CCNP

What is the full-duplex bandwidth capacity of a Cisco Nexus 7000 Series switch with 18 slots (2 Supervisor Engine Slots and 16 I/O Slots), given that the inter-slot switching capacity is 550 Gbps?

A.8800 Gbps B. 9350 Gbps C. 18.7 Tbps D. 19.8 Tbps

Cevap C.18.7 Tbps To calculate a switch’s bandwidth capacity (not factoring in full-duplex communication), use the formula: Switch BW Capacity = (Inter-slot Switching Capacity * Number of I/O Slots) + [(Number of SE Modules * Inter-slot Switching Capacity) / 2] Note that the inter-slot switching capacity of a supervisor engine (SE) is half that of an I/O module, hence the division by 2 at the end of the formula. Switch BW Capacity = (550 Gbps * 16) + [(2 * 550 Gbps) / 2] Switch BW Capacity = (8800 Gbps) + 550 Gbps Switch BW Capacity = 9350 Gbps To factor in full-duplex communication, we multiply by 2. Full Duplex Switch BW Capacity = (9350 Gbps) * 2 Full Duplex Switch BW Capacity = 18.7 Tbps

Which type of network is created when using SD-WAN to create a virtual infrastructure?

A. Backhaul Network B. Wide Area Network C. Underlay Network D. Overlay Network

Cevap: D. Overlay Network SD-WAN solutions create a virtual overlay network built on top of the actual, physical infrastructure. This physical infrastructure is referred to as an underlay network. Examples of other well-known overlay network technologies include Voice over IP (VoIP) and Virtual Private Networks (VPNs). Creating an overlay network with SD-WAN provides transport independence, meaning that the physical underlay network can be any combination of transport protocols such as LTE, serial, wireless, MPLS, and more. SD-WAN creates a single overlay fabric that will intelligently direct

Which plane of operation within the Cisco SD-Access fabric leverages Virtual Extensible LAN (VXLAN) tunneling?

A. Control Plane B. Data Plane C. Management Plane D. Orchestration Plane

Cevap B. Data Plane The SD-Access data plane uses Virtual Extensible LAN (VXLAN) tunneling to create the virtual SD-Access overlay network. This is UDP-based communication, meaning any device with a valid IP address has the ability for receive and forward the information. The VXLAN encapsulation allows for the creation of multiple virtual networks within the overlay, where separate policies can be applied and enforced.

Which QoS mechanism is most appropriate for giving priority treatment to voice or video packets?

A. cRTP B. WRED C. CB-WFQ D. LLQ

Cevap D. LLQ Low Latency Queuing (LLQ) is an extension of Class Based Weighted Fair Queuing (CB-WFQ) that adds a priority queue. Voice and/or video packets are commonly placed in LLQ’s priority queue in order to be sent ahead of other packet types. RTP Header Compression (cRTP) can reduce the size of the combined L2 and L3 headers of voice and video packets to 2 or 4 Bytes (2 Bytes without a UDP checksum, or 4 Bytes with a UDP checksum). However, while cRTP helps conserve bandwidth, it doesn’t give priority treatment to RTP traffic. Weighted Random Early Detection (WRED) is a congestion avoidance mechanism, but it cannot be enabled for a priority queue. It can only be enabled on a queue for which CB-WFQ or Class Based Shaping has been configured. Class Based Weighted Fair Queuing (CBWFQ) is a queuing mechanism that can assign minimum bandwidth guarantees to queues. However, CB-WFQ doesn’t offer a priority queue

How many access categories does Wi-Fi Multimedia (WMM) have?

A. 4 B. 8 C. 16 D. 64 Cevap A. 4 Wi-Fi Multimedia (WMM) maps 8 IEEE 802.1P markings into 4 WMM access categories: AC_BK (Background), AC_BE (Best Effort), AC_VI (Video), and AC_VO (Voice).

Which switching mechanism is the default method in most modern Cisco IOS devices?

A. Fast Switching B. Cisco Express Forwarding C. Process Switching D. Slow Switching

Cevap B. Cisco Express Forwarding Cisco Express Forwarding (CEF) is the preferred method for modern IOS switching and is the default method on most modern Cisco devices. CEF stores information in a route cache for optimized lookup and efficient packet handling. This is much less processor-intensive than older mechanisms, reserving CPU power for critical operations such as encryption and QoS

Within which plane of Cisco’s SD-WAN solution is the vManage interface found?

A. Data Plane B. Virtual Administrator Plane C. Control Plane D. Management and Orchestration Plane

Cevap D. Management and Orchestration Plane The Management and Orchestration Plane is where we find both vBond (the orchestration and provisioning component) and vManage (the graphical user interface). This is where you perform configuration, monitoring, provisioning, and troubleshooting

Which of the following is an advantage of a Cloud Design versus an OnPremise design?

A. You don’t need to purchase physical servers. B. You can better control the user experience. C. You can better meet compliance requirements. D. You don’t need to be concerned with redundancy

Cevap A. You don’t need to purchase physical servers. With a Cloud Design, you don’t need to purchase physical servers. Instead, you can pay the cloud provider for your actual usage of virtual servers they host. However, an On-Premise design usually lets you have better control of the end-user experience and allows you more flexibility in meeting compliance requirements. Also, even though you might have your servers hosted by a cloud provider, you still need to be concerned with redundancy, and perhaps have duplicate servers in the cloud, along with a virtual loadbalancer to distribute the load between those servers, while providing redundancy.

Which piece of the Cisco SD-WAN solution resides in the control plane and is thought of as the “brain” of the solution?

A. vSmart B. vManage C. vBond D. vEdge

Cevap A. vSmart Cisco vSmart resides within the control plane and is thought of as the “brain” of the Cisco SD-WAN solution. As policies are created within vMangage, vSmart is responsible for enforcing those policies and sharing the policies with other SD-WAN routers and locations in the network. Route information from branch locations are received via the Overlay Management Protocol (OMP), and vSmart will compare the route information to the known polices in order to control traffic.

In a typical SD-Access implementation, which type of device would act as a Location ID Separation Protocol (LISP) server for mapping node locations within the network?

A. Fabric Edge Node B. Fabric Intermediate Node C. Fabric Border Node D. Fabric Control Plane Node

Cevap D. Fabric Control Plane Node In an SD-Access implementation, a Fabric Control Plane Node acts as a LISP server, containing a database used to resolve node locations. LISP is used to create two separate device identity tags; the endpoint identifier (EID) and the routing locator (RLOC). The Fabric Control Plane Node resolves these identity tags using the local LISP database, allowing SD-Access to map the network accurately with node and client locations.

Which of the following is NOT one of the Modular QoS Command Line Interface (MQC) configuration steps?

A. Apply a Policy Map B. Create the “class-default” Class Map C. Create a Policy Map D. Create Class Maps

Cevap B. Create the “class-default” Class Map The 3-step MQC process consists of: (1) Creating class maps, (2) Creating a Policy Map, and (3) Applying the Policy Map. However, the “class-default” class map exists by default. You cannot create or delete it.

Which memory architecture is used on all Catalyst switch models to perform Layer 2 switching?

A. CAM B. TCAM C. FIB D. RIB

Cevap A. CAM The Content Addressable Memory (CAM) table is the memory architecture used in Cisco Catalyst switches for Layer 2 switching. As data frames arrive on a switchport, the source MAC addresses for the traffic are recorded in the CAM table. This is used to determine which outgoing switchport should be used for frame delivery

Which entity within the Control Plane Policing (CoPP) solution allows for traffic filtering and rate limiting?

A. ACL B. QoS C. MQC D. SNMP

Cevap C. MQC Modular QoS CLI (MQC) allows for both filtering and rate-limiting of our network traffic. Within MQC, we have the ability to create and attach a traffic policy to an interface. ACLs are used to identify the traffic itself, against which we want to take action with MQC. Filtering and rate limiting are not performed by the ACL itself, but rather it is only used for traffic identification. The MQC policy is what allows for the filtering and ratelimiting.

Within which plane of Cisco’s SD-WAN solution is the vManage interface found?

A. Data Plane B. Virtual Administrator Plane C. Control Plane D. Management and Orchestration Plane

What is the role of an Active Virtual Gateway (AVG)?

A. An AVG responds to ARP queries with the MAC address of the Master gateway. B. An AVG responds to different ARP queries with the MAC addresses of AVFs. C. An AVG responds to different ARP queries with the MAC address of the Backup gateway. D. An AVG responds to ARP queries with the MAC address of the Standby gateway.

