• Home
  • Articles
  • Cisco 200-301 Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q43-Q68]

Cisco 200-301 Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q43-Q68]

Share

[Sep-2021] Pass Cisco 200-301 Exam in First Attempt Guaranteed!

Full 200-301 Practice Test and 216 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 43
Refer to the exhibit.


A network administrator assumes a task to complete the connectivity between PC A and the File Server. Switch A and Switch B have been partially configured with VLAN 10, 11, 12, and 13. What is the next step in the configuration?

  • A. Add PC A to the same subnet as the Fie Server allowing for intra-VLAN communication.
  • B. Add PC A to VLAN 10 and the File Server to VLAN 11 fa VLAN segmentation
  • C. Add a router on a stick between Switch A and Switch B allowing for Inter-VLAN routing.
  • D. Add VLAN 13 to the trunk links on Switch A and Switch B for VLAN propagation

Answer: D

 

NEW QUESTION 44
ACL-3
A corporation wants to add security to its network.
The requirements are:
> Host C shouldbe able touse a web browser (HTTP) to access the Finance Web Server.
> Other types of access from host Cto the Finance Web Server should be blocked.
> All access from hostsin the Core or local LAN to the Finance Web Server should be blocked.
> All hosts in the Core and on local LAN should be to access the Public Web Server.
You have been tasked to create and apply a numberd access list to a single outbound interface. They can contain no more than three statements that meets these requirements.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.196.65, Corp1 Router's port S's IP need to be showed if it is right when taking the test; if it is not right, IP needs to be corrected.
The computers in the Hosts LAN have been assigned addresses of 192.168.33.1 - 192.168.33.254 Host A 192.168.33.1 Host B192.168.33.2 Host C192.168.33.3 Host D 192.168.33.4 The servers in the Server LAN have been assigned addresses of 172.22.242.17 -- 172.22.242.30 The Finance Web Server is assigned an IP address of 172.22.242.23.

Answer:

Explanation:
Corp1 router's port S's IP needs to be showed if it is right when taking the test; if it is not right, which needs to be modified; modify the IP command Corp1>enable Corp1 # configure terminal Corp1 (config) #int s1 / 0 (the specific port number, you need to show run by yourself) Corp1 (config-if) #ip add 198.18.196.65 255.255.255.252 (ip is modified to the one in the item, the mask is used the one which using show run to get the original error IP's mask) Corp1 (config-if) #end Here, you cannot need to delete the wrong IP address, you can directly enter the new IP to cover the old IP, and finally do not forget to save. Corp1 # show running-config

Make sure that the interface connecting the server is F0/1 Corp1#configure terminal Corp1(config)#access-list 100 permit tcp host192.168.33.3 host 172.22.242.23 eq 80 Corp1(config)#access-list 100 deny ip any host 172.22.242.23 Corp1(config)#access-list 100 permit ip any any Corp1(config)#interface fa0/1 Corp1(config-if)#ip access-group 100 out Corp1(config-if)#end Corp1#copy running-config startup-config

 

NEW QUESTION 45
Refer to the exhibit.

An engineer is required to verify that the network parameters are valid for the users wireless LAN connectivity on a /24 subnet. Drag and drop the values from the left onto the network parameters on the right. Not all values are used.

Answer:

Explanation:

 

NEW QUESTION 46
Which statement identifies the functionality of virtual machines?

  • A. Each hypervisor can support a single virtual machine and a single software switch.
  • B. The hypervisor communicates on Layer 3 without the need for additional resources.
  • C. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor.
  • D. The hypervisor can virtual physical components including CPU, memory, and storage.

Answer: D

 

NEW QUESTION 47
Refer to exhibit.

Which statement explains the configuration error message that is received?

  • A. It belongs to a private IP address range.
  • B. IT is a network IP address.
  • C. The router does not support /28 mask.
  • D. It is a broadcast IP address

Answer: D

 

NEW QUESTION 48
An engineer is configuring NAT to translate the source subnet of 10.10.0.0/24 to any of three addresses
192.168.30.1, 192.168.3.2, 192.168.3.3 Which configuration should be used?

  • A. Option D
  • B. Option C
  • C. Option A
  • D. Option B

Answer: B

 

NEW QUESTION 49
Drag drop the descriptions from the left onto the correct configuration-management technologies on the right.

