band only and supports a maximum data rate of 54 Mbps
+ 802.11ac: Operates in the 5 GHz band only and supports a maximum data rate that can exceed 100 Mbps
+ 802.11n: Operates in the 2.4 GHz and 5 GHz bands
+ 802.11g: Operates in the 2.4 GHz band only and supports a maximum data rate of 54 Mbps
Wireless Standards
IEEE Frequency/Medium Speed Topology Transmission Range Access

Standard Method
802.11 2.4GHz RF 1 to 2Mbps Ad 20 feet indoors. CSMA/CA

hoc/infrastructure
802.11a 5GHz Up to Ad 25 to 75 feet indoors; range can be CSMA/CA

54Mbps hoc/infrastructure affected by building materials.
802.11b 2.4GHz Up to Ad Up to 150 feet indoors; range can be CSMA/CA

802.11g 2.4GHz Up to Ad Up to 150 feet indoors; range can be CSMA/CA

802.11n 2.4GHz/5GHz Up to Ad 175+ feet indoors; range can be affected CSMA/CA

600Mbps hoc/infrastructure by building materials.
802.11ac uses dual-band wireless technology, supporting simultaneous connections on both 2.4 GHz and 5 GHz Wi-Fi devices.
802.11ac offers backward compatibility to 802.11a/b/g/n and bandwidth rated up to 1300 Mbps on the 5 GHz band plus up to
450 Mbps on 2.4 GHz.
Question 45
Which two HTTP methods are suitable for actions performed by REST-based APIs? (Choose two)
A. REDIRECT
B. GET
C. POP
D. POST
E. REMOVE
Explanation
GET: retrieve data

POST: create data
PUT: fully update (i.e. replace) an existing record
PATCH: update part of an existing record
DELETE: delete records
Question 46
An engineer is configuring switch SW1 to act as an NTP server when all upstream NTP server connectivity fails. Which
configuration must be used?
A. SW1# config t
SW1(config)#ntp backup
SW1(config)#ntp server 192.168.1.1
B. SW1# config t
SW1(config)#ntp access-group server accesslist1
C. SW1# config t
SW1(config)#ntp master
D. SW1# config t
SW1(config)3 ntp peer 192.168.1.1
SW1(config)#ntp access-group peer accesslist1
Question 47
Which enhancement is implemented in WPA3?
A. employs PKI to identify access points

B. uses TKIP
C. protects against brute force attacks
D. applies 802.1x authentication
Explanation
Another security enhancement that has been made in WP3 reduces potential for password cracking attacks such as the WPA2
KRACK Attack. WPA2 is vulnerable to brute force and dictionary-based attacks. That is because security relies on the AP
provider setting a secure password and many establishments don’t. With WPA3, the Pre-Shared Key (PSK) exchange protocol is
replaced with Simultaneous Authentication of Equals (SAE) or the Dragonfly Key Exchange, which improves security of the
initial key exchange and offers better protection against offline dictionary-based attacks.
Reference: https://www.webtitan.com/blog/wpa3-wifi-security-enhancements-will-not-block-all-threats/
Question 48
What are two differences between WPA2 and WPA3 wireless security? (Choose two)
A. WPA3 uses SAE for stronger protection than WPA2, which uses AES
B. WPA3 uses AES for stronger protection than WPA2, which uses TKIP
C. WPA3 uses AES for stronger protection than WPA2, which uses SAE
D. WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key encryption
E. WPA2 uses 128-bit key encryption, and WPA3 supports 128-bit and 192-bit key encryption
Explanation
WPA3 provides improvements to the general Wi-Fi encryption, thanks to Simultaneous Authentication of Equals (SAE)
replacing the Pre-Shared Key (PSK) authentication method used in prior WPA versions -> Answer 'WPA3 uses AES for stronger
protection than WPA2, which uses SAE' and answer 'WPA3 uses AES for stronger protection than WPA2, which uses TKIP' are
not correct.
Reference: https://www.networkworld.com/article/3316567/what-is-wpa3-wi-fi-security-protocol-strengthens-connections.html
Most WPA2 implementations use 128-bit AES encryption keys. In WPA3, longer key sizes – the equivalent of 192-bit security –
are mandated only for WPA3-Enterprise -> Answer 'WPA2 uses 192-bit key encryption, and WPA3 requires 256-bit key
encryption' is not correct.
WPA3-Enterprise supports 128-bit Advanced Encryption Standard Counter Mode with Cipher Block Chaining Message
Authentication (AES-CCMP 128) as the minimum requirement. It also offers an optional mode using 192-bit encryption.
Question 49
What is the purpose of the Cisco DNA Center controller?
A. to secure physical access to a data center

B. to provide Layer 3 services to autonomous access points
C. to securely manage and deploy network devices
D. to scan a network and generate a layer 2 network diagram
Question 50
Refer to the exhibit. A packet is being sent across router R1 to host 172.16.3.14. To which destination does the router send
the packet?
A. 207.165.200.250 via Serial0/0/0

B. 207.165.200.246 via Serial0/1/0
C. 207.165.200.254 via Serial0/0/0
D. 207.165.200.254 via Serial0/0/1
Question 51
What is the benefit of using private IPv4 addressing?
A. to provide reliable connectivity between like devices

