Contents
CCNA 3 Enterprise Networking, Security, and Automation Certification is given by CCNA and with CCNA 3 Enterprise Networking, Security, and Automation Certification you can demonstrate your mastery of CCNA Enterprise Networking, Security, and Automation. The CCNA 3 ENSA Certified users will have professionally capable of working in Agile environment. You have to complete all course videos, modules, and assessments and receive a minimum score of 80% on each assessment to receive credit. CCNA 3 Enterprise Networking, Security, and Automation Certification will make you expert in CCNA ENSA, through which you can converts into leads and new customers and gain benefit in your business or career .
Other Important Google Exam Links – Must visit
You should visit our few findings below for success in exam
1. CCNA 3 Enterprise Networking, Security, and Automation Certification Official Link
2. Completed CCNA 3 Enterprise Networking, Security, and Automation Certification Exam Answers
3. Completed CCNA 2 ENSA Certification Exam Details
3. Other Best Free Certification Exam Details
ServiceCentreList.com is providing the answer of questions asked in CCNA 3 Enterprise Networking, Security, and Automation Certification exam. With these answers you will be able to score 100%+ exam and can get CCNA 3 Enterprise Networking, Security, and Automation Certification. For that you need to just attempt all the questions mentioned for CCNA 3 Enterprise Networking, Security, and Automation Certification.
CCNA 3 ENSA Certification Exam Questions Answers
1. Which design feature will limit the size of a failure domain in an enterprise network?
the purchase of enterprise equipment that is designed for large traffic volume
the installation of redundant power supplies
the use of a collapsed core design
the use of the building switch block approach*
the system image file
the NVRAM file system
the configuration register value*
the startup configuration file*
system ROM
3. What type of network uses one common infrastructure to carry voice, data, and video signals?
borderless
converged*
managed
switched
4. What are three advantages of using private IP addresses and NAT? (Choose three.)
hides private LAN addressing from outside devices that are connected to the Internet*
permits LAN expansion without additional public IP addresses*
reduces CPU usage on customer routers
creates multiple public IP addresses
improves the performance of the router that is connected to the Internet
conserves registered public IP addresses*
5. Which two scenarios are examples of remote access VPNs? (Choose two.)
All users at a large branch office can access company resources through a single VPN connection.
A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.
A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel.*
An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.*
6. What are three benefits of cloud computing? (Choose three.)
It utilizes end-user clients to do a substantial amount of data preprocessing and storage.
It uses open-source software for distributed processing of large datasets.
It streamlines the IT operations of an organization by subscribing only to needed services.*
It enables access to organizational data anywhere and at any time.*
It turns raw data into meaningful information by discovering patterns and relationships.
It eliminates or reduces the need for onsite IT equipment, maintenance, and management.*
7. What is a characteristic of a single-area OSPF network?
All routers share a common forwarding database.
All routers have the same neighbor table.
All routers are in the backbone area.*
All routers have the same routing table.
a network infrastructure that spans a limited physical area such as a city
a network infrastructure that provides access to other networks over a large geographic area*
a network infrastructure that provides access in a small geographic area
a network infrastructure designed to provide data storage, retrieval, and replication
data center*
virtualization
dedicated servers
software defined networking
link-state update
hello*
database description
link-state request
11. Which two statements are characteristics of a virus? (Choose two.)
A virus has an enabling vulnerability, a propagation mechanism, and a payload.
A virus can be dormant and then activate at a specific time or date.*
A virus provides the attacker with sensitive data, such as passwords.
A virus replicates itself by independently exploiting vulnerabilities in networks.
A virus typically requires end-user activation.*
ISDN
DSL*
cable
dialup
packet-switched network
Ethernet WAN*
circuit-switched network
MPLS
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware*
to obtain specially designed operating systems preloaded with tools optimized for hacking
to detect any evidence of a hack or malware in a computer or network
Two devices connected to the router have IP addresses of 192.168.10. x .*
Two devices were able to use SSH or Telnet to gain access to the router.
Traffic from one device was not allowed to come into one router port and be routed outbound a different router port.
