CCNA Training CCNAv7 (2020) - New Questions Part 5

11:12, 16/06/2022 CCNA Training » CCNAv7 (2020) – New Questions Part 5
Type text to search here...

Home > CCNAv7 (2020) – New Questions Part 5
CCNAv7 (2020) – New Questions Part 5

January 13th, 2021 Go to comments
Note: The CCNA – New Questions Part 1 to Part 4 have been classified into specific topics at the right-side
menu under “CCNA 200-301” category (from Basic Questions to Miscellaneous Questions) so we removed
them.
Premium Members: You can practice these questions first via these links:
+ First 15 Questions
+ Questions 16 to 30
+ Question 31 to 51
Question 1
Which two QoS tools are used to guarantee minimum bandwidth to certain traffic? (Choose two)
A. FIFO
B. CBWFQ
C. LLC
D. WFQ
E. RSVP
Answer: B D
Explanation
First-in, first-out (FIFO): FIFO entails no concept of priority or classes of traffic. With FIFO, transmission of
packets out the interface occurs in the order the packets arrive, which means no QoS
Weighted fair queueing (WFQ): offers dynamic, fair queuing that divides bandwidth across queues of traffic
based on weights. In standard WFQ, packets are classified into flows according to one of four criteria: the source
Internet Protocol address (IP address), the destination IP address, the source Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP) port, or the destination TCP or UDP port.
Class-based weighted fair queueing (CBWFQ) extends the standard WFQ functionality to provide support for
user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols,
access control lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the
traffic for that class. A queue is reserved for each class, and traffic belonging to a class is directed to the queue
for that class.
Once a class has been defined according to its match criteria, you can assign it characteristics. To characterize a
class, you assign it bandwidth, weight, and maximum packet limit. The bandwidth assigned to a class is the
guaranteed bandwidth delivered to the class during congestion.
https://www.9tut.com/ccnav7-2020-new-questions-part-5 1/29
The Resource Reservation Protocol (RSVP) protocol allows applications to reserve bandwidth for their data
flows. It is used by a host, on the behalf of an application data flow, to request a specific amount of bandwidth
from the network. RSVP is also used by the routers to forward bandwidth reservation requests.
Question 2
Drag and drop the SNMP manager and agent identifier commands from the left onto the functions on the right.
Answer:
+ show snmp group: displays the SNMP security model in use

+ show snmp community: displays the SNMP access string
+ show snmp chassis: displays the SNMP server serial number
+ show snmp engineID: displays the IP address of the remote SNMP device
+ show snmp host: displays information about the SNMP recipient
Explanation
The command “show snmp group” displays the names of groups on the router and the security model, the status
of the different views, and the storage type of each group. Below is an example of this command.
The “show snmp engineID” displays the identification of the local SNMP engine and all remote engines that
have been configured on the router. The following example specifies 00000009020000000C025808 as the local
engineID and 123456789ABCDEF000000000 as the remote engine ID, 171.69.37.61 as the IP address of the
remote engine (copy of SNMP) and 162 as the port from which the remote device is connected to the local
device:
Router# show snmp engineID

Local SNMP engineID: 00000009020000000C025808
Remote Engine ID IP-addr Port
123456789ABCDEF000000000 171.69.37.61 162
The “show snmp community” command display the SNMP community strings configured on the switch.
switch# show snmp community
Community Group / Access context acl_filter
--------- -------------- ------- ----------
public network-admin
switch#
The “show snmp host” command displays details such as IP address of the Network Management System
(NMS), notification type, SNMP version, and the port number of the NMS. The following is sample output from
the show snmp host command.
Router# show snmp host

Notification host: 10.2.28.6 udp-port: 162 type: inform
user: public security model: v2c
traps: 00001000.00000000.00000000
The “show snmp chassis” command displays the SNMP server serial number. The output is self-explanatory.
Router# show snmp chassis
01506199
Question 3
Which type of security program is violated when a group of employees enters a building using the ID badge of
only one person?
A. intrusion detection
B. user awareness
C. physical access control
D. network authorization
Answer: C
Question 4
A network administrator needs to aggregate 4 ports into a single logical link which must negotiate layer 2
connectivity to ports on another switch. What must be configured when using active mode on both sides of the
connection?
A. 802.1q trunks
B. Cisco vPC
C. LLDP
D. LACP
Answer: D
Question 5
In which situation is private IPv4 addressing appropriate for a new subnet on the network of an organization?
A. There is limited unique address space, and traffic on the new subnet will stay local within the organization.
B. The network has multiple endpoint listeners, and it is desired to limit the number of broadcasts.
C. Traffic on the subnet must traverse a site-to-site VPN to an outside organization.
D. The ISP requires the new subnet to be advertised to the internet for web services.
Answer: A
Question 6
Aside from discarding, which two states does the switch port transition through while using RSTP (802.1w)?
(Choose two)
A. listening
B. blocking
C. forwarding
D. learning
E. speaking
Answer: C D
Explanation
There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D
blocking, and listening states are merged into the 802.1w discarding state.
* Discarding – the port does not forward frames, process received frames, or learn MAC addresses – but it does
listen for BPDUs (like the STP blocking state)
* Learning – receives and transmits BPDUs and learns MAC addresses but does not yet forward frames (same
as STP).
* Forwarding – receives and sends data, normal operation, learns MAC address, receives and transmits BPDUs
(same as STP).
STP State (802.1d) RSTP State (802.1w)

