Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Control Plane Policing (CoPP) practice sets

300-410 Control Plane Policing (CoPP) • Complete Question Bank

300-410 Control Plane Policing (CoPP) — All Questions With Answers

Complete 300-410 Control Plane Policing (CoPP) question bank — all 0 questions with answers and detailed explanations.

68
Questions
Free
No signup
Certifications/300-410/Practice Test/Control Plane Policing (CoPP)/All Questions
Question 1hardmultiple choice
Open the full BGP breakdown →

A network engineer notices that BGP sessions between two directly connected routers are flapping every few minutes. The routers are running IOS-XE 17.3 and have CoPP enabled. The engineer checks the CoPP policy and sees a class-map matching BGP packets with a police rate of 8000 bps. The BGP session uses MD5 authentication and the routers exchange a full BGP table with 500,000 prefixes. What is the most likely cause of the BGP session flapping?

Question 2mediummultiple choice
Study the full ACL explanation →

A router experiences high CPU utilization due to SSH login attempts from an external attacker. The network engineer implements a CoPP policy to rate-limit SSH traffic to 10000 bps. After applying the policy, the engineer notices that legitimate SSH sessions from the management network are also being dropped intermittently. The CoPP policy uses a class-map that matches TCP port 22 traffic. What should the engineer do to fix this issue?

Question 3mediummultiple choice
Review the full OSPF breakdown →

An engineer applies a CoPP policy to a router to protect the control plane. The policy includes a class-map that matches all ICMP traffic and polices it to 5000 bps. After the policy is applied, the engineer notices that OSPF adjacencies are going down. The OSPF hello packets are not being received. What is the most likely cause?

Question 4mediummultiple choice
Study the full EIGRP explanation →

A router running EIGRP has a CoPP policy that includes a class-map matching EIGRP packets with a police rate of 2000 bps. The network engineer notices that EIGRP neighbor adjacencies are flapping. The EIGRP network has 100 routes. The engineer checks the CoPP statistics and sees that the EIGRP class has dropped 500 packets in the last hour. What is the most likely root cause?

Question 5hardmultiple choice
Study the full ACL explanation →

A network engineer configures CoPP on a router to limit PIM-SM control plane traffic. The policy includes a class-map matching PIM packets and polices them to 10000 bps. After the policy is applied, the engineer notices that multicast traffic is not being forwarded correctly, and PIM neighbors are not forming. The router is a PIM-SM rendezvous point (RP). What is the most likely issue?

Question 6mediummultiple choice
Study the full ACL explanation →

A router has a CoPP policy that includes a class-map matching all TCP traffic with a police rate of 5000 bps. The engineer notices that Telnet sessions to the router are timing out, but SSH sessions work fine. The router is configured to accept both Telnet and SSH. What is the most likely cause?

Question 7easymultiple choice
Study the full ACL explanation →

An engineer applies a CoPP policy to a router to protect the control plane from a DDoS attack. The policy includes a class-map matching UDP traffic to port 123 (NTP) and polices it to 1000 bps. After the policy is applied, the engineer notices that the router's clock is not synchronizing with its NTP server. The NTP server is reachable via ping. What is the most likely cause?

Question 8easymultiple choice
Study the full ACL explanation →

A router has a CoPP policy that includes a class-map matching all traffic from a specific source IP address (the management station) and polices it to 100000 bps. The engineer notices that SNMP polls from the management station are timing out. The SNMP traffic uses UDP port 161. The engineer checks the CoPP statistics and sees that the class for the management station has dropped packets. What is the most likely cause?

Question 9mediummultiple choice
Study the full ACL explanation →

A network engineer configures CoPP on a router to limit ICMP traffic to 5000 bps. After the policy is applied, the engineer notices that the router is not responding to ping requests from a remote network. However, the router can ping other devices successfully. The engineer checks the CoPP statistics and sees that the ICMP class has dropped packets. What is the most likely root cause?

Question 10mediummultiple choice
Study the full ACL explanation →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-ICMP (match-all) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group 100 police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

Class-map: CoPP-SSH (match-all) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group 110 police: cir 16000 bps, bc 3000 bytes, be 3000 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

Class-map: class-default (match-any) 1250 packets, 75000 bytes 5 minute offered rate 1000 bps, drop rate 0000 bps Match: any

Based on this output, which statement is correct?