Cevap B. An AVG responds to different ARP queries with the MAC addresses of AVFs. An Active Virtual Gateway (AVG) is a type of gateway used by Gateway Load Balancing Protocol (GLBP). GLBP is unique among the First Hop Redundancy Protocols (FHRPs) in that instead of having a single gateway service all traffic from a subnet, it load balances the traffic across as many as four Active Virtual Forwarders (AVFs). An AVG accomplishes this by responding to ARP queries (for a default gateway’s virtual IP address) with different MAC addresses (i.e. the MAC addresses of the AVFs in a GLBP group).

Identify the virtualization technology that includes a specific application a user wants to run, the support files for that applications, but not the operating system on top of which the application runs.

A. Virtual Data Path B. Virtual Switch C. Virtual Server D. Container

Cevap D. Container A container contains an application and its support files. The underlying operating system can support multiple containers containing applications need that operating system. A virtual server contains an operating system. A virtual data path is a technology that influences data flow, such as creating a tunnel between two sites. A virtual switch runs on a hypervisor and can logically interconnect virtual devices (e.g. virtual servers or virtual routers) also running on that hypervisor, in addition to logically connecting to a physical server’s network interface card (NIC).

What type of hypervisor runs on top of a traditional operating system (e.g. on top of Microsoft Windows)?

A. Type 1 B. Type 2 C. Type 3 D. Type 4

Cevap B. Type 2 A Type 1 hypervisor (also known as a “native” or “bare metal” hypervisor) runs directly on a server’s hardware. However, a Type 2 hypervisor (also known as a “hosted” hypervisor) runs on top of a traditional operating system. Hypervisors are not categorized as either Type 3 or Type 4

Which of the following is true regarding the operation of a virtual server’s virtual network interface card (also known as a “virtual NIC” or “vNIC”)?

A. All virtual NICs share the MAC address of a physical NIC in the physical server. B. All virtual NICs share a virtual MAC address. C. A virtual NIC can simultaneously connect to multiple virtual switches. D. Each virtual NIC within a virtual machine has a unique MAC address.

Cevap D Each virtual NIC within a virtual machine has a unique MAC address. A virtual NIC is software associated with a unique MAC address, which can be used by a VM to send and receive packets. Also, a vNIC (just a like a physical NIC) can only connect to one switchport at a time.

What is the term used to refer to a broadcast domain within a VXLAN network?

A. VLAN B. VEM C. VNI D. VTEP

Cevap C. VNI Virtual Extensible LANs (VXLANs) support over 16 million broadcast domains, thanks to a VXLAN’s 24-bit identifier field, as opposed to using VLANs, which support just over 4000 broadcast domains (due to a 12-bit VLAN field). This identifier is called a VXLAN Network Identifier, which is abbreviated as VNI. The device that does the VXLAN encapsulation is called a Virtual Ethernet Module (VEM). Each VEM has (at least) one IP address, and that IP address is assigned to an interface called a VTEP, which stands for VXLAN Tunnel Endpoint. Each VTEP can be associated with one or more VNIs.

Which type of wireless deployment access points are used in a large enterprise environment where centralized management is needed?

A. Autonomous B. Lightweight C. Controller-less D. CAPWAP

Cevap B. Lightweight Lightweight access points require a centralized wireless LAN controller (WLC), which is used to manage all of the access points from a single location. This is also referred to as a controller-based deployment model, where the WLC can be a physical or a virtual device. No management or configuration is necessary on the individual access point.

What statement is true of the global routing table in an VRF configuration (by default)?

A. The global routing table is a combination of the routes found in the routing tables of each VRF instance. B. The global routing table does not contain routes seen in the routing table of any VRF instance. C. A VRF configuration disables the global routing table, and instead uses the routing table of each VRF instance. D. By default, routes appearing in a router’s global routing table are “leaked” into the routing table of each VRF instance. However, routes in a VRF instance’s routing table are not leaked into the global routing table

Cevap B. The global routing table does not contain routes seen in the routing table of any VRF instance. Even though “leaking” can be configured to allow a router’s global routing table and a VRF instance’s routing table to exchange routes, by default, the global routing table doesn’t not see routes from nor exchange routes with a VRF instance’s routing table.

What component of a LISP architecture identifies the IP address of a router responsible for forwarding traffic to devices within a LISP location?

A. Endpoint ID (EID) B. Routing Locator (RLOC) C. Map Resolver (MR) D. Map Server (MS)

Cevap B. Routing Locator (RLOC) Location/ID Separation Protocol (LISP) uses two identifiers for a network endpoint. First, the Routing Locator (RLOC) is the IP address of a router that can forward traffic to devices within a LISP location. Second, the Endpoint ID (EID) identifies the endpoint within a LISP location. The way a source RLOC knows how to reach a specific endpoint at a remote location is by querying a Map Resolver (MR), which returns the destination RLOC for the requested EID. The MR learned the destination RLOC for the EID from a Map Server (MS), with which the destination RLOC registered the EID.

Switches SW1 and SW2 are directly connected with a Gigabit Ethernet connection. Which of the following Dynamic Trunk Protocol (DTP) mode combinations will FAIL to bring up a trunk between the switches?

A. SW1: Dynamic Desirable – SW2: Dynamic Auto B. SW1: Trunk – SW2: Dynamic Auto C. SW1: Dynamic Auto – SW2: Dynamic Auto D. SW1: Trunk – SW2: Dynamic Desirable

Cevap C. SW1: Dynamic Auto – SW2: Dynamic Auto DTP modes of Trunk and Dynamic Desirable both initiate the formation of a trunk by sending DTP frames. The mode of Dynamic Auto will setup a trunk if it receives a DTP frame, but it doesn’t initiate trunk formation. Also, Access mode prevents a trunk from being formed. As a result, the only two mode combinations that would fail to bring up a trunk are: (1) one side set to Access (regardless of the other side’s mode) and (2) both sides set to Dynamic Auto

An EtherChannel’s load-balancing algorithm is to set “dst-mac,” and the EtherChannel contains eight ports. What information determines the specific link in an EtherChannel used to send a specific packet?

A. The last 2 bits of the destination MAC address B. The last 3 bits of the destination MAC address C. The last 4 bits of the destination MAC address D. The last 8 bits of the destination MAC address

Cevap B. The last 3 bits of the destination MAC address. The “dst-mac” load-balancing algorithm uses a packet’s destination MAC address to select the physical connection in an EtherChannel bundle that is used to send a packet. The number of bits in the destination MAC address used to make the path selection decision is determined by the number of links in the EtherChannel. If there were only two links, the last bit in the destination MAC address would be used, because a single bit could represent two values (i.e. 0 or 1). Similarly, the last two bits in a destination MAC address would be used if the EtherChannel had four physical links (because two bits can be arranged in four different ways), and the last three bits in a destination MAC address would be used if the EtherChannel had eight physical links.

Which of the following features creates a Rapid PVST+ Edge Port?

A. PortFast B. UplinkFast C. BackboneFast D. BPDUGuard

Cevap A. PortFast The PortFast feature causes a switch port to go active when an end station is connected, without waiting through any STP delays. In Rapid PVST+ terminology, a Point-to-Point interface (i.e. a full duplex switch port) enabled with the PortFast feature is called an Edge Port.

What option is added to the end of an “ip nat” command to enable Port Address Translation (PAT)?

A. single B. ports C. static D. overload

Cevap D. overload The “overload” option is specified at the end of an “ip nat” command to enable PAT. In fact, PAT is commonly referred to as “NAT Overloading.”

What is the default Priority value used by HSRP?

A. 3 B. 10 C. 100 D. 255

Cevap C. 100 HSRP uses a Priority value to elect an Active router. Higher Priority values are preferred. Therefore, an HSRP router can be influenced to become the Active router for an HSRP group by giving it a higher Priority value compared to any other member of the HSRP group. By default, HSRP has a Priority value is 100.

An IPv6 multicast address always begins with which Hexadecimal digits?

A. FF B. FE80 C. F001 D. EE

Cevap A. FF The first 8 Binary bits in an IPv6 multicast address are all 1s, meaning that the first 2 Hexadecimal digits in an IPv6 address are FF. Following those first 8 bits, are 4 Flag bits, 4 Scope bits, and 112 bits identifying the Group ID

What parameter exchanged in VTP advertisements determines how authoritative a VTP update is?

