0% 0 votes, 0 avg 11 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 This quiz randomly generates 60 questions as asked in Cisco CCNA (200-301) Congratulations! CCNA Certification Exam (200-301) This quiz randomly generates 60 questions (in 60 mins) as asked in Cisco Certified Network Associate (CCNA) certification (200-301). The real 200-301 CCNA test has 100-120 questions and a total time of 120 minutes. This test randomly generates 60 questions from our question bank. For best results, practice multiple times until you achieve 100% accuracy. 1 / 65 What will be the result if the following configuration commands are implemented on a Cisco switch? Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address sticky A dynamically learned MAC address is saved in the startup-configuration file. A dynamically learned MAC address is saved in the running-configuration file. A dynamically learned MAC address is saved in the VLAN database. Statically configured MAC addresses are saved in the startup-configuration file if frames from that address are received. Statically configured MAC addresses are saved in the running-configuration file if frames from that address are received. 2 / 65 At which layer of the OSI model does the concept of "Frames" exist? Layer 1 (Physical) Layer 2 (Data Link) Layer 3 (Network) Layer 4 (Transport) Explanation: Layer 1 = Bits Layer 2 = Frames (MAC addressing) Layer 3 = Packets (IP addressing) Layer 4 = Segments (TCP) or Datagrams (UDP) 3 / 65 Two routers named Atlanta and Brevard are connected via their serial interfaces as illustrated, but they are unable to communicate. The Atlanta router is known to have the correct configuration. Given the partial configurations, identify the fault on the Brevard router that is causing the lack of connectivity incompatible IP address insufficient bandwidth incorrect subnet mask incompatible encapsulation link reliability too low IPCP closed 4 / 65 If primary and secondary root switches with priority 16384 both experience catastrophic losses, which tertiary switch can take over? a switch with priority 20480 a switch with priority 8192 a switch with priority 4096 a switch with priority 12288 In Spanning Tree Protocol (STP), the switch with the lowest priority value is elected as the Root Bridge. If the existing primary and secondary switches (both with priority 16384) fail, the network will elect the switch with the next lowest priority available. Since 16384 was the previous "best" priority, the tertiary switch must have a priority value higher than 16384 to have been passed over originally, but it must be the lowest remaining value among the surviving switches to take over. The correct answer is A. a switch with priority 20480. Reasoning: A (20480): This is the lowest value provided that is greater than 16384. This switch would have been the tertiary choice. B, C, and D (8192, 4096, 12288): All of these values are lower than 16384. If any of these switches existed in the network, one of them would have been the Primary Root Bridge from the start, rather than the switches with priority 16384. 5 / 65 What are two requirements for an HSRP group? (Choose two.) exactly one active router one or more standby routers one or more backup virtual routers exactly one standby active router exactly one backup virtual router The correct two requirements for an HSRP (Hot Standby Router Protocol) group are: A. exactly one active router B. one or more standby routerReasoning Active Router: In an HSRP group, only one router can be in the "Active" state at any given time to handle all data traffic directed to the virtual IP address. Standby Routers: An HSRP group is formed by two or more routers to provide redundancy. While one router is designated as the primary "Standby" to monitor the Active router, the group as a whole must have at least one (and can have many) routers configured to fill this role. Why others are incorrect: C & E: These options refer to "backup virtual routers," which is terminology used in VRRP (Virtual Router Redundancy Protocol), not HSRP. D: "Exactly one standby active router" is contradictory and incorrect terminology for HSRP roles. 6 / 65 What is the compressed format of the IPv6 address 2001:0db8:0000:0000:0000:0000:0000:0001? 2001:db8::1 2001:db8:0:1 2001:db8::0::1 2001:d8::1 Explanation: Rules for compression: Remove leading zeros (0db8 -> db8). Replace a single contiguous block of all-zero hextets with :: (only once).Result: 2001:db8::1. 