This page was exported from Exams Labs Braindumps [ http://blog.examslabs.com ] Export date:Sun Nov 24 4:17:22 2024 / +0000 GMT ___________________________________________________ Title: [May-2023] 200-301 Free Sample Questions to Practice One Year Update [Q488-Q505] --------------------------------------------------- [May-2023] 200-301 Free Sample Questions to Practice One Year Update Download 200-301 exam with Cisco 200-301 Real Exam Questions The Cisco 200-301 is associated with the Cisco Certified Network Associate (CCNA) certification. It proves that a candidate has gained invaluable skills and knowledge relating to network administration. Simply put, it is the only test that learners need to pass to obtain the new CCNA.   QUESTION 488What is a function of Wireless LAN Controller?  register with a single access point that controls traffic between wired and wireless endpoints.  use SSIDs to distinguish between wireless clients.  send LWAPP packets to access points.  monitor activity on wireless and wired LANs ExplanationLightweight APs (LAPs) is devices require no initial configuration. LAPs use the Lightweight Access Point Protocol (LWAPP) to communicate with a WLAN controller (WLC), as shown in the below figure.Controller-based APs are useful in situations where many APs are required in the network. As more APs are added, each AP is automatically configured and managed by the WLC.QUESTION 489DRAG DROP QUESTION 490What must a network administrator consider when deciding whether to configure a new wireless network with APs in autonomous mode or APs running in cloud- based mode?  Autonomous mode APs are less dependent on an underlay but more complex to maintain than APs in cloud-based mode.  Cloud-based mode APs relay on underlays and are more complex to maintain than APs in autonomous mode.  Cloud-based mode APs are easy to deploy but harder to automate than APs in autonomous mode.  Autonomous mode APs are easy to deploy and automate than APs in cloud-based mode. QUESTION 491Refer to the exhibit.An engineer is configuring an EtherChannel using LACP between Switches 1 and 2 Which configuration must be applied so that only Switch 1 sends LACP initiation packets?  Switch 1 (config-if)#channel-group 1 mode onSwrtch2(config-if)#channel-group 1 mode passive  Switch1(config-if)#channel-group 1 mode passiveSwitch2(config-if)#channel-group 1 mode active  Switch1{config-if)#channel-group 1 mode activeSwitch2(config-if)#channel-group 1 mode passive  Switch1(config-if)#channel-group 1 mode onSwitch2(config-if)#channel-group 1 mode active QUESTION 492A client experiences slow throughput from a server that is directly connected to the core switch in a data center. A network engineer finds minimal latency on connections to the server, but data transfers are unreliable, and the output of the show interfaces counters errors command shows a high FCS-Err count on the interface that is connected to the server.What is the cause of the throughput issue?  a physical cable fault  a speed mismatch  high bandwidth usage  a cable that is too long QUESTION 493Drag and Drop QuestionDrag each route source from the left to the numbers on the right. Beginning with the lowest and ending with the highest administrative distance. QUESTION 494The OSPF Hello protocol performs which of the following tasks? (Choose two.)  It negotiates correctness parameters between neighboring interfaces.  It broadcasts hello packets throughout the internetwork to discover all routers that are running OSP  It provides dynamic neighbor discovery.  It detects unreachable neighbors in 90 second intervals.  It uses timers to elect the router with the fastest links as the designated router.  It maintains neighbor relationships. QUESTION 495Refer to the exhibit. How does SW2 interact with other switches in this VTP domain?  It transmits and processes VTP updates from any VTP clients on the network on its trunk ports.  It processes VTP updates from any VTP clients on the network on its access ports.  It receives updates from all VTP servers and forwards all locally configured VLANs out all trunk ports.  It forwards only the VTP advertisements that it receives on its trunk ports. Section: Network AccessExplanation:The VTP mode of SW2 is transparent so it only forwards the VTP updates it receives to its trunk links without processing them.Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/10558-21.htmlQUESTION 496Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right. ExplanationDouble-Tagging attack:In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs.ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2.Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network which can be used to mitigate this type of attack.QUESTION 497Refer to the exhibit.Which route does R1 select for traffic that is destined to 192 168.16.2?  192.168.16.0/21  192.168.16.0/24  192.168 26.0/26  192.168.16.0/27 ExplanationThe destination IP addresses match all four entries in the routing table but the 192.168.16.0/27 has the longest prefix so it will be chosen. This is called the “longest prefix match” rule.QUESTION 498What is the purpose of an SSID?  It provides network security  It differentiates traffic entering access posits  It identities an individual access point on a WLAN  It identifies a WLAN “In IEEE 802.11 wireless local area networking standards (including Wi-Fi), a service set is a group of wireless network devices which share a service set identifier (SSID) … A service set forms a logical network of nodes operating with shared link-layer networking parameters; they form one logical network segment.”QUESTION 499How does HSRP provide first hop redundancy?  It load-balances traffic by assigning the same metric value to more than one route to the same destination in the IP routing table.  It load-balances Layer 2 traffic along the path by flooding traffic out all interfaces configured with the same VLAN.  It forwards multiple packets to the same destination over different routed links in the data path  It uses a shared virtual MAC and a virtual IP address to a group of routers that serve as the default gateway for hosts on a LAN https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16- book/fhp-hsrp-mgo.htmlQUESTION 500What criteria is used first during the root port selection process?  local port ID  lowest path cost to the toot bridge  lowest neighbor’s bridge ID  lowest neighbor’s port ID Section: Network AccessQUESTION 501Refer to the exhibit.The show ip ospf interface command has been executed on R1 How is OSPF configured?  The interface is not participating in OSPF  A point-to-point network type is configured  The default Hello and Dead timers are in use  There are six OSPF neighbors on this interface QUESTION 502R1 as an NTP server must have:* NTP authentication enabled* NTP packets sourced from Interface loopback 0* NTP stratum 2* NTP packets only permitted to client IP 209.165 200 225How should R1 be configured?A)B)C)D)  Option A  Option B  Option C  Option D QUESTION 503R1 has learned route 10.10.10.0/24 via numerous routing protocols.Which route is installed?  route with the next hop that has the highest IP  route with the lowest cost  route with the lowest administrative distance  route with the shortest prefix length QUESTION 504Refer to the exhibit.How does router R1 handle traffic to 192.168.10.16?  It selects the IS-IS route because it has the shortest prefix inclusive of the destination address.  It selects the EIGRP route because it has the lowest administrative distance.  It selects the OSPF route because it has the lowest cost.  It selects the RIP route because it has the longest prefix inclusive of the destination address. QUESTION 505Which set of actions satisfy the requirement for multifactor authentication?  The user enters a user name and password, and then re-enters the credentials on a second screen.  The user swipes a key fob, then clicks through an email link.  The users enters a user name and password, and then clicks a notification in an authentication app on a mobile device.  The user enters a PIN into an RSA token, and then enters the displayed RSA key on a login screen. Section: Security Fundamentals Loading … Real exam questions are provided for CCNA tests, which can make sure you 100% pass: https://www.examslabs.com/Cisco/CCNA/best-200-301-exam-dumps.html --------------------------------------------------- Images: https://blog.examslabs.com/wp-content/plugins/watu/loading.gif https://blog.examslabs.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-05-04 11:11:02 Post date GMT: 2023-05-04 11:11:02 Post modified date: 2023-05-04 11:11:02 Post modified date GMT: 2023-05-04 11:11:02