Traffic from two devices was allowed to enter one router port and be routed outbound to a different router port.
clear ip dhcp
clear ip nat translation*
clear access-list counters
clear ip pat statistics
17. What are two characteristics of video traffic? (Choose two.)
Video traffic consumes less network resources than voice traffic consumes.
Video traffic latency should not exceed 400 ms.*
Video traffic is more resilient to loss than voice traffic is.
Video traffic requires a minimum of 30 kbs of bandwidth.
Video traffic is unpredictable and inconsistent.*
The IP NAT statement is incorrect.
Interface Fa0/1 should be identified as the outside NAT interface.
Interface S0/0/0 should be identified as the outside NAT interface.*
The configuration is missing a valid access control list.
UPnP
MAC filtering
NAT*
QoS
online collaboration
BYOD
Virtualization*
maintaining communication integrity
21. Refer to the exhibit. Which address or addresses represent the inside global address?
192.168.0.100
10.1.1.2
any address in the 10.1.1.0 network
209.165.20.25*
22. Which two IPsec protocols are used to provide data integrity?
MD5*
DH
AES
SHA*
RSA
The Cisco AnyConnect client is installed by default on most major operating systems.
The host initiates a clientless VPN connection using a compliant web browser to download the client.*
The host initiates a clientless connection to a TFTP server to download the client.
The host initiates a clientless connection to an FTP server to download the client.
leased line*
cable
digital subscriber line
Ethernet WAN*
municipal Wi-Fi
25. Which type of QoS marking is applied to Ethernet frames?
IP precedence
DSCP
ToS
CoS*
Both routers are configured to use NTPv2.
Router R1 is the master, and R2 is the client*
The IP address of R2 is 192 168.1.2.
Router R2 is the master, and R1 is the client
The IP address of R1 is 192.168.1.2*
R1(config)# interface s0/0/0 R1(config-if)# ip access-group 105 outR2(config)# interface gi0/0 R2(config-if)# ip access-group 105 in
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21 access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any*****
access-list 105 permit ip host 10.0.70.23 host 10.0.54.5 access-list 105 permit tcp any host 10.0.54.5 eq www access-list 105 permit ip any any
R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out**
access-list 105 permit tcp host 10.0.54.5 any eq www access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
inbound on the R2 G0/0 interface
outbound on the R1 G0/1 interface*
inbound on the R1 G0/1 interface
outbound on the R2 S0/0/1 interface
29. Which is a characteristic of a Type 2 hypervisor?
does not require management console software*
has direct access to server hardware resources
best suited for enterprise environments
installs directly on hardware
30. What are the two types of VPN connections? (Choose two.)
PPPoE
Frame Relay
site-to-site*
remote Access*
leased line
31. Refer to the exhibit. What three conclusions can be drawn from the displayed output? (Choose three.)
The DR can be reached through the GigabitEthernet 0/0 interface.*
There have been 9 seconds since the last hello packet sent.*
This interface is using the default priority.
The router ID values were not the criteria used to select the DR and the BDR.*
The router ID on the DR router is 3.3.3.3
The BDR has three neighbors.
The enable secret password is not configured on R1.
The IT group network is included in the deny statement.*
The permit ACE specifies a wrong port number.
The permit ACE should specify protocol ip instead of tcp.
The login command has not been entered for vty lines.
33. What functionality does mGRE provide to the DMVPN technology?
It allows the creation of dynamically allocated tunnels through a permanent tunnel source at the hub and dynamically allocated tunnel destinations at the spokes.*
It provides secure transport of private information over public networks, such as the Internet.
It is a Cisco software solution for building multiple VPNs in an easy, dynamic, and scalable manner.
It creates a distributed mapping database of public IP addresses for all VPN tunnel spokes.
34. What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets?
the FIB
the routing table
the ARP table*
the DSP
show running-config
show ip nat statistics*
show ip cache
show version
36. What is a purpose of establishing a network baseline?
It provides a statistical average for network performance.
It creates a point of reference for future network evaluations.*
It manages the performance of network devices.
It checks the security configuration of network devices.
