CCNAv7 (2020) – New Questions Part 7

Question 1: Which level of severity must be set to get informational syslogs?

A. alert
B. critical
C. notice
D. debug
Answer: D

Question 2: What is a characteristic of cloud-based network topology?

A. physical workstations are configured to share resources

B. services are provided by a public, private, or hybrid deployment
C. onsite network services are provided with physical Layer 2 and Layer 3 components
D. wireless connections provide the sole access method to services
Answer: B

Question 3: A network analyst is tasked with configured the date and time on a router using EXEC mode. The
date must be set to 12:00am. Which command should be used?

A. Clock timezone
B. Clock summer-time-recurring
C. Clock summer-time date
D. Clock set
Answer: D
Question 4: Which HTTP status code is returned after a successful REST API request?

A. 200
B. 301
C. 404
D. 500
Answer: A
Question 5: Refer to the exhibit.

When PC-A sends traffic to PC-B, which network component is in charge of receiving the packet from PC-
A verifying the IP addresses, and forwarding the packet to PC-B?

A. Layer 2 switch
B. firewall
C. Load balancer
D. Router
Answer: D
Question 6: Refer to the exhibit.

Router1#show ip route
Gateway of last resort is not set
209.165.200.0/27 is subnetted, 1 subnets
B 209.165.200.224 [20/0] via 10.10.12.2, 00:08:34
10.0.0.0/8 is variably subnetted, 4 subnets, 3 masks
C 10.10.10.0/28 is directly connected,
GigabitEthernet0/0 C 10.10.11.0/30 is directly
connected, FastEthernet2/0
O 10.10.13.0/24 [110/2] via 10.10.10.1, 00:09:25,
GigabitEthernet0/0 C 10.10.12.0/30 is directly connected,
GigabitEthernet0/1

Which action is taken by the router when a packet is sourced from 10.10.10.2 and destined for 10.10.10.16?

A. It discards the packets

B. It uses a route that is similar to the destination address
C. It floods packets to all learned next hops
D. It queues the packets waiting for the route to be learned
Answer: A

Question 7: Drag and drop the functions of DHCP from the left onto any of the positions on the right. Not all
functions are used.

Answer:

1 – maintains an address pool

2 – offers domain name server configuration
3 – reduces the administrative burden for onboarding end users
4 – assigns IP addresses to local hosts for a configurable lease time

Question 8: What is the function of a controller in controller-based networking?

A. It is a pair of core routers that maintain all routing decisions for a campus
B. It centralizes the data plane for the network
C. It is the card on a core router that maintains all routing decisions for a campus
D. It serves as the centralized management point of an SDN architecture
Answer: D
Question 9: When a switch receives a frame for a known destination MAC address, how is the frame handed?

A. flooded to all ports except the one from which it originated

B. broadcast to all ports
C. forwarded to the first available port
D. sent to the port identified for the known MAC address
Answer: D
Question 10: Drag and drop the IPv6 address type characteristics from the left to the right.

Answer:

Link-Local Address:
+ attached to a single subnet
+ configured only once per interface

Unique Local Address:

+ addresses with prefix FC00::/7
+ addressing for exclusive use internally without Internet routing

Question 11: Why was the RFC 1918 address space defined?

A. preserve public IPv6 address space

B. support the NAT protocol
C. reduce instances of overlapping IP addresses
D. conserve public IPv4 addressing
Answer: D

Question 12: What is the purpose of using First Hop Redundancy Protocol in a specific subnet?

A. forwards multicast hello messages between routers

B. sends the default route to the hosts on a network
C. filter traffic based on destination IP addressing
D. ensures a loop-free physical topology
Answer: A

Question 13: After installing a new Cisco ISE server, which task must the engineer perform on the Cisco WLC
to connect wireless clients on a specific VLAN based on their credentials?

