Refer to the exhibit.
A network engineer issues the debug command while troubleshooting a network issue. What does the output confirm?
Why does the vBond orchestrator have a public IP?
to enable vBond to team the public IP of WAN Edge devices that are behind NAT gateways or in private address space
Refer to the exhibit.
Extended access-list 100 is configured on interface GigabitEthernet 0/0 in an inbound direction, but it does not have the expected behavior of allowing only packets to or from 192.168.0.0/16. Which command set properly configures the access list?
A company hires a network architect to design a new OTT wireless solution within a Cisco SD-Access Fabric wired network. The architect wants to register access points to the WLC to centrally switch the traffic. Which AP mode must the design include?
Which two methods are used by an AP that is typing to discover a wireless LAN controller? (Choose two.)
Which technology reduces the implementation of STP and leverages both unicast and multicast?
An engineer must construct an access list tot a Cisco Catalyst 9800 Series WLC that will -edirect wireless guest users to a splash page that is hosted on a Cisco ISE server. The Cisco ISE servers are hosted at 10.9.11.141 and 10.1.11.141. Which access list meets the requirements?
A)
B)
C)
D)
Which there application has the ability to make REST calls against Cisco DNA Center?
What is the result when an active route processor fails that combines NSF with SSO?
Simulation 02
Configure HSRP between DISTRO-SW1 and DISTRO-SW2 on VLAN 100 for hosts connected to ACCESS-SW1 to achieve these goals:
1. Configure group number 1 using the virtual IP address of 192.168.1.1/24.
2. Configure DlSTRO-SW1 as the active router using a priority value of 110 and DISTRO-SW2 as the standby router.
3. Ensure that DISTRO-SW2 will take over the active role when DISTRO-SW1 goes down, and when DISTRO-SW1 recovers, it automatically resumes the active role.
DISTRO-SW2
Which DNS lookup does an access point perform when attempting CAPWAP discovery?
Drag the characteristics from the left onto the routing protocols they describe on the right.
Which signal strength and noise values meet the minimum SNR for voice networks?
Refer to the exhibit. An engineer configures HSRP and enters the show standby command. Which two facts about the network environment are derived from the output? (Choose two.)
Refer to the exhibit.
An engineer must assign an IP address of 192.168.1.1/24 to the GigabitEtherenet1 interface. Which two commands must be added to the existing configuration to accomplish this task? (Choose two.)
A customer deploys a new wireless network to perform location-based services using Cisco DNA Spaces The customer has a single WLC located on-premises in a secure data center. The security team does not want to expose the WLC to the public Internet. Which solution allows the customer to securely send RSSI updates to Cisco DNA Spaces?
Refer to the exhibit.
An LACP port channel is configured between Switch-1 and Switch-2, but It falls to come up. Which action will resolve the issue?
A network administrator for a small office is adding a passive IDS to its network switch for the purpose of inspecting network traffic. Which of the following should the administrator use?
Which of the following fiber connector types is the most likely to be used on a network interface card?
Which technology enables a redundant supervisor engine to take over when the primary supervisor engine fails?
Drag and drop the characteristics from the left onto the corresponding infrastructure deployment models on the right.
Which QoS feature uses the IP Precedence bits in the ToS field of the IP packet header to partition traffic into different priority levels?
A company's office has publicly accessible meeting rooms equipped with network ports. A recent audit revealed that visitors were able to access the corporate network by plugging personal laptops into open network ports. Which of the following should the company implement to prevent this in the future?
Refer to the exhibit. Which command set enables router R2 to be configured via NETCONF?
A)
B)
C)
D)
An engineer must use flexible NetFlow on a group of switches. To prevent overloading of the flow collector, if the flow is idle for 20 seconds, the flow sample should be exported. Which command set should be applied?
A)
B)
C)
D)
Refer to the exhibit.
What does the output confirm about the switch's spanning tree configuration?
An engineer is implementing a Cisco MPLS TE tunnel to improve the streaming experience for the clients of a video-on-demand server. Which action must the engineer perform to configure extended discovery to support the MPLS LDP session between the headend and tailend routers?
Refer to the exhibit.
An engineer troubleshoots connectivity issues with an application. Testing is performed from the server gateway, and traffic with the DF bit set is dropped along the path after increasing packet size. Removing the DF bit setting at the gateway prevents the packets from being dropped. What is the cause of this issue?
A network engineer wants to configure console access to a router without using AAA so that the privileged exec mode is entered directly after a user provides the correct login credentials. Which action achieves this goal?