37. Match the type of WAN device or service to the description. (Not all options are used.)
CPE —> devices and inside wiring that are located on the enterprise edge and connect to a carrier link
DCE —> devices that provide an interface for customers to connect to within the WAN cloud
DTE —> customer devices that pass the data from a customer network for transmission over the WAN
local loop —> a physical connection from the customer to the service provider POP
38. Which statement describes a characteristic of standard IPv4 ACLs?
They filter traffic based on source IP addresses only.*
They can be created with a number but not with a name.
They are configured in the interface configuration mode.
They can be configured to filter traffic based on both source IP addresses and source ports.
39. Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration?
NAT-POOL2 is not bound to ACL 1.*
Interface Fa0/0 should be identified as an outside NAT interface.
The NAT pool is incorrect.
Access-list 1 is misconfigured.
Use a static route pointing to the ISP and redistribute it.
Use a static route pointing to the ISP and redistribute it.
Use the redistribute static command on R0-A.
Use the default-information originate command on ISP.
Use the default-information originate command on R0-A.*
to capture and analyze packets within traditional Ethernet LANs or WLANs
to probe and test the robustness of a firewall by using specially created forged packets
to make repeated guesses in order to crack a password*
42. What are two syntax rules for writing a JSON array? (Choose two.)
Each value in the array is separated by a comma.*
The array can include only one value type.
A space must separate each value in the array.
A semicolon separates the key and list of values.
Values are enclosed in square brackets.*
43. What is a characteristic of a Trojan horse as it relates to network security?
An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
Malware is contained in a seemingly legitimate executable program.*
Extreme quantities of data are sent to a particular network device interface.
Too much information is destined for a particular memory block, causing additional memory areas to be affecte
TCP SYN flood
DNS tunneling
DHCP spoofing*
ARP cache poisoning
data integrity
non-repudiation
origin authentication*
data confidentiality
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
to detect any evidence of a hack or malware in a computer or network
to probe and test the robustness of a firewall by using specially created forged packets
to capture and analyze packets within traditional Ethernet LANs or WLANs*
0.0.15.255
0.0.3.255*
0.0.7.255
0.0.1.255
48. Match the HTTP method with the RESTful operation.
POST –>> Create
GET –>> Read
PUT/PATCH –>> Update/Replace?Modify
Delete –>> Delete
49. Refer to the exhibit. What is the OSPF cost to reach the West LAN 172.16.2.0/24 from East?
782
74
128
65*
50. What is one reason to use the ip ospf priority command when the OSPF routing protocol is in use?
to activate the OSPF neighboring process
to influence the DR/BDR election process*
to provide a backdoor for connectivity during the convergence process
to streamline and speed up the convergence process
Permitted*
denied
52. What is a characteristic of the two-tier spine-leaf topology of the Cisco ACI fabric architecture?
The spine and leaf switches are always linked through core switches.
The spine switches attach to the leaf switches and attach to each other for redundancy.
The leaf switches always attach to the spines and they are interlinked through a trunk line.
The leaf switches always attach to the spines, but they never attach to each other.*
53. Which two scenarios would result in a duplex mismatch? (Choose two.)
connecting a device with autonegotiation to another that is manually set to full-duplex*
starting and stopping a router interface during a normal operation
connecting a device with an interface running at 100 Mbps to another with an interface running at 1000 Mbps
configuring dynamic routing incorrectly
manually setting the two connected devices to different duplex modes*
authenticates a packet by a string match of the username or community string
authenticates a packet by using either the HMAC with MD5 method or the SHA method*
authenticates a packet by using either the HMAC MD5 or 3.HMAC SHA algorithms and encrypts the packet with either the DES, 3DES or AES algorithms
authenticates a packet by using the SHA algorithm only
55. What are two types of attacks used on DNS open resolvers? (Choose two.)
amplification and reflection*
resource utilization*
fast flux
ARP poisoning
cushioning
denied
permitted
57. Which type of resources are required for a Type 1 hypervisor?
a dedicated VLAN
a management console*
a host operating system
58. In JSON, what is held within square brackets [ ]?
nested values
key/value pairs
an object
an array*
resources*
protocol
API server
format
key*
parameters*
top-down
bottom-up
divide-and-conquer*
substitution
MD5
AES
IPsec*
ESP
62. Which statement describes a characteristic of Cisco Catalyst 2960 switches?
They are best used as distribution layer switches.