A. Enable the Authorized MIC APs against auth-list or AAA.

B. Enable the allow AAA Override
C. Disable the LAG Mode or Next Reboot.
D. Enable the Event Driven RRM.
Answer: B

Question 14: An engineer is configuring an encrypted password for the enable command on a router where the
local user database has already been configured. Drag and drop the configuration commands from the left into
the correct sequence on the right.
Not all commands are used.

Answer:

+ first: enable
+ second: configure terminal
+ third: enable secret $fkg!@34i4
+ fourth: exit

Question 15: Refer to the exhibit.

Router R4 is dynamically learning the path to the server. If R4 is connected to R1 via OSPF Area 20, to R2
via R2 BGP, and to R3 via EIGRP 777, which path is installed in the routing table of R4?

A. the path through R2, because the EBGP administrative distance is 20

B. the path through R2, because the IBGP administrative distance is 200
C. the path through R1, because the OSPF administrative distance is 110
D. the path through R3, because the EIGRP administrative distance is lower than OSPF and BGP
Answer: A

Question 16: What is a function of the Cisco DNA Center Overall Health Dashboard?

A. It summarizes daily and weekly CPU usage for servers and workstations in the network.
B. It provides detailed activity logging for the 10 devices and users on the network.
C. It summarizes the operational status of each wireless device on the network.
D. It provides a summary of the top 10 global issues.
Answer: D
Question 17: Which protocol requires authentication to transfer a backup configuration file from a router to a
remote server?

A. TFTP
B. FTP
C. DTP
D. SMTP
Answer: B

Question 18: Where is the interface between the control plane and data plane within the software-defined
architecture?

A. application layer and the management layer

B. application layer and the infrastructure layer
C. control layer and the application layer
D. control layer and the infrastructure layer
Answer: D

Question 19: Which action does the router take as it forwards a packet through the network?

A. The router replaces the source and destination labels with the sending router interface label as a source
and the next hop router label as a destination
B. The router encapsulates the source and destination IP addresses with the sending router IP address as the
source and the neighbor IP address as the destination
C. The router encapsulates the original packet and then includes a tag that identifies the source router
MAC address and transmit transparently to the destination
D. The router replaces the original source and destination MAC addresses with the sending router MAC
address as the source and neighbor MAC address as the destination

Answer: D

Question 20: When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption
of the entire original IP packet?

A. IPsec tunnel mode with AH

B. IPsec transport mode with AH
C. IPsec tunnel mode with ESP
D. IPsec transport mode with ESP
Answer: C
Question 21: Refer to the exhibit.

Which two commands, when configured on router R1, fulfill these requirements? (Choose two)
– Packets toward the entire network 2001:db8:23::/64 must be forwarded through router R2.
– Packets toward host 2001:db8:23::14 preferably must be forwarded through R3.

A. ipv6 route 2001:db8:23::/128 fd00:12::2

B. ipv6 route 2001:db8:23::14/128 fd00:13::3
C. ipv6 route 2001:db8:23::14/64 fd00:12::2
D. ipv6 route 2001:db8:23::14/64 fd00:12::2 200
E. ipv6 route 2001:db8:23::/64 fd00:12::2
Answer: B E
Question 22: What is the role of a firewall in an enterprise network?

A. determines which packets are allowed to cross from unsecured to secured networks
B. processes unauthorized packets and allows passage to less secure segments of the network
C. forwards packets based on stateless packet inspection
D. explicitly denies all packets from entering an administrative domain
Answer: A
Question 23: What is the benefit of configuring PortFast on an interface?

A. After the cable is connected, the interface uses the fastest speed setting available for that cable type
B. The frames entering the interface are marked with higher priority and then processed faster by a switch
C. After the cable is connected, the interface is available faster to send and receive user data
D. Real-time voice and video frames entering the interface are processed faster
Answer: C
Question 24: How are VLAN hopping attacks mitigated?

