$0.00
Cisco 200-301 Dumps

Cisco 200-301 Exam Dumps

Cisco Certified Network Associate

Total Questions : 959
Update Date : October 01, 2024
PDF + Test Engine
$65.5 $95.5
Test Engine
$55.5 $85.5
PDF Only
$45 $75



Last Week 200-301 Exam Results

168

Customers Passed Cisco 200-301 Exam

98%

Average Score In Real 200-301 Exam

99%

Questions came from our 200-301 dumps.



Choosing the Right Path for Your 200-301 Exam Preparation

Welcome to PassExamHub's comprehensive study guide for the Cisco Certified Network Associate exam. Our 200-301 dumps is designed to equip you with the knowledge and resources you need to confidently prepare for and succeed in the 200-301 certification exam.

What Our Cisco 200-301 Study Material Offers

PassExamHub's 200-301 dumps PDF is carefully crafted to provide you with a comprehensive and effective learning experience. Our study material includes:

In-depth Content: Our study guide covers all the key concepts, topics, and skills you need to master for the 200-301 exam. Each topic is explained in a clear and concise manner, making it easy to understand even the most complex concepts.
Online Test Engine: Test your knowledge and build your confidence with a wide range of practice questions that simulate the actual exam format. Our test engine cover every exam objective and provide detailed explanations for both correct and incorrect answers.
Exam Strategies: Get valuable insights into exam-taking strategies, time management, and how to approach different types of questions.
Real-world Scenarios: Gain practical insights into applying your knowledge in real-world scenarios, ensuring you're well-prepared to tackle challenges in your professional career.

Why Choose PassExamHub?

Expertise: Our 200-301 exam questions answers are developed by experienced Cisco certified professionals who have a deep understanding of the exam objectives and industry best practices.
Comprehensive Coverage: We leave no stone unturned in covering every topic and skill that could appear on the 200-301 exam, ensuring you're fully prepared.
Engaging Learning: Our content is presented in a user-friendly and engaging format, making your study sessions enjoyable and effective.
Proven Success: Countless students have used our study materials to achieve their 200-301 certifications and advance their careers.
Start Your Journey Today!

Embark on your journey to Cisco Certified Network Associate success with PassExamHub. Our study material is your trusted companion in preparing for the 200-301 exam and unlocking exciting career opportunities.


Related Exams


Cisco 200-301 Sample Question Answers

Question # 1

An on-site service desk technician must verify the IP address and DNS server informationon a users Windows computer. Which command must the technician enter at the commandprompt on the user's computer?

A. ipconfig /all
B. ifconfig -a
C. show interface
D. netstat -r



Question # 2

What is the default port-security behavior on a trunk link?

A. It causes a network loop when a violation occurs.
B. It disables the native VLAN configuration as soon as port security is enabled.
C. It places the port in the err-disabled state if it learns more than one MAC address.
D. It places the port in the err-disabled slate after 10 MAC addresses are statically configured.



Question # 3

Which enhancements were implemented as part of WPA3?

A. 802.1x authentication and AES-128 encryption
B. TKIP encryption improving WEP and per-packet keying
C. AES-64 m personal mode and AES-128 in enterprise mode
D. forward secrecy and SAE in personal mode for secure initial key exchange



Question # 4

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two)

A. ::ffif 1014 1011/96
B. 2001 7011046:1111:1/64
C. ;jff06bb43cd4dd111bbff02 4545234d
D. 2002 5121204b 1111:1/64
E. FF02::0WlFF00:0l)00/104



Question # 5

Which functionality is provided by the console connection on a Cisco WLC?

A. out-of-band management
B. secure in-band connectivity for device administration
C. unencrypted in-band connectivity for file transfers
D. HTTP-based GUI connectivity



Question # 6

To improve corporate security, an organization is planning to implement badgeauthentication to limit access to the data center. Which element of a security program isbeing deployed?

A. user training
B. user awareness
C. vulnerability verification
D. physical access control



Question # 7

A WLC sends alarms about a rogue AP, and the network administrator verifies that thealarms are caused by a legitimate autonomous AP.

A. Place the AP into manual containment.
B. Remove the AP from WLC management.
C. Manually remove the AP from Pending state.
D. Set the AP Class Type to Friendly.



Question # 8

What is the role of community strings in SNMP operations?

A. It serves as a sequence tag on SNMP traffic messages.
B. It serves as a password lo protect access to MIB objects.
C. It passes the Active Directory username and password that are required for device access
D. It translates alphanumeric MIB output values to numeric values.