New Cisco Catalyst 2960-C switches support PoE pass-through.*
They are modular switches.
They do not support an active switched virtual interface (SVI) with IOS versions prior to 15.x.
63. Which component of the ACI architecture translates application policies into network programming?
the hypervisor
the Application Policy Infrastructure Controller*
the Nexus 9000 switch
the Application Network Profile endpoints
device type
cable specification
interface identifier*
OS/IOS version
connection type*
cable type and identifier
The NAT pool has been exhausted.*
The wrong netmask was used on the NAT pool.
Access-list 1 has not been configured properly.
The inside and outside interfaces have been configured backwards.
66. What are two benefits of using SNMP traps? (Choose two.)
They eliminate the need for some periodic polling requests.*
They reduce the load on network and agent resources.*
They limit access for management systems only.
They can provide statistics on TCP/IP packets that flow through Cisco devices.
They can passively listen for exported NetFlow datagrams.
67. Which statement accurately describes a characteristic of IPsec?
IPsec works at the application layer and protects all application data.
IPsec is a framework of standards developed by Cisco that relies on OSI algorithms.
IPsec is a framework of proprietary standards that depend on Cisco specific algorithms.
IPsec works at the transport layer and protects data at the network layer.
IPsec is a framework of open standards that relies on existing algorithms.*
connect users to the network
provide a high-speed network backbone
connect remote networks*
provide Power over Ethernet to devices
provide data traffic security*
69. Which two statements describe the use of asymmetric algorithms? (Choose two.)
Public and private keys may be used interchangeably.
If a public key is used to encrypt the data, a public key must be used to decrypt the data.
If a private key is used to encrypt the data, a public key must be used to decrypt the data.*
If a public key is used to encrypt the data, a private key must be used to decrypt the data.*
If a private key is used to encrypt the data, a private key must be used to decrypt the data.
Trust Boundary 4
Trust Boundary 3
Trust Boundary 1*
Trust Boundary 2
reduced costs*
decreased number of critical points of failure
increased flexibility*
increased bandwidth availability
increased network management options
72. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)
to scan for accessibility*
to retrieve and modify data
to gather information about the network and devices*
to prevent other users from accessing the system
to escalate access privileges
Botnet*
spyware
virus
rootkit
permitted
denied*
75. Refer to the exhibit. From which location did this router load the IOS?
flash memory*
NVRAM?
RAM
ROM
a TFTP server?
XML
YAML
HTML
JSON*
77. What QoS step must occur before packets can be marked?
Classifying*
shaping
queuing
policing
78. What is the main function of a hypervisor?
It is used to create and manage multiple VM instances on a host machine.*
It is a device that filters and checks security credentials.
It is a device that synchronizes a group of sensors.
It is software used to coordinate and prepare data for analysis.
It is used by ISPs to monitor cloud computing resources.
Frame Relay
Ethernet WAN*
VSAT
ISDN
traffic shaping
weighted random early detection
classification and marking
traffic policing*
Denied*
permitted
defines which addresses are allowed into the router
defines which addresses can be translated*
defines which addresses are assigned to a NAT pool
defines which addresses are allowed out of the router
12
4
8*
16
6
TFTP packets will be permitted.
Ping packets will be permitted.*
Telnet packets will be permitted.
SSH packets will be permitted.*
All TCP and UDP packets will be denied.
a less-structured approach based on an educated guess*
an approach comparing working and nonworking components to spot significant differences
a structured approach starting with the physical layer and moving up through the layers of the OSI model until the cause of the problem is identified
an approach that starts with the end-user applications and moves down through the layers of the OSI model until the cause of the problem has been identified
extended ACL outbound on R2 WAN interface towards the internet
standard ACL outbound on R2 WAN interface towards the internet
standard ACL outbound on R2 S0/0/0
extended ACLs inbound on R1 G0/0 and G0/1*
The inside and outside NAT interlaces have been configured backwards
The inside global address is not on the same subnet as the ISP*
The address on Fa0/0 should be 64.100.0.1.