A. Configuration Register B. Metric C. Distance D. Configuration Revision Number

Cevap D. Configuration Revision Number A switch configured for VTP uses the Configuration Revision Number of a VTP advertisement to determine whether or not a received VTP advertisement is more authoritative than the switch’s local VLAN database

Identify the IPv4 multicast address used to communicate just with OSPF Designated Routers (DRs) and Backup Designated Routers (BDRs).

A. 224.0.0.10 B. 224.0.0.5 C. 224.0.0.9 D. 224.0.0.6

Cevap D. 224.0.0.6 224.0.0.10 is the IPv4 multicast group used to communicate with EIGRP routers. 224.0.0.5 is used to communicate with all OSPF routers. 224.0.0.9 is used to communicate with RIPv2 routers. 224.0.0.6 is used to communicate with OSFP DR and BDR routers

What OSPF configuration option prevents a router interface from sending OSPF Hello messages, while still participating in an OSPF process?

A. Stub Area B. NSSA C. Passive Interface D. Totally Stubby Area

Cevap C. Passive Interface A Passive Interface is an interface that participates in an OSPF routing process without sending Hello messages. This type of interface might be appropriate for an interface connecting out to endpoints but no other OSPFspeaking routers. Having such an interface be a Passive Interface would allow that network be advertised by OSPF to neighboring routers without sending unnecessary Hello messages and also prevent a malicious user from adding an OSPF-speaking router to that interface’s network and forming an unwanted OSPF adjacency

OSPF can perform route summarization on an ASBR or on an ABR. What command is used to summarize routes on an ASBR?

A. summary-address B. route-map C. area range D. area stub

A. summary-address OSPF route summarization can be performed on an Autonomous System Boundary Router (ASBR) as routes are being redistributed into OSPF from another autonomous system. This is accomplished using the “summary-address” command. Additionally, OSPF can perform route summarization on an Area Border Router (ABR) as routes are being advertised from one OSPF area into another OSPF area. This is accomplished using the “area range” command

What command would you enter to create an OSPF routing process numbered “1” for OSPFv3 using an Address Families configuration?

A. ipv6 router ospf 1 B. ipv6 router ospfv3 1 C. router ospfv3 1 D. router ipv6 ospf 1

Cevap C. router ospfv3 1 Using the traditional configuration approach for OSPFv3, you create an OSPFv3 routing process numbered “1” using the “ipv6 router ospf 1” command. However, with the Address Families approach to OSPFv3 configuration, you instead use the “router ospfv3 1” command. The Address Families configuration approach to OSPFv3 allows you to configure routing for both IPv4 and IPv6 under a single hierarchical configuration.

Select the correct order of path selection criteria considered by BGP.

Weight, Local Preference, Origin Type, AS Path Length, Originate MED, Paths, Router ID B. Router ID, Weight, Local Preference, Originate, AS Path Length, Origin Type, MED, Paths C. Local Preference, Weight, Originate, AS Path Length, Origin Type, MED, Paths, Router ID D. Weight, Local Preference, Originate, AS Path Length, Origin Type, MED, Paths, Router ID

Cevap D. Weight, Local Preference, Originate, AS Path Length, Origin Type, MED, Paths, Router ID The correct order of BGP path selection criteria is: Weight, Local Preference, Originate, AS Path Length, Origin Type, MED, Paths, and Router ID. A memory aid for remembering this order is the acrostic: “We Love Oranges AS Oranges Mean Pure Refreshment.” The main challenge with this memory aid is correctly ordering the “Originate” and “Origin Type” criteria, because they both begin with a “O.”

Which configuration is often used to influence outbound path selection on a BGP router with two or more neighbors in different autonomous systems?

A. Assigning a higher Local Preference value to routes coming in from a preferred neighbor. B. Assigning a lower Local Preference value to routes coming in from a preferred neighbor. C. Assigning a shorter AS Path value to routes coming in from a preferred neighbor. D. Assigning a longer AS Path value to routes coming in from a preferred neighbor.

Cevap A. Assigning a higher Local Preference value to routes coming in from a preferred neighbor. The Local Preference path selection parameter is commonly used for influencing outbound path selection decisions, with higher values being preferred. The AS Path attribute is commonly used for influencing inbound path selection decisions, with shorter AS Paths being preferred.

If you’re configuring Multiprotocol BGP, where IPv4 routes are advertised over an IPv4 session and IPv6 routes are advertised over an IPv6 session, what step must be manually configured for an IPv6 neighbor that is automatically configured for an IP4 neighbor?

A. The “ebpg-multihop” value must be specified. B. The remote AS of a neighbor must be configured in IPv6 address family configuration mode. C. A route-map must be configured to advertise the IPv6 next-hop address. D. The IPv6 neighbor needs to be activated.

Cevap D. The IPv6 neighbor needs to be activated.

When configuring Multiprotocol BGP, neighbors are specified under router configuration mode. Then, under router-address-family configuration mode, the neighbors need to be activated. Interestingly, the “neighbor [neighbor_ip_address] activate” command is automatically entered for the IPv4 address family but must be manually configured for the IPv6 address family

Which lightweight access point special purpose mode is used to delegate the AP to solely perform various background operations, such as locationbased services and rogue device detection?

A. FlexConnect Mode B. Sniffer Mode C. SE-Connect Mode D. Monitor Mode

Cevap D. Monitor Mode Monitor mode is a special purpose mode to which we can assign a Cisco lightweight access point. When operation in this mode, the access point does not provide any network access to users. The operation is dedicated to performing various background operations, such as intrusion detection service (IDS) monitoring, rogue access point detection, and location-based services, among other things

During which lightweight access point operation state does the device poll the wireless LAN controller (WLC) for information such as QoS rules, SSIDs, and security parameters?

A. WLC Join State B. Image Download State C. Config Download State D. WLC Discovery State

Cevap C. Config Download State During the Config Download State, the access point will poll the WLC for configuration information. This includes QoS rules, SSIDs, and security parameters, among other things. Once all of the necessary configurations are known and applied, the lightweight access point moves into the Run State, where it is fully operational and providing clients with network access

In a Network Address Translation (NAT) configuration, a client inside of a network has its private IP address of 10.1.1.12 translated into a publicly routable IP address of 192.0.2.10. What is the 192.0.2.10 IP address referred to in this scenario?

A. Inside Local Address B. Inside Global Address C. Outside Local Address D. Outside Global Address

Cevap B. Inside Global Address In this scenario, the 192.0.2.10 IP address is referred to an Inside Global Address, because the IP address is Globally routable and refers to a device on the Inside of the network. Also, in this scenario, the 10.1.1.12 IP address is referred to an Inside Local Address, because it’s a Locally routable address and refers to a device on the Inside of the network

When configuring Dynamic NAT, what is the “pool” parameter used to specify?

A. The range of ephemeral port numbers into which outgoing connections are dynamically assigned. B. The range of Inside Local addresses to be mapped to Inside Global addresses. C. The range of Inside Global addresses into which Inside Local addresses are mapped. D. The range of Outside Global addresses into which Inside Local addresses are mapped

Cevap C. The range of Inside Global addresses into which Inside Local addresses are mapped. When configuring Dynamic NAT, an Access Control List (ACL) is typically used to identify the Inside Local addresses to be mapped to Inside Global addresses. However, a “pool” parameter is used to define a range of Inside Global addresses into which the Inside Local addresses are mapped.

What port number is used by Network Time Protocol (NTP)?

A. TCP port 443 B. UDP port 69 C. UDP port 123 D. TCP port 25

Cevap C. UDP port 123 TCP port 443 is used by HTTPS. UDP port 69 is used by TFTP. UDP port 123 is used by NTP, and TCP port 25 is used by SMTP

Which of the following is true of VRRP but not true of HSRP?

A. VRRP has a default Hello time of 3 seconds. B. VRRP has Preemption disabled by default. C. VRRP is Cisco-proprietary. D. VRRP can used an interface’s IP address as a Virtual IP address

Cevap D. VRRP can used an interface’s IP address as a Virtual IP address. HSRP has a default Hello time of 3 seconds. However, instead of a Hello time, VRRP uses a Master Advertisement Interval, which defaults to 1 second. Also, HSRP has Preemption disabled by default, while VRRP has Preemption enabled by default. While HSRP is Cisco-proprietary, VRRP is an industry standard First Hop Redundancy Protocol (FHRP). Finally, while HSRP cannot use a Virtual IP address that is already assigned to an interface, VRRP can

What command is used to require a router to use NTP authentication?