Question # 9

What happens when a switch receives a frame with a destination MAC address that recently aged out?

A. The switch references the MAC address aging table for historical addresses on the port that received the frame.
B. The switch floods the frame to all ports in all VLANs except the port that received the frame
C. The switch drops the frame and learns the destination MAC address again from the port that received the frame
D. The switch floods the frame to all ports in the VLAN except the port that received the frame.



Question # 10

Which two server types support dornas name to IP address resolution? (Choose two >

A. ESX host
B. resolver
C. web
D. file transfer
E. authentication



Question # 11

What is used as a solution for protecting an individual network endpoint from attack?

A. Router
B. Wireless controller
C. Anti software
D. Cisco DNA Center



Question # 12

Which capability does TFTP provide?

A. loads configuration files on systems without data storage devices
B. provides authentication for data communications over a private data network
C. provides encryption mechanisms for file transfer across a WAN
D. provides secure file access within the LAN



Question # 13

A network engineer must configure an interface with IP address 10.10.10.145 and a subnetmask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask mustthe engineer use?

A. /29
B. /30
C. /27
D. /28



Question # 14

What is a feature of WPA?

A. 802.1x authentication
B. preshared key
C. TKIP/MIC encryption
D. small Wi-Fi application



Question # 15

Which interface IP address serves as the tunnel source for CAPWAP packets from the WLC to an AP?

A. service
B. trunk
C. AP-manager
D. virtual AP connection



Question # 16

Refer to the exhibit. User traffic originating within site 0 is failing to reach an applicationhosted on IP address 192.168 0 10. Which is located within site A What is determined bythe routing table?

A. The default gateway for site B is configured incorrectly
B. The lack of a default route prevents delivery of the traffic
C. The traffic is blocked by an implicit deny in an ACL on router2
D. The traffic to 192 168 010 requires a static route to be configured in router 1.



Question # 17

What is the functionality of the Cisco DNA Center?

A. data center network pokey con
B. console server that permits secure access to all network devices
C. IP address cool distribution scheduler
D. software-defined controller for automaton of devices and services



Question # 18

In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?

A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet



Question # 19

In which circumstance would a network architect decide to implement a global unicastsubnet instead of a unique local unicast subnet?

A. when the subnet must be available only within an organization
B. when the subnet does not need to be routable
C. when the addresses on the subnet must be equivalent to private IPv4 addresses
D. when the subnet must be routable over the internet



Question # 20

Refer to the exhibit.When router R1 receives a packet with destination IP address 10.56.0 62. through whichinterface does it route the packet?

A. Null0
B. VIan58
C. Vlan60
D. VIan59



Question # 21

What is the role of SNMP in the network?

A. to monitor network devices and functions using a TCP underlay that operates on the presentation layer
B. to collect data directly from network devices using an SSL underlay that operates on the transport layer
C. to monitor and manage network devices using a UDP underlay that operates on the application layer
D. to collect telemetry and critical information from network devices using an SSH underlay that operates on the network layer



Question # 22

Which command do you enter so that a switch configured with Rapid PVST + listens andlearns for a specific time period?

A. switch(config)#spanning-tree vlan 1 max-age 6
B. switch(config)#spanning-tree vlan 1 hello-time 10
C. switch(config)#spanning-tree vlan 1 priority 4096
D. switch(config)#spanning-tree vlan 1 forward-time 20



Question # 23

Which interface or port on the WLC is the default for in-band device administration and communications between the controller and access points? 

A. virtual interface
B. management interface
C. console port
D. service port



Question # 24

Company has decided to require multifactor authentication for all systems. Which set ofparameters meets the requirement?

A. personal 10-digit PIN and RSA certificate
B. complex password and personal 10-digit PIN
C. password of 8 to 15 characters and personal 12-digit PIN
D. fingerprint scanning and facial recognition



Question # 25

A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)

A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh



Question # 26

A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)

A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh



Question # 27

A network engineer is replacing the switches that belong to a managed-services client withnew Cisco Catalyst switches. The new switches will be configured for updated securitystandards, including replacing Telnet services with encrypted connections and doubling themodulus size from 1024. Which two commands must the engineer configure on the newswitches? (Choose two.)

A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh



Question # 28

Which type of IPv4 address type helps to conserve the globally unique address classes?

A. multicast
B. private
C. loopback
D. public



Question # 29

Which interface is used for out-of-band management on a WLC?

A. dynamic
B. service port
C. virtual
D. management



Question # 30

Which benefit does Cisco ONA Center provide over traditional campus management?