The NAT source access list matches the wrong address range.
Data communications must be given the first priority.
Voice and video communications are more sensitive to latency.*
Legacy equipment is unable to transmit voice and video without QoS.
Data communications are sensitive to jitter.
89. Which statement describes a VPN?
VPNs use logical connections to create public networks through the Internet.
VPNs use open source virtualization software to create the tunnel through the Internet.
VPNs use dedicated physical connections to transfer data between remote users.
VPNs use virtual connections to create a private network through a public network.*
90. In which OSPF state is the DR/BDR election conducted?
ExStart
Init
Two-Way*
Exchange
Cisco Secure Mobility Clientless SSL VPN
Frame Relay
remote access VPN using IPsec
Cisco AnyConnect Secure Mobility Client with SSL
site-to-site VPN*
loading
established
full*
two-way
Router R3 will become the DR and router R1 will become the BDR.*
Router R4 will become the DR and router R3 will become the BDR.
Router R1 will become the DR and router R2 will become the BDR.
Router R3 will become the DR and router R2 will become the BDR.
DNS
DHCP
Syslog*
authentication
packet addressing
delay*
jitter*
packet routing
link speed
Determine ownership.
Determine the symptoms.
Narrow the scope.*
Document the symptoms.
Gather information.
CDP*
SNMP
NTP
LLDP
0.0.0.127
0.0.0.31
0.0.3.255*
0.0.0.63
inbound on router A Fa0/0*
outbound on router B Fa0/0
outbound on router A Fa0/1
inbound on router B Fa0/1
100. Which type of OSPFv2 packet is used to forward OSPF link change information?
link-state acknowledgment
link-state update*
hello
database description
MPLS
CBWFQ
TFTP
NTP*
102. Which type of VPN allows multicast and broadcast traffic over a secure site-to-site VPN?
dynamic multipoint VPN*
SSL VPN
IPsec virtual tunnel interface
GRE over IPsec
router(config-router)# network 10.1.0.0 0.0.255.255 area 0*
router(config-router)# network 10.1.0.0 0.0.15.255 area 0
router(config-router)# network 10.1.0.0 255.255.255.0 area 0
router(config-router)# network 10.1.0.0 0.0.0.0 area 0
104. Refer to the exhibit. Which sequence of commands should be used to configure router A for OSPF?
router ospf 1 network 192.168.10.0 area 0
router ospf 1 network 192.168.10.0
router ospf 1 network 192.168.10.64 255.255.255.192 network 192.168.10.192 255.255.255.252
router ospf 1 network 192.168.10.64 0.0.0.63 area 0 network 192.168.10.192 0.0.0.3 area 0***
0.0.7.255
0.0.1.255*
0.0.3.255
0.0.15.255
106. How does virtualization help with disaster recovery within a data center?
improvement of business practices
supply of consistent air flow
support of live migration*
guarantee of power
107. How does virtualization help with disaster recovery within a data center?
Hardware does not have to be identical.*
Power is always provided.
Less energy is consumed.
Server provisioning is faster.
108. Refer to the exhibit. Which devices exist in the failure domain when switch S3 loses power?
S4 and PC_2
PC_3 and AP_2*
AP_2 and AP_1
PC_3 and PC_2
S1 and S4
access-list 103 deny tcp host 192.168.10.0 any eq 23 access-list 103 permit tcp host 192.168.10.1 eq 80
access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23**
access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80 access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1 access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet
5 deny 172.23.16.0 0.0.15.255*
5 deny 172.23.16.0 0.0.255.255
15 deny 172.23.16.0 0.0.15.255
30 deny 172.23.16.0 0.0.15.255
executing the SPF algorithm
building the topology table*
selecting the router ID
declaring a neighbor to be inaccessible
SYSLOG
TFTP
CBWFQ
SNMP*
0.0.0.63
0.0.0.255*
0.0.0.31
0.0.0.15
114. When will an OSPF-enabled router transition from the Down state to the Init state?
when an OSPF-enabled interface becomes active
as soon as the router starts
when the router receives a hello packet from a neighbor router*
as soon as the DR/BDR election process is complete
115. What type of traffic is described as having a high volume of data per packet?
data
video*
voice
LLDP*
NTP
TFTP
SNMP
building the topology table
selecting the router ID
declaring a neighbor to be inaccessible
executing the SPF algorithm*
118. Refer to the exhibit. Which conclusion can be drawn from this OSPF multiaccess network?
If the DR stops producing Hello packets, a BDR will be elected, and then it promotes itself to assume the role of DR.