7 / 65 Which of the following are commonly used encoding methods for data in REST APIs? (Choose two) XML YAML JSON HTML SNMP 8 / 65 Which command would you use to verify the OSPF neighbor relationships and ensure that a router is successfully communicating with its adjacent OSPF routers? show ip route ospf show ip protocols show ip ospf neighbor show ospf interface brief Explanation: The show ip ospf neighbor command is the primary troubleshooting tool to check if a router has reached the FULL state with its neighbors. If a neighbor is not listed here, it indicates a mismatch in parameters like Area ID, Authentication, or Timers. 9 / 65 How many host addresses are available in a standard Class C network? 8 32 254 64 10 / 65 What is the primary function of a Next-Generation Firewall (NGFW) compared to a traditional stateful firewall? It only filters traffic based on port numbers. It uses deep packet inspection (DPI) to identify applications and threats within the payload. It operates exclusively at Layer 2. It cannot decrypt SSL/TLS traffic. Explanation: NGFWs go beyond simple port/protocol filtering. They include Intrusion Prevention Systems (IPS), Deep Packet Inspection (DPI), and Application Visibility and Control (AVC) to see what the traffic actually is (e.g., blocking "Facebook Games" but allowing "Facebook Chat"). 11 / 65 Which three statements accurately describe Layer 2 Ethernet switches? (Choose three.) Spanning Tree Protocol allows switches to automatically share VLAN information. Establishing VLANs increases the number of broadcast domains. Switches that are configured with VLANs make forwarding decisions based on both Layer 2 and Layer 3 address information. Microsegmentation decreases the number of collisions on the network. In a properly functioning network with redundant switched paths, each switched segment will contain one root bridge with all its ports in the forwarding state. All other switches in that broadcast domain will have only one root port. If a switch receives a frame for an unknown destination, it uses ARP to resolve the address. 12 / 65 A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem? The OSPF area is not configured properly. The priority on R1 should be set higher. The cost on R1 should be set higher. The hello and dead timers are not configured properly. A backup designated router needs to be added to the network. The OSPF process ID numbers must match. 13 / 65 Which component of AAA (Authentication, Authorization, and Accounting) is responsible for tracking what a user does and what resources they access during a session? Authentication Authorization Accounting Auditing Explanation: Accounting collects data on how long a user was logged in, what commands they ran, and how much data they transferred. Authentication verifies who the user is, and Authorization determines what they are allowed to do. 14 / 65 What is the purpose of the Spanning Tree Protocol (STP) PortFast feature? To speed up the convergence of the entire STP topology. To allow an access port to transition immediately to the forwarding state, bypassing listening and learning states. To protect the switch from receiving unauthorized BPDU messages. To increase the bandwidth of a link by bundling physical interfaces. Explanation: PortFast is used on ports connected to end devices (like PCs or printers). Normally, STP takes 30-50 seconds to move a port to "Forwarding." PortFast allows these ports to work instantly. It should never be used on trunk links between switches, as it could cause a loop. 15 / 65 Which feature can you implement to reserve bandwidth for VoIP calls across the call path? PQ CBWFQ round robin RSVP RSVP (Resource Reservation Protocol): This is the only feature listed that operates across the entire call path. It is a signaling protocol used by host applications to request specific qualities of service (like guaranteed bandwidth) from the network. Each router along the path evaluates the request and reserves the necessary resources before the call begins to ensure end-to-end quality. 16 / 65 Which file format does Ansible use for its Playbooks? XML JSON YAML Python Explanation: Ansible Playbooks are written in YAML (Yet Another Markup Language / YAML Ain't Markup Language), which relies on indentation (whitespace) to define structure, making it very human-readable. 17 / 65 What is "Configuration Drift"? Moving a configuration file from one server to another. The process of upgrading the IOS image. When a device's actual configuration gradually deviates from the desired standard configuration. Using a floating static route for redundancy. Explanation: Configuration Drift occurs when administrators make manual, ad-hoc changes (e.g., "just for testing") and forget to revert them, causing the device to fall out of sync with the automated/standardized policy. 18 / 65 What is the Default Subnet Masks for Class A IPv4 addresses? 