A. Cisco DNA Center leverages SNMPv3 tor encrypted management, and traditionalcampus management uses SNMPv2.
B. Cisco DNA Center automates HTTPS for secure web access, and traditional campusmanagement uses HTTP.
C. Cisco DNA Center leverages APIs, and traditional campus management requiresmanual data gathering.
D. Cisco DNA Center automates SSH access for encrypted entry, and SSH Is absent fromtraditional campus management.



Question # 31

What is a function of an endpoint?

A. It is used directly by an individual user to access network services
B. It passes unicast communication between hosts in a network
C. It transmits broadcast traffic between devices in the same VLAN
D. It provides security between trusted and untrusted sections of the network.



Question # 32

What describes the functionality of southbound APIs?

A. They use HTTP messages to communicate.
B. They enable communication between the controller and the network device.
C. They convey information from the controller to the SDN applications.
D. They communicate with the management plane.



Question # 33

What is used to identify spurious DHCP servers?

A. DHCPREQUEST
B. DHCPDISCOVER
C. DHCPACK
D. DHCPOFFER



Question # 34

Which command implies the use of SNMPv3?

A. snmp-server host
B. snmp-server community
C. snmp-server enable traps
D. snmp-server user



Question # 35

What are two features of the DHCP relay agent? (Choose two.)

A. assigns DNS locally and then forwards request to DHCP server
B. permits one IP helper command under an individual Layer 3 interface
C. allows only MAC-to-IP reservations to determine the local subnet of a client
D. minimizes the necessary number of DHCP servers
E. configured under the Layer 3 interface of a router on the client subnet



Question # 36

What is a characteristics of a collapsed-core network topology?

A. It allows the core and distribution layers to run as a single combined layer.
B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel.
C. It enables all workstations in a SOHO environment to connect on a single switch with internet access.
D. It allows wireless devices to connect directly to the core layer, which enables faster data transmission.



Question # 37

What is an advantage of using auto mode versus static mode for power allocation when anaccess point is connected to a PoE switch port?

A. All four pairs of the cable are used
B. It detects the device is a powered device
C. The default level is used for the access point
D. Power policing is enabled at the same time



Question # 38

What is the operating mode and role of a backup port on a shared LAN segment in Rapid PVST+?

A. forwarding mode and provides the lowest-cost path to the root bridge for each VLAN
B. learning mode and provides the shortest path toward the root bridge handling traffic away from the LAN
C. blocking mode and provides an alternate path toward the designated bridge
D. listening mode and provides an alternate path toward the root bridge



Question # 39

What is the purpose of the Cisco DNA Center controller?

A. to secure physical access to a data center
B. to scan a network and generate a Layer 2 network diagram
C. to securely manage and deploy network devices
D. to provide Layer 3 services to autonomous access points



Question # 40

What provides connection redundancy increased bandwidth and load sharing between a wireless LAN controller and a Layer 2 switch?

A. VLAN trunking
B. tunneling
C. first hop redundancy
D. link aggregation



Question # 41

Why would a network administrator choose to implement automation in a network environment?

A. To simplify the process of maintaining a consistent configuration state across all devices
B. To centralize device information storage
C. To implement centralized user account management
D. To deploy the management plane separately from the rest of the network Answer: A



Question # 42

Which type of hypervisor operates without an underlying OS to host virtual machines?

A. Type 1
B. Type 2
C. Type 3
D. Type 12



Question # 43

What is the function of northbound API?

A. It upgrades software and restores files.
B. It relies on global provisioning and configuration.
C. It supports distributed processing for configuration.
D. It provides a path between an SDN controller and network applications.



Question # 44

Which advantage does the network assurance capability of Cisco DNA Center provide overtraditional campus management?

A. Cisco DNA Center correlates information from different management protocols to obtaininsights, and traditional campus management requires manual analysis.
B. Cisco DNA Center handles management tasks at the controller to reduce the load oninfrastructure devices, and traditional campus management uses the data backbone.
C. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric andnonfabric devices, and traditional campus management uses CLI exclusively.
D. Cisco DNA Center automatically compares security postures among network devices,and traditional campus management needs manual comparisons.



Question # 45

Why would VRRP be implemented when configuring a new subnet in a multivendor environment?

A. when a gateway protocol is required that support more than two Cisco devices for redundancy
B. to enable normal operations to continue after a member failure without requiring a change In a host ARP cache
C. to ensure that the spanning-tree forwarding path to the gateway is loop-free
D. to interoperate normally with all vendors and provide additional security features for Cisco devices



Question # 46

Which IPsec encryption mode is appropriate when the destination of a packet differs from the security termination point?

