ExSim-Max C

You issue the following commands on a Catalyst 9300 switch:

SwitchA#configure terminal
SwitchA(config)#interface gigabitethernet 1/0/1
SwitchA(config-if)#switchport mode trunk
SwitchA(config-if)#switchport trunk encapsulation dot1q
SwitchA(config-if)#switchport trunk native vlan 44
SwitchA(config-if)#switchport trunk allowed vlan remove 55

Which of the following statements is true regarding VLAN traffic when it is sent over port Gi1/0/1?

VLAN 44 traffic will be untagged

You administer the network shown in the exhibit. You have created an inspection rule named boson and applied the inspection rule to the untrusted interface in the outbound direction.

You want to protect the internal network from external threats while allowing legitimate IP traffic from the internal network to communicate with the external network.

Which of the following command sets should you issue?

RouterA(config)#access-list 102 deny ip 192.168.10.0 0.0.0.255 any log
RouterA(config)#access-list 102 permit icmp any host 1.2.3.5 unreachable
RouterA(config)#access-list 102 deny ip any any
RouterA(config)#interface s0/0
RouterA(config-if)#ip access-group 102 in

Which of the following best describes a lightweight AP in bridge mode?

It acts as a dedicated connection between two networks.

Given a host IP address of 48.25.24.71/21, what is the broadcast address for the subnetwork?

48.25.31.255

RouterA and RouterB are OSPF routers that are configured with matching hello timer values, dead timer values, and authentication passwords. Both routers are operating in OSPF Area 0 and have been configured to operate on the same subnet. However, the routers cannot communicate.

Which of the following could be the problem?

mismatched MTU values & a passive interface configuration

Which of the following types of malware can be used to modify the kernel of an OS and can be used by an attacker to access the computer in the future?

a rootkit

Which of the following IPv6 address prefixes are not routable?

FE80::/10 & FF02::/16

Which of the following best describes the Ethernet FCS field?

It contains a 4-byte CRC value

You need to determine how traffic will flow between the two switches in the topology shown above. No VLANs are configured on the switches.

Which port will be blocked?

The FastEthernet port on SwitchA will be blocked

Which of the following is true about IPSec configured in transport mode? ★

It does not encrypt the IP header

You want to configure SSH for incoming vty connections on a new router. The router is running a K9 IOS image but has not yet been configured with a host name, a domain name, or an RSA key pair. In addition, the vty lines are not yet configured to accept incoming SSH connections.

You issue the crypto key generate rsa command from global configuration mode.

Which of the following messages will you most likely receive? ★

Please define a hostname other than Router.

Which of the following statements is true about the HTTP PATCH method?

It can be used to apply partial modifications to an object

Which of the following commands enables a Cisco router to send DNS queries?

ip domain lookup

You issue the following commands on a Cisco switch:

SwitchA#configure terminal
SwitchA(config)#interface fastethernet 0/5
SwitchA(config-if)#switchport mode trunk
SwitchA(config-if)#switchport trunk encapsulation dot1q
SwitchA(config-if)#switchport trunk allowed vlan add 1-99
SwitchA(config-if)#switchport trunk allowed vlan remove 100-199
SwitchA(config-if)#switchport trunk allowed vlan except 200-299

Which VLANs are allowed to be trunked over port FastEthernet 0/5?

VLANs 1–199 and 300–4094

Which of the following subnet addresses is most appropriate for the point-to-point link between RouterA and RouterB?

192.168.0.128/30

Which of the following Cisco management solutions supports Cisco SDA?

Cisco DNA Center

You issue the show ip route command on RouterA and receive the following partial output:

RouterA#show ip route
<output omitted>

Gateway of last resort is 10.19.54.20 to network 10.140.0.0

O E2 172.150.0.0 [110/5] via 10.19.54.6, 0:01:00, FastEthernet1/2

What does the 110 in the output indicate?

the AD

You configure OSPF on a router and advertise all available interfaces. The serial interfaces are configured with PPP encapsulation and are using the default OSPF network type and timer values.

Which of the following statements is correct regarding how OSPF operates on the serial interfaces?

The hello timer is set to 10 seconds, and the dead timer is set to 40 seconds

You are creating a network addressing scheme for a new branch office. The branch office will require 4,000 IPv4 addresses. Your supervisor has instructed you to conserve IPv4 address space.

Which of the following subnet masks should you use for the branch office? 

255.255.240.0

You issue the following commands on SwitchA:

SwitchA#configure terminal
SwitchA(config)#interface fastethernet 0/1
SwitchA(config-if)#switchport port-security
SwitchA(config-if)#switchport port-security maximum 12

You want to configure SwitchA to discard traffic and increment the SecurityViolation counter when it receives traffic on FastEthernet 0/1 from a host with an unauthorized MAC address.