Refer to the exhibit. An engines configured TACACS^ to authenticate remote users but the configuration is not working as expected Which configuration must be applied to enable access?
A)
B)
C)
D)
Which mobility role is assigned to a client in the client table of the new controller after a Layer 3 roam?
Refer to the exhibit. An engineer must protect the CPU of the router from high rates of NTP, SNMP, and SSH traffic. Which two configurations must be applied to drop these types of traffic when it continuously exceeds 320 kbps? (Choose two)
In a Cisco SD-WAN solution, how Is the health of a data plane tunnel monitored?
Refer to the exhibit.
CR2 and CR3 ate configured with OSPF. Which configuration, when applied to CR1. allows CR1 to exchange OSPF Information with CR2 and CR3 but not with other network devices or on new Interfaces that are added to CR1?
A)
B)
C)
D)
Drag and drop the snippets onto the blanks within the code to construct a script that configures BGP according to the topology. Not all options are used, and some options may be used twice.
Refer to the exhibit.
An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where should the SNMP table option be added?
Refer to the exhibit.
R2 is the neighboring router of R1. R2 receives an advertisement for network 192 168.10.50/32. Which configuration should be applied for the subnet to be advertised with the original /24 netmask?
A)
B)
C)
D)
An engineer must configure the strongest password authentication to locally authenticate on a router. Which configuration must be used?
Refer to the exhibit.
An engineer reconfigures the pot-channel between SW1 and SW2 from an access port to a trunk and immediately notices this error in SW1's log.
Which command set resolves this error?
A)
B)
C)
D)
Which method is used by an AP to join HA controllers and is configured in NVRAM?
Drag and drop the descriptions from the left onto the QoS components they describe on the right.
Refer to the exhibit.
A GRE tunnel has been created between HO and BR routers. What is the tunnel IP on the HQ router?
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
An engineer must create an EEM script to enable OSPF debugging in the event the OSPF neighborship goes down. Which script must the engineer apply?
A customer transitions a wired environment to a Cisco SD-Access solution. The customer does not want to integrate the wireless network with the fabric. Which wireless deployment approach enables the two systems to coexist and meets the customer requirement?
Refer to the exhibit.
Which code results in the working Python script displaying a list of network devices from the Cisco DNA Center?
A network engineer is enabling HTTPS access to the core switch, which requires a certificate to be installed on the switch signed by the corporate certificate authority Which configuration commands are required to issue a certificate signing request from the core switch?
A)
B)
C)
D)
Refer to the exhibit.
After the code is run on a Cisco IOS-XE router, the response code is 204.
What is the result of the script?
Which two actions, when applied in the LAN network segment, will facilitate Layer 3 CAPWAP discovery for lightweight AP? (Choose two.)
Refer to the exhibit.
An engineer is designing a guest portal on Cisco ISE using the default configuration. During the testing phase, the engineer receives a warning when displaying the guest portal. Which issue is occurring?
Refer to the exhibit.
How does the router handle traffic after the CoPP policy is configured on the router?
Drag and drop the descriptions from the left onto the routing protocol they describe on the right.
Drag and drop the characteristics from the left onto the orchestration tools that they describe on the right.
Which method does Cisco DNA Center use to allow management of non-Cisco devices through southbound protocols?
Which DHCP option provides the CAPWAP APs with the address of the wireless controller(s)?
A network engineer configures a WLAN controller with increased security for web access. There is IP connectivity with the WLAN controller, but the engineer cannot start a management session from a web browser. Which action resolves the issued
An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used.
A customer wants to use a single SSID to authenticate loT devices using different passwords. Which Layer 2 security type must be configured in conjunction with Cisco ISE to achieve this requirement?
Refer to the exhibit. Which command is required to verify NETCONF capability reply messages?
If a client's radio device receives a signal strength of -67 dBm and the noise floor is -85 dBm, what is the SNR value?
An engineer is configuring local web authentication on a WLAN. The engineer chooses the Authentication radio button under the Layer 3 Security options for Web Policy. Which device presents the web authentication for the WLAN?
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
A network monitoring system uses SNMP polling to record the statistics of router interfaces The SNMP queries work as expected until an engineer installs a new interface and reloads the router After this action, all SNMP queries for the router fail What is the cause of this issue?
Refer to the exhibit.
An engineer attempts to bundle interface Gi0/0 into the port channel, but it does not function as expected. Which action resolves the issue?