Answer:

Explanation:

The focus of Ansible is to be streamlined and fast, and to require no node agent installation.
Thus, Ansible performs all functions over SSH. Ansible is built on Python, in contrast to the Ruby foundation of Puppet and Chef.
TCP port 10002 is the command port. It may be configured in the Chef Push Jobs configuration file .
This port allows Chef Push Jobs clients to communicate with the Chef Push Jobs server.
Puppet is an open-source configuration management solution, which is built with Ruby and offers custom Domain Specific Language (DSL) and Embedded Ruby (ERB) templates to create custom Puppet language files, offering a declarative-paradigm programming approach.
A Puppet piece of code is called a manifest, and is a file with .pp extension.

 

NEW QUESTION 50
Which two encoding methods are supported by REST APIs? (Choose two)

  • A. YAML
  • B. JSON
  • C. EBCDIC
  • D. SGML
  • E. XML
    https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

Answer: B,E

Explanation:
Reference:
The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents.

 

NEW QUESTION 51
In which byte of an IP packet can traffic be marked?

  • A. the DSCP byte
  • B. the CoS byte
  • C. the QoS byte
  • D. the ToS byte

Answer: D

 

NEW QUESTION 52
Refer to the exhibit.

An engineer is bringing up a new circuit to the MPLS provider on the Gi0/1 interface of Router1 The new circuit uses eBGP and teams the route to VLAN25 from the BGP path What s the expected behavior for the traffic flow for route 10.10.13.0/25?

  • A. Traffic to 10.10.13.0/25 is asymmeteical
  • B. Route 10.10.13.0/25 is updated in the routing table as being learned from interface Gi0/1.
  • C. Route 10.10.13.0/25 learned via the GiO/0 interface remains in the routing table
  • D. Traffic to 10.10.13.0.25 is load balanced out of multiple interfaces

Answer: A

 

NEW QUESTION 53
Drag the descriptions of device management from the left onto the types of device management on the right.

Answer:

Explanation:

Explanation

Cisco DNA Center Device Management
3. Monitor the cloud for software update
5. Uses CLI templates to apply a consistent configuration to multiple devices at an individual location
6. Uses NetFlow to analyse potential security threats throughout the network and take appropriate action on that traffic Traditional device management
2. Manages device configuration on a per-device basis
4. Security is managed near the perimeter of the network with firewalls, VPNs, and IPS
* Implements changes via an SSH terminal

 

NEW QUESTION 54
Refer to the exhibit.

If OSPF is running on this network, how does Router 2 handle traffic from Site B to 10.10.13/25 at Site A?

  • A. It sends packets out of interface Fa0/1 only.
  • B. It load-balances traffic out of Fa0/1 and Fa0/2
  • C. It cannot send packets to 10.10.13 128/25
  • D. It sends packets out of interface Fa0/2 only.

Answer: C

Explanation:
Router2 does not have an entry for the subnet 10.10.13.128/25. It only has an entry for 10.10.13.0/25, which ranges from 10.10.13.0 to 10.10.13.127.
https://study-ccna.com/administrative-distance-metric/

 

NEW QUESTION 55
An engineer needs to add an old switch back into a network. To prevent the switch from corrupting the VLAN database which action must be taken?

  • A. Add the switch in the VTP domain with a higher revision number
  • B. Add the switch with DTP set to dynamic desirable
  • C. Add the switch with DTP set to desirable
  • D. Add the switch in the VTP domain with a lower revision number

Answer: A

 

NEW QUESTION 56
Drag and drop the application protocols from the left onto the transport protocols that it uses on the right

Answer:

Explanation:

 

NEW QUESTION 57
Refer to the exhibit. Which two statements about the network environment of router R1 must be true? (Choose two.)

  • A. A static default route to 10.85.33.14 was defined.
  • B. There are 20 different network masks within the 10.0.0.0/8 network.
  • C. The EIGRP administrative distance was manually changed from 90 to 170.
  • D. Ten routes are equally load-balanced between Te0/1/0.100 and Te0/2/0.100.
  • E. The 10.0.0.0/8 network was learned via external EIGRP.

Answer: B,D

Explanation:
Section: IP Connectivity

 

NEW QUESTION 58
Refer to the exhibit.