With an election of the DR, the number of adjacencies is reduced from 6 to 3.*
When a DR is elected all other non-DR routers become DROTHER.
All DROTHER routers will send LSAs to the DR and BDR to multicast 224.0.0.5.
extended ACL outbound on R2 WAN interface towards the internet
standard ACL inbound on R1 vty lines*
extended ACLs inbound on R1 G0/0 and G0/1
extended ACL outbound on R2 S0/0/1
120. Which type of VPN connects using the Transport Layer Security (TLS) feature?
SSL VPN*
IPsec virtual tunnel interface
GRE over IPsec
dynamic multipoint VPN
121. Which group of APIs are used by an SDN controller to communicate with various applications?
eastbound APIs
westbound APIs
northbound APIs*
southbound APIs
Cisco ACI
software defined networking
Type-1 hypervisor*
APIC-EM
ip nat inside source list 24 interface serial 0/1/0 overload*
ip nat inside source list 14 pool POOL-STAT overload
access-list 10 permit 172.19.89.0 0.0.0.255
ip nat inside source list ACCTNG pool POOL-STAT
-Cloud services*
Data center
APIC-EM
Cisco ACI
The file already exists on the USB drive and cannot be overwritten.
The drive was not properly formatted with the FAT16 file system.
There is no space left on the USB drive.
The USB drive is not recognized by the router.
The command that the administrator used was incorrect.*
126. Which three types of VPNs are examples of enterprise-managed site-to-site VPNs? (Choose three.)
Layer 3 MPLS VPN
IPsec VPN*
Cisco Dynamic Multipoint VPN*
GRE over IPsec VPN*
clientless SSL VPN
client-based IPsec VPN
standard ACL inbound on R1 vty lines
extended ACL inbound on R1 G0/0
standard ACL inbound on R1 G0/1*
extended ACL inbound on R3 S0/0/1
128. In an OSPF network which two statements describe the link-state database (LSDB)? (Choose two.)
It can be viewed by using the show ip ospf database command.*
A neighbor table is created based on the LSDB.
It contains a list of only the best routes to a particular network.
It contains a list of all neighbor routers to which a router has established bidirectional communication.
All routers within an area have an identical link-state database.*
129. In an OSPF network which OSPF structure is used to create the neighbor table on a router?
adjacency database*
link-state database
routing table
forwarding database
MPLS
SYSLOG
SNMP*
TFTP
131. What type of traffic is described as not resilient to loss?
data
video*
voice
Interface Fa0/0 should be configured with the command ip nat outside .
The inside global address is incorrect.
The router NAT configuration has an incorrect inside local address.*
The NAT configuration on interface S0/0/1 is incorrect.
open
partner
public
private*
XML*
HTML
YAML
JSON
denied
permitted
10.0.0.1
10.1.0.1
192.168.1.100*
209.165.201.1
137. Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology?
MPLS VPN
GRE over IPsec
IPsec virtual tunnel interface
dynamic multipoint VPN*
138. What is a characteristic of the REST API?
A. evolved into what became SOAP
B. used for exchanging XML structured information over HTTP or SMTP
C. considered slow, complex, and rigid
D. most widely used API for web services*
Cisco ACI
cloud services*
software defined networking
dedicated servers
R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# no access-list 105 R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out***********
R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any
Filter unwanted traffic before it travels onto a low-bandwidth link.*
Place standard ACLs close to the destination IP address of the traffic.*
Place standard ACLs close to the source IP address of the traffic.
Place extended ACLs close to the destination IP address of the traffic.