255.0.0.0 (or /8) 255.255.0.0 (or /16) 255.255.255.0 (or /24) 255.255.255.255 (or /32) 19 / 65 Which IP address range is reserved for Class A private internal use? 10.0.0.0 to 255.255.255.0 0.0.0.0 to 0.0.0.0 10.0.0.0 to 255.255.255.255 10.0.0.0 to 10.255.255.255 Per RFC 1918, this range is for private use and is not routable on the public internet. 20 / 65 What is the primary goal of "Intent-Based Networking" (IBN)? To manually configure every device using CLI scripts. To capture business intent and automatically translate it into network policies and configurations. To replace all routers with Layer 2 switches. To exclusively use open-source software for routing. Explanation: IBN focuses on the desired outcome (intent). The administrator defines what the network should do (e.g., "Give Voice traffic highest priority"), and the automated system figures out how to configure the devices to achieve that state and continuously verifies it. 21 / 65 Which of the following statement is true for Class C addresses? (128.0.0.0 – 191.255.255.255): Used for medium to large networks. (192.0.0.0 – 223.255.255.255): Used for small networks. (224.0.0.0 – 239.255.255.255): Reserved for multicast groups. (0.0.0.0 – 127.255.255.255): Reserved for large organizations; 127.x.x.x is used for loopback/testing. (240.0.0.0 – 255.255.255.255): Reserved for experimental/future use. Class A (0.0.0.0 – 127.255.255.255): Reserved for large organizations; 127.x.x.x is used for loopback/testing. Class B (128.0.0.0 – 191.255.255.255): Used for medium to large networks. Class C (192.0.0.0 – 223.255.255.255): Used for small networks. Class D (224.0.0.0 – 239.255.255.255): Reserved for multicast groups. Class E (240.0.0.0 – 255.255.255.255): Reserved for experimental/future use. Private IP Address Ranges (Non-Routable): Class A Private: 10.0.0.0 – 10.255.255.255. Class B Private: 172.16.0.0 – 172.31.255.255. Class C Private: 192.168.0.0 – 192.168.255.255. APIPA (Automatic Private IP): 169.254.0.0 – 169.254.255.255. 22 / 65 Refer to the exhibit. The two connected ports on the switch are not turning orange or green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose three.) Ensure that the Ethernet encapsulations match on the interconnected router and switch ports. Ensure that cables A and B are straight-through cables. Ensure cable A is plugged into a trunk port. Ensure the switch has power. Reboot all of the devices. Reseat all cables. 23 / 65 Which of the following range is reserved for multicast groups? (128.0.0.0 – 191.255.255.255) (192.0.0.0 – 223.255.255.255) (224.0.0.0 – 239.255.255.255) (0.0.0.0 – 127.255.255.255) (240.0.0.0 – 255.255.255.255) Class A (0.0.0.0 – 127.255.255.255): Reserved for large organizations; 127.x.x.x is used for loopback/testing. Class B (128.0.0.0 – 191.255.255.255): Used for medium to large networks. Class C (192.0.0.0 – 223.255.255.255): Used for small networks. Class D (224.0.0.0 – 239.255.255.255): Reserved for multicast groups. Class E (240.0.0.0 – 255.255.255.255): Reserved for experimental/future use. Private IP Address Ranges (Non-Routable): Class A Private: 10.0.0.0 – 10.255.255.255. Class B Private: 172.16.0.0 – 172.31.255.255. Class C Private: 192.168.0.0 – 192.168.255.255. APIPA (Automatic Private IP): 169.254.0.0 – 169.254.255.255. 24 / 65 Why is UDP preferred over TCP for real-time voice and video traffic? UDP guarantees delivery of every packet. UDP encrypts the data by default. UDP has lower overhead and lower latency because it does not require a handshake or retransmissions. UDP establishes a dedicated circuit before sending data. Explanation: Real-time apps (VoIP) prefer UDP because dropping a packet is better than delaying it to retransmit. The TCP handshake and error recovery introduce latency (lag), which destroys call quality. 25 / 65 In 172.16.10.16/24 network how many hosts are possible? 16 14 256 254 26 / 65 Which format is most commonly used by modern SDN controllers to send data to an application via a REST API? HTML JSON SQL CSV Explanation: JSON (JavaScript Object Notation) is the "language of the web" for APIs. It is lightweight, human-readable, and easily parsed by programming languages like Python. 27 / 65 Which of the following is the most secure method for managing a Cisco router remotely over an untrusted network? Telnet HTTP SNMPv2c SSH (Secure Shell) Explanation: SSH encrypts the entire management session, including your username and password. Telnet and HTTP send data in "clear text," meaning anyone with a packet sniffer can see your login credentials. SNMPv2c also lacks the robust encryption and authentication found in SNMPv3 or SSH. 28 / 65 In a routing table, what does a code of "L" next to an entry signify? A route learned via a Local area network. A static route with a Low administrative distance. A specific /32 "Local" host route for an IP assigned to a router interface. A route learned via the LISP protocol. Explanation: In modern IOS versions, "L" (Local) identifies the specific IP address assigned to the router's own interface with a /32 mask (IPv4) or /128 (IPv6). This is distinct from "C" (Connected), which identifies the entire subnet prefix attached to that interface. 