A. ntp secure B. ntp authentication C. ntp authenticate D. ntp peer-authentication

Cevap C. ntp authenticate The “ntp authenticate” command is used to require a router to use NTP authentication. The “ntp authentication-key [key_number] md5 [key_string]” command is used to define an authentication key, and the “ntp trusted-key [key_number]” command is used to identify which key is trusted.

Which extended traceroute option allows us to trace a network route that is more than 30 hops away from the device we are using?

A. probe B. timeout C. numeric D. ttl

Cevap A. probe By using the “ttl” keyword at the end of a traceroute command, we can specify the TTL value that should be used during the trace. By default, Cisco IOS TTL values are set to a maximum of 30 hops. If we need to trace further than this, we can manually set the TTL value up to a maximum of 255 hops. For example, if network 10.10.10.10 needs to be traced up to 40 hops, we would use the command “traceroute 10.10.10.10 ttl 40” from an EXEC prompt.

Stateful Switchover (SSO) is often used in conjunction with which feature to prevent packets from being dropped when a router fails over from one of its route processors to another?

A. Reverse Path Forwarding (RPF) B. Embedded Event Manager (EEM) C. Multilayer Switching (MLS) D. Nonstop Forwarding (NSF)

Cevap D. Nonstop Forwarding (NSF) Stateful Switchover (SSO) allows a router with two route processors to fail over from its primary route processor to its backup route processor without dropping routing protocol neighborships with other routers. However, the backup route processor might drop packets while it constructs an IP routing table. To prevent those initial packet drops after the failover, a feature called Nonstop Forwarding (NSF) could be used. NSF allows the IP routing information maintained by Cisco Express Forwarding (CEF) in the primary route processor to remain in memory and be used by the backup route processor. This allows the backup route processor to immediately have IP forwarding information after a failover.

Which metric allows WLAN location services to calculate the location of a wireless client within the network?

A. SNR B. RTLS C. RSS D. SSID

Cevap C. RSS The Received Signal Strength (RSS) can be used for enterprise asset tracking within a WLAN. The wireless LAN controller uses the signal strength from all of the access points surrounding a client to determine the exact physical location of a client within the network. This is performed by using three or more surrounding access points to pinpoint this location

Which mechanism is the slowest method for switching packets, where every packet is inspected by the switch CPU?

A. Cisco Express Forwarding B. Fast Switching C. Process Switching D. Slow Switching

Cevap C. Process Switching Process Switching is the original method for Cisco IOS switching, where every packet is inspected by the switch CPU. When a packet arrives on the switch, the processor function is interrupted in order to analyze the packet and compare it to the internal routing table for forwarding. The next-hop destination attached to the packet is used to determine the outbound switch interface that should be used for packet delivery. A new Layer 2 frame header is constructed for every single packet, making this a slow method that is not ideal for modern networks

What term is assigned to an untagged VLAN on an IEEE 802.1Q trunk?

A. Primary VLAN B. Management VLAN C. Secondary VLAN D. Native VLAN

Cevap D. Native VLAN VLANs on an IEEE 802.1Q trunk have four Tag Bytes added to each of their frames. One purpose of these Tag Bytes is to identify the VLAN membership of the frames. However, one VLAN, called the Native VLAN, is not tagged. As a result, neighboring switches should agree on the Native VLAN being used on a trunk that is interconnecting to those switches

Switches SW1 and SW2 are directly connected with a Gigabit Ethernet connection. Which of the following Port Aggregation Protocol (PAgP) mode combinations will successfully bring up an EtherChannel between the switches?

A. SW1: Auto – SW2: Auto B. SW1: On – SW2: Desirable C. SW1: On – SW2: Auto D. SW1: Auto – SW2: Desirable

Cevap D. SW1: Auto – SW2: Desirable A mode of On isn’t technically a PAgP or LACP mode. It simply tells the port(s) to be in an EtherChannel, without sending or processing any PAgP or LACP frames. Therefore, if one side is set to On, the other side must also be set to On in order for an EtherChannel to be brought up. The mode of Auto will cause a port to bring join an EtherChannel if it receives PAgP frames from the far end. However, the Auto mode does not initiate the joining of an EtherChannel. As a result, other than both sides being set to the On mode, only two combinations of PAgP settings will cause an EtherChannel to be brought up: (1) both sides set to Desirable or (2) one side set to Desirable and the other side set to Auto.

When configuring MSTP, what Spanning Tree instance is used by any VLANs not explicitly assigned an instance?

A. Those VLANs will not participate in STP. B. MST0 C. MST1 D. Those VLANs will share the instance assigned to the Native VLAN.

Cevap B. MST0 In addition to the instances, you define in an MSTP configuration, a default instance of MST0 is created. All VLANs not explicitly assigned an MSTP instance are assigned to that MST0 instance

Which if the following is NOT a Rapid PVST+ port state?

A. Discarding B. Listening C. Learning D. Forwarding

Cevap B. Listening Traditional Spanning Tree Protocol (STP) has the following port states: (1) Blocking, (2) Listening, (3) Learning, and (4) Forwarding. However, Rapid PVST+ uses these port states: (1) Discarding, (2) Learning, and (3) Forwarding

What will a Cisco Catalyst switch in VTP Transparent mode do when it receives a VTP advertisement?

A. The switch will flood the advertisement out all other trunk links, other than the trunk it was received on. B. The switch will drop the advertisement. C. The switch will send a VTP Reject message back to the sending switch. D. The switch will update its VLAN database, based on the advertisement, but the advertisement will not be forwarded.

Cevap A. The switch will flood the advertisement out all other trunk links, other than the trunk it was received on. When a switch in VTP Transparent mode receives a VTP update, it will not update its VLAN database. However, it will flood the advertisement out all other trunk links, other than the trunk it was received on.

What metric components does EIGRP use by default?

A. Bandwidth B. Bandwidth and Delay C. Bandwidth, Delay, and Reliability D. Bandwidth, Delay, Reliability, Load, and MTU

Cevap B. Bandwidth and Delay EIGRP’s metric calculation can consider Bandwidth, Delay, Reliability, and Load, with MTU used as a tie breaker if the calculation is the same for two paths. However, the calculation uses K Values to determine how influential the various metric components are in the final metric value. By default, three K Values are set to 0, resulting in only Bandwidth and Delay being used in a default metric calculation

Which of the following router interface encapsulations will, by default, cause an interface to use an OSPF Network Type of Point-to-Point?

A. Frame-Relay B. HDLC C. Ethernet D. All interfaces use an OSPF Network Type of Broadcast, by default. However, it that be administratively changed.

Cevap B. HDLC An OSPF Network Type of Point-to-Point is the default OSPF Network Type on a non-Frame Relay serial interface. Therefore, an interface encapsulation type of HDCP or PPP on a serial interface will result in that interface having a default OSPF Network Type of Point-to-Point. Any type of Ethernet interface has a default OSPF Network Type of Broadcast.

What configuration feature can prevent a route known to an OSPF Link State Database from being injected into a router’s IP routing table?

A. Filter List B. Redistribution C. Access Control List D. Distribute List

Cevap D. Distribute List OSPF route filtering can occur in one of three locations: (1) Routes can be filtered at an ASBR as they’re about to be redistributed into OSPF, which is accomplished as part of the redistribution configuration. (2) Routes can be filtered at an ABR as they’re about to be advertised into a different area, which is accomplished using a Filter List. (3) Routes can be filtered as they’re about to be injected into a router’s IP routing table from an OSPF Link State Database, which is accomplished using a Distribute List

What command must be entered in Cisco IOS before OSPFv3 can route IPv6 networks?

A. ipv6 cef B. ipv6 enable C. ipv6 unicast-routing D. IPv6 routing is enabled by default

Cevap C. ipv6 unicast-routing Interestingly, IPv6 routing is not enabled by default in Cisco IOS. Therefore, before routing IPv6 unicast networks, using routing protocols such as RIPng, OSPFv3, or EIGRP for IPv6, you need to enter the “ipv6 unicast-routing” command in global configuration mode. While the “ipv6 cef” command can improve performance, by enabling Cisco Express Forwarding (CEF) for IPv6 routing decisions, it isn’t a required command for IPv6 routing

Which of the following is true about BGP neighbor formation?