A. tunnel
B. transport
C. aggressive
D. main



Question # 47

Which two wireless security stewards use Counter Mode Cipher Block Chaining Message Authentication Code Protocol for encryption and data integrity'? (Choose two.

A. WPA2
B. WPA3
C. Wi-Fi 6
D. WEP
E. WPA



Question # 48

Which type of IPv4 address must be assigned to a server to protect it from external access and allow only internal users access while restricting internet access? 

A. global unicast
B. public
C. private
D. multicast



Question # 49

Which type of port is used to connect lo the wired network when an autonomous AP mapstwo VLANs to its WLANs?

A. LAG
B. EtherChannel
C. trunk
D. access



Question # 50

A switch is a forwarding a frame out of an interfaces except the interface that received the frame. What is the technical term for this process?

A. ARP
B. CDP
C. flooding
D. multicast



Question # 51

Which Rapid PVST+ feature should be configured on a switch port to immediately send traffic to a connected server as soon as it is active?

A. BPDU guard
B. loop guard
C. portfast
D. uplinkfast



Question # 52

Which components are contained within a virtual machine?

A. physical resources, including the NIC, RAM, disk, and CPU
B. configuration files backed by physical resources from the Hypervisor
C. applications running on the Hypervisor
D. processes running on the Hypervisor and a guest OS



Question # 53

What is the purpose of configuring different levels of syslog for different devices on the network?

A. to rate-limit messages for different seventy levels from each device
B. to set the severity of syslog messages from each device
C. to identify the source from which each syslog message originated
D. to control the number of syslog messages from different devices that are stored locally



Question # 54

Which WAN topology has the highest degree of reliability?

A. full mesh
B. Point-to-point
C. hub-and-spoke
D. router-on-a-stick



Question # 55

An administrator must use the password complexity not manufacturer-name command toprevent users from adding “cisco” as a password. Which command must be issued beforethis command?

A. Password complexity enable
B. confreg 0x2142
C. Login authentication my-auth-list
D. service password-encryption



Question # 56

What are two protocols within the IPsec suite? (Choose two)

A. AH
B. 3DES
C. ESP
D. TLS
E. AES



Question # 57

What is a reason to implement LAG on a Cisco WLC?

A. Increase the available throughput on the link.
B. Increase security by encrypting management frames
C. Allow for stateful failover between WLCs
D. Enable the connected switch ports to use different Layer 2 configurations



Question # 58

Why is TCP desired over UDP for application that require extensive error checking, such as HTTPS?

A. UDP operates without acknowledgments, and TCP sends an acknowledgment for every packet received.
B. UDP reliably guarantees delivery of all packets, and TCP drops packets under heavy load.
C. UDP uses flow control mechanisms for the delivery of packets, and TCP usescongestion control for efficient packet delivery.
D. UDP uses sequencing data tor packets to arrive in order, and TCP offers trie capabilityto receive packets in random order.



Question # 59

What is a purpose of traffic shaping?

A. It enables dynamic flow identification.
B. It enables policy-based routing.
C. It provides best-effort service.
D. It limits bandwidth usage.



Question # 60

An engineer is configuring a switch port that is connected to a VoIP handset. Whichcommand must the engineer configure to enable port security with a manually assignedMAC address of abod-bod on voice VLAN 4?

A. switchport port-security mac-address abcd.abcd.abcd
B. switchport port-security mac-address abed.abed.abed vlan 4
C. switchport port-security mac-address sticky abcd.abcd.abcd vlan 4
D. switchport port-security mac-address abcd.abcd.abcd vlan voice



Question # 61

How does authentication differ from authorization?

A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.



Question # 62

How does authentication differ from authorization?

A. Authentication verifies the identity of a person accessing a network, and authorizationdetermines what resource a user can access.
B. Authentication is used to record what resource a user accesses, and authorization isused to determine what resources a user can access
C. Authentication is used to determine what resources a user is allowed to access, and authorization is used to track what equipment is allowed access to the network
D. Authentication is used to verify a person's identity, and authorization is used to createsyslog messages for logins.



Question # 63

Which is a fact related to FTP?

A. It uses block numbers to identify and mitigate data-transfer errors
B. It always operates without user authentication
C. It relies on the well-known UDP port 69.
D. It uses two separate connections for control and data traffic



Question # 64

Which two features introduced in SNMPv2 provides the ability to retrieve large amounts ofdata in one request

A. Get
B. GetNext
C. Set
D. GetBulk
E. Inform



Question # 65

Which properly is shared by 10GBase-SR and 10GBase-LR interfaces?