Which of the following commands should you issue?

switchport port-security violation restrict

Which of the following statements are not true about CDP?

It can be configured at the interface level to receive CDP packets but not transmit them & It can be configured at the interface level to transmit CDP packets but not receive them

Which of the following ports is used by TFTP?

UDP port 69

You issue the following command set on a Cisco router:

enable secret B0$0n!
line vty 0 4
password C1$c0!
login
service password-encryption

Which of the following password types is the B0$0n! password stored as in the running configuration?

Type 5 ★

You want to create a user account named boson with the password eX$1mM@x on a router. The password should be converted to an MD5 hash and stored on the router.

Which of the following commands should you issue on the router?

username boson secret eX$1mM@x

Which of the following can be implemented to help protect against spoofed management frames in a wireless network? ★

802.11w

You want to configure your Cisco router to provide IP addresses to the computers on your network. The IP addresses should be assigned from the 192.168.1.0/26 address range.

Which of the following commands should you issue? 

ip dhcp pool 1 & network 192.168.1.0 255.255.255.192

Which of the following most accurately describes the difference between an NGFW and an NGIPS? ☆

An NGFW can filter traffic based on application types, whereas an NGIPS can block traffic based on application and user behavior

HostA is a computer on your company's network. RouterA is a NAT router. HostA sends a packet to HostB, and HostB sends a packet back to HostA.

Which of the following addresses is an outside local address?

192.168.1.30

Which of the following do not indicate a duplex mismatch on an Ethernet LAN?

baby giants

You administer the network in the exhibit.

You issue the show ip route command on Router1 and receive the following partial output:

Router1#show ip route
<output omitted>

Gateway of last resort is not set

     10.0.0.0/30 is subnetted, 1 subnets
O       10.10.10.0 [110/20] via 192.168.1.2, 00:00:00, Ethernet0/0
     192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, Ethernet0/0

You issue the ip route 10.10.10.0 255.255.255.252 ethernet 0/0 command on Router1.

Which of the following will happen next?  

The OSPF route will be replaced with a static route

You issue the show log command to determine the cause of an err-disabled port and notice the following lines of output:

%SPANTREE-SP-2-BLOCK_BPDUGUARD:
   Received BPDU on port FastEthernet0/11 with BPDU Guard enabled. Disabling port.

%PM-SP-4-ERR_DISABLE:
   bpduguard error detected on Fa0/11, putting Fa0/11 in err-disable state

The err-disabled recovery feature is enabled for the BPDU-guard-error cause with its default settings.

What is the maximum amount of time that can pass before the err-disabled port can attempt recovery?

300 seconds

Which of the following is an IEEE Ethernet standard that uses single-mode fiber cable?

1000BaseLX

Which of the following does Terraform use as a modeling language?

HashiCorp Configuration Language (HCL)

In which of the following situations does a router use AD values to determine route selection?

when multiple routes to the same destination network are received, and each of these routes is received from a different routing protocol

You receive the following output on the console of RouterA:

*Dec  1 14:20:07.059: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 192.168.1.2 (FastEthernet0/0) is down: interface down

Which of the following statements is true? 

A notification-level severity code is being displayed in the output

You issue the following command on a Cisco router in global configuration mode:

ipv6 route 2001:db8:a::/32 fastethernet 0/1

Which of the following have you created?

a directly attached static route

You issue the show ip route command on RouterB and receive the following output:

<output omitted>
     10.0.0.0/8 is variably subnetted, 6 subnets
O       10.1.1.0/30 [110/65] via 10.1.1.14, 00:01:29, FastEthernet1/0
O       10.1.1.8/30 [110/65] via 10.1.1.14, 00:01:29, FastEthernet1/0
C       10.1.1.12/30 is directly connected, FastEthernet1/0
L       10.1.1.13/32 is directly connected, FastEthernet1/0
C       10.1.1.16/30 is directly connected, Serial0/0
L       10.1.1.17/32 is directly connected, Serial0/0
     192.0.6.0/24 is variably subnetted, 2 subnets
C       192.0.6.0/24 is directly connected, FastEthernet2/0
L       192.0.6.1/32 is directly connected, FastEthernet2/0
O    192.0.5.0 [110/65] via 10.1.1.18, 00:02:04, Serial0/0
O    192.0.3.0 [110/66] via 10.1.1.14, 00:01:29, FastEthernet1/0
O    192.0.4.0 [110/2] via 10.1.1.14, 00:01:29, FastEthernet1/0

Which of the following statements are accurate about the route to 192.0.3.0/24?

The AD is 110 & The metric is 66

An administrator issues the service password-encryption command on a Cisco router.

Which of the following passwords will be encrypted on the router?

passwords configured by any means along with any passwords configured in the future

You issue the spanning-tree guard root command on a switch port that you are connecting to a new, unconfigured switch.

