Phần này là bộ dump CCNA 200-301 từ câu 81 tới 120. Các bạn có thể xem trọn bộ tại đây.
QUESTION 81: Which command should you enter to configure an LLDP delay time of 5 seconds?
A. lldp timer 5000
B. lldp holdtime 5
C. lldp reinit 5000
D. lldp reinit 5
Answer: D
- lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it
- lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface
- lldp timer rate: Set the sending frequency of LLDP updates in seconds
QUESTION 82: Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts?
A. source
B. static
C. pool
D. overload
Answer: D
By adding the keyword “overload” at the end of a NAT statement, NAT becomes PAT (Port Address Translation). This is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT.
An example of using “overload” keyword is shown below:
R1(config)# ip nat inside source list 1 interface ethernet1 overload
QUESTION 83: Which unified access point mode continues to serve wireless clients after losing connectivity to the Cisco Wireless LAN Controller?
A. sniffer
B. mesh
C. flex connect
D. local
Answer: C
In previous releases, whenever a FlexConnect access point disassociates from a controller, it moves to the standalone mode. The clients that are centrally switched are disassociated. However, the FlexConnect access point continues to serve locally switched clients. When the FlexConnect access point rejoins the controller (or a standby controller), all clients are disconnected and are authenticated again. This functionality has been enhanced and the connection between the clients and the FlexConnect access points are maintained intact and the clients experience seamless connectivity. When both the access point and the controller have the same configuration, the connection between the clients and APs is maintained.
QUESTION 84: Which QoS Profile is selected in the GUI when configuring a voice over WLAN deployment?
A. Bronze
B. Platinum
C. Silver
D. Gold
Answer: B
Cisco Unified Wireless Network solution WLANs support four levels of QoS: Platinum/Voice, Gold/Video, Silver/Best Effort (default), and Bronze/Background.
QUESTION 85: Refer to the exhibit. With which metric was the route to host 172.16.0.202 learned?
![[Phần 3] Share trọn bộ dump CCNA 200-301 2 [Phần 3] Share trọn bộ dump CCNA 200-301 1](https://sinhviencntt.net/wp-content/uploads/2022/12/image-105.png)
A. 0
B. 110
C. 38443
D. 3184439
Answer: C
Both the line “O 172.16.0.128/25” and “S 172.16.0.0/24” cover the host 172.16.0.202 but with the “longest (prefix) match” rule the router will choose the first route.
QUESTION 86: When OSPF learns multiple paths to a network, how does it select a route?
A. It multiple the active K value by 256 to calculate the route with the lowest metric.
B. For each existing interface, it adds the metric from the source router to the destination to calculate the route with the lowest bandwidth.
C. It divides a reference bandwidth of 100 Mbps by the actual bandwidth of the existing interface to calculate the router with the lowest cost.
D. It count the umber of hops between the source router and the destination to determine the router with the lowest metric
Answer: C
QUESTION 87: Refer to the Exhibit. After the switch configuration the ping test fails between PC A and PC B Based on the output for switch 1. Which error must be corrected?
![[Phần 3] Share trọn bộ dump CCNA 200-301 3 dump ccna](https://sinhviencntt.net/wp-content/uploads/2022/12/image-106.png)
A. There is a native VLAN mismatch
B. Access mode is configured on the switch ports.
C. The PCs are m the incorrect VLAN
D. All VLANs are not enabled on the trunk
Answer: A
From the output we see the native VLAN of Switch1 on Gi0/1 interface is VLAN 1 while that of Switch2 is VLAN 99 so there would be a native VLAN mismatch.
QUESTION 88: Which command enables a router to become a DHCP client?
A. ip address dhcp
B. ip helper-address
C. ip dhcp pool
D. ip dhcp client
Answer: A
If we want to get an IP address from the DHCP server on a Cisco device, we can use the command “ip address dhcp
“.
Note: The command “ip helper-address
” enables a router to become a DHCP Relay Agent.
QUESTION 89: Which two encoding methods are supported by REST APIs? (Choose two)
A. YAML
B. JSON
C. EBCDIC
D. SGML
E. XML
Answer: BE
The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents.
QUESTION 90: Refer to the exhibit. What is the effect of this configuration?
ip arp inspection vlan 5-10
interface fastethernet 0/1
switchport node access
switchport access vlan 5
A. All ARP packets are dropped by the switch
B. Egress traffic is passed only if the destination is a DHCP server.
C. All ingress and egress traffic is dropped because the interface is untrusted
D. The switch discard all ingress ARP traffic with invalid MAC-to-IP address bindings.
Answer: D
Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking.
QUESTION 91: In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an IP address?
