Security Fundamentals

Two switches are connected by an 802.1Q trunk. CDP reports a native VLAN mismatch. Which issue is most likely to appear because of this?

Match each REST API method to the action it most closely represents in a typical network automation workflow.

R1 has the following routes installed: O 10.10.10.0/24 via 192.0.2.2 S 10.10.10.128/25 via 198.51.100.2 S* 0.0.0.0/0 via 203.0.113.1 A packet destined for 10.10.10.200 arrives at R1. Which route is used?

A branch router has only one WAN link connected to an Ethernet handoff from the provider. Which static default route is generally the better choice?

Match each DHCPv4 message in the DORA process to its role.

An engineer successfully authenticates to a controller and receives a token. What is the usual reason for including that token in later API requests?

A router is configured for NetFlow export, but the collector at 192.0.2.50 is not receiving any flow records. Based on the exhibit, what is the most likely problem?

A user reports that their desk port stopped working immediately after they connected a small switch. The interface shows err-disabled, and the log mentions BPDU Guard. What most likely happened?

On a user access port, port security is configured with a maximum of 2 MAC addresses and violation mode restrict. A third unauthorized device is connected through a small unmanaged switch. What happens?

An ACL entry reads: access-list 25 permit 192.168.8.0 0.0.0.15 Which address range does this statement match?

R1 has these static routes configured. When the primary WAN path is up, which route will be installed in the routing table for traffic to 172.16.50.0/24?

SW2 receives the following STP details for VLAN 10. Based on the exhibit, which statement is correct?

R1 and R2 should form an OSPF adjacency on their shared GigabitEthernet link, but they remain stuck in EXSTART. Based on the exhibit, what is the most likely cause?

R1 learns three OSPF routes to different destinations: O 10.10.10.0/24 O IA 10.20.20.0/24 O E2 10.30.30.0/24 Which statement is correct about these route types?

A wireless site reports that users can connect to the SSID, but performance drops sharply around the conference area whenever the room fills up. Based on the exhibit, what is the most likely cause?

Based on the JSON snippet below, which statement is correct? { "device": { "hostname": "R1", "interfaces": [ {"name": "Gig0/0", "status": "up"}, {"name": "Gig0/1", "status": "down"} ] } }

Hosts on the inside network can reach the internet, but return traffic is failing after a new router was installed. Based on the exhibit, what configuration mistake is the most likely cause?

An ACL on R1 contains only these entries: access-list 101 permit tcp 10.10.10.0 0.0.0.255 any eq 443 access-list 101 permit icmp any any What happens to an HTTP packet sourced from 10.10.10.25 and destined for 198.51.100.10 if ACL 101 is applied in the traffic path?

Which Syslog severity level represents an emergency condition, the most critical level?

Match each IP service to the transport protocol and default port it commonly uses in a basic CCNA context.

Clients can join the Guest SSID and authenticate successfully, but they never receive an IP address. The DHCP scope for the guest network exists on the server. Based on the exhibit, what is the most likely cause?

What is the main purpose of a YANG data model in network automation?

Two switches are supposed to form an EtherChannel, but the bundle never comes up. Which explanation best matches the exhibit?

Which OSPF neighbor state indicates that the routers have already exchanged full link-state databases?

Match each route source to its default administrative distance on a Cisco router.

R1 learns 192.0.2.0/24 from multiple sources. Which two statements are correct about the routing decision shown in the exhibit?

A router is configured as an NTP client, but its time never synchronizes. Based on the exhibit, what is the most likely issue?

Match each management or monitoring technology to its primary purpose.

A switch interface connected to a Cisco IP phone with a PC behind it must carry voice and data correctly. Which two switchport commands are appropriate on that access port?

An automation script needs to send a bearer token when calling a controller REST API over HTTPS. Where is that token most commonly included?

A switch stack uses Rapid PVST+. Users on VLAN 40 lose connectivity for roughly 30 seconds every time the uplink on SW2 flaps. Based on the exhibit, which change would most directly improve convergence for this VLAN?

Traffic to 203.0.113.0/24 should use the ISP-A link, but packets are leaving through ISP-B instead. Based on the exhibit, why is ISP-B being chosen?

A controller-based WLAN uses 5 GHz in an open office. Clients keep disconnecting when users roam between APs, but signal strength remains strong. Based on the exhibit, what is the most likely problem?

A collector is not receiving flow records from a branch router. Based on the exhibit, what is the most likely issue?

