CCNA Questions 301-400 Random
301. Which device performs stateful inspection of traffic?
firewall
switch
access point
wireless controller
302. What criteria is used first during the root port selection process?
local port ID
lowest path cost to the root bridge
lowest neighbor’s bridge ID
lowest neighbor’s port ID
303. Router R2 is configured with multiple routes to reach network 10 1.1.0/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1.1.0/24?
eBGP
static
OSPF
EIGRP
304. A network administrator enabled port security on a switch interface connected to a printer. What is the next configuration action in order to allow the port to learn the MAC address of the printer and insert it into the table automatically?
enable dynamic MAC address learning
implement static MAC addressing.
enable sticky MAC addressing
implement auto MAC address learning
305. Which configuration ensures that the switch is always the root for VLAN 750?
Switch(config)#spanning-tree vlan 750 priority 38003685
Switch(config)#spanning-tree vlan 750 root primary
Switch(config)#spanning-tree vlan 750 priority 614440
Switch(config)#spanning-tree vlan 750 priority 0
306. An engineer must configure an OSPF neighbor relationship between router R1 and R3 The authentication configuration has been configured and the connecting interfaces are in the same 192.168 1.0/30 sublet. What are the next two steps to complete the configuration? (Choose two.)
configure the hello and dead timers to match on both sides
configure the same process ID for the router OSPF process
configure the same router ID on both routing processes
configure the interfaces as OSPF active on both sides.
configure both interfaces with the same area ID
307. What protocol allows an engineer to back up 20 network router configurations globally while using the copy function?
SMTP
SNMP
TCP
FTP
308. Which state does the switch port move to when PortFast is enabled?
learning
forwarding
blocking
listening
309. What are two roles of Domain Name Services (DNS)? (Choose Two)
builds a flat structure of DNS names for more efficient IP operations
encrypts network Traffic as it travels across a WAN by default
improves security by protecting IP addresses under Fully Qualified Domain Names (FQDNs)
enables applications to identify resources by name instead of IP address
allows a single host name to be shared across more than one IP address
310. How do TCP and UDP differ in the way they guarantee packet delivery?
TCP uses checksum, acknowledgement, and retransmissions, and UDP uses checksums only.
TCP uses retransmissions, acknowledgement and parity checks and UDP uses cyclic redundancy checks only.
TCP uses checksum, parity checks, and retransmissions, and UDP uses acknowledgements only.
TCP uses two-dimensional parity checks, checksums, and cyclic redundancy checks and UDP uses retransmissions only.
311. A device detects two stations transmitting frames at the same time. This condition occurs after the first 64 bytes of the frame is received. Which interface counter increments?
collision
CRC
runt
late collision
312. Which technology is used to improve web traffic performance by proxy caching?
WSA
Firepower
ASA
FireSIGHT
313. Using direct sequence spread spectrum, which three 2.4-GHz channels are used to limit collisions?
1,6,11
1,5,10
1,2,3
5,6,7
314. Which type of attack can be mitigated by dynamic ARP inspection?
worm
malware
DDoS
man-in-the-middle
315. What are two benefits of controller-based networking compared to traditional networking?
controller-based increases network bandwidth usage, while traditional lightens the load on the network.
controller-based inflates software costs, while traditional decreases individual licensing costs
controller-based reduces network configuration complexity, while traditional increases the potential for errors
controller-based provides centralization of key IT functions. While traditional requires distributes management function
controller-based allows for fewer network failure, while traditional increases failure rates.
316. What software defined architecture plane assists network devices with making packet-forwarding decisions by providing Layer 2 reachability and Layer 3 routing information?
data plane
control plane
policy plane
management plane
317. Which WAN access technology is preferred for a small office / home office architecture?
broadband cable access
frame-relay packet switching
dedicated point-to-point leased line
Integrated Services Digital Network switching.