Blocking Discarding
Listening Discarding
Learning Learning
Forwarding Forwarding
Although the learning state is also used in RSTP but it only takes place for a short time as compared to STP.
RSTP converges with all ports either in forwarding state or discarding state.
Question 7
What is a role of wireless controllers in an enterprise network?
A. serve as the first line of defense in an enterprise network

B. support standalone or controller-based architectures
C. centralize the management of access points in an enterprise network
D. provide secure user logins to devices on the network
Answer: C
Question 8
How do servers connect to the network in a virtual environment?
A. wireless to an access point that is physically connected to the network

B. a cable connected to a physical switch on the network
C. a virtual switch that links to an access point that is physically connected to the network
D. a software switch on a hypervisor that is physically connected to the network
Answer: D
Question 9
Which CRUD operation corresponds to the HTTP GET method?
A. read
B. update
C. create
D. delete
Answer: A
Explanation
CRUD is short for CREATE, READ, UPDATE and DELETE operations. “GET” request is used to get a
resource from a server. If you perform a “GET” request, the server looks for the data you requested and sends it
back to you. In other words, a “GET” request performs a “READ” operation.
Question 10
With REST API, which standard HTTP header tells a server which media type is expected by the client?
A. Accept-Encoding: gzip, deflate

B. Accept-Patch: text/example; charset=utf-8
C. Content-Type: application/json; charset=utf-8
D. Accept: application/json
Answer: D
Question 11
Which device tracks the state of active connections in order to make a decision to forward a packet through?
A. firewall
B. wireless access point
C. router
D. wireless LAN controller
Answer: A
Explanation
Stateful inspection firewalls keep track of connection status. Ports can be dynamically opened and closed if
necessary for completing a transaction. For example, when you make a connection to a server using HTTP, the
server will initiate a new connection back to your system on a random port. A stateful inspection firewall will
automatically open a port for this return connection.
Question 12
Which device controls the forwarding of authentication requests for users when connecting to the network using
a lightweight access point?
A. TACACS server
B. wireless access point
C. RADIUS server
D. wireless LAN controller
Answer: D
Question 13
Refer to the exhibit. A network administrator has been tasked with securing VTY access to a router. Which
access-list entry accomplishes this task?
A. access-list 101 permit tcp 10.1.10.0 0.0.0.255 172.16.10.0 0.0.0.255 eq ssh

B. access-list 101 permit tcp 10.11.0.0 0.0.0.255 172.16.10.0 0.0.0.255 eq scp
C. access-list 101 permit tcp 10.11.0.0 0.0.0.255 172.16.10.0 0.0.0.255 eq telnet
D. access-list 101 permit tcp 10.1.10.0 0.0.0.255 172.16.10.0 0.0.0.255 eq https
Answer: A
Explanation
In order to secure VTY access to a router, we can allow only SSH to access the device.
Question 14
A network administrator must enable DHCP services between two sites. What must be configured for the router
to pass DHCPDISCOVER messages on to the server?
A. a DHCP Relay Agent

B. DHCP Binding
C. a DHCP Pool
D. DHCP Snooping
Answer: A
Explanation
If the DHCP Server is not on the same subnet with the DHCP Client, we need to configure the router on the
DHCP client side to act as a DHCP Relay Agent so that it can forward DHCP messages between the DHCP
Client & DHCP Server. To make a router a DHCP Relay Agent, simply put the “ip helper-address <IP-address-
of-DHCP-Server>” command under the interface that receives the DHCP messages from the DHCP Client.
As we know, router does not forward broadcast packets (it drops them instead) so DHCP messages like
DHCPDISCOVER message will be dropped. But with the “ip helper-address …” command, the router will
accept that broadcast message and cover it into a unicast packet and forward it to the DHCP Server. The
destination IP address of the unicast packet is taken from the “ip helper-address …” command.
Question 15
Refer to the exhibit. PC1 is trying to ping PC3 for the first time and sends out an ARP to S1. Which action is
taken by S1?
A. It forwards it out G0/3 only