A. Neighbors are dynamically discovered via multicast Hello messages. B. A neighbor’s IP address must be statically configured. C. A UDP session is established between neighbors. D. By default, BGP neighbors can be as many as 255 hops away from one another

Cevap B. A neighbor’s IP address must be statically configured. BGP neighbors must be configured with one another’s IP addresses, as opposed to dynamically discovering each other with multicast Hello messages, which are used by EIGRP and OSPF. BGP neighbors form a TCP session between themselves, rather than a UDP session. Also, even though BGP neighbors can be a maximum of 255 hops away from one another (using the “ebgp-multihop” command), by default, BGP neighbors must be adjacent to one another.

Identify the statement that is NOT true concerning iBGP connections

A. By default, a route received from an iBGP neighbor is not advertised to other iBGP neighbors. B. When a router receives a route from an eBGP neighbor and advertises that route to an iBGP neighbor, the NEXT-HOP attribute is not updated. C. When configuring an iBGP neighbor, the “neighbor” command uses the “local-as” parameter instead of the “remote-as” parameter. D. A route reflector is often used within an autonomous system if there is not a full mesh of iBGP neighborships.

Cevap C. When configuring an iBGP neighbor, the “neighbor” command uses the “local-as” parameter instead of the “remote-as” parameter. An iBGP (Internal BGP) neighborship is formed between two routers within an autonomous system (AS). An eBGP (External BGP) neighborship is formed between two routers in different autonomous systems. When a router receives a route from an eBGP neighbor, it advertises that route to any iBGP neighbors without updating the NEXT-HOP attribute (which can be addressed by configuring the NEXT-HOP-SELF option). Also, when a router receives a route advertisement from an iBGP neighbor, the router does not advertise that route to other iBGP neighbors (which can be addressed using a Route Reflector or by configuring a full mesh of iBGP neighborships). Interestingly, the “neighbor remote-as” command is used to form a neighborship between routers in different autonomous systems as well as between routers in the same autonomous system.

When configuring Multiprotocol BGP to advertise IPv6 routes over an IPv4 BGP session, what extra configuration step is needed?

A. You need to enabled Cisco Express Forwarding (CEF). B. You need to apply a route map to your IPv6 neighbor specifying the nexthop IPv6 address. C. You need to apply a route map to your IPv6 neighbor specifying the nexthop IPv4 address. D. You need to disable Cisco Express Forwarding (CEF)

Cevap B. You need to apply a route map to your IPv6 neighbor specifying the next-hop IPv6 address. IPv6 routes can be advertised over either an IPv4 or an IPv6 session with Multiprotocol BGP. However, if an IPv4 session is used, the receiving BGP neighbor doesn’t learn the IPv6 address of the router sending the IPv6 route advertisement. To overcome this issue, you can configure a route map to add the IPv6 next-hop address to IPv6 route advertisements.

What is the term used to refer to one complete up and down motion of an electromagnetic wave?

A. Frequency B. Cycle C. Hertz D. Wavelength

Cevap B. Cycle A cycle is defined as one complete up and down motion of an electromagnetic wave. This is used to determine the frequency of an electromagnetic wave by examining the number of cycles that happen over the period of one second, otherwise known as Hertz (Hz). For example, if an electromagnetic wave has four complete up and down motions over the period of one second, this means there are four cycles per second. We would determine that the frequency of this electromagnetic wave would be 4 Hz.

Which type of wireless antenna would have a lower gain, creating a less focused path for broad coverage?

A. Dipole Antenna B. Patch Antenna C. Yagi Antenna D. Dish Antenna

Cevap A. Dipole Antenna A dipole antenna is a type of omnidirectional antenna that is commonly seen on consumer grade wireless devices. Omnidirectional antennas have lower gain and a less focused signal path, created for broad coverage. This is opposed to a directional antenna, which has high gain with a focused path in order to specifically direct the RF signal

A wireless client roams between access points connected to two separate wireless LAN controllers, which do not share a subnet. Which type of intercontroller roam has occurred?

A. Layer 2 B. Layer 3 C. CAPWAP D. Intracontroller

Cevap B. Layer 3 When a client roams between access points connected to two separate WLCs that do not share a subnet or network, this intercontroller roam is referred to as a Layer 3 roam. Cisco provides seamless Layer 3 roaming through use of an established CAPWAP tunnel between the WLC, allowing the client to keep its original IP address even though it is associated with a different subnet or VLAN

In a Network Address Translation (NAT) configuration, what command is given (and in what configuration mode is it given) to specify that an interface is on the inside of a network?

A. Router(config)# ip nat inside B. Router(config-if)# ip nat inside C. Router(config-nat)# nat [interface-id] inside D. Router(config-router)# nat [interface-id] inside

Cevap B. Router(config-if)# ip nat inside As part of a NAT configuration, an interface can be identified as an Inside interface using the “ip nat inside” command. That command needs to be issued in interface configuration mode for the interface being identified as an inside interface.

Which type of network topology is most often found within a data center?

A. Point-to-Multipoint B. Spine-Leaf C. Three-Tier D. Collapsed Core

Cevap B. Spine-Leaf Data centers commonly use a Spine-Leaf design, where a leaf switch connects to multiple spine switches, such that the leaf switch can reach any other leaf switch by transiting a single spine switch. A Point-to-Multipoint design is commonly found in older wide area networks using Frame Relay or ATM. A Three-Tier architecture is commonly found in enterprise networks and consists of the Access, Building Distribution, and Core layers. A Collapsed Core design is commonly found in small to medium sized networks, where the Building Distribution and Core layers found in an enterprise network design are consolidated into a “collapsed core.”

Which well-known port is used by an SNMP manager as default for polling SNMP agent devices in the network?

Cevap D. UDP 161 By default, SNMP managers use UDP communication over port 161 in order to poll SNMP agent devices in the network. These polls are remote queries that are used to gather information about the hardware and software states of the devices

When configuring an SNMP manager in Cisco IOS, which command keyword option will ensure that we are using both authentication and encryption with SNMP version 3 (SNMPv3)?

A. auth B. nopriv C. priv D. encryp

Cevap C. priv SNMP version 3 (SNMPv3) provides both authentication and encryption features. This is the most recent and preferred version of SNMP, which introduced enhanced security. Within SNMPv3 there are three security levels in IOS; “auth,” “no priv,” and “priv.” Using the “priv” keyword will ensure that we take advantage of both the authentication and encryption features in SNMPv3

Which Cisco IOS command would be used to point Syslog message collection to a server with the IP address 10.1.1.5?

A. logging manager 10.1.1.5 B. logging host 10.1.1.5 C. logging server 10.1.1.5 D. logging external 10.1.1.5

Cevap B. logging host 10.1.1.5 Using an external server to collect Syslog message is a best practice in an enterprise environment. In order to point a Cisco IOS device to a Syslog server for message collection, we use the command “logging host” followed by the server’s IP address

Which version of NetFlow added a dynamic data format for use with templates?

A. NetFlow v5 B. NetFlow v8 C. NetFlow v9 D. NetFlow v10

Cevap C. NetFlow v9 NetFlow version 9 is the most recent version of the protocol, adding better security and analysis features as well as the ability to accurately report on multicast traffic. The format is dynamic, meaning that the format can change. Templates are used to inform the NetFlow collector about the format in which the collected data is being represented so that correct interpretation can happen.

Which type of Switched Port Analyzer (SPAN) configuration uses Generic Routing Encapsulation (GRE) for traffic capture?

A. SPAN B. ERSPAN C. RSPAN D. GRESPAN

Cevap B. ERSPAN Encapsulated Remote SPAN (ERSPAN) is a Cisco-proprietary version of SPAN. This is similar to RSPAN, but rather than using Layer 2 switching as RSPAN does, ERSPAN uses Layer 3 routing to send traffic to a centralized server using Generic Routing Encapsulation (GRE)

When configuring Remote SPAN (RSPAN), which command option designates a selected VLAN to specifically be used for SPAN traffic delivery to a remote network?

A. remote-span B. vlan remote C. vlan-rspan D. remote-span vlan

Cevap A. remote-span While under VLAN configuration mode, the command “remote-span” will designate the selected VLAN to be used as the delivery VLAN for RSPAN traffic. A VLAN that has been designated as an RSPAN VLAN is trunked to other switches in order to transport session traffic to another network. This VLAN cannot be assigned to any access ports

Which piece of an IP Service Level Agreement (SLA) configuration is an optional component?

A. IP SLA Source B. IP SLA Collector C. IP SLA Responder D. IP SLA Listener

Cevap C. IP SLA Responder An IP Service Level Agreement (SLA) configuration requires an IP SLA source in order to generate packets which are sent out to destination devices. Responses from the devices would include timestamps with other metrics about the device. Optionally, a remote Cisco router can be configured as an IP SLA responder in order to provide more advanced response metrics. Certain IP SLA operations require a responder, while others do not.

