CCNP

Question 1

What is the IPv6 address used by OSPFv3 non-DR/BDR routers to send link-state updates and link-state acknowledgments?

Answer 1

FF02::6

Non-DR/BDR routers send an update or link-state acknowledgment message to the DR and BDR by using the AllDRouters address FF02::6.

Question 2

Which two destination addresses will R1 use to establish a full adjacency with R2?

Answer 2

ff02::5, 2001:db8:21:20::2

Question 3

On an OSPF multiaccess network, which multicast address must a non-DR router use to send an LSU packet that contains new link-state information?

Answer 3

224.0.0.6

Question 4

Which configuration will prevent two directly connected Cisco routers from forming an OSPFv2 neighbor adjacency?

Answer 4

configuring mismatched OSPF process IDs on two adjacent routers

Question 5

Which type of OSPF link-state advertisement is a network LSA?

Answer 5

type 1

Question 6

What advantage does WPA2 have over WPA?

Answer 6

WPA2 uses AES instead of TKIP.

WPA2 uses the encryption algorithm AES (Advanced Encryption Standard) which is a stronger algorithm than WPA is, which uses TKIP (Temporal Key Integrity Protocol).

Question 7

Which situation is an example of EAP deployment?

Answer 7

when a client communicates with a RADIUS server for authenticated access to the network through the AP

In a 802.1x WLAN environment, WPA2 with EAP (Extensible Authentication Protocol) allows for a back-end authentication server like Radius.

Question 8

Which function is provided by the Cisco SD-Access Architecture controller layer?

Answer 8

It provides network automation and operational status information to the management layer.

Question 9

Match the Cisco SD-WAN solution component with the description.

Answer 9

vManage Network Management System – enables centralized provisioning and simplifies network changes, vSmart controller – authenticates each SD-WAN router that comes online, vBond orchestrator – configured with a public IP address so that all SD-WAN devices in the network can connect to it.

Question 10

On which of the devices in a hierarchical network should routing between workstation VLANs take place?

Answer 10

the distribution layer devices

Question 11

On which devices should the inter-VLAN routing be configured?

Answer 11

Gateway, CS1, DS1, and DS2

Question 12

Which QoS model uses the DSCP bits to mark packets and provides 64 possible classes of service?

Answer 12

DiffServ

The DiffServ model uses 6-bits known as the DiffServ Code Point (DSCP) bits to mark traffic and offers a maximum of 64 possible classes of service.

Question 13

Which type of QoS marking is applied to Ethernet frames?

Answer 13

Cos

The class of service (CoS) marking allows a Layer 2 Ethernet frame to be marked with eight levels of priority (values 0–7).

Question 14

Which feature is used by an MST region to send VLAN information to a switch that runs PVST+?

Answer 14

PVST translation mechanism

Question 15

What is a solution to mitigate the MST misconfiguration with improper VLAN assignment to the IST?

Answer 15

Ensure that only VLANs in the same MSTI for a trunk link are pruned.

Question 16

Which three statements describe the building blocks that make up the IPsec protocol framework?

Answer 16

IPsec uses encryption algorithms and keys to provide secure transfer of data, IPsec uses secret key cryptography to encrypt messages that are sent through a VPN, IPsec uses ESP to provide confidential transfer of data by encrypting IP packets.

Question 17

What two commands are needed to complete the GRE tunnel configuration on router R1?

Answer 17

R1(config-if)# tunnel source 172.16.2.1, R1(config-if)# tunnel destination 209.165.202.130

Question 18

What are two reasons for creating an OSPF network with multiple areas?

Answer 18

to reduce use of memory and processor resources, to reduce SPF calculations

Question 19

On what type of OSPF router is interarea route summarization configured?

Answer 19

ABRs

Interarea summarization is manually configured on Area Border Routers (ABRs).

Question 20

What is the term given to a system that provides tools for organizations to use when advanced malware has slipped past other defenses?

Answer 20

Advanced Malware Protection (AMP)

Question 21

What are the possible port roles for ports A, B, C, and D in this RSTP-enabled network?

Answer 21

designated, alternate, root, root

Question 22

Which three ports will be STP designated ports?

Answer 22

fa0/10, fa0/21, fa0/13

Question 23

Which two statements describe characteristics of load balancing?

Answer 23

Unequal cost load balancing is supported by EIGRP, Load balancing allows a router to forward packets over multiple paths to the same destination network.

Question 24

Which type of IPv6 static route is configured in the exhibit?

Answer 24

recursive static route

The route provided points to another address that must be looked up in the routing table.

Question 25

Which tool would the administrator use to make the suspicious traffic available for analysis at the college data center?