A. Both require fiber cable media for transmission.
B. Both require UTP cable media for transmission.
C. Both use the single-mode fiber type.
D. Both use the multimode fiber type.



Question # 66

How is noise defined in Wi-Fi?

A. ratio of signal-to-noise rating supplied by the wireless device
B. signals from other Wi-Fi networks that interfere with the local signal
C. measured difference between the desired Wi-Fi signal and an interfering Wi-Fi signal
D. any interference that is not Wi-Fi traffic that degrades the desired signal



Question # 67

Which Cisco proprietary protocol ensures traffic recovers immediately, transparently, andautomatically when edge devices or access circuits fail?

A. SLB
B. FHRP
C. VRRP
D. HSRP



Question # 68

A router has two static routes to the same destination network under the same OSPFprocess. How does the router forward packets to the destination if the next-hop devices aredifferent?

A. The router chooses the route with the oldest age.
B. The router load-balances traffic over all routes to the destination.
C. The router chooses the next hop with the lowest MAC address.
D. The router chooses the next hop with the lowest IP address.



Question # 69

When a switch receives a frame for an unknown destination MAC address, how is theframe handled?

A. broadcast to all ports on the switch
B. flooded to all ports except the origination port
C. forwarded to the first available port
D. inspected and dropped by the switch



Question # 70

Which protocol is used in Software Defined Access (SDA) to provide a tunnel between two edge nodes in different fabrics?

A. Generic Router Encapsulation (GRE)
B. Virtual Local Area Network (VLAN)
C. Virtual Extensible LAN (VXLAN)
D. Point-to-Point Protocol



Question # 71

What is the function of "off-the-shell" switches in a controller-based network?

A. providing a central view of the deployed network
B. forwarding packets
C. making routing decisions
D. setting packet-handling policies



Question # 72

What is a characteristic of RSA?

A. It uses preshared keys for encryption
B. It requires both sides to have identical keys
C. It is a private-key encryption algorithm
D. It is a public-key cryptosystem



Question # 73

Refer to the exhibit. IPv6 must be implemented on R1 to the ISP The uplink between R1and the ISP must be configured with a manual assignment, and the LAN interface must beself-provisioned Both connections must use the applicable IPv6 networks Which twoconfigurations must be applied to R1? (Choose two.)

A. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA02:/127
B. interface Gi0/0ipv6 address 2001:db8:1:AFFF::/64 eui-64
C. interface Gi0/1ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA00:/127
D. interface Gi0/0ipv6 address 2001:db8:0:AFFF::/64 eui-64
E. interface Gi0/0ipv6 address 2001:db8:0F1B:FCCB:ACCE:FCED:ABCD:FA03;/127



Question # 74

A network engineer must migrate a router loopback interface to the IPv6 address space. Ifthe current IPv4 address of the interface is 10.54.73.1/32, and the engineer configures IPv6address 0.0.0.0.0:ffff:a36:4901, which prefix length must be used?

A. /64
B. /96
C. /124
D. /128



Question # 75

What should a network administrator consider when deciding to implement automation?

A. Automated systems may have difficulty expanding network changes at scale.
B. Network automation typically is limited to the configuration and management of virtual devices within a network.
C. Network automation typically increases enterprise management operating costs.
D. Manual changes frequently lead to configuration errors and inconsistencies.



Question # 76

What are two reasons lo configure PortFast on a switch port attached to an end host? (Choose two.)

A. to enable the number of MAC addresses learned on the port to l
B. to protect the operation of the port from topology change processes
C. to enable the pod to enter the forwarding state immediately when the host boots up
D. to prevent the port from participating in Spanning Tree Protocol operations
E. to block another switch or host from communicating through the port



Question # 77

When an access point is seeking to join wireless LAN controller, which message is sent tothe AP- Manager interface?

A. Discovery response
B. DHCP request
C. DHCP discover
D. Discovery request



Question # 78

Which WPA mode uses PSK authentication?

A. Local
B. Client
C. Enterprise
D. Personal



Question # 79

A network architect is deciding whether to implement Cisco autonomous access points orlightweight access points. Which fact about firmware updates must the architect consider?Unlike lightweight access points, which require

A. Unlike lightweight access points, which require redundant WLCs to support firmwareupgrades, autonomous access points require only one WLC.
B. Unlike autonomous access points, lightweight access points store a complete copy ofthe current firmware for backup.
C. Unlike lightweight access points, autonomous access points can recover automaticallyfrom a corrupt firmware update.
D. Unlike autonomous access points, lightweight access points require a WLC toimplement remote firmware updates.