B. to enable secure connectivity over the Internet
C. to shield internal network devices from external access
D. to be routable over an external network
Question 52
What are two port types used by a Cisco WLC for out-of-band management? (Choose two)
A. service
B. console
C. management
D. redundant
E. distribution system
Explanation
The service port is used for out-of-band management of the controller and system recovery and maintenance in the event of a
network failure.
Reference: https://www.firewall.cx/cisco-technical-knowledgebase/cisco-wireless/1077-cisco-wireless-controllers-interfaces-
ports-functionality.html
The console port is used for out-of-band management, system recovery, and early boot operations.
Reference: https://www.geeksforgeeks.org/physical-infrastructure-connections-of-wlan-components/
Question 53
How must router A be configured so that it only sends Cisco Discovery Protocol Information to router C?
Option A Option B
conf t conf t
RouterA(config)#no cdp run RouterA(config)#cdp run
RouterA(config)#interface gi0/0/1 RouterA(config)#interface gi0/0/1
RouterA(config)#cdp enable RouterA(config)#cdp enable
Option C Option D
conf t conf t
RouterA(config)#cdp run RouterA(config)#cdp run
RouterA(config)#interface gi0/0/0 RouterA(config)#interface gi0/0/0
RouterA(config)#cdp enable RouterA(config)#no cdp enable
A. Option D
B. Option B
C. Option A
D. Option C
Explanation
If CDP is disabled globally, you cannot enable it on each interface using the "cdp enable" interface configuration mode
command.
Reference: https://www.cisco.com/c/en/us/td/docs/optical/cpt/r9_5/command/reference/cpt95_cr/cpt95_cr_chapter_01101.pdf
Therefore in order to enable CDP on a specific interface only, we must:

1. Enable CDP globally
2. Disable CDP on other interfaces.
Question 54
Refer to the exhibit. What must be configured to enable 802.11w on the WLAN?
A. Enable WPA Policy

B. Set Fast Transition to Enabled
C. Set PMF to Required
D. Enable MAC Filtering
Explanation
Configuring 802.11w (GUI)

Procedure
Step 1 Choose WLANs > WLAN ID to open the WLANs > Edit page.
Step 2 In the Security tab, choose the Layer 2 security tab.
Step 3 From the Layer 2 Security drop-down list, choose WPA+WPA2.
The 802.11w IGTK Key is derived using the 4-way handshake, which means that it can only be used on WLANs that are
configured for WPA2 security at Layer 2.
Note: WPA2 is mandatory and encryption type must be AES. TKIP is not valid.
Step 4 Choose the PMF state from the drop-down list
The following options are available:
Disabled—Disables 802.11w MFP protection on a WLAN
Optional—To be used if the client supports 802.11w.
Required—Ensures that the clients that do not support 802.11w cannot associate with the WLAN.
Reference: https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/wireless/controller/7-
5/configuration-guide/b_cg75/b_cg75_chapter_01001100.html.xml
Note: When you create a MAC address filter on WLCs, users are granted or denied access to the WLAN network based on the
MAC address of the client they use
Fast Transition is 802.11r, not 802.11w.
Therefore "Set PMF to Required" is the best choice.
Question 55
Router R1 is added to the network and configured with the 10.0.0.64/26 and 10.0.20.0/24 subnets. However, traffic
destined for the LAN on R3 is not accessible. Which command when executed on R1 defines a static route to reach the R3
LAN?
A. ip route 10.0.0.64 255.255.255.192 10.0.20.3

B. ip route 10.0.15.0 255.255.255.0 10.0.20.3
C. ip route 10.0.15.0 255.255.255.0 10.0.20.1
D. ip route 10.0.15.0 255.255.255.192 10.0.20.1
Question 56
An interface has been configured with the access list that is shown below.
access-list 107 deny tcp 207.16.12.0.0.0.3.255 any eq http

access-list 107 permit ip any any
On the basis of that access list, drag each information packet on the left to the appropriate category on the right.
Please type the corresponding numbers of each item on the left to the blank below and arrange them ascendingly. For
example: 13524 (which means 135 for first group, 24 for second group)
Explanation
From the ACL:
access-list 107 deny tcp 207.16.12.0.0.0.3.255 any eq http

We can deduce it block all source hosts in 207.16.12.0/22 range (which ranges from 207.16.12.0 to 207.16.15.255) via HTTP
(port 80) while permit any other hosts.
Question 57
Which interface condition is occurring in this output?

R19# show interface fa0/0
FastEthernet0/0 is up, line protocol is up
Hardware is DEC21140, address is ca02.7788.0000 (bia ca02.7788.0000)
Description: portland_subnet
Internet address is 10.32.102.2/30
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (60 sec)
Full-duplex, 100 Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of 'show interface' counters never
Input queue: 0/300/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/300 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
7331 packets input, 7101162 bytes
Received 267 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
3927 packets output, 1440403 bytes, 0 underruns
0 output errors, 139 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
A. high throughput
B. queueing
C. collisions
D. duplex mismatch
Explanation
This interface gets high collision (139 collisions) so one end may be set to “Half-duplex”.
Question 58
Which state does the switch port move to when PortFast is enabled?
A. listening
B. forwarding
C. learning
D. blocking
Question 59
What is the purpose of traffic shaping?
A. to mitigate delays over slow links
B. to provide fair queuing for buffered flows
C. be a marking mechanism that identifies different flows
D. to limit the bandwidth that a flow can use
Explanation
The primary reasons you would use traffic shaping are to control access to available bandwidth, to ensure that traffic
conforms to the policies established for it, and to regulate the flow of traffic in order to avoid congestion that can occur when the
sent traffic exceeds the access speed of its remote, target interface.
Question 60
Current Neighbor Relationship
Neighbor ID Pri State Dead Time Address Interface

192.168.1.1 1 FULL/DR 00:00:33 192.168.1.1 GigabitEthernet0/0
Desired Neighbor Relationship
Neighbor ID Pri State Dead Time Address Interface

192.168.1.1 0 FULL/ - 00:00:31 192.168.1.1 GigabitEthernet0/0
How must OSPF be configured on the GigabitEthernet0/0 interface of the neighbor device to achieve the desired neighbor
relationship?
A. Router(config)#interface GigabitEthernet 0/0