A. CDP becomes inoperable on that neighbor
B. CDP uses the IP address of another interface for that neighbor
C. CDP operates normally,but it cannot provide IP address information for that neighbor
D. CDP operates normally,but it cannot provide any information for that neighbor
Answer: C
Although CDP is a Layer 2 protocol but we can check the neighbor IP address with the “show cdp neighbor detail
” command. If the neighbor does not has an IP address then CDP still operates without any problem. But the IP address of that neighbor is not provided.
QUESTION 92: Refer to the exhibit. When PC 1 sends a packet to PC2, the packet has. Which source and destination IP address when it arrives at interface Gi0/0 on router R2?
![[Phần 3] Share trọn bộ dump CCNA 200-301 5 [Phần 3] Share trọn bộ dump CCNA 200-301 4](https://sinhviencntt.net/wp-content/uploads/2022/12/image-107.png)
A. source 192.168.10.10 and destination 10.10.2.2
B. source 192.168.20.10 and destination 192.168.20.1
C. source 192.168.10.10 and destination 192.168.20.10
D. source 10.10.1.1 and destination 10.10.2.2
Answer: C
The source and destination IP addresses of the packets are unchanged on all the way. Only source and destination MAC addresses are changed.
QUESTION 93: Which feature or protocol determines whether the QOS on the network is sufficient to support IP services?
A. LLDP
B. CDP
C. IP SLA
D. EEM
Answer: C
IP SLA allows an IT professional to collect information about network performance in real time. Therefore it helps determine whether the QoS on the network is sufficient for IP services or not. Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible subsystem that provides real-time network event detection and onboard automation. It gives you the ability to adapt the behavior of your network devices to align with your business needs.
QUESTION 94: An email user has been lured into clicking a link in an email sent by their company’s security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?
A. Physical access control
B. Social engineering attack
C. brute force attack
D. user awareness
Answer: D
This is a training program which simulates an attack, not a real attack (as it says “The webpage that opens reports that it was safe”) so we believed it should be called a “user awareness” program. Therefore the best answer here should be “user awareness”. This is the definition of “User awareness” from CCNA 200- 301 Offical Cert Guide Book:
“User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and proper procedures to report security incidents. ” Note: Physical access control means infrastructure locations, such as network closets and data centers, should remain securely locked.
QUESTION 95: What is the default behavior of a Layer 2 switch when a frame with an unknown destination MAC address is received?
A. The Layer 2 switch drops the received frame
B. The Layer 2 switch floods packets to all ports except the receiving port in the given VLAN.
C. The Layer 2 switch sends a copy of a packet to CPU for destination MAC address learning.
D. The Layer 2 switch forwards the packet and adds the destination MAC address to its MAC addresS table
Answer: B
If the destination MAC address is not in the CAM table (unknown destination MAC address), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.
QUESTION 96: Refer to the exhibit. An engineer configured NAT translations and has verified that the configuration is correct.
![[Phần 3] Share trọn bộ dump CCNA 200-301 7 [Phần 3] Share trọn bộ dump CCNA 200-301 6](https://sinhviencntt.net/wp-content/uploads/2022/12/image-108.png)
Which IP address is the source IP after the NAT has taken place?
A. 10.4.4.4
B. 10.4.4.5
C. 172.23.103.10
D. 172.23.104.4
Answer: D
From the output it can be seen that the router is running Dynamic NAT with overloading and after NAT translation the new source address should be the inside global IP address.
QUESTION 97: Refer to the exhibit. The New York router is configured with static routes pointing to the Atlanta and Washington sites.
![[Phần 3] Share trọn bộ dump CCNA 200-301 9 [Phần 3] Share trọn bộ dump CCNA 200-301 8](https://sinhviencntt.net/wp-content/uploads/2022/12/image-109.png)
Which two tasks must be performed so that the Serial0/0/0 interfaces on the Atlanta and Washington routers can reach one another? (Choose two.)
A. Configure the ipv6 route 2012::/126 2023::1
command on the Washington router
B. Configure the ipv6 route 2023::/126 2012::1
command on the Atlanta router.
C. Configure the Ipv6 route 2012::/126 S0/0/0
command on the Atlanta router
D. Configure the ipv6 route 2023::/126 2012::2
command on the Atlanta router
E. Configure the ipv6 route 2012::/126 2023::2
command on the Washington router
Answer: DE
The short syntax of static IPv6 route is:
ipv6 route {next-hop-IPv6-address | exit-interface}
QUESTION 98: A user configured OSPF and advertised the Gigabit Ethernet interface in OSPF By default, which type of OSPF network does this interface belong to?
A. point-to-multipoint
B. point-to-point
C. broadcast
D. nonbroadcast
Answer: C
The Broadcast network type is the default for an OSPF enabled ethernet interface (while Point-to- Point is the default OSPF network type for Serial interface with HDLC and PPP encapsulation).