A customer requests a design that includes GLBP as the FHRP The network architect discovers that the members of the GLBP group have different throughput capabilities Which GLBP load balancing method supports this environment?
Which action is performed by Link Management Protocol in a Cisco StackWise Virtual domain?
How can an engineer prevent basic replay attacks from people who try to brute force a system via REST API?
Refer to the exhibit.
An engineer must configure a SPAN session. What is the effect of the configuration?
Refer to the exhibit:
An engineer configures VRRP and issues the show commands to verify operation. What does the engineer confirm about VRRP group 1 from the output?
Which cisco DNA center application is responsible for group-based accesss control permissions?
Refer to the exhibit.
On which interfaces should VRRP commands be applied to provide first hop redundancy to PC-01 and PC-02?
An engineer is working with the Cisco DNA Center API Drag and drop the methods from the left onto the actions that they are used for on the right.
Refer to the exhibit.
An engineer must permit traffic from these networks and block all other traffic An informational log message should be triggered when traffic enters from these prefixes Which access list must be used?
Which element enables communication between guest VMs within a virtualized environment?
Refer to the exhibit.
What are two reasons for IP SLA tracking failure? (Choose two )
Refer to The exhibit.
Assuming that R1 is a CE router, which VRF is assigned to Gi0/0 on R1?
Which resource is able to be shared among virtual machines deployed on the same physical server?
Refer to the exhibit.
An engineer entered the command no spanning-tree bpduguard enable on interface Fa 1/0/7. What is the effect of this command on Fa 1/0/7?
Which method displays text directly into the active console with a synchronous EEM applet policy?
A company requires a wireless solution to support its mam office and multiple branch locations. All sites have local Internet connections and a link to the main office lor corporate connectivity. The branch offices are managed centrally. Which solution should the company choose?
Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)
Refer to the exhibit. Which python code parses the response and prints “18:32:21.474 UTC sun Mar 10 2019?
An engineer must configure a router to leak routes between two VRFs Which configuration must the engineer apply?
Refer to the exhibit.
An engineer configures routing between all routers and must build a configuration to connect R1 to R3 via a GRE tunnel Which configuration must be applied?
A)
B)
C)
D)
Refer to the exhibit.
Which commands are required to allow SSH connection to the router?
A)
B)
C)
D)
Refer to the exhibit.
Which command set is needed to configure and verify router R3 to measure the response time from router R3 to the file server located in the data center?
A)
B)
C)
D)
Which configuration creates a CoPP policy that provides unlimited SSH access from dient 10.0.0.5 and denies access from all other SSH clients'?
A)
B)
C)
D)
The Gig0/0 interface of two routers is directly connected with a 1G Ethernet link. Which configuration must be applied to the interface of both routers to establish an OSPF adjacency without maintaining a DR/BDR relationship?
A)
B)
C)
D)
Refer to the exhibit.
An engineer must set up connectivity between a campus aggregation layer and a branch office access layer. The engineer uses dynamic trunking protocol to establish this connection, however, management traffic on VLAN1 is not passing. Which action resolves the issue and allow communication for all configured VLANs?
Refer to the exhibit.
An engineer must allow all users in the 10.2.2.0/24 subnet to access the Internet. To conserve address space the public Interface address of 209 165 201.1 must be used for all external communication. Which command set accomplishes these requirements?
A)
B)
C)
D)
An engineer must configure an ACL that permits packets which include an ACK in the TCP header Which entry must be included in the ACL?
Which protocol is implemented to establish secure control plane adjacencies between Cisco SD-WAN nodes?
what is a benefit of using a Type 2 hypervisor instead of a Type 1 hypervisor?
Refer to the exhibit.
R1 is able to ping the R3 fa0/1 Interface. Why do the extended pings fail?
Refer to the exhibit.
What is the effect of introducing the sampler feature into the Flexible NetFlow configuration on the router?
Drag and drop the characteristics from the left onto the infrastructure deployment models on the right.
Refer to the exhibit.
Which configuration must be applied to the HQ router to set up a GRE tunnel between the HQ and BR routers?
A)
B)
C)
D)
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
What is an emulated machine that has dedicated compute memory, and storage resources and a fully installed operating system?
What is the recommended minimum SNR for data applications on wireless networks?
Refer to the exhibit. A network engineer checks connectivity between two routers. The engineer can ping the remote endpoint but cannot see an ARP entry. Why is there no ARP entry?
What is used to validate the authenticity of the client and is sent in HTTP requests as a JSON object?
An engineer is configuring Local WebAuth on a Cisco Wireless LAN Controller. According to RFC 5737, WHICH VIRTUAL IP address must be used in this configuration?