Router(config-if)#ip ospf 1 area 2
B. Router(config)#interface GigabitEthernet 0/0
Router(config-if)#ip ospf priority 1
C. Router(config)#interface GigabitEthernet 0/0
Router(config-if)#ip ospf network point-to-point
D. Router(config)#interface GigabitEthernet 0/0
Router(config-if)#ip ospf cost 5
Explanation
We see the desired neighbor relationship does not have DR/BDR so we have to set the network type to “point-to-point”.
Question 61
A multivendor network exists and the company is implementing VoIP over the network for the first time. Which
configuration is needed to implement the neighbor discovery protocol on the interface and allow it to remain off for the
remaining interfaces?
A. SW1(config)#no cdp run
SW1(config)#interface gigabitethernet1/0/1
SW1(config-if)#lldp transmit
SW1(config-if)#lldp receive
B. SW1(config)#lldp run
SW1 (config)#interface gigabitethernet1/0/1
SW1(config-if)#lldp enable
C. SW1(config)#lldp enable
SW1(config)#interface gigabitethernet1/0/1
SW1(config-if)#lldp run
D. SW1(config)#no cdp enable
SW1 (config)#interface gigabitethernet1/0/1
SW1(config-if)#cdp run
Explanation
There is no totally correct answer. LLDP is disabled by default so in fact we need one additional command to enable LLDP:
SW1(config)# lldp run
But this answer is still the best choice as we have to disable neighbor discovery protocol for the remaining interfaces with the
"no cdp run" command (not "no cdp enable").
Question 62
What is a practice that protects a network from VLAN hopping attacks?
A. Assign all access ports to VLANs other than the native VLAN.
B. Implement port security on internet-facing VLANs.
C. Enable dynamic ARP inspection.
D. Configure an ACL to prevent traffic from changing VLANs.
Explanation
VLAN Hopping: By altering the VLAN ID on packets encapsulated for trunking, an attacking device can send or receive
packets on various VLANs, bypassing Layer 3 security measures. VLAN hopping can be accomplished by switch spoofing or
double tagging. One of a popular type of VLAN Hopping is
Double-Tagging attack:
In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk
port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN
10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives
the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker. In other words, this
attack is only successful if the attacker belongs to the native VLAN of the trunk link. Another important point is, this attack is
strictly one way as it is impossible to encapsulate the return packet.
To mitigate this type of attack, we can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We
can use VACL to drop attacker traffic to specific victims/servers); or implement Private VLANs; or keep the native VLAN of all
trunk ports different from user VLANs.
Question 63
Refer to the exhibit. An engineer configured the New York router with static routes that point to the Atlanta and
Washington sites. Which command must be configured on the Atlanta and Washington routers so that both sites are able
to reach the loopback2 interface on the New York router?
Configured router IPv6 interfaces:
New York:
Atlanta: Washington:
S0/0/0: 2012::2/126
S0/0/0: 2012::1/126 S0/0/0: 2023::3/126
S0/0/1: 2023::2/126
Loopback1: 2000::1/128 Loopback3: 2000::3/128
Loopback2:2000::2/128
A. ipv6 route ::/0 Serial 0/0/1
B. ipv6 route 0/0 Serial 0/0/0
C. ip route 0.0.0.0.0.0.0.0 Serial 0/0/0
D. ipv6 route ::/0 Serial 0/0/0
E. ipv6 route ::/0 2000::2
Explanation
The short syntax of static IPv6 route is:
ipv6 route <destination-IPv6-address> {next-hop-IPv6-address | exit-interface}
Therefore we must configure exit interfaces on Atlanta and Washington routers (their S0/0/0 interfaces) or the next hop IPv6
addresses (which are the IPv6 addresses of S0/0/0 – 2012::2 for Atlanta side and S0/0/1 2023::2 for Washington side).
Note: In an access list, 0.0.0.0/0 is “all possible IPv4 addresses” while ::/0 is the IPv6 equivalent of that.
Question 64
The DHCP server is configured with a DHCP pool for each of the subnets represented. Which command must be
configured on switch SW1 to allow DHCP clients on VLAN 10 to receive dynamic IP addresses from the DHCP server?
A. SW1(config-if)#ip helper-address 192.168.10.1
B. SW1(config-if)#ip helper-address 192.168.20.2
C. SW1(config-if)#ip helper-address 192.168.10.2
D. SW1(config-if)#ip helper-address 192.168.20.1
Question 65
An engineer is updating the R1 configuration to connect a new server to the management network. The PCs on the
management network must be blocked from pinging the default gateway of the new server. Which command must be
configured on R1 to complete the task?
A. R1(config)#ip route 172.16.2.2 255.255.255.248 gi0/1

B. R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.1.15
C. R1(config)#ip route 172.16.2.0 255.255.255.0 192.168.1.5
D. R1(config)#ip route 172.16.2.2 255.255.255.255 gi0/0
Explanation
By only configuring static route to the host New Server, we also don’t allow PC1 & PC2 ping to R2 Gi0/0 (default gateway of
New Server).
Question 66
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
3ffe:e54d:620:a87a::f00d Global unicast

Link-Local unicast fe80::a00:23ff:feeb:89aa
Multicast fd6d:c83b:5cef:b6b2::1
Unique Local ff05::1:3
Explanation
Answer:
Global unicast: 3ffe:e54d:620:a87a::f00d

Link-Local unicast: fe80::a00:23ff:feeb:89aa
Multicast: ff05::1:3
Unique Local: fd6d:c83b:5cef:b6b2::1
Question 67
Which REST method updates an object in the Cisco DNA Center Intent API?
A. POST
B. PUT
C. CHANGE
D. UPDATE
Explanation
The RESTful Cisco DNA Center Intent API uses HTTPS verbs (GET, POST, PUT, and DELETE) with JSON structures to
discover and control the network.
Reference: https://developer.cisco.com/docs/dna-center/#!cisco-dna-center-platform-overview/intent-api-northbound
Question 68
Drag and drop the TCP/IP protocols from the left onto their primary transmission protocols on the right
example: 136245 (which means 136 for first group, 245 for second group).
Explanation
Answer:
TCP:
+ SMTP
+ HTTP
+ Telnet
UDP:
+ DNS
+ SNMP
+ RTP
Question 69
Why would a network administrator choose to implement automation in a network environment?
A. to implement centralized user account management