Which command configures a floating static route to provide a backup to the primary link?

  • A. ip route 0.0.0.0 0.0.0.0 209.165.202.131
  • B. ip route 209.165.200.224 255.255.255.224 209.165.202.129 254
  • C. ip route 209.165.201.0 255.255.255.224 209.165.202.130
  • D. ip route 0.0.0.0 0.0.0.0 209.165.200.224

Answer: B

 

NEW QUESTION 59
Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.

Answer:

Explanation:

Explanation

Double-Tagging attack:In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10. Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs.ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2.Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network which can be used to mitigate this type of attack.

 

NEW QUESTION 60
A router running EIGRP has learned the same route from two different paths Which parameter does the router use to select the best path?

  • A. metric
  • B. adminstrative distance
  • C. as-path
  • D. cost

Answer: A

Explanation:
If a router learns two different paths for the same network from the same routing protocol, it has to decide which route is better and will be placed in the routing table. Metric is the measure used to decide which route is better (lower number is better). Each routing protocol uses its own metric. For example, RIP uses hop counts as a metric, while OSPF uses cost.
https://study-ccna.com/administrative-distance-metric/

 

NEW QUESTION 61
Refer to the exhibit.

A network administrator has been tasked with securing VTY access to a router Which access-list entry accomplishes this task?

  • A. access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq ssh
  • B. access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq telnet
  • C. access-list 101 permit tcp 10.11.0 0.0.0.255 172.16.10 0.0.0.255 eq scp
  • D. access-list 101 permit tcp 10.1.10 0.0.0.255 172.16.10 0.0.0.255 eq https

Answer: A

 

NEW QUESTION 62
Which set of commands is recommended to prevent the use of a hub in the access layer?

  • A. switch (config-if)#switchport mode access switch (config-if)#switchport port-security maximum 1
  • B. switch (config-if)#switchport mode access switch (config-if)#switchport port-security mac-address 1
  • C. switch (config-if)#switchport mode trunk switch (config-if)#switchport port-security maximum 1
  • D. switch (config-if)#switchport mode trunk switch (config-if)#switchport port-security mac-address 1

Answer: A

 

NEW QUESTION 63
DRAG DROP
Drag and drop the network protocols from the left onto the correct transport services on the right.

Answer:

Explanation:

 

NEW QUESTION 64
Refer to the exhibit.

Which switch becomes the root bridge?

  • A. S1
  • B. S2
  • C. S4
  • D. S3

Answer: B

 

NEW QUESTION 65
How do servers connect to the network in a virtual environment?

  • A. a cable connected to a physical switch on the network
  • B. wireless to an access point that is physically connected to the network
  • C. a virtual switch that links to an access point that is physically connected to the network
  • D. a software switch on a hypervisor that is physically connected to the network

Answer: D

 

NEW QUESTION 66
Refer to the exhibit.

An engineer configured NAT translations and has verified that the configuration is correct.
Which IP address is the source IP?

  • A. 172.23.104.4
  • B. 10.4.4.5
  • C. 10.4.4.4
  • D. 172.23.103.10

Answer: A

 

NEW QUESTION 67
A Cisco IP phone receive untagged data traffic from an attached PC. Which action is taken by the phone?

  • A. It tags the traffic with the native VLAN
  • B. It drops the traffic
  • C. It allows the traffic to pass through unchanged
  • D. It tags the traffic with the default VLAN

Answer: C

Explanation:
Untagged traffic from the device attached to the Cisco IP Phone passes through the phone unchanged, regardless of the trust state of the access port on the phone.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-
2_40_se/ configuration/guide/scg/swvoip.pdf

 

NEW QUESTION 68
......

Prepare for your Cisco certification with the updated BootcampPDF 200-301 exam questions: https://drive.google.com/open?id=1lrErStPG1VRRWto1mYy0DuAnm-wCggve

Get Latest 200-301 Dumps Exam Questions in here: https://www.bootcamppdf.com/200-301_exam-dumps.html

Related Articles

more
Cisco 200-301 Certification Practice Exam

BootcampPDF is an excellent IT certification exam bootcamp pdf provider which will help you pass exam 100% for sure. Choosing BootcampPDF bootcamp pdf will be your best action.

Latest Bootcamp Pdf

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 BootcampPDF NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy