CCNA

Question 1

Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two.)

A. site-to-site VPN
B. IDMVPN
C. IGETVPN
D. IPsec remote access
E. clientless VPN

Answer 1

IDMVPN & clientless VPN

Question 2

What protocol allows an engineer to back up 20 network router configurations globally while using the copy function?

A. SMTP
B. SNMP
C. TCP
D. FTP

Answer 2

SNMP

Question 3

How does encryption project the wireless network?

A. via integrity checks to identify wireless forgery attacks in the frame
B. via specific ciphers to detect and prevent zero-day network attacks
C. via an algorithm to change wireless data so that only the access point and client understand it
D. via a policy to prevent unauthorized users from communicating on the wireless network

Answer 3

via an algorithm to change wireless data so that only the access point and client understand it

Question 4

A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the point to learn the MAC address of the printer and insert it into the table automatically?

A. enable dynamic MAC address learning
B. implement static MAC addressing
C. enable sticky MAC addressing
D. implement auto MAC address learning

Answer 4

enable sticky MAC addressing

Question 5

What occurs to frames during the process of frame flooding?

A. Frames are sent to every port on the witch in the same VLAN except the originating port
B. Frames are sent to every port on the switch that has a matching entry in the MAC address table
C. Frames are sent to all ports, including those that are assigned to other VLANs
D. Frames are sent to every port on the switch in the same VLAN

Answer 5

Frames are sent to every port on the switch in the same VLAN except the originating port

Question 6

Which type of network attacks overwhelms the target server by sending multiple packets to a port until the half-open TCP resources of the target are exhausted?

A. SYIM flood
B. reflection
C. teardrop
D. amplification

Answer 6

SYIM flood

Question 7

What is the difference between IPv6 unicast and anycast addressing?

A. IPv6 anycast nodes must be explicitly configured to recognize the anycast address, but IPv6 unicast nodes require no special configuration
B. IPv6unicast nodes must be explicitly configured to recognize the unicast address, but IPv6 anycast nodes require no special configuration
C. An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes.
D. Unlike an IPv6 anycast address, and IPV6 unicast address is assigned to a group of interfaces on multiple nodes.

Answer 7

An individual IPv6 unicast address is supported on a single interface on one node but an IPv6 anycast address is assigned to a group of interfaces on multiple nodes

Question 8

What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?

A. No router ID is set, and the OSPF protocol doesn’t run.
B The highest up/up physical interface IP address is selected as the router ID
C. The lowest IP address is incremented by 1 and selected as the router ID
D. The router ID 0.0.0.0 is selected and placed in the OSPF process

Answer 8

The highest up/up physical interface IP address is selected as the router ID

Question 9

Which two IPv6 addresses are used to provide connectivity between two routers on a shared link? (Choose two.)

A. FF02::0001:FF00:0000/104
B. ff06:bb43:cc13:dd16:1bb:ff14:7545:234d
C. 2002::512:1204b:1111::1/64
D. 2001:701:104b:1111::1/64
E. ::ffff:10.14.101.1/96

Answer 9

2002::512:1204b:1111::1/64
2001:701:104b:1111::1/64

Question 10

If a notice-level messaging is sent to a syslog server, which event has occurred?

A. A network device has restarted
B. An ARP inspection has failed
C. A routing instance has flapped
D. A debug operation is running

Answer 10

A routing instance has flapped

Question 11

What benefit does controller-based networking provide versus traditional networking?

A. moves from a two-tier to a three-tier network architecture to provide maximum redundancy
B. provides an added layer of security to protect from DDoS attacks
C. allows configuration and monitoring of the network from one centralized port
D. combines control and data plane functionality on a single device to minimize latency

Answer 11

allows configuration and monitoring of the network from one centralized port

Question 12

Which technology can prevent client devices from arbitrarily connecting to the network without state remediation?

A. 802.1x
B. IP Source Guard
C. MAC Authentication Bypass
D. 802.11n

Answer 12

802.1x

Question 13

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

A. dual algorithm
B. metric
C. administrative distance
D. hop count

Answer 13

administrative distance

Question 14

Which attribute does a router use to select the best path when two or more different routes to the same destination exist from two different routing protocols?

A. dual algorithm
B. metric
C. administrative distance
D. hop count

Answer 14

administrative distance

Question 15

Which two components comprise part of a PKI?

A. preshared key that authenticates connections
B. RSA token
C. CA that grants certificates
D. clear-text password that authenticates connections
E. one or more CRLs

Answer 15

RSA token & CA that grants certificates

Question 16

What are two similarities between UTP Cat 5e and Cat 6a cabling?

A. Both operate at a frequency of 500 MHz.
B. Both support runs of up to 55 meters.
C. Both support runs of up to 100 meters.
D. Both support speeds of at least 1 Gigabit.
E. Both support speeds up to 10 Gigabit.

Answer 16

Both support runs of up to 100 meters
Both support speeds of at least 1 Gigabit

Question 17

In which two ways does a password manager reduce the chance of a hacker stealing a user’s password?

A. It automatically provides a second authentication factor that is unknown to the original user
B. It uses an internal firewall to protect the password repository from unauthorized access
C. It protects against keystroke logging on a compromised device or website
D. It stores the password repository on the local workstation with built-in antivirus and anti-malware functionality
E. It encourages users to create stronger passwords

Answer 17

It protects against keystroke logging on a compromised device or website
It encourages users to create stronger passwords

Question 18

What is the role of a firewall in an enterprise network?

A. Forwards packets based on stateless packet inspection
B. Processes unauthorized packets and allows passage to less secure segments of the network
C. determines which packets are allowed to cross from unsecured to secured networks
D. explicitly denies all packets from entering an administrative domain

Answer 18

determines which packets are allowed to cross from unsecured to secured networks

Question 19

What are two protocols within the IPsec suite?

A. AH
B. 3DES
C. ESP
D. TLS
E. AES

Answer 19

AH & ESP

Question 20

Which two features introduced in SNMPv2 provide the ability to retrieve large amounts of data in one request?

A. Get
B. GetNext
C. Set
D. GetBulk
E. Inform

Answer 20

Get & Inform

Question 21

A Cisco engineer at a new branch office in configuring a wireless network with access points that connect to a controller that is based at corporate headquarters. Wireless client traffic must terminate at the branch office and access-point survivability is required in the event of a WAN outage. Which access point mode must be selected?

A. Lightweight with local switching disabled
B. Local with AP fallback enabled
C. OfficeExtend with high availability disabled
D. FlexConnect with local switching enabled

Answer 21

FlexConnect with local switching enabled

Question 22

Which two practices are recommended for an acceptable security posture in a network?

A. Backup device configurations to encrypted USB drives for secure retrieval
B. Maintain network equipment in a secure location
C. Use a cryptographic keychain to authenticate network devices
D. Place internal email and file servers in a designated DMZ
E. Disabled unused or unnecessary ports, interface, and services

Answer 22

Maintain network equipment in a secure location
Disable unused or unnecessary port, interfaces, and services

Question 23

A network analyst is tasked with configuring the date and time on a router using EXEC mode. The date must be set to 12:00 AM which command should be used?

A. Clock timezone
B. Clock summer-time-recurring
C. Clock summer-time date
D. Clock set

Answer 23

clock set

Question 24

What are two differences between optical-fiber cabling and copper cabling?

A. Light is transmitted through the core of the fiber
B. A BNC connector is used for fiber connections
C. The glass core component is encased in a cladding
D. Fiber connects to physical interfaces using Rj-45 connections
E. The data can pass through the cladding

Answer 24

Light is transmitted through the core of the fiber
The glass core component is encased in a cladding

Question 25

What are network endpoints?

A. act as routers to connect a user to the service prowler network
B. a threat to the network if they are compromised
C. support inter-VLAN connectivity
D. enforce policies for campus-wide traffic going to the internet

Answer 25

A threat to the network if they are compromised

Question 26

Which interface enables communication between a program on the controller and a program on the networking devices?

A. Northbound Interface
B. Software Virtual Interface
C. Southbound Interface
D. Tunnel Interface

Answer 26

Southbound Interface

Question 27

Which type of organization should use a collapsed-core architecture?

A. large and requires a flexible, scalable network design
B. large and must minimize downtime when hardware fails
C. small and needs to reduce networking costs currently
D. small but is expected to grow dramatically in the near future

Answer 27

small but needs to reduce networking costs currently

Question 28

Which purpose does a northbound API serve in a controller-based network hardware?