Question 11hardmultiple choice
Study the full ACL explanation →

A network engineer runs the following command on Router R1:

R1# show access-lists 100

Extended IP access list 100

10 permit icmp any any echo
    
20 permit icmp any any echo-reply
    
30 permit icmp any any time-exceeded
    
40 permit icmp any any unreachable

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-ICMP (match-all) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group 100 police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

Based on this output, what is the most likely problem?

Question 12mediummultiple choice
Open the full BGP breakdown →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-BGP (match-all) 500 packets, 30000 bytes 5 minute offered rate 1000 bps, drop rate 500 bps Match: access-group 120 police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 300 packets, 18000 bytes; actions: transmit exceeded 100 packets, 6000 bytes; actions: drop violated 100 packets, 6000 bytes; actions: drop

Based on this output, which statement is correct?

Question 13hardmultiple choice
Study the full ACL explanation →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-SNMP (match-all) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group 130 police: cir 32000 bps, bc 6000 bytes, be 6000 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

R1# show access-lists 130

Extended IP access list 130

10 permit udp any any eq snmp
    
20 permit udp any any eq snmptrap

Based on this output, what is the most likely reason that no packets are matching the CoPP-SNMP class?

Question 14easymultiple choice
Review the full OSPF breakdown →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-OSPF (match-all) 1000 packets, 60000 bytes 5 minute offered rate 2000 bps, drop rate 0000 bps Match: access-group 140 police: cir 64000 bps, bc 12000 bytes, be 12000 bytes conformed 1000 packets, 60000 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

Based on this output, which statement is correct?

Question 15mediummultiple choice
Study the full ACL explanation →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-DEFAULT (match-any) 5000 packets, 300000 bytes 5 minute offered rate 4000 bps, drop rate 2000 bps Match: any police: cir 32000 bps, bc 6000 bytes, be 6000 bytes conformed 3000 packets, 180000 bytes; actions: transmit exceeded 1000 packets, 60000 bytes; actions: drop violated 1000 packets, 60000 bytes; actions: drop

Based on this output, what is the most likely impact on the router?

Question 16mediummultiple choice
Study the full EIGRP explanation →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-EIGRP (match-all) 200 packets, 12000 bytes 5 minute offered rate 1000 bps, drop rate 0000 bps Match: access-group 150 police: cir 16000 bps, bc 3000 bytes, be 3000 bytes conformed 200 packets, 12000 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

R1# show ip eigrp neighbors

EIGRP-IPv4 neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 10.1.1.2 Gi0/0 13 00:10:00 1 200 0 5

Based on this output, which statement is correct?

Question 17hardmultiple choice
Open the full BGP breakdown →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-BGP (match-all) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group 120 police: cir 32000 bps, bc 6000 bytes, be 6000 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop

R1# show ip bgp summary

BGP router identifier 1.1.1.1, local AS number 100 BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.1.1.2        4          200      10      10        1    0    0 00:05:00        5

Based on this output, what is the most likely problem?

Question 18mediummultiple choice
Study the full ACL explanation →

A network engineer runs the following command on Router R1:

R1# show policy-map control-plane

Control Plane

Service-policy input: CoPP-IN

Class-map: CoPP-ICMP (match-all) 100 packets, 6000 bytes 5 minute offered rate 500 bps, drop rate 500 bps Match: access-group 100 police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 50 packets, 3000 bytes; actions: transmit exceeded 25 packets, 1500 bytes; actions: drop violated 25 packets, 1500 bytes; actions: drop

Based on this output, what is the most likely impact on the router?

Question 19mediummultiple choice
Study the full ACL explanation →

Examine the following CoPP configuration on a Cisco IOS-XE router:

!--- ACL to match traffic

access-list 100 permit tcp any any eq 22
access-list 
100 permit tcp any any eq 23
access-list 
100 permit icmp any any echo

! !--- Class-map class-map match-all COPP-MGMT match access-group 100 ! !--- Policy-map policy-map COPP-POLICY

class COPP-MGMT

police 8000 conform-action transmit exceed-action drop

class class-default

police 64000 conform-action transmit exceed-action drop ! !--- Apply to control-plane control-plane service-policy input COPP-POLICY

What is the effect of this configuration?