B. It is flooded out every port except G0/0
C. It drops the frame
D. It forwards it out interface G0/2 only
Answer: B
Question 16
Refer to the exhibit. What is the result if Gig1/11 receives an STP BPDU?
switch(config)#interface gigabitEthernet 1/11

switch(config-if)#switchport mode access
switch(config-if)#spanning-tree portfast
switch(config-if)#spanning-tree bpduguard enable
A. The port transitions to STP blocking

B. The port transitions to the root port
C. The port immediately transitions to STP forwarding
D. The port goes into error-disable state
Answer: D
Explanation
BPDU Guard feature allows STP to shut an access port in the event of receiving a BPDU and put that port into
err-disabled state.
Question 17
An engineer must configure traffic for a VLAN that is untagged by the switch as it crosses a trunk link. Which
command should be used?
A. switchport trunk allowed vlan 10

B. switchport trunk native vlan 10
C. switchport mode trunk
D. switchport trunk encapsulation dot1q
Answer: B
Question 18
What is the maximum bandwidth of a T1 point-to-point connection?
A. 1.544 Mbps
B. 2.048 Mbps
C. 34.368 Mbps
D. 43.7 Mbps
Answer: A
Explanation
The speeds of these links are shown as below:
+ T1: 1.544 Mbps

+ 10BaseT: 10 Mbps
+ 100BaseT (often referred to as FastEthernet): 100Mbps
Question 19
How does a Cisco Unified Wireless network respond to Wi-Fi channel overlap?
A. It alternates automatically between 2.4 GHz and 5 GHz on adjacent access points
B. It allows the administrator to assign channels on a per-device or per-interface basis.
C. It segregates devices from different manufacturers onto different channels.
D. It analyzes client load and background noise and dynamically assigns a channel.
Answer: A
Question 20
What does a switch use to build its MAC address table?
A. VTP
B. DTP
C. egress traffic
D. ingress traffic
Answer: D
Explanation
The MAC addresses in the CAM table are the source MAC addresses only. Therefore it only learns MAC
address from ingress traffic.
Question 21
Which network plane is centralized and manages routing decisions?
A. policy plane
B. control plane
C. management plane
D. data plane
Answer: B
Question 22
What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?
A. initiates a ping request to the URL

B. prompts the user to specify the desired IP address
C. continuously attempts to resolve the URL until the command is cancelled
D. sends a broadcast message in an attempt to resolve the URL
Answer: D
Explanation
With default DNS lookup settings, the router will sends broadcast message to resolve an URL. Consider the
following example:
R1#test
Translating "test"...domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer address
In the output above we typed an unrecognized command “test”. The router entered the DNS resolution process
which lasted about a minute.
Question 23
Refer to the exhibit.
Switch 1
VLAN 110 – 32778 0018.184e.3c00
Switch 2
VLAN 110 – 24586 001a.e3ff.a680
Switch 3
VLAN 110 – 28682 0022.55cf.cc00
Switch 4
VLAN 110 – 64000 0e38.7363.657f
Which switch becomes the root of the spanning tree for VLAN 110?
A. Switch 1
B. Switch 2
C. Switch 3
D. Switch 4
Answer: B
Explanation
The switch with lowest Bridge Priority would become the root bridge for that VLAN. In this case Switch 2 has
the lowest Bridge Priority of 24586 so it will become the root bridge.
Question 24
An administrator must configure interfaces Gi1/1 and Gi1/3 on switch SW11 PC-1 and PC-2 must be placed in
the Data VLAN and Phone-1 must be placed in the Voice VLAN. Which configuration meets these
requirements?
Option A Option B
interface gigabitethernet1/1 interface gigabitethernet1/1
switchport mode access switchport mode access
switchport access vlan 8 switchport access vlan 9
! !
switchport mode access switchport mode trunk
switchport voice vlan 8 switchport voice vlan 8
Option C Option D
switchport mode access switchport mode access
! !
switchport mode access switchport mode trunk
switchport access vlan 8 switchport voice vlan 8
switchport voice vlan 9 switchport access vlan 9
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Explanation
According to the exhibit above, we have to configure VLAN 8 as access vlan and VLAN 9 as voice vlan.
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. You can configure a
voice VLAN with the “switchport voice vlan …” command under interface mode. The full configuration is
shown below:
Switch(config)#interface fastethernet0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#switchport voice vlan 20
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4500-series-switches/69632-
configuring-cat-ip-phone.html
Note: When you connect an IP phone to a switch using a trunk link, it can cause high CPU utilization in the
switches. As all the VLANs for a particular interface are trunked to the phone, it increases the number of STP
instances the switch has to manage. This increases the CPU utilization. Trunking also causes unnecessary
broadcast / multicast / unknown unicast traffic to hit the phone link.
In order to avoid this, remove the trunk configuration and keep the voice and access VLAN configured along
with Quality of Service (QoS). Technically, it is still a trunk, but it is called a Multi-VLAN Access Port
(MVAP). Because voice and data traffic can travel through the same port, you should specify a different VLAN
for each type of traffic. You can configure a switch port to forward voice and data traffic on different VLANs.
Configure IP phone ports with a voice VLAN configuration. This configuration creates a pseudo trunk, but does
not require you to manually prune the unnecessary VLANs.
Question 25
Refer to exhibit.
Which configuration must be applied to the router that configures PAT to translate all addresses in VLAN 200
while allowing devices on VLAN 100 to use their own IP addresses?
Option A Option B
Router1(config)#access-list 99 permit 209.165.201.2 Router1(config)#access-list 99 permit 209.165.201.2