318. Refer to the exhibit. Which route type does the routing protocol Code D represent in the output?
internal BGP route
/24 route of a locally configured IP
statically assigned route
route learned through EIGRP
319. Which two WAN architecture options help a business scalability and reliability for the network? (Choose two)
asychronous routing
single-homed branches
dual-homed branches
static routing
dynamic routing
320. A wireless administrator has configured a WLAN; however, the clients need access to a less congested 5-GHz network for their voice quality. What action must be taken to meet the requirement?
enable AAA override
enable RX-SOP
enable DTIM
enable Band Select
321. What mechanism carries multicast traffic between remote sites and supports encryption?
ISATAP
GRE over iPsec
iPsec over ISATAP
GRE
322. An engineer must establish a trunk link between two switches. The neighboring switch is set to trunk or desirable mode. What action should be taken?
configure switchport nonegotiate
configure switchport mode dynamic desirable
configure switchport mode dynamic auto
configure switchport trunk dynamic desirable
323. Which type of information resides on a DHCP server?
a list of the available IP addresses in a pool
a list of public IP addresses and their corresponding names
usernames and passwords for the end users in a domain
a list of statically assigned MAC addresses
324. What is a function of Wireless LAN Controller?
register with a single access point that controls traffic between wired and wireless endpoints.
use SSIDs to distinguish between wireless clients.
send LWAPP packets to access points.
monitor activity on wireless and wired LANs
325. What role does a hypervisor provide for each virtual machine in server virtualization?
infrastructure-as-a-service.
Software-as-a-service
control and distribution of physical resources
services as a hardware controller.
326. Which technology must be implemented to configure network device monitoring with the highest security?
syslog
NetFlow
IP SLA
SNMPv3
327. What is the function of a server?
It transmits packets between hosts in the same broadcast domain.
It provides shared applications to end users.
It routes traffic between Layer 3 devices.
It Creates security zones between trusted and untrusted networks
328. Refer to the exhibit. Which type of configuration is represented in the output?
Ansible
JSON
Chef
Puppet
329. A port security violation has occurred on a switch port due to the maximum MAC address count being exceeded Which command must be configured to increment the security-violation count and forward an SNMP trap?
switchport port-security violation access
switchport port-security violation protect
switchport port-security violation restrict
switchport port-security violation shutdown
330. Which spanning-tree enhancement avoids the learning and listening states and immediately places ports in the forwarding state?
BPDUfilter
PortFast
Backbonefast
BPDUguard
331. What are two functions of a Layer 2 switch? (Choose two)
acts as a central point for association and authentication servers
selects the best route between networks on a WAN
moves packets within a VLAN
moves packets between different VLANs
makes forwarding decisions based on the MAC address of a packet
332. A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally Which cloud service model does the engineer recommend?
infrastructure-as-a-service
platform-as-a-service
business process as service to support different types of service
software-as-a-service
333. Which two fun
Provide uninterrupted forwarding service.
Police traffic that is sent to the edge of the network.
Provide direct connectivity for end user devices.
Ensure timely data transfer between layers.
Inspect packets for malicious activity.
334. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?
spanning -tree vlan 200 priority 614440
spanning -tree vlan 200 priority 0
spanning -tree vlan 200 priority 38572422
spanning -tree vlan 200 root primary
335. What are two functions of a server on a network? (Choose two)
achieves redundancy by exclusively using virtual server clustering
runs applications that send and retrieve data for workstations that make requests
handles requests from multiple workstations at the same time
runs the same operating system in order to communicate with other servers
housed solely in a data center that is dedicated to a single client
336. What is the primary function of a Layer 3 device?
to analyze traffic and drop unauthorized traffic from the Internet
to transmit wireless traffic between hosts
to pass traffic between different networks
forward traffic within the same broadcast domain
337. Refer to the exhibit. After the election process what is the root bridge in the HQ LAN?
Switch 1
Switch 2
Switch 3
Switch 4
338. An engineer requires a scratch interface to actively attempt to establish a trunk link with a neighbor switch. What command must be configured?
switchport mode trunk
switchport mode dynamic desirable
switchport mode dynamic auto
switchport nonegotiate
339. What is a function of TFTP in network operations?
transfers a backup configuration file from a server to a switch using a username and password
transfers files between file systems on a router
transfers a configuration files from a server to a router on a congested link
transfers IOS images from a server to a router for firmware upgrades
340. What are two recommendations for protecting network ports from being exploited when located in an office space outside of an IT closet? (Choose two)
configure static ARP entries
enable the PortFast feature on ports
implement port-based authentication
configure ports to a fixed speed
shut down unused ports
341. What is a recommended approach to avoid co-channel congestion while installing access points that use the 2.4 GHz frequency?