Question 20mediummultiple choice
Review the full OSPF breakdown →

Consider the following CoPP configuration:

class-map match-any COPP-ROUTING match protocol ospf match protocol eigrp match protocol bgp ! policy-map COPP-POLICY

class COPP-ROUTING

police 32000 conform-action transmit exceed-action drop

class class-default

police 64000 conform-action transmit exceed-action drop ! control-plane service-policy input COPP-POLICY

What is a potential issue with this configuration?

Question 21mediummultiple choice
Review the full OSPF breakdown →

Analyze the following partial configuration:

access-list 101 permit tcp any any eq 179
access-list 
101 permit udp any any eq 646
access-list 
101 permit ospf any any

! class-map match-all COPP-BGP match access-group 101 ! policy-map COPP-POLICY

class COPP-BGP

police 48000 conform-action transmit exceed-action drop

class class-default

police 128000 conform-action transmit exceed-action drop !

interface GigabitEthernet0/0
 ip address 192.168.1.1 255.255.255.0

! control-plane service-policy input COPP-POLICY

Which statement is true?

Question 22mediummultiple choice
Study the full ACL explanation →

Examine this CoPP configuration:

ip access-list extended COPP-ACL
 permit tcp any any eq 22
 permit tcp any any eq

23

permit icmp any any echo

! class-map match-all COPP-CLASS match access-group name COPP-ACL ! policy-map COPP-POLICY

class COPP-CLASS

police 10000 1500 1500 conform-action transmit exceed-action drop violate-action drop

class class-default

police 64000 conform-action transmit exceed-action drop ! control-plane service-policy input COPP-POLICY

What is the effect of the police command in class COPP-CLASS?

Question 23mediummultiple choice
Study the full ACL explanation →

Consider the following CoPP configuration:

access-list 150 permit tcp any any eq 179
access-list 
150 permit udp any any eq 646

! class-map match-all COPP-CORE match access-group 150 ! policy-map COPP-POLICY

class COPP-CORE

police 64000 conform-action transmit exceed-action drop

class class-default

police 128000 conform-action transmit exceed-action drop ! control-plane service-policy input COPP-POLICY

What is missing from this configuration to also protect against ICMP-based control-plane attacks?

Question 24mediummultiple choice
Study the full ACL explanation →

Examine this CoPP configuration:

ip access-list extended PROTECT-ACL
 permit tcp any any eq 22
 permit tcp any any eq

23

permit tcp any any eq 179

! class-map match-all PROTECT-CLASS match access-group name PROTECT-ACL ! policy-map PROTECT-POLICY

class PROTECT-CLASS

police 16000 conform-action transmit exceed-action drop

class class-default

police 64000 conform-action transmit exceed-action drop ! control-plane service-policy input PROTECT-POLICY

What will happen to SSH traffic that exceeds 16000 bps?

Question 25easymultiple choice
Study the full ACL explanation →

What is the default CoPP policy on a Cisco IOS-XE router if no service-policy is applied to the control-plane?

Question 26easymultiple choice
Study the full ACL explanation →

Which of the following is NOT a valid match criterion for a class-map used in Control Plane Policing?

Question 27mediummultiple choice
Study the full ACL explanation →

In a CoPP policy, what is the effect of the 'violate-action' parameter in the police command?

Question 28mediummulti select
Study the full ACL explanation →

Which TWO commands verify the operational status and packet statistics of a Control Plane Policing (CoPP) policy on a Cisco IOS-XE device? (Choose TWO.)

Question 29mediummulti select
Study the full ACL explanation →

Which TWO statements about Control Plane Policing (CoPP) are true? (Choose TWO.)

Question 30hardmulti select
Study the full ACL explanation →

Which TWO configuration steps are required to implement Control Plane Policing (CoPP) on a Cisco IOS-XE router? (Choose TWO.)

Question 31hardmulti select
Study the full ACL explanation →

Which THREE symptoms indicate that Control Plane Policing (CoPP) might be misconfigured or causing connectivity issues? (Choose THREE.)

Question 32mediummulti select
Study the full ACL explanation →

Which TWO commands are used to troubleshoot Control Plane Policing (CoPP) and identify which traffic is being dropped? (Choose TWO.)