When configuring an advanced IP SLA configuration, which general command configures a Cisco IOS Router to be an IP SLA responder?

A. ip sla listen B. ip sla remote C. ip sla probe D. ip sla responder

Cevap D. ip sla responder The command “ip sla responder” is used to configure a Cisco IOS router as an IP SLA responder. This command is followed by the type of probe to which it will be responding, and a port number. For example, to configure a router as a responder to TCP connect probes over port 5000, the complete command would be “ip sla responder tcp-connect port 5000.”

When configuring Cisco Embedded Event Manager (EEM) using applets within the CLI, which command keyword defines a condition that we want to take action against?

A. identity B. event C. resource D. object

Cevap B. event After creating and naming an applet within the Cisco IOS CLI, the keyword “event” is used to identify a condition that we want to take action against. This event is what will trigger our applet to action. For example, if we used “event syslog” followed by a specific Syslog message that we want to monitor for, any time that message was populated in the logging buffer, the applet would be triggered, and our configured action would be performed

Which command is used to turn off all possible debugging in Cisco IOS?

A. no debugging B. no debug all C. no debug D. no enable debug

Cevap B. no debug all The “no debug all” command is used to stop all debugging features in Cisco IOS. Alternatively, the command “undebug all” can be used to perform the same function.

Which variation of the ping command allows for more granular control of the command through built-in IOS prompts?

A. ping B. ping detail C. ping extend D. ping more

Cevap A. ping By entering the “ping” keyword at the EXEC command line level with no IP address attached, a built-in IOS wizard will prompt you for details related to the ping command that you wish to execute. This allows you to control things such as the repeat count, the datagram size, the source address or interface, and more.

Which well-known port is used by an SNMP agent device by default to send system information back to the SNMP manager server?

A. TCP 162 B. UDP 162 C. TCP 161 D. UDP 161

Cevap B. UDP 162 An SNMP agent is a process running on a monitored device that allows it to respond to information poll requests from an SNMP manager. Unsolicited messages can also be sent out in this manner, known as traps. This information is sent by default as UDP communication over port 162.

Which Syslog message code indicates an emergency state where the system is unstable?

A. Level 0 B. Level 1 C. Level 7 D. Level 8

Cevap A. Level 0 Syslog messages have a code ranging from 0-7, where level 7 indicates informational debugging messages and level 0 are the most severe, emergency messages. Level 0 codes indicate an unstable or unusable system with an emergency severity

Which Cisco IOS command would be used to send NetFlow data to a collection server with the IP address 10.1.1.5 over port 9995?

A. ip flow-export destination 10.1.1.5 9995 B. ip flow-export server 10.1.1.5 9995 C. ip flow-export collector 10.1.1.5 9995 D. ip flow-export host 10.1.1.5 9995

Cevap A. ip flow-export destination 10.1.1.5 9995 The command “ip flow-export destination 10.1.1.5 9995” would point a Cisco IOS device to a NetFlow collector at the given IP address, and would send the NetFlow data over port 9995.

When using Flexible NetFlow in order to create multiple flow monitors and exporters, which command would allow us to attach the name HELPDESK to a created flow record?

A. flow name HELPDESK B. flow export HELPDESK C. flow flexible HELPDESK D. flow record HELPDESK

Cevap D. flow record HELPDESK In order to create a flow record and assign a name to that record, the command “flow record” followed by the desired name is used in Cisco IOS. Once this command is entered, the command line interface is placed in flow record configuration mode, allowing for further configuration options such as attaching a description about what the record was created for.

By default, which type of traffic does SPAN monitor in Cisco IOS?

A. Received B. Transmitted C. Transmitted and Received D. Local

Cevap C. Transmitted and Received By default, a Cisco IOS SPAN configuration will monitor both transmitted and received traffic on a selected interface. Other options can be selected during configuration if there are specific needs, using the keywords “rx” (only monitor received traffic) or “tx” (only monitor transmitted traffic). The “both” option is also available, which is the same as the default action that monitors both transmitted and received traffic

After configuring ERSPAN in Cisco IOS, what command is necessary in order to enable the ERSPAN configuration on a selected interface?

A. erspan enable B. run erspan C. no shutdown D. erspan admin enable

Cevap C. no shutdown When creating an ERSPAN session, by default the session is administratively disabled. This is the same state you would find a router interface in before giving the “no shut” command to administratively bring up the interface. While under monitor session configuration mode, the command “no shut” will bring the session into the administratively enabled state.

Which command keyword option for IP SLA configuration will allow an administrator to select when an IP SLA source begins transmitting data?

A. start-time B. begin-sla C. sla-schedule D. sla-start

Cevap A. start-time The “start-time” keyword allows us to specify a starting time for the IP SLA probe. This can be followed by several options, such as the “after” keyword to start the probe after a specified amount of time. Exact times can also be entered in hours, minutes, and seconds if there is a specific time that the probe should start. Other options include “now” (for immediate probe start) and “random” (to start the probe after a random time interval).

What HTTP verb is used by REST create (not update) a new configuration?

A. GET B. PUT C. PATCH D. POST

Cevap D. POST The POST HTTP verb is used to Create a new entry (e.g. a new configuration), while PUT or PATCH can be used to Update an existing entry. The GET verb, however, only reads information

The “5 Nines of Availability” refers to what?

A. Limiting a network’s downtime to no more than 5 minutes per year. B. Having 99.9 percent uptime for 99 percent of a network’s components. C. Limiting a network’s downtime to no more than 30 seconds per year. D. Having 99 percent uptime for 99.9 percent of a network’s components

Cevap A. Limiting a network’s downtime to no more than 5 minutes per year. The “5 Nines of Availability” refers to keeping a network operational 99.999 percent of the time. That translates to approximately 5 minutes of downtime per year. The “6 Nines of Availability” refers to keeping a network operational 99.9999 percent of the time, which translates to approximately 30 seconds of downtime per year

When setting up encryption in an IPsec tunnel configuration, which of the following is NOT an available option?

A. sha B. des C. aes D. 3des

Cevap A. sha When setting up an IPsec tunnel, common configuration options for encryption are DES, 3DES, and AES, with AES typically being the most preferred option and DES being the least preferred option. However, Secure Hash Algorithm (SHA) is used for authentication rather than encryption

Which of the following is considered to be a standard numbered access control list (ACL)?

A. 100 B. 1300 C. 199 D. 2000

Cevap B. 1300 Standard numbered access control lists (ACLs) fall within the range of 1-99. There is also an extended range in case you need additional standard numbered ACLs, which fall within the range of 1300-1999.

Which type of access control list (ACL) should be placed as close to the source as possible?

A. Standard ACL B. Extended ACL C. Source ACL D. Destination ACL

Cevap B. Extended ACL Extended ACLs have the ability to filter between protocol types and can match traffic based on both source and destination IP addressing. Because of the ability to see IP addressing in this way, a best practice recommendation is to place extended ACLs as close to the source as possible in order to stop traffic early on. This ensures that unwanted traffic doesn’t take up network bandwidth unnecessarily. The opposite is true of standard ACLs, which are recommended to be placed as close to the destination as possible

Which Cisco line type is used for controlling inbound Telnet connections?

A. CTY B. AUX C. VTY D. CDP

Cevap C. VTY VTY lines in Cisco IOS are essentially virtual terminal connections. There is no physical hardware associated with these lines, as they are a function of the IOS software. In the running configuration, these are denoted as “line vty 0 4”, where the two numbers at the end are the line numbers. In this example, there are lines 0 through 4, for a total of five available VTY lines. These are used solely for controlling inbound Telnet connections

Which native extensible authentication protocol (EAP) type uses certificates for mutual authentication?

A. EAP-TLS B. EAP-MD5 C. EAP-SSL D. EAP-MSCHAPv2

Cevap A. EAP-TLS EAP-TLS is one of the most commonly used native EAP types. This is considered to be one of the most secure EAP types and is one of the original authentication methods defined by the IEEE 802.1X standard. This requires a certificate authority in order to use X.509 certificates for mutual authentication between the client and server.

Which encryption standard is leveraged by WPA2 and WPA3 for more advanced encryption and protection?