A branch router is configured for NAT overload, but inside hosts still reach the ISP with their private source addresses. Based on the exhibit, what is the most likely reason?

Which two statements about standard and extended IPv4 ACLs are correct?

Clients can browse the internet by IP address but fail when using hostnames. Based on the exhibit, where is the fault most likely located?

Which statement best describes model-driven telemetry compared with traditional SNMP polling?

A switch should automatically disable any access port that receives a BPDU from an attached device. Which feature directly provides that behavior?

A Layer 2 EtherChannel between two switches is not forming. Based on the exhibit, what is the most likely cause?

A network team wants all devices to timestamp logs consistently so event correlation works across routers, switches, and firewalls. Which service should they configure first?

Match each security concept to its description.

An engineer applies this command on an access interface connected to a user PC: switchport port-security violation restrict. What happens if a second unauthorized MAC address appears on the port?

Match each HTTP method to its common REST API action.

R1 receives an OSPF route to 10.55.0.0/16 and already has a static route to 10.55.10.0/24. Which route will be used for traffic sent to 10.55.10.25?

Which STP role identifies the port on a non-root switch that has the best path back to the root bridge?

Which statement accurately describes JSON in a network automation workflow?

Users on a new access switch can reach devices in their own VLAN but cannot reach the default gateway on the distribution switch. Based on the exhibit, what is the most likely cause?

An administrator wants an access-layer interface to shut down immediately if another switch is connected accidentally. Which feature best meets that requirement?

Exhibit: A standard ACL meant to block host 10.10.10.50 from reaching any remote network was applied inbound on the branch router's LAN interface, but users report that all local traffic from that host is now blocked. What is the better placement?

Exhibit: An administrator wants to permit HTTP and HTTPS from 10.1.10.0/24 to a web server at 198.51.100.20 and deny everything else from that subnet. Which ACL type is required?

Which ACL statement permits only SSH from host 10.10.10.50 to server 192.168.1.10?

Exhibit: Hosts in VLAN 20 must reach the internet through PAT, but users report no external connectivity. Which configuration issue best explains the problem?

Exhibit: After PAT is configured, inside users can browse the internet, but the engineer wants to verify that translations are actually being created. Which command is the best choice?

Exhibit: Users on the inside network can open connections to a web server in the DMZ, but return traffic is denied by an ACL on the outside interface. Which statement best explains the issue?

Exhibit: Users in 10.20.30.0/24 should be allowed to browse the web but should not be able to open Telnet sessions to any remote device. Which access list entry best meets the requirement?

Why is SSH preferred over Telnet for device management?

Exhibit: An engineer applies an ACL inbound on the VTY lines to permit SSH only from 10.5.5.0/24. Users from that subnet still cannot connect. What is the most likely reason?

Exhibit: An administrator wants inside hosts in 192.168.10.0/24 to reach the internet using one public IP address on the edge router. Which feature is being used?

A network team wants an ACL that permits HTTPS from 10.1.50.0/24 to a web server at 203.0.113.10 and denies all Telnet traffic from that subnet to any destination. Which two ACEs are required?

Exhibit: Hosts on the inside network can reach the internet, but inbound connections to a published web server fail. Static NAT is configured. What is the most likely missing piece?

Exhibit: Port security is enabled with a maximum of 2 MAC addresses, but a third device connected through a small hub causes a violation. Which result is expected in restrict mode?

Exhibit: An access switch port shuts down as soon as a user connects a small unmanaged switch under the desk. Which feature caused that behavior?

Which two statements about AAA on Cisco devices are correct? Choose two.

Which NAT feature allows many inside hosts to share one public IPv4 address by using unique source port numbers?

A switch port is configured with port-security violation mode restrict. Which two statements are true when an unauthorized MAC address appears?

Which two statements correctly describe syslog severity levels?

Which two actions help protect access-layer switch ports from rogue DHCP servers?

A security policy requires administrators to permit SSH to network devices but block insecure remote CLI access. Which two actions support that goal?

A switchport connected to an employee PC must allow the normal endpoint to connect but immediately err-disable the port if a switch is plugged in. Which two features should be configured on that access port?

A standard numbered ACL is applied close to the destination, but it is blocking traffic from one host while still allowing all other users on the subnet. Which two facts about standard ACLs are relevant in this design?

A technician reports that users on a guest wireless SSID can reach the internet but can also browse internal file shares, which should be blocked. Which two design actions most directly address that issue?