Reference: https://www.oreilly.com/library/view/cisco-ios-cookbook/0596527225/ch08s15.html
QUESTION 99: An engineer is asked to protect unused ports that are configured in the default VLAN on a switch. Which two steps will fulfill the request? (Choose two)
A. Configure the ports in an EtherChannel.
B. Administratively shut down the ports
C. Configure the port type as access and place in VLAN 99
D. Configure the ports as trunk ports
E. Enable the Cisco Discovery Protocol
Answer: BC
QUESTION 100: Which output displays a JSON data representation?
A.
{
"response", {
"taskld", {};
"url", "string"
};
"version", "string"
}
B. {
"response": {
"taskld": {};
"url": "string"
};
"version": "string"
}
C.{
"response"- {
"taskld" - {},
"url" - "string"
},
"version" - "string"
}
D.{
"response": {
"taskld" - {},
"url" : "string"
},
"version": "string"
}
Answer: D
JSON data is written as name/value pairs.
QUESTION 101: An engineer must configure a WLAN using the strongest encryption type for WPA2-PSK. Which cipher fulfills the configuration requirement?
A. WEP
B. RC4
C. AES
D. TKIP
Answer: C
Many routers provide WPA2-PSK (TKIP), WPA2-PSK (AES), and WPA2-PSK (TKIP/AES) as options.
TKIP is actually an older encryption protocol introduced with WPA to replace the very-insecure WEP encryption at the time. TKIP is actually quite similar to WEP encryption. TKIP is no longer considered secure, and is now deprecated. In other words, you shouldn’t be using it.
AES is a more secure encryption protocol introduced with WPA2 and it is currently the strongest encryption type for WPA2-PSK/
QUESTION 102: When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected?
A. Passive
B. Desirable
C. On
D. Auto
E. Active
Answer: A
The LACP is Link Aggregation Control Protocol. LACP is an open protocol, published under the 802.3ad.
The modes of LACP are active, passive or on. The side configured as “pasive” will waiting the other side that should an Active for the Etherchannel to be established.
PAgP is Port-Aggregation Protocol. It is Cisco proprietary protocol. The mode are On, Desirable or Auto. Desirable – Auto will establish a EtherChannel.
An example of how to configure an Etherchannel:
SwitchFormula1>enable
SwitchFormula1#configure terminal
SwitchFormula1(config)# interface range f0/5 -14
SwitchFormula1(config-if-range)# channel-group 13 mode ?
active Enable LACP unconditionally
auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally
on Enable Etherchannel only
passive Enable LACP only if a LACP device is detected
QUESTION 103: Refer to the exhibit. Which VLAN ID is associated with the default VLAN in the given environment?
A. VLAN 1
B. VLAN 5
C. VLAN 10
D. VLAN 20
Answer: A
QUESTION 104: Which two VLAN IDs indicate a default VLAN? (Choose two.)
A. 0
B. 1
C. 1005
D. 1006
E. 4096
Answer: BC
VLAN 1 is a system default VLAN, you can use this VLAN but you cannot delete it. By default, VLAN 1 is use for every port on the switch. Standard VLAN range from 1002-1005 it’s Cisco default for FDDI and Token Ring. You cannot delete VLANs 1002-1005. mostly we don’t use VLAN in this range.
QUESTION 105: Refer to the exhibit. Which statement about the interface that generated the output is true?
![[Phần 3] Share trọn bộ dump CCNA 200-301 11 [Phần 3] Share trọn bộ dump CCNA 200-301 10](https://sinhviencntt.net/wp-content/uploads/2022/12/image-110.png)
A. A syslog message is generated when a violation occurs.
B. One secure MAC address is manually configured on the interface.
C. One secure MAC address is dynamically learned on the interface.
D. Five secure MAC addresses are dynamically learned on the interface.
Answer: B
QUESTION 106: Which command should you enter to view the error log in an EIGRP for IPv6 environment?
A. show ipv6 eigrp neighbors
B. show ipv6 eigrp topology
C. show ipv6 eigrp traffic
D. show ipv6 eigrp events
Answer: D
QUESTION 107: If a notice-level messaging is sent to a syslog server, which event has occurred?
A. A network device has restarted
B. An ARP inspection has failed
C. A routing instance has flapped
D. A debug operation is running
Answer: C
Usually, no action is required when a route flaps so it generates the notification syslog level message (level 5).
QUESTION 108: What are two southbound APIs? (Choose two)
A. OpenFlow
B. NETCONF
C. Thrift
D. CORBA
E. DSC
Answer: AB
OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices.
Other southbound APIs are:
- onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades.
- OpFlex: an open-standard, distributed control system. It send “summary policy” to network elements.
QUESTION 109: Which feature on the Cisco Wireless LAN Controller when enabled restricts management access from specific networks?