0.0.0.0 255.255.255.255
Router1(config)#ip nat inside source list 99 interface Router1(config)#ip nat inside source list 99 interface
gi1/0/0 overload gi1/0/0 overload
Router1(config)#interface gi2/0/1.200 Router1(config)#interface gi2/0/1.200
Router1(config)#ip nat inside Router1(config)#ip nat inside
Router1(config)#interface gi1/0/0 Router1(config)#interface gi1/0/0
Router1(config)#ip nat outside Router1(config)#ip nat outside
Option C Option D
Router1(config)#access-list 99 permit 192.168.100.0 Router1(config)#access-list 99 permit 192.168.100.32

0.0.0.255 0.0.0.31
Router1(config)#ip nat inside source list 99 interface Router1(config)#ip nat inside source list 99 interface
gi1/0/0 overload gi1/0/0 overload
Router1(config)#interface gi2/0/1.200 Router1(config)#interface gi2/0/1.200
Router1(config)#ip nat inside Router1(config)#ip nat inside
Router1(config)#interface gi1/0/0 Router1(config)#interface gi1/0/0
Router1(config)#ip nat outside Router1(config)#ip nat outside
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
Question 26
How does a switch process a frame received on Fa0/1 with the destination MAC address of 0e38.7363.657b
when the table is missing the address?
A. It floods the frame to all interfaces except Fa0/1.

B. It forwards the frame back out of interface Fa0/1.
C. It drops the frame immediately.
D. It holds the frame until the MAC address timer expires and then drops the frame.
Answer: A
Question 27
What is a benefit of VRRP?
A. It provides traffic load balancing to destinations that are more than two hops from the source.
B. It provides the default gateway redundancy on a LAN using two or more routers.
C. It allows neighbors to share routing table information between each other.
D. It prevents loops in a Layer 2 LAN by forwarding all traffic to a root bridge, which then makes the final
forwarding decision.
Answer: B
Question 28
Which protocol does an IPv4 host use to obtain a dynamically assigned IP address?
A. ARP
B. DNS
C. CDP
D. DHCP
Answer: D
Question 29
Option A Option B
ip access-list standard 99 ip access-list standard 99

permit 10.100.100.0 0.0.0.255 permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.0.255.255 deny 192.168.0.0 0.255.255.255
Option C Option D
ip access-list standard 100 ip access-list standard 199

permit 10.100.100.0 0.0.0.255 permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.255.255.255 deny 192.168.0.0 0.0.255.255
An access list is required to permit traffic from any host on interface G0/0 and deny traffic from interface Gi0/1.
Which access list must be applied?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation
The standard access lists are ranged from 1 to 99 and from 1300 to 1999 so only Option A & B are correct. The
subnet on interface Gi0/1 is 192.168.0.0/16 so we have to use the ACL statement “deny 192.168.0.0
0.0.255.255“
Question 30
Which condition must be met before an NMS handles an SNMP trap from an agent?
A. The NMS must be configured on the same router as the SNMP agent
B. The NMS must receive a trap and an inform message from the SNMP agent within a configured interval
C. The NMS software must be loaded with the MIB associated with the trap
D. The NMS must receive the same trap from two different SNMP agents to verify that it is reliable
Answer: C
========================= New Questions (added on 30th-Jan-2021)

=========================
Question 31
What is a characteristic of a SOHO network?
A. connects each switch to every other switch in the network

B. enables multiple users to share a single broadband connection
C. provides high throughput access for 1000 or more users
D. includes at least three tiers of devices to provide load balancing and redundancy
Answer: B
Explanation
SOHO is the abbreviation for Small Office/Home Office network.