29 / 65 In a Wireless LAN, what is the role of a Wireless LAN Controller (WLC) in a "Split-MAC" architecture? It handles real-time MAC operations like beaconing and frame acknowledgment. It stores the data traffic locally so it doesn't have to travel to the wired network. It manages centralized tasks like security, roaming, and radio resource management. It provides power to the Access Points via Ethernet cables. Explanation: In a Split-MAC architecture (used with Lightweight APs), the Access Point handles "real-time" tasks (like frame encryption/acknowledgment), while the WLC handles "management" tasks (like authentication and coordination across multiple APs). The AP and WLC communicate via the CAPWAP protocol. 30 / 65 When using a REST API, which HTTP method is typically used to update or modify an existing resource on a server? GET POST PUT DELETE Explanation: In RESTful services: GET retrieves data. POST creates a new resource. PUT (or PATCH) updates/replaces an existing resource. DELETE removes a resource. 31 / 65 A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection? Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# no shut Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# encapsulation ppp Main(config-if)# no shut Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# encapsulation frame-relay Main(config-if)# authentication chap Main(config-if)# no shut Main(config)# interface serial 0/0 Main(config-if)#ip address 172.16.1.1 255.255.255.252 Main(config-if)#encapsulation ietf Main(config-if)# no shut 32 / 65 What is the Class B Private addresses range? 10.0.0.0 to 255.255.255.0 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 240.0.0.0 to 255.255.255.255 33 / 65 Which of the following describes the difference between a Hub and a Bridge? A Hub operates at Layer 3, while a Bridge operates at Layer 2. A Hub is a single collision domain, while a Bridge separates collision domains. A Bridge is used for long-distance fiber, while a Hub is for local copper. A Hub uses MAC addresses to forward data, while a Bridge uses IP addresses. Explanation: A Hub is a "dumb" Layer 1 device that broadcasts all incoming traffic out of every port, meaning all devices share one collision domain. A Bridge (the predecessor to the modern switch) operates at Layer 2 and uses a MAC address table to segment the network into multiple collision domains, reducing congestion. 34 / 65 Which of the following best describes an "Overlay Network"? The physical infrastructure of routers, switches, and cables. A virtual topology created via tunnels (like VXLAN or IPsec) that runs on top of the physical infrastructure. A network dedicated solely to management traffic. The connection between the Spine and Leaf switches. Explanation: An Overlay Network is a logical topology built using tunnels (e.g., CAPWAP, VXLAN, GRE) that rides on top of the physical "Underlay" network. It allows for flexible connections between devices regardless of physical location. 35 / 65 Which type of fiber-optic cabling is most appropriate for a 10-kilometer link between two buildings? Multimode (OM3) Multimode (OM4) Single-mode (OS2) Shielded Twisted Pair (STP) Explanation: Single-mode fiber has a much smaller core than multimode, which allows light to travel long distances (up to 40km or more) with very little signal loss (attenuation). Multimode (OM3/OM4) is designed for short distances, typically within a building or data center (up to 400–500 meters). 36 / 65 Which of the following are benefits of VLANs? (Choose three) They increase the size of collision domains. They allow logical grouping of users by function. They can enhance network security. They increase the size of broadcast domains while decreasing the number of collision domains. They increase the number of broadcast domains while decreasing the size of the broadcast domains. They simplify switch administration. 37 / 65 What are three characteristics of the TCP protocol? (Choose three.) It uses a single SYN-ACK message to establish a connection. The connection is established before data is transmitted. It ensures that all data is transmitted and received by the remote device. It supports significantly higher transmission speeds than UDP. It requires applications to determine when data packets must be retransmitted. It uses separate SYN and ACK messages to establish a connection. 