A. CPU ACL
B. TACACS
C. Flex ACL
D. RADIUS
Answer: A
Whenever you want to control which devices can talk to the main CPU, a CPU ACL is used. Note: CPU ACLs only filter traffic towards the CPU, and not any traffic exiting or generated by the CPU.
QUESTION 110: Which command automatically generates an IPv6 address from a specified IPv6 prefix and MAC address of an interface?
A. ipv6 address dhcp
B. ipv6 address 2001 :DB8:5:112::/64 eui-64
C. ipv6 address autoconfig
D. ipv6 address 2001 :DB8:5:112::2/64 link-local
Answer: C
The “ipv6 address autoconfig
” command causes the device to perform IPv6 stateless address auto- configuration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages.
The device will listen for RA messages which are transmitted periodically from the router (DHCP Server). This RA message allows a host to create a global IPv6 address from:
- Its interface identifier (EUI-64 address)
- Link Prefix (obtained via RA)
Note: Global address is the combination of Link Prefix and EUI-64 address
QUESTION 111: A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)
A. informational
B. emergency
C. warning
D. critical
E. debug
F. error
Answer: BDF
QUESTION 112: Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.)
![[Phần 3] Share trọn bộ dump CCNA 200-301 13 [Phần 3] Share trọn bộ dump CCNA 200-301 12](https://sinhviencntt.net/wp-content/uploads/2022/12/image-111.png)
A. The EIGRP administrative distance was manually changed from 90 to 170.
B. There are 20 different network masks within the 10.0.0.0/8 network.
C. Ten routes are equally load-balanced between Te0/1/0.100 and Te0/2/0.100
D. The 10.0.0.0/8 network was learned via external EIGRP.
E. A static default route to 10.85.33.14 was defined.
Answer: BC
QUESTION 113: Which two statements about exterior routing protocols are true? (Choose two.)
A. They determine the optimal within an autonomous system.
B. They determine the optimal path between autonomous systems.
C. BGP is the current standard exterior routing protocol.
D. Most modern networking supports both EGP and BGP for external routing.
E. Most modern network routers support both EGP and EIGRP for external routing.
Answer: BC
QUESTION 114: Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose two.)
A. the native VLAN
B. the trunking protocol
C. the VTP domain
D. the spanning-tree priority
E. the spanning tree protocol
Answer: AC
QUESTION 115: Which two statements about NTP operations are true? (Choose two.)
A. NTP uses UDP over IP.
B. Cisco routers can act as both NTP authoritative servers and NTP clients.
C. Cisco routers can act only as NTP servers.
D. Cisco routers can act only as NTP clients.
E. NTP uses TCP over IP.
Answer: AB
QUESTION 116: Which command is used to specify the delay time in seconds for LLDP to initialize on any interface?
A. lldp timer
B. lldp holdtime
C. lldp reinit
D. lldp tlv-select
Answer: C
- lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it
- lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface
- lldp timer rate: Set the sending frequency of LLDP updates in seconds
QUESTION 117: A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?
A. It allows the traffic to pass through unchanged
B. It drops the traffic
C. It tags the traffic with the default VLAN
D. It tags the traffic with the native VLAN
Answer: A
Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-
2_40_se/ configuration/guide/scg/swvoip.pdf
QUESTION 118: Refer to the exhibit. Based on the LACP neighbor status, in which mode is the SW1 port channel configured?
![[Phần 3] Share trọn bộ dump CCNA 200-301 15 [Phần 3] Share trọn bộ dump CCNA 200-301 14](https://sinhviencntt.net/wp-content/uploads/2022/12/image-112.png)
A. passive
B. mode on
C. auto
D. active
Answer: D
QUESTION 119: Refer to the exhibit. The show ip ospf interface
command has been executed on R1 How is OSPF configured?
![[Phần 3] Share trọn bộ dump CCNA 200-301 17 [Phần 3] Share trọn bộ dump CCNA 200-301 16](https://sinhviencntt.net/wp-content/uploads/2022/12/image-113.png)
A. The interface is not participating in OSPF
B. A point-to-point network type is configured
C. The default Hello and Dead timers are in use
D. There are six OSPF neighbors on this interface
Answer: C
QUESTION 120: R1 has learned route 192.168.12.0/24 via IS-IS, OSPF, RIP and Internal EIGRP Under normal operating conditions, which routing protocol is installed in the routing table?
A. IS-IS
B. RIP
C. Internal EIGRP
D. OSPF
Answer: C
With the same route (prefix), the router will choose the routing protocol with lowest Administrative Distance (AD) to install into the routing table. The AD of Internal EIGRP (90) is lowest so it would be chosen. The table below lists the ADs of popular routing protocols.
Note: The AD of IS-IS is 115. The “EIGRP” in the table above is “Internal EIGRP”. The AD of “External EIGRP” is 170. An EIGRP external route is a route that was redistributed into EIGRP.