A. manually implement trunk ports and disable DTP

B. configure extended VLANs
C. activate all ports and place in the default VLAN
D. enable dynamic ARP inspection
Answer: A
Question 25: Drag and drop the statement about networking from the left into the corresponding networking
types on the right. Not all statements are used.

Answer:

Controller-Based Networking:
+ This type deploys a consistent configuration across multiple devices
+ Southbound APIs are used to apply configurations

Traditional Networking:
+ This type requires a distributed management plane
+ A distributed control plane is needed
Question 26: Refer to the exhibit.
R1#show ip route
--output omitted--

Gateway of last resort is 192.168.14.4 to network 0.0.0.0

C 172.16.1.128/25 is directly connected,

GigabitEthernet1/1/0 C 192.168.12.0/24 is
directly connected, FastEthernet0/0
C 192.168.13.0/24 is directly connected,
FastEthernet0/1 C 192.168.14.0/24 is
directly connected, FastEthernet1/0 C
172.16.16.1 is directly connected,
Loopback1
192.168.10.0/24 is variably subnetted, 3 subnets, 3 masks
O 192.168.10.0/24 [110/2] via 192.168.14.4, 00:03:01, FastEthernet1/0
O 192.168.10.32/27 [110/11] via 192.168.13.3,
00:00:11, FastEthernet0/1 O 192.168.0.0/16 [110/2]
via 192.168.15.5, 00:05:11, FastEthernet1/1
D 192.168.10.1/32 [90/52778] via 192.168.12.2,
00:05:11, FastEthernet0/0 O*E2 0.0.0.0/0 [110/1] via
192.168.14.4, 00:05:11, FastEthernet1/0

If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the packet?

A. 192.168.12.2
B. 192.168.13.3
C. 192.168.14.4
D. 192.168.15.5
Answer: C
Question 27: Which two components are needed to create an Ansible script that configures a VLAN on a
switch? (Choose two)

A. task
B. cookbook
C. recipe
D. model
E. playbook
Answer: A E
Question 28: How are the switches in a spine-and-leaf topology interconnected?

A. Each leaf switch is connected to two spine switches, making a loop.

B. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch.
C. Each leaf switch is connected to each spine switch.
D. Each leaf switch is connected to one of the spine switches.
Answer: C

Question 29: In software-defined architecture, which place handles switching for traffic through a Cisco
router?

A. Data
B. Control
C. Management
D. Application
Answer: A
Question 30: Which two protocols must be disabled to increase security for management connections to a

Wireless LAN Controller? (Choose two)

A. Telnet
B. SSH
C. HTTP
D. HTTPS
E. TFTP
Answer: A C

Question 31: When a client and server are not on the same physical network, which device is used to forward
requests and replies between client and server for DHCP?

A. DHCP relay agent

B. DHCP server
C. DHCPDISCOVER
D. DHCPOFFER
Answer: A

Question 32: An implementer is preparing hardware for virtualization to create virtual machines on a host.
What is needed to provide communication between hardware and virtual machines?
A. straight cable
B. router
C. hypervisor
D. switch
Answer: C
Question 33: What are two characteristics of the distribution layer in a three-tier network architecture?
(Choose two)

A. provides a boundary between Layer 2 and Layer 3 communications

B. designed to meet continuous, redundant uptime requirements
C. serves as the network aggregation point
D. physical connection point for a LAN printer
E. is the backbone for the network topology
Answer: A C
Question 34: Which QoS tool can you use to optimize voice traffic on a network that is primarily intended for
data traffic?

A. WRED
B. FIFO
C. PQ
D. D.WFQ

Answer: C

Question 35: On workstations running Microsoft Windows, which protocol provides the default gateway for
the device?
A. STP
B. DNS
C. SNMP
D. DHCP
Answer: D
Question 36: Refer to the exhibit.