These days, many budding entrepreneurs and small business owners prefer to work from home or to maintain
only a small office. Budding entrepreneurs and small business owners need small network and access to the
Internet for their daily work. SOHO network is a solution for this type of network requirement. SOHO network
is meant for use in small businesses. Most cases, SOHO networks are configured for privately owned business or
individuals who are self-employed.
SOHO networks are small LANs (Local Area Networks). Typically, SOHO networks consists of less than 10
computers. Network service servers like DNS server, email server, web server etc., are typically configured
outside SOHO network.
Question 32
Which resource is able to be shared among virtual machines deployed on the same physical server?
A. applications
B. operating system
C. VM configuration file
D. disk
Answer: D
Question 33
Which implementation provides the strongest encryption combination for the wireless environment?
A. WPA2 + AES
B. WPA + AES
C. WEP
D. WPA + TKIP
Answer: A
Explanation
AES is a more secure encryption protocol introduced with WPA2 and it is currently the strongest encryption
type for WPA2-PSK.
Question 34
After running the code in the exhibit, which step reduces the amount of data that the NETCONF server returns
to the NETCONF client, to only the interface’s configuration?
A. Use the xml library to parse the data returned by the NETCONF server for the interface’s configuration.
B. Create an XML filter as a string and pass it to get_config() method as an argument.
C. Create a JSON filter as a string and pass it to the get_config() method as an argument.
D. Use the JSON library to parse the data returned by the NETCONF server for the interface’s configuration.
Answer: D
Explanation
In the exhibit above, we are getting the running config of the device then we can use JSON library to filter the
data later.
========================== New Questions (added on 5th-Feb-2021)

==========================
Question 35
What are two functions of an SDN controller? (Choose two)
A. coordinating VTNs
B. Layer 2 forwarding
C. tracking hosts
D. managing the topology
E. protecting against DDoS attacks
Answer: A D
Explanation
Software-defined networking (SDN) and network function virtualization (NFV) have emerged as the most
promising candidates for improving network function and protocol programmability and dynamic adjustment of
network resources. On the one hand, SDN is responsible for providing an abstraction of network resources
through well-defined application programming interfaces. This abstraction enables SDN to perform network
virtualization, that is, to slice the physical infrastructure and create multiple coexisting application-specific
virtual tenant networks (VTNs) with specific quality-of-service and service-levelagreement requirements,
independent of the underlying optical transport technology and network protocols.
Reference: https://ieeexplore.ieee.org/abstract/document/7331131
Question 36
If a switch port receives a new frame while it is actively transmitting a previous frame, how does it process the
frames?
A. The previous frame is delivered, the new frame is dropped, and a retransmission request is sent.
B. The new frame is delivered first, the previous frame is dropped, and a retransmission request is sent.
C. The two frames are processed and delivered at the same time.
D. The new frame is placed in a queue for transmission after the previous frame.
Answer: D
Explanation
Each port in the switch has the ability to hold frames in memory, before transmitting them onto the Ethernet
cable connected to the port. For example, if the port is already busy transmitting when a frame arrives for
transmission, then the frame can be held for the short time it takes for the port to complete transmitting the
previous frame.
Reference: https://www.oreilly.com/library/view/ethernet-switches/9781449367299/ch01.html
Question 37
Which WAN topology provides a combination of simplicity quality, and availability?
A. partial mesh
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: C
Explanation
Advantages/Disadvantages of Leased Lines
Advantages
Simplicity: Point-to-point communication links require minimal expertise to install and maintain.
Quality: Point-to-point communication links usually offer high service quality, if they have adequate bandwidth.
The dedicated capacity removes latency or jitter between the endpoints.
Availability: Constant availability is essential for some applications, such as e-commerce. Point-to-point
communication links provide permanent, dedicated capacity, which is required for VoIP or Video over IP.
Disadvantages
Cost: Point-to-point links are generally the most expensive type of WAN access. The cost of leased-line
solutions can become significant when they are used to connect many sites over increasing distances. In
addition, each endpoint requires an interface on the router, which increases equipment costs.
Limited flexibility: WAN traffic is often variable, and leased lines have a fixed capacity, so the bandwidth of the
line seldom matches the need exactly. Any change to the leased line generally requires a site visit by ISP
personnel to adjust capacity.
Reference: https://www.ciscopress.com/articles/article.asp?p=2832405&seqNum=5
Question 38
The ntp server 192.168.0.3 command has been configured on Router1 to make it an NTP client of router 2.
Which command must be configured on Router2 so that it operates in server-only mode and relies only on its
internal clock?
A. Router2(config)#ntp passive
B. Router2(config)#ntp master 4
C. Router2(config)#ntp server 172.17.0.1
D. Router2(config)#ntp server 192.168.0.2
Answer: B
Explanation
An Authoritative NTP Server can distribute time even when it is not synchronized to an existing time server. To
configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command.
Question 39
A network engineer must configured communication between PC A and the File Server. To prevent interruption
for any other communications, which command must be configured?
A. Switch trunk allowed vlan 12