38 / 65 Which of the following describes "Intent-Based Networking" (IBN)? A network where users must state their intent before logging in. A manual process of configuring each router via the Command Line Interface (CLI). A system that uses business objectives (intent) to automatically configure and manage network policies. A network that only uses open-source software. Explanation: IBN is a revolutionary shift where the administrator defines the outcome (e.g., "Guest WiFi should not access the Finance Server"), and the SDN controller (like Cisco DNA Center) automatically translates that intent into specific configurations across all network devices. 39 / 65 Which command is used to configure a Cisco router to synchronize its internal clock with an external time source at IP address 209.165.200.225? ntp peer 209.165.200.225 clock set 209.165.200.225 ntp server 209.165.200.225 snmp-server host 209.165.200.225 40 / 65 Which command sequence can you enter to create VLAN 20 and assign it to an interface on a switch? Switch(config)#vlan 20Switch(config)#Interface gig x/ySwitch(config-if)#switchport access vlan 20 Switch(config)#Interface gig x/y Switch(config-if)#vlan 20 Switch(config-vlan)#switchport access vlan 20 Switch(config)#vlan 20 Switch(config)#Interface vlan 20 Switch(config-if)#switchport trunk native vlan 20 Switch(config)#vlan 20 Switch(config)#Interface vlan 20 Switch(config-if)#switchport access vlan 20 Switch(config)#vlan 20 Switch(config)#Interface vlan 20 Switch(config-if)#switchport trunk allowed vlan 20 The correct command sequence to create VLAN 20 and assign it to an interface is: A. Switch(config)#vlan 20 Switch(config)#Interface gig x/y Switch(config-if)#switchport access vlan 20 Reasoning Step 1: vlan 20 – This command enters VLAN configuration mode and creates the VLAN in the switch's database. Step 2: interface gig x/y – This enters the configuration mode for the specific physical interface. Step 3: switchport access vlan 20 – This command assigns the interface to VLAN 20. On most modern Cisco switches, this command also implicitly sets the port to access mode if not already configured, though it is best practice to precede it with switchport mode access. Why the others are incorrect: B: You cannot create a VLAN by typing the vlan command while inside a physical interface's configuration mode (config-if). C, D, and E: These options use interface vlan 20, which creates a VLAN Interface (a Layer 3 Switch Virtual Interface or SVI). This is used for routing and management, not for assigning a physical switch port to a VLAN. Furthermore, switchport commands are Layer 2 commands and cannot be applied to an SVI. 41 / 65 Which security concept refers to the practice of ensuring that a user or system is only granted the minimum level of access necessary to perform their job? Multi-Factor Authentication (MFA) Principle of Least Privilege Defense in Depth Role-Based Access Control (RBAC) Explanation: The Principle of Least Privilege is a fundamental security rule aimed at reducing the "attack surface." By limiting a user's permissions to only what is required, you minimize the damage that could occur if that account is compromised. 42 / 65 Which IPv6 address type communication is restricted to a single local segment and is not routable? Global unicast Unique local Link-local Multicast 43 / 65 In OSPF, what is the significance of the "Router ID"? it is the IP address of the default gateway. It is a unique 32-bit number used to identify the router within an OSPF area. It determines the bandwidth of the interfaces. It is used to encrypt the OSPF hello packets. Explanation: Every OSPF router must have a unique Router ID (RID). It is chosen in this order: (1) Manually configured router-id, (2) Highest IP on a Loopback interface, (3) Highest IP on an active physical interface. 44 / 65 What does a router do if it receives a packet for a destination network that is not in its routing table and no "Gateway of Last Resort" is configured? It broadcasts the packet to all interfaces. It sends the packet to the nearest neighbor router. It drops the packet and sends an ICMP "Destination Unreachable" message to the source. It holds the packet in a buffer until a route is learned. Explanation: A router will only forward a packet if it has a specific route or a default route (Gateway of Last Resort). If it lacks both, it has no choice but to discard the packet and notify the sender via ICMP. 45 / 65 Which three non-overlapping channels are available in the 2.4 GHz Wi-Fi band (in the US)? 1, 5, 10 1, 6, 11 2, 7, 12 36, 40, 44 Explanation: In the 2.4 GHz spectrum, channels are 22MHz wide but spaced only 5MHz apart. Channels 1, 6, and 11 are the only combination that does not overlap, preventing signal interference. 