B. to simplify the process of maintaining a consistent configuration state across all devices
C. to deploy the management plane separately from the rest of the network
D. to centralize device information storage
Question 70
Which two actions are taken as the result of traffic policing? (Choose two)
A. remarking
B. buffering
C. dropping
D. fragmentation
E. bursting
Explanation
Policing: is used to control the rate of traffic flowing across an interface. During a bandwidth exceed (crossed the maximum
configured rate), the excess traffic is generally dropped or remarked. The result of traffic policing is an output rate that appears as
a saw-tooth with crests and troughs. Traffic policing can be applied to inbound and outbound interfaces. Unlike traffic shaping,
QoS policing avoids delays due to queuing. Policing is configured in bytes.
QoS Traffic Shaping do not support Marking or Remarking again. This is done only with Traffic Policing.
Reference: https://ipcisco.com/lesson/policing-and-shaping/
Note: In policing, remarking the packets that exceed the CIR is an alternative to simply dropping them.
Question 71
The address block 192.168.32.0/24 must be subnetted into smaller networks. The engineer must meet these requirements:
* Create 8 new subnets
* Each subnet must accommodate 30 hosts
* Interface VLAN 10 must use the last usable IP in the first new subnet
* A Layer 3 interface is used
Which configuration must be applied to the interface?
A. no switchport
ip address 192.168.32.30 255.255.255.224
B. no switchport mode access
ip address 192.168.32.62 255.255.255.240
C. switchport
ip address 192.168.32.65 255.255.255.240
D. no switchport mode trunk
ip address 192.168.32.97 255.255.255.224
Explanation
8 new subnets -> 8 = 23. Therefore the subnet mask is 255.255.255.224 (224 in decimal = 1110 0000 in binary) and each new
subnet consists of 25 – 2 = 30 hosts.
“Interface VLAN 10 must use the last usable IP in the first new subnet” -> The first new subnet is 192.168.32.0/27 ( increment:
32) so it ranges from 192.168.32.0 to 192.168.32.31) so the last usable IP is 192.168.32.30. Therefore we must assign IP address
192.168.32.20/27 to interface VLAN 10.
Question 72
Gateway of last resort is 172.16.2.2 to network 0.0.0.0

C 10.10.10.0/24 is directly connected, GigabitEthernet0/0/0
L 10.10.10.3/32 is directly connected, GigabitEthernet0/0/0
S 172.16.1.33/32 is directly connected, GigabitEthernet0/0/1
C 172.16.2.0/23 is directly connected, GigabitEthernet0/0/1
L 172.16.2.1/32 is directly connected, GigabitEthernet0/0/1
S* 0.0.0.0/0 [1/0] via 172.16.2.2
A packet sourced from 10.10.10.1 is destined for 172.16.3.254. What is the subnet mask of the destination route?
A. 255.255.255.255
B. 255.255.255.0
C. 0.0.0.0
D. 255.255.254.0
Explanation
The packet destined for 172.16.3.254 will be routed via the entry "C 172.16.2.0/23 ..." as this subnet ranges from 172.16.2.0 to
172.16.3.255.
Question 73
What occurs to frames during the process of frame flooding?
A. Frames are sent to every port on the switch in the same VLAN except from the originating port
B. Frames are sent to all ports, including those that are assigned to other VLANs
C. Frames are sent to every port on the switch that has a matching entry in MAC address table
D. Frames are sent to every port on the switch in the same VLAN
Question 74
Which command verifies whether any IPv6 ACLs are configured on a router?
A. show ipv6 access-list

B. show ipv6 route
C. show ipv6 interface
D. show access-list
Question 75
A network engineer must configure the router R1 GigabitEthernet1/1 interface to connect to the router R2
GigabitEthernet1/1 interface. For the configuration to be applied the engineer must compress the address
2001:0db8:0000:0000:0500:000a:400F:583B. Which command must be issued on the interface?
A. ipv6 address 2001:db8::500:a:400F:583B

B. ipv6 address 2001 db8:0::500:a:4F:583B
C. ipv6 address 2001::db8:0000::500:a:400F:583B
D. ipv6 address 2001:0db8::5:a:4F:583B
Question 76
Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?
switch(config)#interface gigabitEthernet 1/11

switch(config-if)#switchport mode access
switch(config-if)#spanning-tree portfast
switch(config-if)#spanning-tree bpduguard enable
A. The port immediately transitions to STP forwarding
B. The port goes into error-disable state
C. The port transitions to STP blocking
D. The port transitions to the root port
Explanation
BPDU Guard feature allows STP to shut an access port in the event of receiving a BPDU and put that port into err-disabled
state.
Question 77
What are two characteristics of a public cloud implementation? (Choose two)
A. It supports network resources from a centralized third-party provider and privately-owned virtual resources
B. It is owned and maintained by one party, but it is shared among multiple organizations
C. It provides services that are accessed over the Internet
D. It is a data center on the public Internet that maintains cloud services for only one company
E. It enables an organization to fully customize how it deploys network resources
Explanation
Public clouds are managed by a third-party cloud provider. Public cloud computing resources are shared among multiple
customers, unlike private clouds.
Question 78
What is represented by the word “ge3/36” within this JSON schema?

1 [
2 {'VPN concentrator': 'VPN36', 'interface':'ge3/36'},
3 {'load balancer': 'LB33', 'interface':'te7/10'},
4 {'switch': 'SW31', 'interface':'fe2/25'},
5 ]
A. array
B. value
C. object
D. key
Explanation
JSON syntax structure:
+ A key/value pair consists of a key (must be a string in double quotation marks ''), followed by a colon :, followed by a value.
For example: “name”:”John”
Therefore in this question, “interface” is the key while “ge3/36” is the value.
Question 79
A network engineer must update the configuration on Switch2 so that it sends LLDP packets every minute and the
information sent via LLDP is refreshed every 3 minutes. Which configuration must the engineer apply?
A. Switch2(config)#lldp timer 60
Switch2(config)# lldp tlv-select 180
B. Switch2(config)#lldp timer 60
Switch2(config)#lldp holdtime 180
C. Switch2(config)#lldp timer 1
Switch2(config)#lldp holdtime 3
D. Switch2(config)#lldp timer 1
Switch2(config)#lldp tlv-select 3
Explanation
+ lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before
discarding it
+ lldp timer rate: Set the sending frequency of LLDP updates in seconds
+ lldp tlv-select command. This will specify the LLDP TLVs to send or receive.
Question 80
Refer to the exhibit. Which two configurations would be used to create and apply a standard access list on R1, so that
only the 10.0.70.0/25 network devices are allowed to access the internal database server? (Choose two)
A. R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127
B. R1(config)# access-list 5 permit any

C. R1(config)# interface Serial0/0/0
R1(config-if)# ip access-group 5 in
D. R1(config)# access-list 5 permit 10.0.54.0 0.0.1.255
E. R1(config)# interface GigabitEthernet0/0

R1(config-if)# ip access-group 5 out
Question 81
After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC to connect wireless
clients on a specific VLAN based on their credentials?
A. Enable the Authorized MIC APs against auth-list or AAA.