Answer 25

RSPAN

Question 26

What are two benefits of using SNMP traps?

Answer 26

They reduce the load on network and agent resources, They eliminate the need for some periodic polling requests.

Question 27

How will user traffic be forwarded between two laptops connected to the same lightweight access point?

Answer 27

The lightweight access point will switch the traffic between both laptops immediately.

Question 28

What must be configured on the access point to enable remote management?

Answer 28

management IP address

Question 29

Which three protocols are components in the operation of 802.1x?

Answer 29

EAPoL, EAP, RADIUS

Question 30

Match the security platform to the description.

Answer 30

a centralized management platform that aggregates and correlates threat events – Cisco Firepower Management Center, a malware analysis and protection solution that goes beyond point-in-time detection – Cisco Stealthwatch, a security policy management platform that provides highly secure network access control – Cisco Identity Services Engine.

Question 31

Which two conclusions can be derived from the output?

Answer 31

There is one feasible successor to network 192.168.1.8/30, The neighbor 172.16.6.1 meets the feasibility condition to reach the 192.168.1.0/24 network.

Question 32

Which two EIGRP metrics are measured by using static values on a Cisco device?

Answer 32

delay, bandwidth ## Footnote Bandwidth and delay are static values that are not actually tracked by a device.

Question 33

Which factor can be used by an AP to improve the accuracy of locating a wireless client?

Answer 33

RSS

Question 34

Which two EIGRP metrics are measured by using static values on a Cisco device? (Choose two.)

Answer 34

Bandwidth and delay are static values that are not actually tracked by a device.

Question 35

Which factor can be used by an AP to improve the accuracy of locating a wireless client?

Answer 35

RSS (Received Signal Strength) can be used to measure the distance between the AP and the client.

Question 36

What is required by wireless clients that participate in Cisco centralized key management for intracontroller roaming?

Answer 36

Cisco Compatible Extensions (CCX) support is required.

Question 37

What issue might an AP show if it has no clients attached but shows 30% channel utilization on the 2.4 GHz channel?

Answer 37

The channel is significantly utilized by other nearby APs and clients using the 2.4 GHz frequency range.

Question 38

What significance does an air quality index value of 40 provide for a lightweight AP?

Answer 38

An air quality value of 40 is within acceptable performance range for a lightweight AP, so no action is required.

Question 39

In which type of deployment is the Chef server hosted in the cloud?

Answer 39

Hosted Chef is the deployment where the Chef server is hosted in the cloud.

Question 40

What protocol is used by puppet masters to push configuration code to puppet agents?

Answer 40

HTTPS is used by puppet masters to push configuration code.

Question 41

What does BGP use to exchange routing updates with neighbors?

Answer 41

BGP uses TCP connections to exchange routing updates.

Question 42

What characteristic describes the advertisement of a route when the command 'show bgp ipv4 unicast 172.16.0.0' is issued?

Answer 42

The route is advertised through an IGP.

Question 43

What are three examples of hypervisors? (Choose three.)

Answer 43

VMware vSphere, Microsoft Hyper-V, and Citrix XenServer are examples of hypervisors.

Question 44

Which two methods are used by a single-root I/O virtualization (SR-IOV) enabled switch to switch traffic between VNFs? (Choose two.)

Answer 44

Traffic can be switched through a pNIC or through a vSwitch.

Question 45

What is the effect of the command 'spanning-tree vlan 1 root primary' on S4?

Answer 45

S4 becomes the root bridge, causing S3 Gi0/2 port to transition from designated port to root port.

Question 46

What is the most likely cause of CPU spikes and exhausted memory resources on all network devices?

Answer 46

A Layer 2 forwarding loop condition is present.

Question 47

What type of signal requires little extra bandwidth because data is being sent at a relatively low bit rate?

Answer 47

Narrowband signals require little extra bandwidth.

Question 48

Which wireless technology can combine multiple antennas to reconstruct a usable wireless signal?

Answer 48

Maximal-ratio combining can reconstruct a usable wireless signal.

Question 49

Which command correctly applies the ACL for SSH access from host 172.16.1.100?

Answer 49

R1(config-line)# access-class 1 in

Question 50

What two additional features does a Layer 3 switch offer compared with a Layer 2 switch? (Choose two.)

Answer 50

Routing that is based upon IP addresses and forwarding between different networks.

Question 51

What is true about TCAM lookups associated with CEF switching?

Answer 51

A single TCAM lookup provides Layer 2, Layer 3, and ACL information.

Question 52

What does an HTTP response code 403 indicate in a network management application using REST API?

Answer 52

Access is not granted based on supplied credentials.