Refer to the exhibit. A network engineer must block Telnet traffic from hosts in the range of 10.100 2.248 to 10.100.2 255 to the network 10.100.3.0 and permit everything else. Which configuration must the engineer apply'?
A)
B)
C)
D)
Which type of tunnel Is required between two WLCs to enable Intercontroller roaming?
Refer to the exhibit. A network engineer must load balance traffic that comes from the NAT Router and is destined to 10.10.110.10, to several FTP servers. Which two commands sets should be applied? (Choose two).
A)
B)
C)
D)
E)
Which two features does the Cisco SD-Access architecture add to a traditional campus network? (Choose two.)
Refer to the exhibit. Which command set must be added to permit and log all traffic that comes from 172.20.10.1 in interface GigabitEthernet0/1 without impacting the functionality of the access list?
Refer to the exhibit.
A network engineer must log in to the router via the console, but the RADIUS servers are not reachable Which credentials allow console access1?
Refer io me exhibit.
An engineer configures the trunk and proceeds to configure an ESPAN session to monitor VLANs10. 20. and 30. Which command must be added to complete this configuration?
Drag and drop the automation characteristics from the left onto the appropriate tools on the right.
Refer to the exhibit. Which EEM script generates a critical-level syslog message and saves a copy of the running configuration to the bootflash when an administrator saves the running configuration to the startup configuration?
Refer to the exhibit.
An engineer must deny Telnet traffic from the loopback interface of router R3 to the Loopback interface of router R2 during, the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times Which command set accomplishes this task?
A)
B)
C)
D)
Refer to the exhibit.
Object tracking has been configured for VRRP-enabled routers Edge-01 and Edge-02 Which commands cause Edge-02 to preempt Edge-01 in the event that interface G0/0 goes down on Edge-01?
A)
B)
C)
D)
Refer to the exhibit. An attacker can advertise OSPF fake routes from 172.16.20.0 network to the OSPF domain and black hole traffic. Which action must be taken to avoid this attack and still be able to advertise this subnet into OSPF?
Refer to the exhibit.
The administrator troubleshoots an EtherChannel that keeps moving to err-disabled. Which two actions must be taken to resolve the issue? (Choose two.)
Drag anti drop the characteristics from the ten onto the configuration models on the right.
In a Cisco SD-Access wireless architecture which device manages endpoint ID to edge node bindings?
Refer the exhibit.
Which configuration elects SW4 as the root bridge for VLAN 1 and puts G0/2 on SW2 into a blocking state?
A)
B)
C)
D)
A company plans to implement intent-based networking in its campus infrastructure. Which design facilities a migrate from a traditional campus design to a programmer fabric designer?
Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right.
Refer to the exhibit.
The IP SLA is configured in a router. An engineer must configure an EEM applet to shut down the interface and bring it back up when there is a problem with the IP SLA. Which configuration should the engineer use?
While configuring an IOS router for HSRP with a virtual IP of 10 1.1.1. an engineer sees this log message.
Which configuration change must the engineer make?
Refer to the exhibit. What does the error message relay to the administrator who is trying to configure a Cisco IOS device?
A customer has recently implemented a new wireless infrastructure using WLC-5520 at a site directly next to a large commercial airport. Users report that they intermittently lose WI-FI connectivity, and troubleshooting reveals it is due to frequent channel changes. Which two actions fix this issue? (Choose two)
Drag and drop the threat defense solutions from the left onto their descriptions on the right.
A company has an existing Cisco 5520 HA cluster using SSO. An engineer deploys a new single Cisco Catalyst 9800 WLC to test new features. The engineer successfully configures a mobility tunnel between the 5520 cluster and 9800 WLC. Client connected to the corporate WLAN roam seamlessly between access points on the 5520 and 9800 WLC. After a failure on the primary 5520 WLC, all WLAN services remain functional; however, Client roam between the 5520 and 9800 controllers without dropping their connection. Which feature must be configured to remedy the issue?
Refer to the exhibit. Which two commands are needed to allow for full reachability between AS 1000 and AS 2000? (Choose two)
Refer to the exhibit.
Which HTTP JSON response does the python code output give?
Refer to the exhibit.
An engineer implemented several configuration changes and receives the logging message on switch1. Which action should the engineer take to resolve this issue?
Drag and drop the virtual components from the left onto their deceptions on the right.
Refer to the exhibit.
