Cisco CCNA 200-301 Questions & Answers

• Question 951:

  What are two functions of a Layer 2 switch? (Choose two)

  A. acts as a central point for association and authentication servers

  B. selects the best route between networks on a WAN

  C. moves packets within a VLAN

  D. moves packets between different VLANs

  E. makes forwarding decisions based on the MAC address of a packet

  Correct Answer: CE

  Little confusion at first about E because of the use of the word "Packet" which is a layer 3 term rather than using "Frame" for a layer 2 concept. However, we need to remember that packet is a general term that is also used to replace other terms like a "frame" of other layers. CISCO questions like this tend to use it as well. Also, a L3 packet encapsulates a L2 frame which in turn embed a frame.

• Question 952:

  Which type of information resides on a DHCP server?

  A. a list of the available IP addresses in a pool

  B. a list of public IP addresses and their corresponding names

  C. usernames and passwords for the end users in a domain

  D. a list of statically assigned MAC addresses

  Correct Answer: A

• Question 953:

  Which technology must be implemented to configure network device monitoring with the highest security?

  A. IP SLA

  B. syslog

  C. NetFlow

  D. SNMPv3

  Correct Answer: D

  SNMPv3 (Simple Network Management Protocol version 3) is the technology that should be implemented to configure network device monitoring with the highest security. SNMPv3 provides authentication, encryption, and access control,

  making it the most secure version of SNMP. It allows for secure and encrypted communication between network devices and network management systems, ensuring the confidentiality and integrity of the monitoring data.

• Question 954:

  What mechanism carries multicast traffic between remote sites and supports encryption?

  A. ISATAP

  B. GRE over iPsec

  C. iPsec over ISATAP

  D. GRE

  Correct Answer: B

  IPsec over GRE (Generic Routing Encapsulation) is a mechanism that can be used to carry multicast traffic between remote sites and supports encryption. It combines the functionality of both IPsec and GRE to provide secure and efficient communication between sites. With IPsec over GRE, the multicast traffic is encapsulated inside a GRE tunnel, and the tunnel is then protected using IPsec encryption. This allows the multicast traffic to be securely transmitted over the public internet or other untrusted networks.

• Question 955:

  A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?

  A. enable AAA override

  B. enable RX-SOP

  C. enable DTIM

  D. enable Band Select

  Correct Answer: D

  Ref: Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE Gibraltar 16.12.x Information About Configuring Band Selection, 802.11 Bands, and Parameters Band Select Band select enables client radios that are capable of dual-band (2.4 and 5-GHz) operations to move to a less congested 5-GHz access point. The 2.4-GHz band is often congested. Clients on this band typically experience interference from

  Bluetooth devices, microwave ovens, and cordless phones as well as co-channel interference from other access points because of the 802.11b/g limit of 3 nonoverlapping channels. To prevent these sources of interference and improve overall network performance, configure band selection on the device.

• Question 956:

  Which two WAN architecture options help a business scalability and reliability for the network? (Choose two)

  A. asychronous routing

  B. single-homed branches

  C. dual-homed branches

  D. static routing

  E. dynamic routing

  Correct Answer: CE

  The two WAN architecture options that help a business scalability and reliability for the network are:

  C. Dual-homed branches: Dual-homing involves connecting each branch office to two or more different WAN links, such as two different service providers, in order to provide redundancy and increase reliability. This architecture option enables the business to maintain network connectivity even if one of the WAN links fails. In addition, it can also provide better performance and scalability by balancing traffic across the multiple links.

  E. Dynamic routing: Dynamic routing protocols enable routers to dynamically exchange information about the network topology and find the best path for data to travel. This allows for faster convergence in case of network changes and improves network scalability by automatically adjusting to changes in the network. Dynamic routing protocols also increase network reliability by providing redundancy and failover mechanisms.

• Question 957:

  Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?

  

  A. internal BGP route

  B. /24 route of a locally configured IP

  C. statically assigned route

  D. route learned through EIGRP

  Correct Answer: D

• Question 958:

  Which type of attack can be mitigated by dynamic ARP inspection?

  A. worm

  B. malware

  C. DDoS

  D. man-in-the-middle

  Correct Answer: D

• Question 959:

  What are two benefits of controller-based networking compared to traditional networking?

  A. controller-based increases network bandwidth usage, while traditional lightens the load on the network.

  B. controller-based inflates software costs, while traditional decreases individual licensing costs

  C. Controller-based reduces network configuration complexity, while traditional increases the potential for errors

  D. Controller-based provides centralization of key IT functions. While traditional requires distributes management function

  E. controller-based allows for fewer network failure, while traditional increases failure rates.

  Correct Answer: CD

  Cisco DNA Center Device Management

  3. Monitor the cloud for software update

  5.

  Uses CLI templates to apply a consistent configuration to multiple devices at an individual location

  6.

  Uses NetFlow to analyse potential security threats throughout the network and take appropriate action on that traffic Traditional device management

  2. Manages device configuration on a per-device basis

  4. Security is managed near the perimeter of the network with firewalls, VPNs, and IPS Implements changes via an SSH terminal

• Question 960:

  What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?

  A. data plane

  B. control plane

  C. policy plane

  D. management plane

  Correct Answer: B

  The control plane PROVIDE the layer 2 reachability and layer 3 routing information to assist the forwarding decisions in the data plane. It doesn't mean that the control plane MAKE the forwarding decision, only provide the tables and databases to data plane.