Which of the following are you most likely attempting to do?

prevent the new switch from being elected root

Which of the following commands should you issue on a switch port so that no more than two devices can send traffic into the port?

switchport port-security maximum 2

Which of the following statements best describes why you should use SSH to manage a Cisco device?

SSH provides encryption, whereas Telnet does not

You are configuring security for the network shown in the topology diagram. You want to configure DAI on Switch1.

Which port or ports on the switch should you configure as trusted?

port Fa2/1

Which of the following IDS devices are the best at detecting new security threats?

anomaly-detection IDSs

Which of the following are most likely to be considered forms of authorization?

assigning a role to a verified user & allowing a user to access a specific file

Your company has been assigned the 2012:0:0:99::/64 IPv6 prefix by your ISP. You have issued the following commands on your Cisco router's FastEthernet 0/0 interface:

ipv6 address 2012:0:0:99::/64 eui-64
no shutdown

Host computers should be also autoconfigured by using the modified EUI-64 format. HostA has an IPv4 address of 192.168.0.14 and a MAC address of 00-33-66-99-BB-EE.

You have configured HostA to use stateless autoconfiguration.

Which of the following IPv6 addresses will HostA use? 

2012::99:0233:66FF:FE99:BBEE

Which of the following is a troubleshooting command that can be used to display basic information about the computer's network interfaces and to perform various utility functions on those interfaces?

ipconfig

In a two-tier network design, which layers are combined together?

core and distribution

Which of the following is a Cisco-proprietary FHRP that elects an AVG and up to four primary AVFs?

GLBP

A REST API returns an HTTP status code of 200.

Which of the following is the most likely reason this code was returned?

The requested action was successfully performed on the server

You issue the following commands on a Cisco router named RouterA:

RouterA(config)#ip access-list extended boson
RouterA(config-ext-nacl)#deny tcp any any neq 23
RouterA(config-ext-nacl)#permit tcp any any eq 20 21
RouterA(config-ext-nacl)#permit tcp any any range 22 80
RouterA(config-ext-nacl)#permit tcp any any gt 442

Which of the following statements about the ACL is true?

Traffic that matches TCP destination port 23 will be permitted.

Which of the following fields are found in the header of a UDP packet? ★

• length

• checksum

• source port

• destination port

Which of the following commands should you issue to globally disable LLDP?

no lldp run

Which of the following is an example of authentication by something you have?

your driver's license

Your company has added an email server and a web server to the existing network infrastructure. Company policy stipulates that only inbound SMTP traffic be allowed to pass to Email Server and that only inbound web traffic be allowed to pass to Web Server. All other traffic must be prevented from reaching the subnet.

Which access lists should be applied to the S0/0 interface of Router1? 

access-list 101 permit tcp any 10.10.10.10 0.0.0.0 eq 25

access-list 101 permit tcp any 10.10.10.11 0.0.0.0 eq 80

In a controller-based network, the functions of which of the following protocols are most likely to be moved to a centralized controller?

OSPF & EIGRP

Which of the following technologies is implemented in WPA3-Personal to replace the use of PSKs in WPA2-Personal?

Simultaneous Authentication of Equals (SAE) 

You administer the network of a manufacturing plant in New York City. You want to install three 802.11g wireless APs in the administrative offices.

Which channels should you configure on the three APs? 

1, 6, and 11

Which of the following CRUD operations corresponds to the HTTP PUT method?

update

You administer the network in the above exhibit. OSPF is configured with the default settings.

You issue the show ip route ospf command on RouterE.

Which of the following are you least likely to see in the output?

 192.0.6.1 [110/1] via 10.10.10.7, 00:23:40, FastEthernet1/1

Which of the following commands should you issue from global configuration mode to configure a Cisco router to operate as an NTP server?

ntp master

Which of the following WLC interfaces supports mobility management for wireless clients? ★

the virtual interface

Which of the following FHRPs would use the virtual MAC address 0000.5E00.0101? 

only VRRP

SwitchA and SwitchB are connected over an 802.1Q trunk link. The native VLAN for the trunk link is configured as VLAN 11 on SwitchA and VLAN 111 on SwitchB. All of the hosts reside in the same IP subnet.

What of the following is true regarding the connectivity between the hosts in this scenario?

HostD can ping HostA

Which of the following refers to the process of buffering packets in a software queue on a QoS-enabled interface?

queuing

You administer the OSPF network in the above exhibit.

RouterA has been configured with a default route to the ISP through the Serial 0/0 interface. RouterB is not configured with a gateway of last resort. OSPF has been properly configured on both routers and is converged. You want RouterB to forward traffic that is destined for the Internet to RouterA.

Which of the following commands could you issue on RouterA to accomplish your goal?

default-information originate