Question 33hardmultiple choice
Open the full BGP breakdown →

A large enterprise network is experiencing intermittent BGP session resets between R1 and R2. R1 has the following relevant configuration: ! R1 control-plane service-policy input CoPP !

access-list 100 permit tcp any any eq bgp

class-map match-all BGP-CLASS match access-group 100 ! policy-map CoPP

class BGP-CLASS

police 8000 conform-action transmit exceed-action drop

class class-default

police 1000000 conform-action transmit exceed-action drop ! R2 shows:

R2#show ip bgp summary

BGP router identifier 2.2.2.2, local AS number 65002 BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
1.1.1.1         4        65001   12345   12345        0    0    0 00:02:34        0

What is the root cause?

Question 34mediummultiple choice
Study the full ACL explanation →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show policy-map control-plane input class class-default

Class-map: class-default (match-any) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any police: cir 1000000 bps, bc 31250 bytes, be 31250 bytes conformed 0 packets, 0 bytes; actions: transmit violated 0 packets, 0 bytes; actions: drop conformed 0 bps, exceed 0 bps, violated 0 bps

What does this output indicate?

Question 35mediummultiple choice
Open the full BGP breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show ip access-lists CoPP-ACL

Extended IP access list CoPP-ACL

10 permit tcp host 10.1.1.1 any eq bgp (100 matches)
    
20 permit udp any any eq 67 (50 matches)
    
30 permit icmp any any echo (200 matches)
    
40 deny ip any any (500 matches)

What does this output indicate?

Question 36hardmultiple choice
Study the full ACL explanation →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show policy-map control-plane input class CoPP-Class

Class-map: CoPP-Class (match-all) 1500 packets, 120000 bytes 5 minute offered rate 10000 bps, drop rate 5000 bps Match: access-group name CoPP-ACL police: cir 8000 bps, bc 1500 bytes, be 1500 bytes conformed 1000 packets, 80000 bytes; actions: transmit exceeded 500 packets, 40000 bytes; actions: drop conformed 8000 bps, exceed 2000 bps, violated 0 bps

What does this output indicate?

Question 37mediummultiple choice
Review the full OSPF breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# debug ip ospf adj

OSPF adjacency debugging is on R1#

*Mar  1 00:05:23.123: OSPF: Rcv pkt from 10.1.1.2, FastEthernet0/0, area 0.0.0.0, packet type: 1 (Hello)
*Mar  1 00:05:23.123: OSPF: 2 Way Communication to 10.1.1.2 on FastEthernet0/0, state 2WAY
*Mar  1 00:05:23.124: OSPF: Send immediate hello to nbr 10.1.1.2, src address 10.1.1.1, on FastEthernet0/0
*Mar  1 00:05:23.124: OSPF: Rcv pkt from 10.1.1.2, FastEthernet0/0, area 0.0.0.0, packet type: 2 (DBD)
*Mar  1 00:05:23.125: OSPF: Rcv DBD from 10.1.1.2, seq 0x1234, opts 0x2, flag 0x7, mtu 1500 state EXSTART
*Mar  1 00:05:23.126: OSPF: Nbr 10.1.1.2 has state FULL

What does this output indicate?

Question 38easymultiple choice
Study the full ACL explanation →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show ip route summary

IP routing table name: Default-IP-Routing-Table (0x0)
IP routing table maximum-paths: 32

Route entry limits: 1000000 active, 2000000 total Number of prefixes: 500 Prefixes with memory: 500 Number of paths: 600 Paths with memory: 600 Number of operations: 1200 Number of deleted entries: 0

What does this output indicate?

Question 39mediummultiple choice
Open the full BGP breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show bgp ipv4 unicast 10.1.1.0/24

BGP routing table entry for 10.1.1.0/24, version 10 Paths: (1 available, best #1, table default) Advertised to update-groups: 1 Refresh Epoch 1 Local

10.1.1.2 from 10.1.1.2 (10.1.1.2)

Origin IGP, metric 0, localpref 100, valid, external, best Last update: Mon Mar 1 00:05:23 2024

What does this output indicate?

Question 40mediummultiple choice
Open the full BGP breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show bgp neighbors 10.1.1.2 advertised-routes

BGP table version is 10, local router ID is 10.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path *> 10.2.2.0/24 0.0.0.0 0 32768 i

Total number of prefixes 1

What does this output indicate?

Question 41mediummultiple choice
Open the full BGP breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show bgp neighbors 10.1.1.2 received-routes

BGP table version is 10, local router ID is 10.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path *> 10.3.3.0/24 10.1.1.2 0 100 0 i

Total number of prefixes 1

What does this output indicate?