Place extended ACLs close to the source IP address of the traffic.*
For every inbound ACL placed on an interface, there should be a matching outbound ACL.
142. Match the term to the web link http://www.buycarsfromus.com/2020models/ford/suv.html#Escape component. (Not all options are used.)
143. What command would be used as part of configuring NAT or PAT to display all static translations that have been configured?
show ip nat translations*
show ip pat translations
show ip cache
show running-config
40 seconds
60 seconds
80 seconds*
100 seconds
145. Which type of VPN is the preferred choice for support and ease of deployment for remote access?
SSL VPN*
GRE over IPsec
dynamic multipoint VPN
IPsec virtual tunnel interface
146. What type of traffic is described as predictable and smooth?
video
data
voice*
FIFO*
LLQ
CBWFQ
WFQ
Implement the command no passive-interface Serial0/1.*
Implement the command network 192.168.2.6 0.0.0.0 area 0 on router R2.
Change the router-id of router R2 to 2.2.2.2.
Implement the command network 192.168.3.1 0.0.0.0 area 0 on router R2.
Make sure that the router priority is unique on each router.
Make sure that the DR/BDR election is complete.
Make sure that the router ID is included in the hello packet.
Make sure that the hello and dead interval timers are the same on all routers.*
standard ACL inbound on R2 WAN interface connecting to the internet
standard ACL outbound on R2 WAN interface towards the internet*
standard ACL inbound on R1 G0/0
standard ACL outbound on R1 G0/0
denied
permitted
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
to detect any evidence of a hack or malware in a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
to probe network devices, servers, and hosts for open TCP or UDP ports*
show ip pat translations
show ip cache
show running-config
show ip nat translations*
0.0.31.255
0.0.0.63*
0.0.15.255
0.0.7.255
155. What type of traffic is described as requiring latency to be no more than 400 milliseconds (ms)?
Video*
data
voice
R1(config)# interface GigabitEthernet0/0 R1(config-if)# ip access-group 5 out*
R1(config)# access-list 5 permit 10.0.54.0 0.0.1.255
R1(config)# interface Serial0/0/0 R1(config-if)# ip access-group 5 in
R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127*
R1(config)# access-list 5 permit any
Router(config)# access-list 95 deny 172.16.0.0 255.255.0.0
Router(config)# access-list 95 permit any*
Router(config)# access-list 95 host 172.16.0.0
Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255*
Router(config)# access-list 95 172.16.0.0 255.255.255.255
Router(config)# access-list 95 deny any
One ACL will be placed on the R1 Gi0/0 interface and one ACL will be placed on the R2 Gi0/0 interface.
Only a numbered ACL will work for this situation.
One ACL will be placed on the R2 Gi0/0 interface and one ACL will be placed on the R2 S0/0/0 interface.(Not sure)**
Two ACLs (one in each direction) will be placed on the R2 Gi0/0 interface.
TFTP
SYSLOG
NTP*
MPLS
10.0.0.1
10.1.0.1
192.168.1.100*
209.165.201.1
The web server at 192.168.0.10 is reachable from the source host.
The default gateway between the source host and the server at 192.168.0.10 is down.
There is a problem with the web server software on web-s1.cisco.com.*
A router is down between the source host and the server web-s1.cisco.com.
DNS cannot resolve the IP address for the server web-s1.cisco.com.*
162. What type of traffic is described as tending to be unpredictable, inconsistent, and bursty?
Video*
voice
data
163. Match the functions to the corresponding layers. (Not all options are used.)
164. What type of traffic is described as consisting of traffic that requires a higher priority if interactive?
voice
data*
video
165. Which type of VPN provides a flexible option to connect a central site with branch sites?
IPsec VPN
client-based IPsec VPN
Layer 3 MPLS VPN
clientless SSL VPN
Cisco Dynamic Multipoint VPN*
GRE over IPsec VPN
to discover security vulnerabilities of a computer*
to detect any evidence of a hack or malware in a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
R1 S0/0/0 outbound
R2 G0/0 outbound*
R2 S0/0/1 outbound
R1 S0/0/0 inbound
R2 G0/1 inbound
the router with the highest router ID*
the router with the lowest IP address on the connecting interface
the router with the highest IP address on the connecting interface
the router with the lowest router ID
exchanging link-state advertisements
electing the designated router
injecting the default route
establishing neighbor adjacencies*
to obtain specially designed operating systems preloaded with tools optimized for hacking
to detect any evidence of a hack or malware in a computer or network*
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
Interface Fa0/0 has not been activated for OSPFv2 on router R2.*
Interface Fa0/0 is configured as a passive-interface on router R2.