different nonoverlapping channels
different overlapping channels
one overlapping channel
one nonoverlapping channel
342. Refer to the exhibit. An engineer configured the New York router with state routes that point to the Atlanta and Washington sites. When command must be configured on the Atlanta and Washington routers so that both sites are able to reach the loopback2 interface on the New York router?
ipv6 route ::/0 Serial 0/0/1
ipv6 route 0/0 Serial 0/0/0
ipv6 route ::/0 Serial 0/0/0
ip route 0.0.0.0.0.0.0.0 Serial 0/0/0
ipv6 route ::/0 2000::2
343. What is a function of a remote access VPN?
used cryptographic tunneling to protect the privacy of data for multiple users simultaneously
used exclusively when a user is connected to a company’s internal network
establishes a secure tunnel between two branch sites
allows the users to access company internal network resources through a secure tunnel
345. What is a DHCP client?
a workstation that requests a domain name associated with its IP address
a host that is configured to request an IP address automatically
a server that dynamically assigns IP addresses to hosts.
a router that statically assigns IP addresses to hosts.
346. What is the same for both copper and fiber interfaces when using SFP modules?
They support an inline optical attenuator to enhance signal strength
They provide minimal interruption to services by being hot-swappable
They offer reliable bandwidth up to 100 Mbps in half duplex mode
They accommodate single-mode and multi-mode in a single module
347. When using Rapid PVST+, which command guarantees the switch is always the root bridge for VLAN 200?
spanning -tree vlan 200 priority 614440
spanning -tree vlan 200 priority 38572422
spanning -tree vlan 200 priority 0
spanning -tree vlan 200 root primary
348. An engineer must configure Interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?
configure IEEE 802.1p
configure IEEE 802.1q
configure ISL
configure DSCP
349. Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?
HTTPS
RADIUS
TACACS+
HTTP
350. In software defined architectures, which plane is distributed and responsible for traffic forwarding?
management plane
control plane
policy plane
data plane
351. Which function is performed by the collapsed core layer in a two-tier architecture?
enforcing routing policies
marking interesting traffic for data polices
attaching users to the edge of the network
applying security policies
352. Where does the configuration reside when a helper address Is configured to support DHCP?
on the router closest to the server
on the router closest to the client
on every router along the path
on the switch trunk interface
353. Refer to the exhibit. A network administrator must permit SSH access to remotely manage routers in a network. The operations team resides on the 10.20.1.0/25 network. Which command will accomplish this task?
access-list 2699 permit udp 10.20.1.0 0.0.0.255
no access-list 2699 deny tcp any 10.20.1.0 0.0.0.127 eq 22
access-list 2699 permit tcp any 10.20.1.0 0.0.0.255 eq 22
no access-list 2699 deny ip any 10.20.1.0 0.0.0.255
354. What is the purpose of traffic shaping?
to mitigate delays over slow links
to provide fair queuing for buffered flows
to limit the bandwidth that a flow can use to
be a marking mechanism that identifies different flows
355. Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes?
Ansible
Python
Puppet
Chef
356. Refer to the exhibit. If OSPF Is running on this network, how does Router2 handle traffic from Site B to 10.10.13.128/25 at Site A?
It load-balances traffic out of Fa0/1 and Fa0/2.
It is unreachable and discards the traffic.
It sends packets out of interface Fa0/2.
It sends packets out of interface Fa0/1.
357. Refer to the exhibit. Which command configures a floating static route to provide a backup to the primary link?
ip route 0.0.0.0 0.0.0.0 209.165.202.131
ip route 209.165.201.0 255.255.255.224 209.165.202.130
ip route 0.0.0.0 0.0.0.0 209.165.200.224
ip route 209.165.200.224 255.255.255.224 209.165.202.129 254
358. What is a practice that protects a network from VLAN hopping attacks?
Enable dynamic ARP inspection
Configure an ACL to prevent traffic from changing VLANs
Change native VLAN to an unused VLAN ID
Implement port security on internet-facing VLANs
359. Which technology can prevent client devices from arbitrarily connecting to the network without state remediation?
802.1x
IP Source Guard
MAC Authentication Bypass
802.11n
360. What facilitates a Telnet connection between devices by entering the device name?
SNMP
DNS lookup
syslog
NTP
361. How does the dynamically-learned MAC address feature function?
The CAM table is empty until ingress traffic arrives at each port
Switches dynamically learn MAC addresses of each connecting CAM table.