Question # 80

What is the temporary state that switch ports always enter immediately after the bootprocess when Rapid PVST+ is used?

A. discarding
B. listening
C. forwarding
D. learning



Question # 81

What is the primary purpose of a console port on a Cisco WLC?

A. In-band management via an asynchronous transport
B. out-of-band management via an IP transport
C. in-band management via an IP transport
D. out-of-band management via an asynchronous transport



Question # 82

Which type of address is shared by routers in a HSRP implementation and used by hostson the subnet as their default gateway address?

A. multicast address
B. loopback IP address
C. virtual IP address
D. broadcast address



Question # 83

A wireless access point is needed and must meet these requirements: • "zero-touch" deployed and managed by a WLC• process only real-time MAC functionality • used in a split-MAC architecture. Which access point type must be used?

A. autonomous
B. lightweight
C. mesh
D. cloud-based



Question # 84

What are two purposes of HSRP? (Choose two.)

A. It groups two or more routers to operate as one virtual router.
B. It improves network availability by providing redundant gateways.
C. It passes configuration information to hosts in a TCP/IP network.
D. It helps hosts on the network to reach remote subnets without a default gateway.
E. It provides a mechanism for diskless clients to autoconfigure their IP parameters during boot.



Question # 85

What does a switch search for in the CAM table when forwarding a frame?

A. source MAC address and aging time
B. destination MAC address and flush time
C. source MAC address and source port
D. destination MAC address and destination port



Question # 86

Which interface enables communication between a program on the controller and a program on the networking devices? 

A. northbound interface 
B. software virtual interface 
C. southbound interface
 D. tunnel Interface 



Question # 87

What is a reason to configure a trunk port that connects to a WLC distribution port? 

A. Eliminate redundancy with a link failure in the data path. 
B. Allow multiple VLAN to be used in the data path. 
C. Provide redundancy if there is a link failure for out-of-band management. 
D. Permit multiple VLANs to provide out-of-band management. 



Question # 88

What is a benefit for external users who consume public cloud resources? 

A. implemented over a dedicated WAN 
B. located in the same data center as the users
C. all hosted on physical servers 
D. accessed over the Internet 



Question # 89

What is a function of the core and distribution layers in a collapsed-core architecture? 

A. The router must use IPv4 and IPv6 addresses at Layer 3. 
B. The core and distribution layers are deployed on two different devices to enable failover. 
C. The router can support HSRP for Layer 2 redundancy in an IPv6 network. 
D. The router operates on a single device or a redundant pair. 



Question # 90

Which remote access protocol provides unsecured remote CLI access? 

A. console
 B. Telnet 
C. Bash 
D. SSH



Question # 91

How does encryption project the wireless network? 

A. via integrity checks to identify wireless forgery attacks in the frame 
B. via specific ciphers to detect and prevent zero-day network attacks 
C. via an algorithm to change wireless data so that only the access point and client understand it 
D. via a policy to prevent unauthorized users from communicating on the wireless network 



Question # 92

Which signal frequency appears 60 times per minute? 

A. 1 Hz signal
 B. 1 GHz signal 
C. 60 Hz signal 
D. 60 GHz signal 



Question # 93

What is a function of MAC address learning? 

A. It is enabled by default on all VLANs and interfaces 
B. It increases the potential for MAC address flooding. 
C. It is disabled by default on all interfaces connected to trunks 
D. lt increases security on the management VLAN 



Question # 94

What is a zero-day exploit? 

A. It is when a new network vulnerability is discovered before a fix is available 
B. It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data. 
C. It is when the network is saturated with malicious traffic that overloads resources and bandwidth 
D. It is when an attacker inserts malicious code into a SOL server. 



Question # 95

A network engineer must configure an interface with IP address 10.10.10.145 and a subnet mask equivalent to 11111111.11111111.11111111.11111000. Which subnet mask must the engineer use?

 A. /29 
B. /30 
C. /27 
D. /28 



Question # 96

What must be considered for a locally switched FlexConnect AP if the VLANs that are used by the AP and client access are different? 

A. The APs must be connected to the switch with multiple links in LAG mode 
B. The switch port mode must be set to trunk 
C. The native VLAN must match the management VLAN of the AP 
D. IEEE 802.10 trunking must be disabled on the switch port.