46 / 65 Which configuration management tool is "Agentless" and uses SSH for communication? Chef Puppet Ansible SaltStack Explanation: Ansible does not require any special software (agent) to be installed on the target device. It connects via standard SSH (or NETCONF/HTTPS) and pushes the configuration. Puppet and Chef typically require agents. 47 / 65 Given the address 192.168.1.0/26, what is the subnet mask in dotted-decimal format? 255.255.255.32 255.255.255.64 255.255.255.128 255.255.255.192 Explanation: /26 means 26 "on" bits. The fourth octet has two bits on (128 + 64 = 192). 48 / 65 What is the maximum standardized distance for a 1000BASE-T link over Cat5e copper cabling? 500 meters 50 meters 100 meters 2 kilometers Explanation: The standard limit for Ethernet over twisted-pair copper (Cat5e, Cat6, etc.) is 100 meters (328 feet). Distances beyond this require repeaters or fiber optics. 49 / 65 When an interface is configured with PortFast BPDU guard, how does the interface respond when it receives a BPDU? It continues operating normally. It goes into a down/down state. It becomes the root bridge for the configured VLAN. It goes into an errdisable state. 50 / 65 What is the "Administrative Distance" (AD) of a Floating Static Route, and why is it used? It has an AD of 1 to ensure it is always the preferred path. It has an AD higher than the primary routing protocol (e.g., 120) to act as a backup. It has an AD of 0 to represent a directly connected interface. It has an AD of 5 to prioritize it over EIGRP. Explanation: A Floating Static Route is a backup route. By manually setting its AD to a value higher than the main protocol (like OSPF's 110), the router ignores the static route unless the main protocol’s path fails. When the main route disappears, the static route "floats" into the routing table. 51 / 65 Which Cisco architecture typically uses a "Spine-Leaf" topology? Cisco SD-Access (Campus) Cisco ACI (Data Center) Traditional Three-Tier Architecture SOHO (Small Office Home Office) Explanation: Cisco ACI (Application Centric Infrastructure) in the data center relies heavily on a Spine-Leaf topology because it provides predictable latency and high bandwidth for East-West traffic (server-to-server communication). 52 / 65 How many usable hosts are in a /15 network? 131072 131070 254 252 53 / 65 Which interface counter can you use to diagnose a duplex mismatch problem? no carrier late collisions giants CRC errors deferred runts The correct answer is B. late collisions. In a duplex mismatch scenario (where one end is full-duplex and the other is half-duplex), the half-duplex side of the link will typically experience high rates of late collisions. 54 / 65 Which field in the IPv4 header is used to prevent a packet from looping indefinitely on a network? Protocol Type of Service (ToS) Time to Live (TTL) Header Checksum Explanation: The TTL field is an 8-bit value that acts as a hop counter. Every time a router processes a packet, it decrements the TTL value by 1. If the TTL reaches zero, the router discards the packet and usually sends an ICMP "Time Exceeded" message back to the sender. This prevents "lost" packets from circling the network forever. 55 / 65 What is the primary purpose of VLAN Trunking Protocol (VTP) in a switched network? To dynamically assign users to VLANs based on their MAC addresses. To synchronize VLAN information (addition, deletion, renaming) across all switches in a domain. To prevent loops in the network by blocking redundant paths. To provide routing between different VLANs. Explanation: VTP allows a network administrator to make VLAN changes on a single "Server" switch and have those changes automatically propagate to all other "Client" switches in the same VTP domain. This reduces configuration errors and administrative overhead. 56 / 65 Which component in a JSON file represents an ordered list of values? Object Array String Boolean Explanation: An Array is an ordered list of values enclosed in square brackets [ ]. For example: "vlans": [10, 20, 30]. 57 / 65 In a virtualized environment, what function does a "vSwitch" perform? It routes traffic between different physical data centers. It connects virtual machines (VMs) to each other and to the physical network interface. It acts as a firewall for the physical router. It encrypts hard drive data. Explanation: A virtual switch (vSwitch) is software that mimics a physical switch. It allows VMs on the same host to communicate and bridges them to the physical NIC (pNIC) to reach the outside world. 58 / 65 A Cisco router is booting and has just completed the POST process. It is now ready to find and load an IOS image. What function does the router perform next? It checks the configuration register. It attempts to boot from a TFTP server. It loads the first image file in flash memory. It inspects the configuration file in NVRAM for boot instructions. 