Interface S0/0 is configured as a passive-interface on router R2.
Interface s0/0 has not been activated for OSPFv2 on router R2.
dedicated servers
software defined networking
virtualization*
Cisco ACI
show ip protocols
show ip ospf neighbor*
show running-configuration
show ip ospf interface*
show ip route ospf
MPLS VPN*
GRE over IPsec
IPsec virtual tunnel interface
dynamic multipoint VPN
175. Which type of VPN involves a nonsecure tunneling protocol being encapsulated by IPsec?
SSL VPN
dynamic multipoint VPN
GRE over IPsec*
IPsec virtual tunnel interface
to detect any evidence of a hack or malware in a computer or network
to obtain specially designed operating systems preloaded with tools optimized for hacking*
to encode data, using algorithm schemes, to prevent unauthorized access to the encrypted data
to reverse engineer binary files when writing exploits and when analyzing malware
ip pat inside
access-list 10 permit 172.19.89.0 0.0.0.255
ip nat inside
ip nat outside*
data center
cloud services
virtualization*
dedicated servers
179. Which type of VPN routes packets through virtual tunnel interfaces for encryption and forwarding?
MPLS VPN
IPsec virtual tunnel interface*
dynamic multipoint VPN
GRE over IPsec
building the topology table
selecting the router ID
exchanging link-state advertisements*
injecting the default route
video
voice
data*
extended ACL outbound on R2 WAN interface towards the internet*
standard ACL outbound on R2 S0/0/0
extended ACL inbound on R2 S0/0/0
standard ACL inbound on R2 WAN interface connecting to the internet
ip nat inside source static 172.19.89.13 198.133.219.65
ip nat inside source list 24 interface serial 0/1/0 overload
ip nat pool POOL-STAT 64.100.14.17 64.100.14.30 netmask 255.255.255.240*
ip nat outside
data link
access
core*
network
network access
Permitted*
denied
video
data*
voice
187. Which OSPF table is identical on all converged routers within the same OSPF area?
routing
neighbor
adjacency
topology*
Permitted*
denied
189. What protocol allows the manager to poll agents to access information from the agent MIB?
CBWFQ
SYSLOG
TFTP
SNMP*
190. Match each component of a WAN connection to its description. (Not all options are used.)
191. What type of traffic is described as being able to tolerate a certain amount of latency, jitter, and loss without any noticeable effects?
Voice*
video
data
policing
traffic marking*
weighted random early detection (WRED)
traffic shaping
tail drop
cost of the link
amount of traffic*
distance between sites
reliability
security needs*
type of traffic*
ip nat inside source list ACCTNG pool POOL-STAT
ip nat translation timeout 36000
ip nat inside source list 14 pool POOL-STAT overload*
ip nat inside source static 172.19.89.13 198.133.219.65
SNMP
MPLS
LLDP*
NTP
Our Expert Team researched a lot to keep ServiceCentreList.com website updated for certification practitioners for free. You can also contribute by updating new questions or existing question answer(s). We will give the credit for the same by adding your name on the question post. Kindly Comment below with your answers.
People Also Searched For: CCNA 3 Enterprise Networking, Security, and Automation Certification Answers, CCNA 3 Enterprise Networking, Security, and Automation Certification questions, CCNA 3 Enterprise Networking, Security, and Automation Certification exam, CCNA 3 Enterprise Networking, Security, and Automation Certification exam answers, CCNA 3 Enterprise Networking, Security, and Automation Certification quiz answers, Free CCNA 3 Enterprise Networking, Security, and Automation Certification.
0 Comment on this Article