B. Switchport trunk allowed vlan none
C. Switchport trunk allowed vlan add 13
D. Switchport trunk allowed vlan remove 10-11
Answer: C
Explanation
Switch A does not allow VLAN 13 to go through so we must add VLAN 13 to the allowed list of interface Gi0/1
of SwitchA by the command “switchport trunk allowed vlan add 13”.
Question 40
Why does a switch flood a frame to all ports?
A. The destination MAC address of the frame is unknown

B. The source MAC address of the frame is unknown
C. The source and destination MAC addresses of the frame are the same
D. The frame has zero destination MAC addresses
Answer: A
Explanation
If the destination MAC address is not in the CAM table (that is, unknown unicast), the switch sends the frame
out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the
frame out the same port on which the frame was received.
Question 41
When DHCP is configured on a router, which command must be entered so the default gateway is automatically
distributed?
A. default-router
B. default-gateway
C. ip helper-address
D. dns-server
Answer: A
Explanation
The following example shows how to configure a DHCP Server on a Cisco router:
Configuration Description
Router(config)#ip dhcp
Create a DHCP Pool named CLIENTS
pool CLIENTS
Router(dhcp-
config)#network Specifies the subnet and mask of the DHCP address pool
10.1.1.0 /24
Router(dhcp-
config)#default-router Set the default gateway of the DHCP Clients
10.1.1.1
Router(dhcp-
config)#dns-server Configure a Domain Name Server (DNS)
10.1.1.1
Router(dhcp-
config)#domain-name Configure a domain-name
9tut.com
Duration of the lease (the time during which a client computer can use an assigned IP
address). The syntax is “lease {days[hours] [minutes] | infinite}”. In this case the
Router(dhcp-
lease is 12 hours. The default is a one-day lease.
config)#lease 0 12
Before the lease expires, the client typically needs to renew its address lease
assignment with the server
Router(dhcp-
config)#exit
Router(config)# ip
The IP range that a DHCP Server should not assign to DHCP Clients. Notice this
dhcp excluded-address
command is configured under global configuration mode
10.1.1.1 10.1.1.10
Question 42
What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?
A. Layer 2 switch
B. LAN controller
C. load balancer
D. firewall
Answer: D
Question 43
How is the native VLAN secured in a network?
A. separate from other VLANs within the administrative domain

B. give it a value in the private VLAN range
C. assign it as VLAN 1
D. configure it as a different VLAN ID on each end of the link
Answer: A
Explanation
If we assign the native VLAN to private VLAN, it will not be able to communicate with other devices ->
Answer B is not correct.
VLAN 1 is the native VLAN by default -> Answer C is not correct.
The native VLAN number must match between two ends; otherwise the “native VLAN mismatch” error will
occur -> We cannot configure different VLAN ID on each end -> Answer D is not correct.
We should assign the native VLAN to an unused VLAN on our network so that no one can access it. This also
mitigate VLAN hopping attack (this attack is used on native VLAN).
Question 44
Which command on a port enters the forwarding state immediately when a PC is connected to it?
A. switch(config)#spanning-tree portfast default

B. switch(config)#spanning-tree portfast bpduguard default
C. switch(config-if)#spanning-tree portfast trunk
D. switch(config-if)#no spanning-tree portfast
Answer: A
Explanation
Although this question said “which command on a port” but it gave two answers in global configuration mode
so it is a bit unclear. But we believe the correct answer should be “spanning-tree portfast default”, which enables
PortFast on all non-trunking interfaces.
Note: The command “spanning-tree portfast trunk” enables portfast on a trunk port. The trunk port enters the
STP forwarding-state immediately or upon a linkup event, thus bypassing the listening and learning states.
==================== New Questions (added on 8th-Feb-2021) ====================
Question 45
What is the purpose of a southbound API in a control based networking architecture?
A. facilities communication between the controller and the applications

B. integrates a controller with other automation and orchestration tools
C. allows application developers to interact with the network
D. facilities communication between the controller and the networking hardware
Answer: D
Question 46
Which switch technology establishes a network connection immediately when it is plugged in?
A. UplinkFast
B. PortFast
C. BPDU guard
D. BackboneFast
Answer: B
Explanation
Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast enabled will go to
forwarding state immediately without passing the listening and learning state. Therefore it can save about 30 to
45 seconds to transition through these states.
UplinkFast is a Cisco specific feature that improves the convergence time of the Spanning-Tree Protocol (STP)
in the event of the failure of an uplink.
Question 47
What causes a port to be placed in the err-disabled state?
A. latency
B. nothing plugged into the port
C. shutdown command issued on the port
D. port security violation
Answer: D
Explanation
When a port security is violated, that port can be put into errdisable state.
Question 48
Which technology is appropriate for communication between an SDN controller and applications running over
the network?
A. OpenFlow
B. Southbound API
C. NETCONF
D. REST API
Answer: D
Explanation
Software-defined northbound application program interfaces (SDN northbound APIs) are usually SDN RESTful
APIs used to communicate between the SDN Controller and the services and applications running over the
network.
Note: OpenFlow and NETCONF are Southbound APIs used for most SDN implementations.
==================== New Questions (added on 14th-Feb-2021) ====================
Question 49
Which security program element involves installing badge readers on data-center doors to allow workers to enter
and exit based on their job roles?
A. physical access control