Question 42mediummultiple choice
Review the full OSPF breakdown →

A network engineer runs the following command to troubleshoot a Control Plane Policing (CoPP) issue:

R1# show ip ospf interface detail

FastEthernet0/0 is up, line protocol is up Internet Address 10.1.1.1/24, Area 0.0.0.0, Attached via Network Statement Process ID 1, Router ID 10.1.1.1, Network Type BROADCAST, Cost: 1 Topology-MTID Cost Disabled Shutdown Topology Name 0 1 no no Base Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 10.1.1.1, Interface address 10.1.1.1 Backup Designated router (ID) 10.1.1.2, Interface address 10.1.1.2 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:03 Supports Link-local Signaling (LLS) Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 25 Last flood scan time is 0 msec, maximum is 4 msec

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 10.1.1.2 (Backup Designated Router) Suppress hello for 0 neighbor(s)

What does this output indicate?

Question 43hardmultiple choice
Study the full ACL explanation →

What is the default CoPP aggregate policer rate for control plane traffic on a Cisco IOS-XE device?

Question 44mediummultiple choice
Study the full ACL explanation →

Which control plane protocol packets are classified as 'critical' in the default CoPP policy?

Question 45mediummultiple choice
Study the full ACL explanation →

What is the default action for a CoPP policy-map class that does not have an explicit 'police' command?

Question 46hardmultiple choice
Study the full ACL explanation →

Which CoPP feature allows the control plane to process packets from a specific source IP address without rate limiting?

Question 47mediummultiple choice
Study the full ACL explanation →

What is the default CoPP classification for ARP packets on a Cisco IOS-XE device?

Question 48easymultiple choice
Study the full ACL explanation →

Which CoPP mechanism prevents the CPU from being overwhelmed by control plane traffic?

Question 49mediummultiple choice
Study the full ACL explanation →

What is the default CoPP behavior for traffic that does not match any class in the policy-map?

Question 50hardmultiple choice
Study the full ACL explanation →

Which statement about CoPP and IPv6 control plane traffic is correct?

Question 51easymultiple choice
Study the full ACL explanation →

What is the default CoPP policer action for packets that exceed the committed information rate (CIR)?

Question 52mediumdrag order
Study the full ACL explanation →

Drag and drop the steps to configure a Control Plane Policing (CoPP) policy into the correct order, from first to last.

Question 53harddrag order
Study the full ACL explanation →

Drag and drop the steps to troubleshoot Control Plane Policing (CoPP) adjacency or connectivity failures into the correct order, from first to last.

Question 54mediumdrag order
Study the full ACL explanation →

Drag and drop the steps to verify and validate the operational state of Control Plane Policing (CoPP) into the correct order, from first to last.

Question 55hardmulti select
Study the full ACL explanation →

Which TWO statements correctly describe the behavior of Control Plane Policing (CoPP) when applied to a Cisco IOS router? (Choose TWO.)

Question 56hardmulti select
Study the full ACL explanation →

Which TWO actions will prevent a CoPP policy from inadvertently dropping legitimate routing protocol packets during a traffic spike? (Choose TWO.)

Question 57hardmulti select
Study the full ACL explanation →

Which TWO statements about the 'show policy-map control-plane' command output are true? (Choose TWO.)

Question 58hardmulti select
Study the full ACL explanation →

An engineer must implement CoPP to protect the control plane of a Cisco IOS router from a DoS attack targeting SSH and SNMP. Which TWO configuration changes are required? (Choose TWO.)

Question 59hardmulti select
Study the full ACL explanation →

Which THREE commands can be used to verify the operation and effectiveness of a CoPP policy on a Cisco IOS router? (Choose THREE.)

Question 60hardmultiple choice
Review the full OSPF breakdown →

An engineer configures Control Plane Policing (CoPP) on a router running OSPF. After applying the policy, OSPF neighbors intermittently drop and recover. The CoPP policy includes a class-map matching OSPF traffic with a police rate of 64000 bps. The router has multiple OSPF neighbors and the link utilization is normal. Which is the most likely explanation?