B. Enable the Event Driven RRM.
C. Enable the allow AAA Override
D. Disable the LAG Mode or Next Reboot.
Explanation
Dynamic VLAN assignment is one such feature that places a wireless user into a specific VLAN based on the credentials
supplied by the user. This task of assigning users to a specific VLAN is handled by a RADIUS authentication server, such as
Cisco ISE. This can be used, for example, to allow the wireless host to remain on the same VLAN as it moves within a campus
network.
In order to accomplish dynamic VLAN assignment with WLCs based on ISE to AD group mapping, these steps must be
performed:
+ ISE to AD integration and configuration of authentication and authorization policies for users on ISE
+ WLC configuration to support dot1x authentication and AAA override for SSID ‘office_hq’
+ End client supplicant configuration
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/99121-vlan-acs-ad-
config.html
Question 82
Drag and drop the IPv6 address details from the left onto the corresponding types on the right.
example: 134526 (which means 13 for first group, 45 for second group and 26 for third group).
Explanation
An anycast address must be assigned to a router not a host and cannot be used as a source address.
Question 83
A network administrator must enable DHCP services between two sites. What must be configured for the router to pass
DHCPDISCOVER messages on to the server?
A. DHCP Binding
B. DHCP Snooping
C. a DHCP Pool
D. a DHCP Relay Agent
Explanation
If the DHCP Server is not on the same subnet with the DHCP Client, we need to configure the router on the DHCP client side to
act as a DHCP Relay Agent so that it can forward DHCP messages between the DHCP Client & DHCP Server. To make a router
a DHCP Relay Agent, simply put the “ip helper-address <IP-address-of-DHCP-Server>” command under the interface that
receives the DHCP messages from the DHCP Client.
As we know, router does not forward broadcast packets (it drops them instead) so DHCP messages like DHCPDISCOVER
message will be dropped. But with the “ip helper-address …” command, the router will accept that broadcast message and cover
it into a unicast packet and forward it to the DHCP Server. The destination IP address of the unicast packet is taken from the “ip
helper-address …” command.
Question 84

interface FastEthernet0/10
description WAN_INTERFACE
ip address 10.0.1.2 255.255.255.252
ip access-group 100 in
!
interface FastEthernet0/1
description LAN INTERFACE
ip address 10.148.2.1 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
!
access-list 100 permit eigrp any any
access-list 100 permit icmp any any
access-list 100 permit tcp 10.149.3.0 0.0.0.255 host 10.0.1.2 eq 22
access-list 100 permit tcp any any eq 80
access-list 100 permit tcp any any eq 443
access-list 100 deny ip any any log
Which configuration enables DHCP addressing for hosts connected to interface FastEthernet0/1 on router R4?
A. interface FastEthernet0/0
ip helper-address 10.0.1.1
!
access-list 100 permit host 10.0.1.1 host 10.148.2.1 eq bootps
B. interface FastEthernet0/1
!
access-list 100 permit tcp host 10.0.1.1 eq 67 host 10.148.2.1
C. interface FastEthernet0/0
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
D. interface FastEthernet0/1
!
access-list 100 permit udp host 10.0.1.1 eq bootps host 10.148.2.1
Explanation
The "ip helper-address" must be applied under the interface that receives the DHCP messages from the DHCP Client (LAN
interface)
All DHCP packets are UDP so the ACL must allow UDP, not TCP so the ACL must be "access-list 100 permit udp ...".
Question 85
What is the role of disaggregation in controller-based networking?
A. It summarizes the routes between the core and distribution layers of the network topology.
B. It divides the control-plane and data-plane functions.
C. It enables a network topology to quickly adjust from a ring network to a star network
D. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions.
Explanation
Taken literally, “network disaggregation” means to separate the network into its component parts.
Question 86
What is a characteristic of an SSID in wireless networks?
A. prompts a user for a login ID

B. identifies an access point on a WLAN
C. uses policies to prevent unauthorized users
D. associates a name to a WLAN
Question 87
EIGRP: 192.168.12.0/24
RIP: 192.168.12.0/27
OSPF: 192.168.12.0/28
How does the router manage traffic to 192.168.12.16?
A. It chooses the EIGRP route because it has the lowest administrative distance.
B. It chooses the OSPF route because it has the longest prefix inclusive of the destination address.
C. It load-balances traffic between all three routes.
D. It selects the RIP route because it has the longest prefix inclusive of the destination address.
Explanation
The IP address 192.168.12.16 does not belong to OSPF subnet 192.168.12.0/28 (this subnet only ranges from 192.168.12.0 to
192.168.12.15) so RIP route will be selected as the longest prefix match.
Question 88
Which three statements about MAC addresses are correct? (Choose three)
A. The MAC address is also referred to as the IP address