B. biometrics
C. role-based access control
D. multifactor authentication
Answer: A
Explanation
Badge reader is a small, inexpensive reader connected to the USB port of any PC, which can read the
information encoded on a badge (barcode, microchip or RFID, magnetic stripe) and restore it on any computer
software. An example of badge reader is shown below:
The purpose of access control is to grant entrance to a building or office only to those who are authorized to be
there.
This paragraph is quoted from Cisco 200-301 Official Cert Guide:
Physical access control: Infrastructure locations, such as network closets and data centers, should remain
securely locked. Badge access to sensitive locations is a scalable solution, offering an audit trail of identities and
timestamps when access is granted. Administrators can control access on a granular basis and quickly remove
access when an employee is dismissed.
Question 50
What is a characteristic of private IPv4 addressing?
A. used without tracking or registration

B. issued by IANA in conjunction with an autonomous system number
C. traverse the Internet when an outbound ACL is applied
D. composed of up to 65,536 available addresses
Answer: A
Explanation
Only private address of class A (10.0.0.0 – 10.255.255.255) includes 16,777,216 so answer D is not correct.
Question 51
Which network action occurs within the data plane?
A. compare the destination IP address to the IP routing table

B. make a configuration change from an incoming NETCONF RPC
C. run routing protocols (OSPF, EIGRP, RIP, BGP)
D. reply to an incoming ICMP echo request
Answer: A
Explanation
The following list details some of the more common actions that a networking device does that fit into the data
plane:
+ De-encapsulating and re-encapsulating a packet in a data-link frame (routers, Layer 3 switches)
+ Adding or removing an 802.1Q trunking header (routers and switches)
+ Matching an Ethernet frame’s destination Media Access Control (MAC) address to the MAC address table
(Layer 2 switches)
+ Matching an IP packet’s destination IP address to the IP routing table (routers, Layer 3 switches)
+ Encrypting the data and adding a new IP header (for virtual private network [VPN] processing)
+ Changing the source or destination IP address (for Network Address Translation [NAT] processing)
+ Discarding a message due to a filter (access control lists [ACLs], port security)
Reference: https://www.ciscopress.com/articles/article.asp?p=2995354&seqNum=2
Comments (4) Comments

Comment pages
« Previous 1 2 3 5677
1. shin okada
January 25th, 2022
Can the new question be run in test format?
2. Tsvetan Banski
January 28th, 2022
Hello 9tut,
I think that the answer of Question 44 should be “C”. Can you please check it?
BR
3. TsvetanBanski
January 28th, 2022
Can you check question 44? I think that the answer is C.
4. V
March 4th, 2022
Question 49 is C not A. While it is a type of Physical Access Control, Role-Based Access Control is the
more specific term they are referring to in the question.
Comment pages
« Previous 1 2 3 5677
Add a Comment
Name
Tôi không phải là người

máy reCAPTCHA
Bảo mật - Điều khoản
Submit Comment
Subscribe to comments feed
HSRP Questions Access-list Questions
Premium Member Zone