The ports are restricted and learn up to a maximum of 10 dynamically-learned addresses
It requires a minimum number of secure MAC addresses to be filled dynamically
362. When implementing a router as a DHCP server, which two features must be configured? (Choose two)
relay agent information
database agent
address pool
smart-relay
manual bindings
363. Which command must be entered to configure a DHCP relay?
ip helper-address
ip address dhcp
ip dhcp pool
ip dhcp relay
364. Where does a switch maintain DHCP snooping information?
in the MAC address table
in the CAM table
in the binding database
in the frame forwarding database
365. Which type of security program is violated when a group of employees enters a building using the ID badge of only one person?
intrusion detection
user awareness
physical access control
network authorization
366. A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2 connectivity to ports on another switch What must be configured when using active mode on both sides of the connection?
802.1q trunks
Cisco vPC
LLDP
LACP
367. In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?
There is limited unique address space, and traffic on the new subnet will stay local within the organization.
The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.
Traffic on the subnet must traverse a site-to-site VPN to an outside organization.
The ISP requires the new subnet to be advertised to the internet for web services.
368. Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)? (Choose two)
listening
blocking
forwarding
learning
speaking
369. Which state does the switch port move to when PortFast is enabled?
forwarding
listening
blocking
learning
370. Refer to the exhibit. An access list is created to deny Telnet access from host PC-1 to RTR-1 and allow access from all other hosts A Telnet attempt from PC-2 gives this message:”% Connection refused by remote host” Without allowing Telnet access from PC-1, which action must be taken to permit the traffic?
Add the access-list 10 permit any command to the configuration
Remove the access-class 10 in command from line vty 0.4.
Add the ip access-group 10 out command to interface g0/0.
Remove the password command from line vty 0 4.
371. What is a role of wireless controllers in an enterprise network?
centralize the management of access points in an enterprise network
support standalone or controller-based architectures
serve as the first line of defense in an enterprise network
provide secure user logins to devices on the network.
372. What is the effect when loopback interfaces and the configured router ID are absent during the OSPF Process configuration?
No router ID is set, and the OSPF protocol does not run.
The highest up/up physical interface IP address is selected as the router ID.
The lowest IP address is incremented by 1 and selected as the router ID.
The router ID 0.0.0.0 is selected and placed in the OSPF process.
373. What is recommended for the wireless infrastructure design of an organization?
group access points together to increase throughput on a given channel
configure the first three access points are configured to use Channels 1, 6, and 11
include a least two access points on nonoverlapping channels to support load balancing
assign physically adjacent access points to the same Wi-Fi channel
374. Which 802.11 frame type is indicated by a probe response after a client sends a probe request?
action
management
control
data
375. How do servers connect to the network in a virtual environment?
wireless to an access point that is physically connected to the network
a cable connected to a physical switch on the network
a virtual switch that links to an access point that is physically connected to the network
a software switch on a hypervisor that is physically connected to the network
377. With REST API, which standard HTTP header tells a server which media type is expected by the client?
Accept-Encoding: gzip. deflate
Accept-Patch: text/example; charset=utf-8
Content-Type: application/json; charset=utf-8
Accept: application/json
378. Which device tracks the state of active connections in order to make a decision to forward a packet through?
wireless access point
firewall
wireless LAN controller
router
379. Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is taken by S1?
It forwards it out G0/3 only
It is flooded out every port except G0/0.
It drops the frame.
It forwards it out interface G0/2 only.
380. Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which access-list entry accomplishes this task?
access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh
access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp
access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet
access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https
381. A network administrator must enable DHCP services between two sites. What must be configured for the router to pass DHCPDISCOVER messages on to the server?
a DHCP Relay Agent
DHCP Binding
a DHCP Pool
DHCP Snooping
382. Which device controls the forwarding of authentication requests for users when connecting to the network using a lightweight access point?