B. To communicate with other devices on a network, a network device must have a unique MAC address
C. The MAC address of a device must be configured in the Cisco IOS CLI by a user with administrative privileges
D. A MAC address contains two main components, the first of which identifies the manufacturer of the
hardware and the second of which uniquely identifies the hardware
E. An example of a MAC address is 0A:26:B8:D6:65:90
F. A MAC address contains two main components, the first of which identifies the network on which the host resides and
the second of which uniquely identifies the host on the network
Question 89
Which of the following is the JSON encoding of a dictionary or hash?
A. {“key”, “value”}
B. [“key”, “value”]
C. (“key”: “value”)
D. {“key”: “value”}
1. ahmed
Question 90
A Cisco engineer must configure a single switch interface to meet these requirements
* accept untagged frames and place them in VLAN 20
* accept tagged frames in VLAN 30 when CDP detects a Cisco IP phone
Which command set must the engineer apply?
A. switchport mode trunk

switchport access vlan 20
switchport voice vlan 30
B. switchport mode dynamic auto
switchport trunk native vlan 20
switchport trunk allowed vlan 30
C. switchport mode dynamic desirable
switchport trunk allowed vlan 30
D. switchport mode access
Explanation
With the configuration in answer A, the data VLAN should be in VLAN 20 and it is sent to the switch untagged while traffic
from the voice VLAN 30 will be tagged.
Question 91
Which device separates networks by security domains?
A. wireless controller
B. firewall
C. intrusion protection system
D. access point
Question 92
SW1#show ip interface brief

Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual down down
SW1#show interface fa0/1 status

Port Name Status Vlan Duplex Speed Type
Fa0/1 notconnect 1 a-full a-100 10/100BaseTX
What is the cause of the issue?
A. shutdown command
B. wrong cable type
C. port security
D. STP
Explanation
The “Status” of fa0/1 is “notconnect” so port security is not the issue or it would show the status of “err-disabled”.
“Shutdown” command is also not the issue as it would show “Administratively down” in the “Status” field of the “show ip
interface brief” command.
With STP, even if the port is in “Block” (BLK) status but it is still in “up/up” state with the “show ip interface brief” command.
With wrong cable type, the port is in “down/down” state, same as there is no connected cable to the port.
Question 93
What is represented by the word “port” within this JSON schema?
1 [
2 {'IDS': 'IPS_pittsburgh', 'port':'te8/30'},
3 {'router': 'R20', 'port':'ge9/23'},
4 {'firewall': 'FW42', 'port':'fe3/24'},
5 ]
A. key
B. value
C. array
D. object
Question 94

Entry #
1 192.168.10.0 255.255.254.0
2 192.168.10.0 255.255.255.192
3 192.168.10.0 255.255.0.0
4 192.168.10.0 255.255.224.0
Which entry is the longest prefix match for host IP address 192.168.10.5?
A. 4
B. 3
C. 2
D. 1
Question 95
A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF. By default, to which type of OSPF
network does this interface belong?
A. point-to-point
B. nonbroadcast
C. point-to-multipoint
D. broadcast
Question 96
A static route must be configured on R86 to forward traffic for the 172.16.34.0/29 network, which resides on R14. Which
command must be used to fulfill the request?
A. ip route 172.16.34.0 255.255.255.248 10.73.65.65

B. ip route 172.16.34.0 255.255.255.224 10.73.65.66
C. ip route 10.73.65.65 255.255.255.248 172.16.34.0
D. ip route 172.16.34.0 0.0.0.7 10.73.65.64
Question 97
What will happen if you configure the logging trap debug command on a router?
A. It causes the router to send all messages to the syslog server
B. It causes the router to send all messages with the severity levels Warning, Error, Critical, and Emergency to
the syslog server
C. It causes the router to stop sending all messages to the syslog server
D. It causes the router to send messages with lower severity levels to the syslog server
Question 98
A Cisco engineer is configuring a factory-default router with these three passwords:

* The user EXEC password for console access is p4ssw0rd1.
* The user EXEC password for Telnet access is s3cr3t2.
* The password for privileged EXEC mode is priv4t3p4ss.
Which command sequence must the engineer configure?
Option A Option B
enable secret priv4t3p4ss enable secret privilege 15 priv4t3p4ss

! !
line con 0 line con 0
password p4ssw0rd1 password p4ssw0rdi
login login
! !
line vty 0 15 line vty 0 15
password s3cr3t2 password s3cr3t2
login login
Option C
Option D
enable secret priv413p4ss
enable secret priv4t3p4ss
!
!
line con 0
line con 0
password login p4ssw0rd1
password p4ssw0rd1
!
!
line vty 0 15
line vty 0 15
password login s3cr3t2
password s3cr3t2
login
A. Option A
B. Option B
C. Option C
D. Option D
Explanation
There is no “enable secret privilege 15 …” command.
If we enter the “enable secret privilege 15 priv4t3p4ss” command then the text “privilege 15 priv4t3p4ss” will be used as
password. In both console and vty line we should use the “login” command to enable password checking.
Question 99
Refer to the exhibit. Router R1 Fa0/0 cannot ping router R3 Fa0/1. Which action must be taken in router R1 to help
resolve the configuration issue?
R2#show ip route
R1#show ip route <output omitted>
<output omitted> Gateway of last resort is not set
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
10.0.0.0/24 is subnetted, 1 subnets C 20.20.20.0 is directly connected, FastEthernet0/1
C 10.10.10.0 is directly connected, FastEthernet0/0 10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0/0
R3#show ip route
<output omitted>
Gateway of last resort is not set

C 20.20.20.0 is directly connected, FastEthernet0/1
S 10.10.10.0 [1/0] via 20.20.20.1
A. set the default network as 20.20.20.0/24

B. configure a static route with Fa0/1 as the egress interface to reach the 20.20.20.0/24 network
C. set the default gateway as 20.20.20.2
D. configure a static route with 10.10.10.2 as the next hop to reach the 20.20.20.0/24 network
Question 100
Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the 192.168.1.0 subnet
from accessing the server at 10.1.1.5:
access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5

Where should the administrator place this ACL for the most efficient use of network resources?
A. inbound on router A Fa0/0

B. outbound on router A Fa0/1
C. outbound on router B Fa0/0
D. inbound on router B Fa0/1
Explanation
By placing the ACL closest to the source, we can reduce unnecessary traffic passing between two routers and the processing time
of the router.
Question 101
Clients on the WLAN are required to use 802.11r. What action must be taken to meet the requirement?
A. Set the Fast Transition option and the WPA gtk-randomize State to disable
B. Enable CCKM under Authentication Key Management
C. Set the Fast Transition option to Enable and enable FT 802.1X under Authentication Key Management
D. Under Protected Management Frames, set the PMF option to Required
Explanation
Configuring 802.11r Fast Transition (GUI)

Procedure
Step 1 Choose WLANs to open the WLANs window.
Step 2 Click a WLAN ID to open the WLANs > Edit window.
Step 3 Choose Security > Layer 2 tab.
Step 4 From the Layer 2 Security drop-down list, choose WPA+WPA2.