59 / 65 Which set of commands is recommended to prevent the use of a hub in the access layer? switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security maximum 1 switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security mac-address 1 switch(config-if)#switchport mode access switch(config-if)#switchport port-security maximum 1 switch(config-if)#switchport mode access switch(config-if)#switchport port-security mac-address 1 The recommended set of commands to prevent the use of a hub in the access layer is C. switch(config-if)#switchport mode access and switch(config-if)#switchport port-security maximum 1. Explanation switchport mode access: Access layer ports should be explicitly configured as access ports to prevent a hub from being used to create an unauthorized trunk link, which could cause bridging loops or other security vulnerabilities. switchport port-security maximum 1: A hub allows multiple devices (and thus multiple MAC addresses) to connect to a single switch port. By setting the maximum number of allowed MAC addresses to one, the switch will detect if more than one MAC address tries to communicate through that port (as a hub would facilitate) and shut down the port (by default), thereby preventing the hub's use. This configuration ensures the port is secured and limits the number of endpoints that can use it, mitigating risks associated with hubs or unauthorized devices. 60 / 65 What is the purpose of the "Underlay" in a fabric network? To provide IP connectivity between the physical switches and routers so tunnels can be built. To define user policies and access controls. To run the VXLAN encapsulation. To separate the control plane from the data plane. Explanation: The Underlay is the physical foundation. Its only job is to ensure that all network devices can reach each other (usually via an IGP like OSPF or IS-IS) so that the Overlay tunnels (VXLAN) can be established on top. 61 / 65 Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices? enable cdp cdp enable cdp run run cdp 62 / 65 In the context of Puppet, what is the term for the file that defines the desired state of a resource? Playbook Manifest Recipe Blueprint Explanation: Terminology mapping: Ansible: Playbook Puppet: Manifest (.pp file) Chef: Recipe (grouped into Cookbooks) 63 / 65 Which command can you enter to set the default route for all traffic to an interface? router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 router(config)#ip route 0.0.0.0 255.255.255.255 GigabitEthernet0/1 router(config-router)#default-information originate router(config-router)#default-information originate always The correct command to set a static default route for all traffic to a specific interface is A. router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1. Reasoning: 0.0.0.0 0.0.0.0: This represents the "quad-zero" route, which matches any destination network and any subnet mask. This is the standard notation for a default route. GigabitEthernet0/1: This specifies the exit interface where the traffic should be sent. Why the others are incorrect: B: Using 255.255.255.255 as a mask would attempt to create a host route for a specific broadcast address, not a default route for all traffic. C & D: These are routing protocol configuration commands (used within OSPF or RIP). While they are used to propagate a default route to other routers in the network, they do not create the initial static default route on the local router itself. 64 / 65 Which protocol is used by a Cisco switch to automatically negotiate the formation of an EtherChannel using a "vendor-neutral" standard? PAgP (Port Aggregation Protocol) LACP (Link Aggregation Control Protocol) CDP (Cisco Discovery Protocol) LLDP (Link Layer Discovery Protocol) Explanation: LACP (802.3ad) is the industry-standard (IEEE) protocol for bundling physical links. PAgP is a Cisco-proprietary protocol that does the same thing but only works between Cisco devices. In a modern environment where you might mix vendors (Cisco, HP, Juniper), LACP is the preferred choice. 65 / 65 An administrator needs to connect an Autonomous Access Point (AP) that provides three different SSIDs, each mapped to a different VLAN. Which port type should be used on the switch to connect the AP? Access port Routed port Trunk port Virtual interface An access port can only carry traffic for a single VLAN. To support an AP handling multiple SSIDs (and thus multiple VLANs), a trunk port is required because it uses 802.1Q tagging to carry traffic for multiple VLANs over a single physical link. Your score is 0% Restart quiz