A. SSL B. TKIP C. AES D. SHA

Cevap C. AES TKIP and AES are two encryption standards leveraged by WPA for securing a wireless network. The temporal key integrity protocol (TKIP) is the original standard used by WPA, combining a key string and SSID in order to generate unique encryption keys. Due to this being susceptible to attacks, WPA2 and WPA3 moved to advanced encryption standard (AES) for improved encryption capabilities with a more advanced algorithm.

Which secure domain found in Cisco’s cyber threat defense framework deals with the internal and external security policies, such as HIPAA regulations?

A. Security Intel B. Segmentation C. Compliance D. Threat Defense

Cevap C. Compliance The Compliance domain addresses both internal and external security policies. Examples of these include standard regulations such as HIPAA, SOX, and PCI. This would also include any internal policies that are specific to your network

Which mechanism is used by Cisco Identity Services Engine (ISE) to assign security tags for access policy enforcement?

A. TrustSec B. MACsec C. NAC D. MAB

Cevap B. MACsec Cisco TrustSec is used by Cisco ISE to assign a security group tag (SGT) to each device at the egress point of a TrustSec capable device. Based on the SGT tag, certain access policies will be enforced elsewhere in the infrastructure. SGTs can be used by routers, switches, and firewalls on Cisco TrustSec capable devices in order to make forwarding decisions

Which piece of the Network Access Control (NAC) architecture receives extensible authentication protocol (EAP) packets and translates those into RADIUS packets?

A. Supplicant B. Translator C. Authentication Server D. Authenticator

Cevap D. Authenticator The Authenticator is the piece of the Network Access Control (NAC) architecture that controls access to the network based on a client’s authentication status. This is commonly a switch or wireless LAN controller. The Authenticator receives EAP packets from the client, where Supplicant software is installed in order to send identity credentials to the Authenticator. These are translated into RADIUS packets and forwarded to the Authentication Server in order to validate the client identity

Northbound Interfaces (NBIs) are what type of Application Programing Interfaces (APIs)?

A. YANG B. OpenFlow C. REST D. JSON

Cevap C. REST Northbound Interfaces are Representational State Transfer (REST) APIs, which use HTTP verbs to communicate with an SDN controller. YANG is a type of data modeling. OpenFlow is an example of a Southbound Interface (SBI), and JSON is a type of data formatting

Which type of Application Programming Interface (API) take care of creating and managing sites, as well as retrieving network health information within Cisco DNA Center?

A. Intent APIs B. Integration APIs C. Multivendor Support APIs D. Event and Notification APIs

Cevap A. Intent APIs Intent APIs (also referred to as northbound interfaces) within Cisco DNA Center provide the graphical user interface that allows for site creation and management, network health retrieval, device onboarding and provisioning, policy creation, and troubleshooting. Intent APIs are used to enforce the configurations and settings that we choose in Cisco DNA Center

Which REST API response code is returned when there is a problem with the request syntax that was sent out by the client?

A. 201 B. 200 C. 400 D. 401

Cevap C. 400 API response codes in the 400 range indicate some sort of client-side error. A 401 BAD REQUEST response code specifically means that there was a problem with the syntax used by the client, and the server was unable to interpret the request

An IKE Phase 1 tunnel is also known as what?

A. An IPsec tunnel B. A GRE tunnel C. An ISAKMP tunnel D. An SA tunnel

Cevap C. An ISAKMP tunnel When an IPsec tunnel is being formed, it goes through two phases. The first phase is the creation of an IKE Phase 1 tunnel. IKE stands for Internet Key Exchange. The second phase is the creation of an IKE Phase 2 tunnel. Another name for the IKE Phase 1 tunnel is an “ISAKMP tunnel,” where ISAKMP stands for Internet Security Association and Key Management Protocol. Another name for the IKE Phase 2 tunnel is an IPsec tunnel. Each of these tunnels has a corresponding security association, referred to as an SA. However, an SA is not a type of tunnel.

Which AAA protocol used for external server deployments encrypts only the password field of the communication?

A. RADIUS B. TACACS+ C. SNMP D. Telnet

Cevap A. RADIUS The RADIUS protocol is an open standard used with external AAA database deployments. As opposed to the Cisco-proprietary TACACS+ protocol which encrypts the entire payload, RADIUS only encrypts the password field. RADIUS uses UDP ports 1812 and 1813 by default for communication.

Which type of access control list (ACL) allows us to match traffic source and destination IP addresses?

A. Expanded ACLs B. IP ACLs C. Standard ACLs D. Extended ACLs

Cevap D. Extended ACLs Extended access control lists (ACLs) fall within the range of 100-199, with an expanded range of 2000-2699. These have the ability to filter much more granularly than standard ACLs, as they are able to filter specific protocols and match both source and destination IP addresses

Which type of web-based authentication (WebAuth) leverages an external AAA server that works as a centralized RADIUS database, such as Cisco Identity Services Engine (ISE)?

A. Local WebAuth B. Distributed WebAuth C. Central WebAuth D. Client-Server WebAuth

Cevap C. Central WebAuth Central WebAuth redirects network client browsers to a central WebAuth server, which requires the client to login with valid credentials in order to obtain authentication and authorization. This is used in larger deployments that contain a centralized RADIUS database such as Cisco ISE.

Which of the following is not a solution used when achieving endpoint hardening ?

A. Cisco AMP B. Cisco Umbrella C. Cisco AnyConnect D. Cisco Smart Install

Cevap D. Cisco Smart Install Cisco Smart Install is a method for hardening the network, used for zerotouch deployment of new access layer switches. Cisco AMP, Cisco Umbrella, and Cisco AnyConnect are all used specifically for hardening our endpoints

Which of the following is not an advantage of a next generation firewall (NGFW)?

A. Zero-touch deployment B. Streamlined architecture C. Deep packet inspection D. Better throughput rates

Cevap A. Zero-touch deployment Next generation firewalls allow for a streamlined architecture by integrating multiple security services into a single appliance, the ability to monitor traffic at OSI layers 2 through 7 with deep packet inspection, and better throughput rates through more robust hardware and streamlined software.

Which security standard is considered to be the wired equivalent of WPA2 protection used in wireless networks?

A. MACsec B. NAC C. MAB D. TrustSec

Cevap A. MACsec MACsec is a Layer 2 protocol that relies on AES to provide confidentiality and integrity, similar to WPA2. However, MACsec operates over a wired Ethernet connection. This is an extension to 802.1X that provides secure key exchange and mutual authentication between MACsec capable devices

By default, how long does it take a Cisco Catalyst switch to consider 802.1X to be timed out before beginning MAC Authentication Bypass (MAB)?

A. 30 seconds B. 60 seconds C. 90 seconds D. 120 seconds

Cevap C. 90 seconds MAC Authentication Bypass must wait until 802.1X times out before attempting network access. By default, this value is set to 90 seconds on a Cisco Catalyst switch. It’s common for administrators to lower this value in order to overcome client access issues caused by the delay, but it’s important to be aware that setting the timer interval too low can result in 802.1X bypass happening unnecessarily.

Which REST API response code is returned when there is a problem with the request syntax that was sent out by the client?

A. 201 B. 200 C. 400 D. 401

Cevap D. 401 API response codes in the 400 range indicate some sort of client-side error. A 401 BAD REQUEST response code specifically means that there was a problem with the syntax used by the client, and the server was unable to interpret the request

Which of the following best describe the “Object” JSON data structure?

A. An unordered set of name/value pairs enclosed in straight brackets. B. An unordered set of name/value pairs enclosed in curly brackets. C. An ordered set of name/value pairs enclosed in straight brackets. D. An ordered set of name/value pairs enclosed in curly brackets

Cevap B. An unordered set of name/value pairs enclosed in curly brackets. A JSON Object is an unordered set of name/value pairs enclosed in curly brackets. A JSON Array is an ordered set of comma-separated values enclosed in straight brackets.

You install Python version 3.8.1 on an operating system that already has Python version 2.7 installed. What command do you issue at the command prompt to run Python version 3.8.1?

A. python B. python3.8.1 C. python3.8 D. python 3

Cevap C. python3.8 If you issue the “python” command, it will run the preinstalled version of 2.7. Issuing the command “python3.8.1” will not work, because you’re specifying the version too many levels deep. However, issuing the command “python3.8” will run Python version 3.8.1 in this case. Also, the command “python3” would have worked, but not “python 3,” because there is a space before the “3.”

What utility comes bundled with Python to give you an interface to the Interactive Interpreter and uses straight quotes (instead of open and close quotes) along with color coding of commands, all of which help you better enter Python commands?