The Authentication Key Management parameters for Fast Transition are displayed.
Step 5 From the Fast Transition drop-down list, choose Fast Transition on the WLAN.
Step 6 Check or uncheck the Over the DS check box to enable or disable Fast Transition over a distributed system.
This option is available only if you enable Fast Transition or if Fast Transition is adaptive.
To use 802.11r Fast Transition over-the-air and over-the-ds must be disabled.
Step 7 In the Reassociation Timeout field, enter the number of seconds after which the reassociation attempt of a client to an AP
should time out. The valid range is 1 to 100 seconds.
Note: This option is available only if you enable Fast Transition.
Step 8 Under Authentication Key Management, choose FT 802.1X or FT PSK.
Reference: https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html
Fast BSS Transition (802.11r, often abbreviated to Fast Transition or FT) describes mechanisms by which a mobile device can
reestablish existing security and/or QoS parameters prior to reassociating to a new AP. These mechanisms are referred to as
“fast” because they seek to significantly reduce the length of time that connectivity is interrupted between a mobile device and
Wi-Fi infrastructure when that mobile device is connecting to a new AP. Please note that the process of disconnecting from one
AP and connecting to another AP is formally designated as a “BSS transition”. Therefore, the protocols established by FT apply
to mobile device transitions between APs only within the same mobility domain and within the same ESS (ESS transition is out
of scope for FT)
Reference: https://blogs.cisco.com/networking/what-is-802-11r-why-is-this-important
Question 102
Which network plane is centralized and manages routing decisions?
A. management plane
B. policy plane
C. data plane
D. control plane
May 16th, 2020
tnk you
2. JC
May 24th, 2020
Hi, in the question about Drag and drop the networking parameters from the left on to the correct values on the right with
connection oriented and connection less, I put as a connection oriented SMTP, SSH and FTP and connectionless SNMP,
VoIP and TFTP, I think its the correct answer but you put as I failed, could you check it please?
3. op
May 27th, 2020
Hi,
Question 63
Drag and drop the networking parameters from the left on to the correct values on the right.
Connection_Oriented_Connectionless.jpg
Please type your answer here: 156234 Wrong
What is the correct answer?
4. 9tut
May 27th, 2020
@op, @JC: Thanks for your detection, there was an error with Q.63. We have just updated it so please try again!
5. op
May 28th, 2020
Question 50
Drag and drop the application protocols from the left onto the suitable transport protocols on the right.
TCP_UDP_Protocols_2.jpg
Please type your answer here: 156234 Wrong
Sorry, Still no change !

6. op
May 28th, 2020
Sorry, Q63 is ok now.
But Q50 (they are not same) seems to be wrong too.

SMTP, FTP, SSH uses TCP while SNMP, DHCP, TFTP uses UDP .
Am I correct?
7. 9tut
May 28th, 2020
@op: Thanks for your information, we updated Q50 too!
8. op
May 28th, 2020
Thanks.
9. op
June 1st, 2020
Question 72
Refer to the exhibit. If the network environment is operating normally, which type of device must be connected to interface
FastEthernet 0/1?
ip arp inspection vlan 2-10

interface fastethernet 0/1
ip arp inspection trust
A. access point
B. DHCP client
C. routercorrect
D. PC
Is this answer correct?

Before I did the same question, PC was correct.
10. 9tut
June 1st, 2020
@op: We have just updated this question. Answer “C. router” is correct.
11. op
June 1st, 2020
Can you pl give some explanation?
12. op
June 3rd, 2020
Question 82
Refer to the exhibit. What configuration on R1 denies SSH access from PC-1 to any R1 interface and allows all other
traffic?
access_list_ssh.jpg
A. access-list 100 deny tcp host 172.16.1.33 any eq 23

line vty 0 15
access-class 100 in
B. access-list 100 deny tcp host 172.16.1.33 any eq 22
interface GigabitEthernet0/0
wrong
C. access-list 100 deny tcp host 172.16.1.33 any eq 22
correct
D. line vty 0 15
access-class 100 in
access-list 100 deny tcp host 172.16.1.33 any eq 23
interface GigabitEthernet0/0
Is this correct?
13. Pawel
June 3rd, 2020
@9tut
There is something wrong with 102q test – I had only 1 mistake but score was only 93% – some of the correct answers
doesn’t count or something. (I think the new ones because I didn’t had any problem before update)
14. JH
June 5th, 2020
@op: yes it is.

Extendend Access List , Port 22 is SSH : So it only blocks SSH traffic witch is tcp from PC-1 with IP 172.16.1.33
15. TheMattMeister
June 6th, 2020
Hey all,
just passed exam with a 963/1000! if you can knock out the 102 composite quiz with an A several times (i think i ended up
running through it 10 times), i’m sure you can pass this test. With the exception of a few questions that i’ve either just seen
less or were just new, the test is identical.
good luck!
16. Mah
June 6th, 2020
Hi @9tut,
Im sorry to ask, can you kindly explain Q13 I think the answer is 10.4.4.4 which is C Please?
Why ia the answer is D?
17. 9tut
June 7th, 2020
@Mah: Could you please post that question here as the questions in the Composite Quizzes are shuffled each time you
take the quiz?
Comments are closed.
Composite Quiz 20 Questions CCNAv7 (2020) – New Questions Part 2 Question 38 to 43
Premium Member Zone