R2#show ip route

C 192.168.1.0/26 is directly connected, FastEthernet0/1

Which two prefixes are included in this routing table entry? (Choose two)
A. 192.168.1.17
B. 192.168.1.61
C. 192.168.1.64
D. 192.168.1.127
E. 192.168.1.254
Answer: A B
Question 37: Which two primary drivers support the need for network automation? (Choose two)

A. Increasing reliance on self-diagnostic and self-healing

B. Eliminating training needs
C. Policy-derived provisioning of resources
D. Reducing hardware footprint
E. Providing a single entry point for resource provisioning
Answer: C E
Question 38: What is the difference in data transmission delivery and reliability between TCP and UDP?

A. UDP sets up a connection between both devices before transmitting data. TCP uses the three-way
handshake to transmit data with a reliable connection.
B. TCP transmits data at a higher rate and ensures packet delivery. UDP retransmits lost data to ensure
applications receive the data on the remote end.
C. UDP is used for multicast and broadcast communication. TCP is used for unicast communication and
transmits data at a higher rate with error checking.
D. TCP requires the connection to be established before transmitting data. UDP transmits data at a
higher rate without ensuring packet delivery.
Answer: D
Question 39: What are network endpoints?
A. a threat to the network if they are compromised
B. support inter-VLAN connectivity
C. act as routers to connect a user to the service prowler network
D. enforce policies for campus-wide traffic going to the internet
Answer: A

Question 40: What does physical access control regulate?

A. access to specific networks based on business function

B. access to servers to prevent malicious activity
C. access to computer networks and file systems
D. access to networking equipment and facilities
Answer: D

Question 41: Drag and drop the DNS lookup components from the left onto the functions on the right.

Answer:
 + service that maps hostname to IP addresses: DNS
+ local database of address mappings that improves name resolution performance: cache
+ in response to client requests, queries a name server for IP address information: name resolver
+ component of a URL that indicates the location or organization type: domain
+ disables DNS services on a Cisco device: no ip domain-lookup
Question 42: What must be considered when using 802.11a?
A. It is compatible with 802.11g and 802.11-compliant wireless devices
B. It is chosen over 802.11b/g when a lower-cost solution is necessary
C. It is susceptible to interference from 2.4 GHz devices such as microwave ovens.
D. It is used in place of 802.11b/g when many nonoverlapping channels are required
Answer: D

Question 43: This question is duplicated so we removed it.

Question 44: An engineer configures interface Gi1/0 on the company PE router to connect to an ISP. Neighbor
discovery is disabled.
interface Gi1/0
description
HQ_DC3392-9383
duplex full
speed 100
negotiation
auto lldp
transmit
lldp receive
Which action is necessary to complete the configuration if the ISP uses third-party network devices?

A. Enable LLDP globally

B. Disable autonegotiation
C. Disable Cisco Discovery Protocol on the interface
D. Enable LLDP-MED on the ISP device
Answer: A

Question 45: How does QoS optimize voice traffic?

A. reducing bandwidth usage

B. by reducing packet loss
C. by differentiating voice and video traffic
D. by increasing jitter
Answer: C

Question 46: Which two events occur automatically when a device is added to Cisco DNA Center? (Choose
two)

A. The device is assigned to the Global site.

B. The device is placed into the Unmanaged state.
C. The device is placed into the Provisioned state.
D. The device is placed into the Managed state.
E. The device is assigned to the Local site.
Answer: A D

Question 47: What are two benefits of using the PortFast feature? (Choose two)

A. Enabled interfaces are automatically placed in listening state

B. Enabled interfaces wait 50 seconds before they move to the forwarding state
C. Enabled interfaces never generate topology change notifications.
D. Enabled interfaces that move to the learning state generate switch topology change notifications
E. Enabled interfaces come up and move to the forwarding state immediately
Answer: C E
Question 48: A network administrator is asked to configure VLANs 2, 3 and 4 for a new implementation. Some
ports must be assigned to the new VLANs with unused remaining. Which action should be taken for the unused
ports?

A. configure port in the native VLAN

B. configure ports in a black hole VLAN
C. configure in a nondefault native VLAN
D. configure ports as access ports
Answer: B
Question 49: Which function is performed by DHCP snooping?