Question 61hardmultiple choice
Study the full ACL explanation →

A network engineer configures CoPP on a router that is a DMVPN hub. The policy includes a class-map to match NHRP traffic and police it. After deployment, spoke-to-spoke tunnels fail to establish, although spoke-to-hub tunnels work. Which is the most likely explanation?

Question 62hardmultiple choice
Study the full EIGRP explanation →

An engineer configures CoPP on a router running EIGRP. The policy includes a class-map matching EIGRP traffic with a police rate of 1000 pps. After applying the policy, EIGRP neighbors form but occasionally go active and become stuck-in-active (SIA). Which is the most likely explanation?

Question 63hardmultiple choice
Open the full BGP breakdown →

A router has CoPP configured with a class-map that matches BGP traffic (TCP port 179) and polices it to 500 pps. The router has multiple iBGP peers. After applying the policy, some BGP sessions flap, but others remain stable. The flapping peers are those with higher latency. Which is the most likely explanation?

Question 64hardmultiple choice
Study the full ACL explanation →

An engineer configures CoPP with a class-map that matches all IP traffic and polices it to 10000 pps. The router also has uRPF strict mode enabled on the WAN interface. After applying CoPP, the router stops receiving routing updates from a neighbor, but pings to the neighbor succeed. Which is the most likely explanation?

Question 65hardmultiple choice
Review the full OSPF breakdown →

A router has CoPP configured with a class-map that matches OSPF traffic and polices it to 2000 pps. The router is also configured with an OSPF distribute-list in to filter routes. After applying CoPP, OSPF neighbors form, but routes from a specific neighbor are missing. The distribute-list permits all routes. Which is the most likely explanation?

Question 66hardmultiple choice
Open the full BGP breakdown →

An engineer configures CoPP on a router that is a route reflector for iBGP. The policy includes a class-map matching BGP traffic and polices it to 500 pps. After deployment, some iBGP prefixes are missing from the route reflector's table, but the BGP sessions are up. Which is the most likely explanation?

Question 67hardmultiple choice
Study the full ACL explanation →

A router has CoPP configured with a class-map that matches all traffic and polices it to 10000 pps. The router also has IPsec configured for a site-to-site VPN. After applying CoPP, the IPsec tunnel goes up, but traffic through the tunnel is intermittently dropped. Which is the most likely explanation?

Question 68hardmultiple choice
Review the full OSPF breakdown →

An engineer configures CoPP on a router with the following policy: class-map match-any PROTECT, match protocol ospf, police 1000 pps; class class-default, police 500 pps. After applying, OSPF neighbors form, but the router's CPU utilization remains high. Which is the most likely explanation?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

300-410 Practice Test 1 — 10 Questions→300-410 Practice Test 2 — 10 Questions→300-410 Practice Test 3 — 10 Questions→300-410 Practice Test 4 — 10 Questions→300-410 Practice Test 5 — 10 Questions→300-410 Practice Exam 1 — 20 Questions→300-410 Practice Exam 2 — 20 Questions→300-410 Practice Exam 3 — 20 Questions→300-410 Practice Exam 4 — 20 Questions→Free 300-410 Practice Test 1 — 30 Questions→Free 300-410 Practice Test 2 — 30 Questions→Free 300-410 Practice Test 3 — 30 Questions→300-410 Practice Questions 1 — 50 Questions→300-410 Practice Questions 2 — 50 Questions→300-410 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Layer 3 TechnologiesEIGRP TroubleshootingOSPF Troubleshooting (v2/v3)BGP TroubleshootingRoute RedistributionPolicy-Based Routing (PBR)VRF-LiteRoute Maps and Route FilteringAdministrative DistanceRoute SummarizationBidirectional Forwarding Detection (BFD)VPN TechnologiesMPLS OperationsMPLS L3VPNDMVPNIPsec Site-to-Site VPNIPv6 Tunneling TechniquesInfrastructure SecurityDevice Access ControlIPv4 Access Control ListsIPv6 Traffic Filtering and uRPFControl Plane Policing (CoPP)IPv6 First Hop SecurityInfrastructure ServicesDevice ManagementSNMP TroubleshootingNetwork Logging and SyslogEmbedded Event Manager (EEM)IP SLANetFlow and Flexible NetFlowSPAN, RSPAN, and ERSPANDHCP (IPv4 and IPv6)NAT and PAT

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Control Plane Policing (CoPP) setsAll Control Plane Policing (CoPP) questions300-410 Practice Hub