Welcome Ulrich AGBIMADOU!
Welcome Premium Member

CCNA – New Questions Part 5
Composite Quizzes
IP Services Sim
IP Services Sim Version 2
Static Routing Configuration Sim
Static Routing Configuration Sim 2
OSPF Configuration Sim
LACP Configuration Sim
Voice VLAN Configuration Sim
VLAN and Trunking Configuration Sim
IPv4 and IPv6 Connectivity Sim
Named Access-list & Port Security Sim
Named Access-list & DHCP Snooping Sim
Logout
CCNA 200-301
Basic Questions
Topology Architecture Questions
Cloud & Virtualization Questions
CDP & LLDP Questions
Switch Questions
VLAN & Trunking Questions
VLAN & Trunking Questions 2
STP & VTP Questions
EtherChannel Questions
TCP & UDP Questions
IP Address & Subnetting Questions
IP Routing Questions
IP Routing Questions 2
OSPF Questions
OSPF Questions 2
EIGRP Questions
NAT Questions
NTP Questions
Syslog Questions
HSRP Questions
Access-list Questions
AAA Questions
Security Questions
Security Questions 2
DAI Questions
IPv6 Questions
DNS Questions
QoS Questions
Port Security Questions
Wireless Questions
Wireless Questions 2
SDN Questions
DNA Center Questions
Drag Drop Questions
Drag Drop Questions 2
Drag Drop Questions 3
VPN Questions
DHCP Questions
Automation Questions
Miscellaneous Questions
CCNA FAQs & Tips
Share your CCNA Experience
CCNA Self-Study
Practice CCNA GNS3 Labs
CCNA Knowledge
CCNA Lab Challenges
Puppet Tutorial
Chef Tutorial
Ansible Tutorial
JSON Tutorial
Layer 2 Threats and Security Features
AAA TACACS+ and RADIUS Tutorial
STP Root Port Election Tutorial
GRE Tunnel Tutorial
Basic MPLS Tutorial
TCP and UDP Tutorial
Border Gateway Protocol BGP Tutorial
Point to Point Protocol (PPP) Tutorial
WAN Tutorial
DHCP Tutorial
Simple Network Management Protocol SNMP Tutorial
Syslog Tutorial
Gateway Load Balancing Protocol GLBP Tutorial
EtherChannel Tutorial
Hot Standby Router Protocol HSRP Tutorial
InterVLAN Routing Tutorial
Cisco Command Line Interface CLI
Cisco Router Boot Sequence Tutorial
OSI Model Tutorial
Subnetting Tutorial – Subnetting Made Easy
Frame Relay Tutorial
Wireless Tutorial
Virtual Local Area Network VLAN Tutorial
VLAN Trunking Protocol VTP Tutorial
IPv6 Tutorial
Rapid Spanning Tree Protocol RSTP Tutorial
Spanning Tree Protocol STP Tutorial
Network Address Translation NAT Tutorial
Access List Tutorial
RIP Tutorial
EIGRP Tutorial
OSPF Tutorial
Network Resources
Free Router Simulators
CCNA Website
ENCOR Website
ENSDWI Website
ENARSI Website
DevNet Website
CCIE R&S Website
Security Website
Wireless Website
Design Website
Data Center Website
Service Provider Website
Collaboration Website
Top
Copyright © 2021 CCNA Training

Site Privacy Policy. Valid XHTML 1.1 and CSS 3.H

Composite Quiz 102 Questions: Type Text To Search Here..

Uploaded by

Copyright:

Available Formats

Composite Quiz 102 Questions: Type Text To Search Here..

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Composite Quiz 102 Questions: Type Text To Search Here..

Uploaded by

Copyright:

Available Formats

06/08/2023 00:31 CCNA Training » Composite Quiz 102 Questions

Type text to search here...

Composite Quiz 102 Questions

Result of Composite Quiz 102 Questions:

You failed :( but surely you will do it better next time!

Your answers are shown below:

Which functionality is provided by the console connection on a Cisco WLC?

A. HTTP-based GUI connectivity

Refer to the exhibit.

Switch#show etherchannel summary

Group Port-channel Protocol Ports

A. int range g0/0-1

What is the purpose of the ip address dhcp command?

A. to configure an interface as a DHCP server

A. Police traffic that is sent to the edge of the network

Considerations at the core layer include

What are two descriptions of three-tier network topologies? (Choose two)

A. The core layer maintains wired connections for each host

What is the primary purpose of a First Hop Redundancy Protocol?

Refer to the exhibit.

A. Check the Guest User Role check box

Which function is performed by the collapsed core layer in a two-tier architecture?

A. attaching users to the edge of the network

A. Artificial intelligence identifies and prevents potential design failures

What is the benefit of using FHRP?

A. reduced management overhead on network routers

Refer to the exhibit.

What are two characteristics of an SSID? (Choose two)

A. It uniquely identifies an access point in a WLAN

A. assigns DNS locally and then forwards request to DHCP server

A. different overlapping channels

Refer to the exhibit.

Which switch becomes the root bridge?

Well-known multicast addresses have the prefix ff00::/12.

is waiting to hear from the neighbor device Learn

How must the interconnecting ports be configured?

A. switchport mode dynamic

"Using an industry-standard trunking protocol" so we have to use 802.1Q, not ISL.

A. handling the association, authentication, and roaming of wireless clients

Please type your answer here: 1426 (correct answer: 4523)

Refer to the exhibit.

A. Internet Group Management Protocol

Restrictions for Cisco Discovery Protocol

collection of actions to perform on target devices, expressed in YAML format playbook

Once Ansible is installed, it creates several text files:

A. ipv6 address 2001:EB8:C1:2200:1::331/64

Refer to the exhibit. Which command provides this output?

Capability Codes: k - Router, I - Trans Bridge, B - source Route bridge

Refer to the exhibit.

Which remote access protocol provides unsecured remote CLI access?

Which interface is used to send traffic to the destination network?

O 10.139.120.253/29 [110/9443] via G0/20

A. attempts to query a DNS server on the network.

R1#show ip route | begin gateway

Gateway of last resort is 209.165.200.246 to network 0.0.0.0

Which is a fact related to FTP?

A. It uses two separate connections for control and data traffic

Supports a maximum data rate of 11 Mbps 802.11ac