SwitchC connects HR and Sales to the Core switch However, business needs require that no traffic from the Finance VLAN traverse this switch Which command meets this requirement?
A)
B)
C)
D)
Refer to the exhibit. A network engineer configures NAT on R1 and enters the show command to verity the configuration What does the output confirm?
Refer to Exhibit.
MTU has been configured on the underlying physical topology, and no MTU command has been configured on the tunnel interfaces. What happens when a 1500-byte IPv4 packet traverses the GRE tunnel from host X to host Y, assuming the DF bit is cleared?
Which algorithms are used to secure REST API from brute attacks and minimize the impact?
Refer to the exhibit. Which configuration must be applied to R to enable R to reach the server at 172.16.0.1?
A)
B)
C)
D)
If the noise floor is -90 dBm and wireless client is receiving a signal of -75 dBm, what is the SNR?
Refer to the exhibit.
An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts, drag and drop the commands into the configuration to achieve these results. Some commands may be used more than once. Not all commands are used.
Which congestion queuing method on Cisco IOS based routers uses four static queues?
Drag and drop the solutions that comprise Cisco Cyber Threat Defense from the left onto the objectives they accomplish on the right.
Which features does Cisco EDR use to provide threat detection and response protection?
When a wireless client roams between two different wireless controllers, a network connectivity outage is experience for a period of time. Which configuration issue would cause this problem?
Refer to the exhibit. An engineer has configured Cisco ISE to assign VLANs to clients based on their method of authentication, but this is not working as expected. Which action will resolve this issue?
Which AP mode allows an engineer to scan configured channels for rogue access points?
When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port?
Drag and drop the characteristics from the left onto the protocols they apply to on the right?
Refer to the exhibit. An engineer is investigating why guest users are able to access other guest user devices when the users are connected to the customer guest WLAN. What action resolves this issue?
Which outbound access list, applied to the WAN interface of a router, permits all traffic except for http traffic sourced from the workstation with IP address 10.10.10.1?
A)
B)
C)
D)
How does Cisco Trustsec enable more access controls for dynamic networking
environments and data centers?
Refer to the exhibit.
Which configuration allows Customer2 hosts to access the FTP server of Customer1 that has the IP address of 192.168.1.200?
Refer to the exhibit.
An engineer must modify the access control list EGRESS to allow all IP traffic from subnet 10.1.10.0/24 to 10.1.2.0/24. The access control list is applied in the outbound direction on router interface GigabitEthemet 0/1. Which configuration commands can the engineer use to allow this traffic without disrupting existing traffic flows?
A)
B)
C)
D)
Refer the exhibit.
Which router is the designated router on the segment 192.168.0.0/24?
Refer to the exhibit.
The EtherChannel between SW2 and SW3 is not operational which action resolves this issue?
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?
Drag and drop the characteristics from the left onto the appropriate infrastructure deployment types on the right.
Refer to the exhibit.
After implementing the configuration 172.20.20.2 stops replaying to ICMP echoes, but the default route fails to be removed. What is the reason for this behavior?
Refer to the exhibit. An engineer attempts to create a configuration to allow the Blue VRF to leak into the global routing table, but the configuration does not function as expected. Which action resolves this issue?
An engineer is concerned with the deployment of new application that is sensitive to inter-packet delay variance. Which command configures the router to be the destination of jitter measurements?
Refer to the exhibit. Communication between London and New York is down. Which command set must be applied to the NewYork switch to resolve the issue?
A)
B)
C)
D)
Which configuration restricts the amount of SSH that a router accepts 100 kbps?
A)
B)
C)
D)
Refer to the exhibit.
An engineer configures monitoring on SW1 and enters the show command to verify operation. What does the output confirm?
Refer to the exhibit. An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2. Which is the cause of the message?
A server running Linux is providing support for virtual machines along with DNS and DHCP services for a small business. Which technology does this represent?
Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?
Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?
Which action limits the total amount of memory and CPU that is used by a collection of VMs?
Drag and drop the automation characteristics from the left onto the corresponding tools on the right. Not all options are used.
Which A record type should be configured for access points to resolve the IP address of a wireless LAN controller using DNS?
Which device is responsible for finding EID-to-RLOC mappings when traffic is sent to a LISP-capable site?
A network administrator is designing a new network for a company that has frequent power spikes. The company wants to ensure that employees can the best solution for the administrator to recommend?
Refer to the exhibit.
These commands have been added to the configuration of a switch Which command flags an error if it is added to this configuration?
Which of the following security methods uses physical characteristics of a person to authorize access to a location?