TACACS server
wireless access point
RADIUS server
wireless LAN controller
383. Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?
The port transitions to STP blocking
The port transitions to the root port
The port immediately transitions to STP forwarding.
The port goes into error-disable state
384. Which configuration is needed to generate an RSA key for SSH on a router?
Configure the version of SSH
Configure VTY access.
Create a user with a password.
Assign a DNS domain name
385. What is the maximum bandwidth of a T1 point-to-point connection?
1.544 Mbps
2.048 Mbps
34.368 Mbps
43.7 Mbps
386. An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which command should be used?
switchport trunk allowed vlan 10
switchport trunk native vlan 10
switchport mode trunk
switchport trunk encapsulation dot1q
387. How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?
It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points
It allows the administrator to assign channels on a per-device or per-interface basis.
It segregates devices from different manufacturers onto different channels.
It analyzes client load and background noise and dynamically assigns a channel.
389. Which network plane is centralized and manages routing decisions?
policy plane
management plane
control plane
data plane
390. What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?
initiates a ping request to the URL
prompts the user to specify the desired IP address
continuously attempts to resolve the URL until the command is cancelled
sends a broadcast message in an attempt to resolve the URL
391. What is a DNS lookup operation?
DNS server pings the destination to verify that it is available
serves requests over destination port 53
DNS server forwards the client to an alternate IP address when the primary IP is down
responds to a request for IP address to domain name resolution to the DNS server
392. Refer to the exhibit. A network engineer must configured communication between PC A and the File Server. To prevent interruption for any other communications, which command must be configured?
Switch trunk allowed vlan 12
Switchport trunk allowed vlan none
Switchport trunk allowed vlan add 13
Switchport trunk allowed vlan remove 10-11
393. What is a characteristic of a SOHO network?
connects each switch to every other switch in the network
enables multiple users to share a single broadband connection
provides high throughput access for 1000 or more users
includes at least three tiers of devices to provide load balancing and redundancy
394. Which resource is able to be shared among virtual machines deployed on the same physical server?
disk
applications
VM configuration file
operating system
395. Which implementation provides the strongest encryption combination for the wireless environment?
WPA2 + AES
WPA + AES
WEP
WPA + TKIP
396. Refer to the exhibit. After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns to the NETCONF client, to only the interface’s configuration? my dick is behind u
Use the Ixml library to parse the data returned by the NETCONF server for the interface’s configuration.
Create an XML filter as a string and pass it to get_config() method as an argument.
Create a JSON filter as a string and pass it to the get_config() method as an argument.
Use the JSON library to parse the data returned by the NETCONF server for the interface’s configuration.
397. What is an appropriate use for private IPv4 addressing?
on the public-facing interface of a firewall
to allow hosts inside to communicate in both directions with hosts outside the organization
on internal hosts that stream data solely to external resources
on hosts that communicates only with other internal hosts
398. What are two functions of an SDN controller? (Choose two)
Layer 2 forwarding
coordinating VTNs
tracking hosts
managing the topology
protecting against DDoS attacks
399. If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the frames?
The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.
The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.
The new frame is placed in a queue for transmission after the previous frame.
The two frames are processed and delivered at the same time.
400. Refer to the exhibit. The ntp server 192.168.0.3 command has been configured on router 1 to make it an NTP client of router 2. Which command must be configured on router 2 so that it operates in server-only mode and relies only on its internal clock?
Router2(config)#ntp passive
Router2(config)#ntp server 172.17.0.1
Router2(config)#ntp master 4
Router2(config)#ntp server 192.168.0.2
{"name":"CCNA Questions 301-400 Random", "url":"https://www.quiz-maker.com/QJQT3TG7U","txt":"301. Which device performs stateful inspection of traffic?, 302. What criteria is used first during the root port selection process?, 303. Router R2 is configured with multiple routes to reach network 10 1.1.0\/24 from router R1. What protocol is chosen by router R2 to reach the destination network 10.1.1.0\/24?","img":"https://cdn.poll-maker.com/66-2880637/capture.png?sz=1200"}