A. Bash B. vi C. Emacs D. IDLE

Cevap D. IDLE IDLE (Interactive Development Environment) is a utility that comes with Python and serves as an excellent interface to Python’s Interactive Interpreter, as compared to an operating system’s command prompt. Bash is a UNIX shell, while both vi and Emacs are UNIX editors

You have a Python list named “inventory” and wish to display the last value in the list. What Python command could you use?

A. print(inventory[-1]) B. print(inventory.end) C. print(inventory[0]) D. print[inventory.end]

Cevap A. print(inventory[-1]) A Python List is an ordered list of comma-separated values enclosed in straight brackets. You can print a specific value from a list using the command print(name[x]), where “name” is the name of the list variable, and x is an integer identifying the position of the value in the list. The numbering of the values starts at 0. Therefore, in this example, to print the first value in the list, you could use a command of print(inventory[0]). However, you can print the last value in a list with the command print(inventory[-1]). Similarly, you can print the next to last value in a list with the command print(inventory[-2])

Which section of the Cisco DNA Center management dashboard contains troubleshooting tools for the network?

A. Design B. Assurance C. Policy D. Provision

Cevap B. Assurance The Assurance section in Cisco DNA Center provides tools for network monitoring and troubleshooting. This includes both reactive tools, as well as proactive and predictive tools by use of A.I. and machine learning. Cisco DNA Center boasts the ability to predict issues before they happen, and also troubleshooting assistance through suggested remediation steps. (remediation == iyileştirme)

Which of the following best describes a Python Dictionary? While a Python List is an ordered set of values enclosed in straight brackets, a Python Dictionary is an unordered set of name/value pairs enclosed in curly brackets

A. An ordered set of name/value pairs enclosed in straight brackets. B. An unordered set of name/value pairs enclosed in straight brackets. C. An ordered set of name/value pairs enclosed in curly brackets. D. An unordered set of name/value pairs enclosed in curly brackets.

Cevap D. An unordered set of name/value pairs enclosed in curly brackets. While a Python List is an ordered set of values enclosed in straight brackets, a Python Dictionary is an unordered set of name/value pairs enclosed in curly brackets.

You’re writing a Python script and wish to ask the user the name of the SSID in a wireless network, and you want to assign their response to a variable of ssid. Which command can you use?

A. ssid=input(“What is the name of the SSID? “) B. input=ssid(“What is the name of the SSID? “) C. ssid=input[“What is the name of the SSID? “] D. ssid=input(What is the name of the SSID? )

Cevap A. ssid=input(“What is the name of the SSID? “) You can use the “input” function to get input from a user running a program. Since “input” is a function, the prompt is enclosed in parenthesis, not straight brackets. Also, since the prompt is a string, it’s enclosed in quotes. Therefore, the command ssid=input(“What is the name of the SSID? “) will prompt the user with the string of “What is the name of the SSID? “ The user’s response will then be stored in the variable of ssid

NETCONF supports what type of data formatting?

A. XML B. JSON C. HTTP D. HTTPS

Cevap A. XML While RESTCONF supports either XML of JSON data formatting, NETCONF only supports XML data formatting

Which Chef orchestration component pulls configuration information from the central Chef server?

A. Request Agent B. Pull Drone C. Workstation D. Client Node

Cevap D. Client Node The Chef Client Nodes are what we call any network components that are being managed by a centralized Chef Server. Each node will have a Chef Client installed that is used to pull the configuration information from the Chef Server. This includes storage devices, containers, physical hardware, and virtual hardware

Which Puppet orchestration component is prepared for Puppet Agents, containing configuration changes that need to take place on a node?

A. Fact B. Catalog C. XML Tag D. YANG Status

Cevap B. Catalog The central Puppet server is called a Puppet Master. The Puppet Master received information about the Puppet Agents (or client nodes) referred to as Facts. These Facts are used to compare the current state of each node to the desired configuration state. The Puppet Master then prepares a Catalog containing configuration change and makes the Catalog available to the Puppet Agent

Which section of the Cisco DNA Center management dashboard contains troubleshooting tools for the network?

A. Design B. Assurance C. Policy D. Provision

Cevap B. Assurance The Assurance section in Cisco DNA Center provides tools for network monitoring and troubleshooting. This includes both reactive tools, as well as proactive and predictive tools by use of A.I. and machine learning. Cisco DNA Center boasts the ability to predict issues before they happen, and also troubleshooting assistance through suggested remediation steps

With Cisco Embedded Event Manager (EEM), what is used to create policies by using the command line interface (CLI)?

A. Scripts B. YANG C. XML D. Applets

Cevap D. Applets Applets are a more simplified tool for creating EEM policies, as opposed to scripts that are created with an interpreter language. Applets can be used within the Cisco IOS command line interface (CLI) to create EEM policies

Which XML component gives more detail about an element and must appear in quotes?

A. Attribute B. Comment C. Declaration D. Tag

Cevap A. Attribute An XML Attribute gives more detail about an element and must appear in quotes. A Comment provides documentation within a file. A Declaration is the optional first line in an XML document that contains version and encoding information. A Tag is a string of text inside the < and > signs

Identify the YANG Data Modeling element that represents an attribute of something being modeled.

A. Container B. List C. Leaf D. Type

Cevap C. Leaf A Leaf represents an attribute of something being modeled. A Container has Read-Write or Read-Only privileges and contains one or more lists, which represent something (e.g. a router interface) that’s being modeled. A Type describes what kind of data (e.g. a string) that can be used to populate a leaf

Identify the data type of the following: True

A. String B. Floating Point C. Boolean D. Integer

Cevap C. Boolean Since the word True is not in quotes, it’s not a String data type. Instead, it’s a Boolean data type that states if a condition is True or False

Currently, you have a variable of x assigned an integer value of 4. However, you need to convert your variable of x to a string data type. Which of the following commands could you use?

A. x=string(x) B. x=int(“x”) C. x=str(x) D. x=float(x)

Cevap C. x=str(x) The str function can convert an integer or floating-point value to a string. The int function can convert a floating-point value to an integer, and the float function can convert an integer to a floating-point value.

Python uses the “if” function to do a Boolean evaluation. What Python function can be used with the “if” function to do a secondary Boolean evaluation if the first evaluation (as specified by the “if” function) is False

A. else B. elif C. iff D. elseif

Cevap B. elif When using the “if” function in Python to do a Boolean evaluation. If the result of that evaluation is False, you can take a specific action specified by the “else” function, or you can do a secondary Boolean evaluation using the “elif” function

In a Python script, you wish to open a file named “vlans.txt” in a mode that will let you write additional VLAN values to the file without overwriting the existing values already in the file. Which command could you use?

A. file=open(“vlans.txt”,”r”) B. file=open(“vlans.txt”,”rw”) C. file=open(“vlans.txt”,”w”) D. file=open(“vlans.txt”,”a”)

Cevap D. file=open(“vlans.txt”,”a”) The “r” mode opens a file in read-only mode. There is no “rw” mode. The “w” mode opens the file in write mode, which will overwrite any existing values when you write a new value. The “a” mode is the append mode, which will let you add values to a file without overwriting any existing values.

Which component of the Ansible orchestration tool is written in YAML for execution on managed devices?

A. Inventory B. Playbook C. Recipe D. API

Cevap B. Playbook Ansible Playbooks are written in the YAML language, which contain code defining tasks for client execution that can be thought of as to-do lists. They are sets of instructions for the managed devices to perform. Playbooks can also be used to retrieve information from managed devices about their current

Within the SaltStack orchestration architecture, what is information about managed nodes that is sent back to the central Salt Master referred to as?

A. Pillars B. Cookbooks C. Grains D. Blocks

Cevap C. Grains Grains are the built-in mechanism for determining information about managed nodes. The information included in Grains include network information, operating system version, hardware details, and more. This information is static and is not real-time data.

Which type of Application Programming Interface (API) take care of creating and managing sites, as well as retrieving network health information within Cisco DNA Center?

A. Intent APIs B. Integration APIs C. Multivendor Support APIs D. Event and Notification APIs

Cevap A. Intent APIs Intent APIs (also referred to as northbound interfaces) within Cisco DNA Center provide the graphical user interface that allows for site creation and management, network health retrieval, device onboarding and provisioning, policy creation, and troubleshooting. Intent APIs are used to enforce the configurations and settings that we choose in Cisco DNA Center.

PreviousCCNA R&S Dummies NextNokia Mpls

Last updated 2 years ago