A. rate-limits certain traffic

B. listens to multicast traffic for packet forwarding
C. provides DDoS mitigation
D. propagates VLAN information between switches
Answer: A

Question 50: Which plane is centralized by an SDN controller?

A. data plane
B. management plane
C. control plane
D. services plane
Answer: C
Question 51: What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two)

A. Both support runs of up to 100 meters.

B. Both support runs of up to 55 meters.
C. Both operate at a frequency of 500 MHz.
D. Both support speeds of at least 1 Gigabit.
E. Both support speeds up to 10 Gigabit.
Answer: A D
Question 52: Refer to the exhibit.

R3#show ip ospf neighbor

Neighbo Pri State Dead Address Interface

r ID Time
1.1.1.1 1 2WAY/ 00:00:3 172.16.1 GigabitEthern
DROTHER 5 0.1 et0/0
2.2.2.2 1 2WAY/ 00:00:3 172.16.1 GigabitEthern
DROTHER 5 0.2 et0/0
4.4.4.4 1 FULL/BDR 00:00:3 172.16.1 GigabitEthern
5 0.4 et0/0
5.5.5.5 1 FULL/DR 00:00:3 172.16.1 GigabitEthern
5 0.5 et0/0
R5 is the current DR on the network, and R4 is the BDR. Their interfaces are flapping, so a network
engineer wants the OSPF network to elect a different DR and BDR. Which set of configurations must the
engineer implement?

Option A Option B

R4(config)#interface gi0/0 R2(config)#interface gi0/0

R4(config-if)#ip ospf R2(config-if)#ip ospf priority
priority 20 259

R5(config)#interface gi0/0 R3(config)#interface gi0/0

R5(config-if)#ip ospf R3(config-if)#ip ospf priority
priority 10 256

Option C Option D

R3(config)#interface gi0/0 R5(config)#interface gi0/0

R3(config-if)#ip ospf priority R5(config-if)#ip ospf priority
255 120

R2(config)#interface gi0/0 R4(config)#interface gi0/0

R2(config-if)#ip ospf priority R4(config-if)#ip ospf priority
240 110

A. Option A
B. Option B
C. Option C
D. Option D
Answer: C

Question 53: Refer to the exhibit.

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA -
OSPF inter area N1 - OSPF NSSA external type
1, N2 - OSPF NSSA external type 2 E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route o - ODR, P - periodic downloaded static
route
Gateway of last resort is 192.168.30.10 to network
0.0.0.0 192.168.30.0/29 is subnetted, 2 subnets
C 192.168.30.0 is directly connected, FastEthernet0/0
C 192.168.30.8 is directly connected, Serial0/0.1
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
O IA 192.168.10.32/28 [110/193] via 192.168.30.10,
00:11:34, Serial0/0.1 O IA 192.168.10.0/27 [110/192]
via 192.168.30.10, 00:11:34, Serial0/0.1
192.168.20.0/30 is subnetted, 1 subnets
O IA 192.168.20.0 [110/128] via 192.168.30.10, 00:11:34, Serial0/0.1
192.168.50.0/32 is subnetted, 1 subnets
C 192.168.50.1 is directly connected, Loopback0
O*IA 0.0.0.0/0 [110/84] via 192.168.30.10, 00:11:21, Serial0/0.1
What is the metric of the route to the 192.168.10.33/28 subnet?

A. 84
B. 110
C. 128
D. 192
E. 193
Answer: E

Question 54: Drag and drop the AAA terms from the left onto the description on the right.

Answer:

+ tracks activity: accounting

+ verifies access rights: authorization
+ updates session attributes: CoA
+ verifies identity:
authentication

Question 55: Which access layer threat-mitigation technique provides security based on identity?

A. using a non-default native VLAN

B. Dynamic ARP Inspection
C. DHCP snooping
D. 802.1x
Answer: D