Welcome Hai Minh!
Welcome Premium Member

CCNA – New Questions Part 5

Composite Quizzes
IP Services Sim
Static Routing Configuration Sim
Static Routing Configuration Sim 2
OSPF Configuration Sim
Logout
CCNA 200-301
Basic Questions
Topology Architecture Questions
Cloud & Virtualization Questions
CDP & LLDP Questions
Switch Questions
VLAN & Trunking Questions
VLAN & Trunking Questions 2
STP & VTP Questions
EtherChannel Questions
TCP & UDP Questions
IP Address & Subnetting Questions
IP Routing Questions
IP Routing Questions 2
OSPF Questions
OSPF Questions 2
EIGRP Questions
NAT Questions
NTP Questions
Syslog Questions
HSRP Questions
Access-list Questions
AAA Questions
Security Questions
Security Questions 2
DAI Questions
IPv6 Questions
DNS Questions
QoS Questions
Port Security Questions
Wireless Questions
Wireless Questions 2
SDN Questions
DNA Center Questions
Drag Drop Questions
Drag Drop Questions 2
Drag Drop Questions 3
VPN Questions
DHCP Questions
Automation Questions
Miscellaneous Questions
CCNA FAQs & Tips
Share your new CCNA Experience
CCNA Self-Study
Practice CCNA GNS3 Labs
CCNA Knowledge
CCNA Lab Challenges
Puppet Tutorial
Chef Tutorial
Ansible Tutorial
JSON Tutorial
Layer 2 Threats and Security Features
AAA TACACS+ and RADIUS Tutorial
STP Root Port Election Tutorial
GRE Tunnel Tutorial
Basic MPLS Tutorial
TCP and UDP Tutorial
Border Gateway Protocol BGP Tutorial
Point to Point Protocol (PPP) Tutorial
WAN Tutorial
DHCP Tutorial
Simple Network Management Protocol SNMP Tutorial
Syslog Tutorial
Gateway Load Balancing Protocol GLBP Tutorial
EtherChannel Tutorial
Hot Standby Router Protocol HSRP Tutorial
InterVLAN Routing Tutorial
Cisco Command Line Interface CLI
Cisco Router Boot Sequence Tutorial
OSI Model Tutorial
Subnetting Tutorial – Subnetting Made Easy
Frame Relay Tutorial
Wireless Tutorial
Virtual Local Area Network VLAN Tutorial
VLAN Trunking Protocol VTP Tutorial
IPv6 Tutorial
Rapid Spanning Tree Protocol RSTP Tutorial
Spanning Tree Protocol STP Tutorial
Network Address Translation NAT Tutorial
Access List Tutorial
RIP Tutorial
EIGRP Tutorial
OSPF Tutorial
Network Resources
Free Router Simulators
CCNA Website
ENCOR Website
ENSDWI Website
ENARSI Website
DevNet Website
CCIE R&S Website
Security Website
Wireless Website
Design Website
Data Center Website
Service Provider Website
Collaboration Website
Top
Copyright © 2021 CCNA Training

Site Privacy Policy. Valid XHTML 1.1 and CSS 3.H

CCNA Training CCNAv7 (2020) - New Questions Part 5

Uploaded by

Copyright:

Available Formats

You might also like

CCNA Training CCNAv7 (2020) - New Questions Part 5

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Training CCNAv7 (2020) - New Questions Part 5

Uploaded by

Copyright:

Available Formats

11:12, 16/06/2022 CCNA Training » CCNAv7 (2020) – New Questions Part 5

Type text to search here...

CCNAv7 (2020) – New Questions Part 5

+ show snmp group: displays the SNMP security model in use

Router# show snmp engineID

Router# show snmp host

STP State (802.1d) RSTP State (802.1w)

What is a role of wireless controllers in an enterprise network?

A. serve as the first line of defense in an enterprise network

How do servers connect to the network in a virtual environment?

A. wireless to an access point that is physically connected to the network

Which CRUD operation corresponds to the HTTP GET method?

A. Accept-Encoding: gzip, deflate

A. access-list 101 permit tcp 10.1.10.0 0.0.0.255 172.16.10.0 0.0.0.255 eq ssh

A. a DHCP Relay Agent

A. It forwards it out G0/3 only

switch(config)#interface gigabitEthernet 1/11

A. The port transitions to STP blocking

A. switchport trunk allowed vlan 10

What is the maximum bandwidth of a T1 point-to-point connection?

The speeds of these links are shown as below:

+ T1: 1.544 Mbps

What does a switch use to build its MAC address table?

Which network plane is centralized and manages routing decisions?

A. initiates a ping request to the URL

Refer to the exhibit.

Refer to the exhibit.

Router1(config)#access-list 99 permit 209.165.201.2 Router1(config)#access-list 99 permit 209.165.201.2

Router1(config)#access-list 99 permit 192.168.100.0 Router1(config)#access-list 99 permit 192.168.100.32

A. It floods the frame to all interfaces except Fa0/1.

What is a benefit of VRRP?

Refer to the exhibit.

ip access-list standard 99 ip access-list standard 99

ip access-list standard 100 ip access-list standard 199

========================= New Questions (added on 30th-Jan-2021)

What is a characteristic of a SOHO network?

A. connects each switch to every other switch in the network

SOHO is the abbreviation for Small Office/Home Office network.

Refer to the exhibit.

========================== New Questions (added on 5th-Feb-2021)

What are two functions of an SDN controller? (Choose two)

Which WAN topology provides a combination of simplicity quality, and availability?

Advantages/Disadvantages of Leased Lines

Refer to the exhibit.

Refer to the exhibit.

A. Switch trunk allowed vlan 12

Why does a switch flood a frame to all ports?

A. The destination MAC address of the frame is unknown

How is the native VLAN secured in a network?

A. separate from other VLANs within the administrative domain

VLAN 1 is the native VLAN by default -> Answer C is not correct.

A. switch(config)#spanning-tree portfast default

==================== New Questions (added on 8th-Feb-2021) ====================

What is the purpose of a southbound API in a control based networking architecture?

A. facilities communication between the controller and the applications

What causes a port to be placed in the err-disabled state?

==================== New Questions (added on 14th-Feb-2021) ====================

A. physical access control