Back to Cisco CCNP ENARSI 300-410

Cisco exam questions

Cisco CCNP ENARSI 300-410 practice test

Practise identifying common networking hardware like routers, switches, access points, and their roles in a network.

2,152
practice questions
33
topics covered
300-410
exam code
Cisco
vendor

Study modes

Three ways to study

Start with the Study Sheet to learn the material, switch to Practice Tests for active recall, then take a Mock Exam to simulate the real thing.

Study Sheet

All 2,152 questions with correct answers and explanations already visible. Read at your own pace — no time pressure.

Start reading →

Practice Test

Answer first, then see feedback and explanation. Tracks your score per session. Best for active recall and identifying weak areas.

Mock Exam

Full timed simulation with countdown. Answers hidden until the end. Includes all question types just like the real exam.

Start mock exam →

Study Sheet

All 2,152 300-410 questions with answers

Every question in the bank, paginated 75 per page. Correct answers and full explanations are revealed upfront — ideal for first-pass learning and pre-exam review.

29 pages · 75 questions per page · 2,152 total

Related practice questions

Study 300-410 by topic

Topic pages go deep on individual concepts — each one covers a specific exam topic with questions, explanations, and study notes.

Courseiva uses original exam-style practice questions created for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps. Learn the difference →

Sample questions

Cisco CCNP ENARSI 300-410 practice questions

Start practice test
Question 1mediumdrag order
Read the full VPN explanation →

Drag and drop the steps to negotiate an IKEv2 IPsec site-to-site tunnel into the correct order, from first to last.

Question 2harddrag order
Read the full VPN explanation →

Drag and drop the steps to troubleshoot an IPsec site-to-site VPN adjacency failure into the correct order, from first to last.

Question 3mediumdrag order
Read the full VPN explanation →

Drag and drop the steps to verify and validate the operational state of an IPsec site-to-site VPN into the correct order, from first to last.

Question 4mediumdrag order
Study the full IPv6 explanation →

Drag and drop the steps to configure a GRE tunnel for IPv6 over IPv4 into the correct order, from first to last.

Question 5harddrag order
Study the full IPv6 explanation →

Drag and drop the steps to troubleshoot IPv6 over IPv4 tunnel adjacency or connectivity failures into the correct order, from first to last.

Question 6mediumdrag order
Study the full IPv6 explanation →

Drag and drop the steps to verify and validate the operational state of an IPv6 tunneling technique into the correct order, from first to last.

Question 7mediumdrag order
Study the full AAA explanation →

Drag and drop the steps to configure SSH access with local AAA on a Cisco router into the correct order, from first to last.

Drag and drop the steps to troubleshoot Device Access Control adjacency or connectivity failures into the correct order, from first to last.

Drag and drop the steps to verify and validate Device Access Control operational state into the correct order, from first to last.

Question 10harddrag order
Study the full ACL explanation →

Drag and drop the steps to troubleshoot IPv4 ACL adjacency or connectivity failures into the correct order, from first to last.

Question 11mediumdrag order
Study the full ACL explanation →

Drag and drop the steps to apply and verify an extended IPv4 ACL on a router interface into the correct order, from first to last.

Question 12mediumdrag order
Study the full ACL explanation →

Drag and drop the steps to verify and validate the operational state of IPv4 ACLs into the correct order, from first to last.

Question 13mediummultiple choice
Study the full ACL explanation →

A network engineer is troubleshooting a connectivity issue between two routers R1 and R2 connected via GigabitEthernet0/0. The engineer notices that R1 can ping its own IPv6 address 2001:db8:1::1/64, but cannot ping R2's interface address 2001:db8:1::2/64. The output of 'show ipv6 interface GigabitEthernet0/0' on R1 indicates that IPv6 is enabled and the interface is up/up. The engineer checks the access list applied to the interface and sees an inbound IPv6 ACL that permits only ICMPv6 echo requests from a specific source. What is the most likely cause of the ping failure?

Question 14mediummultiple choice
Study the full IPv6 explanation →

Examine this configuration:

interface GigabitEthernet0/4

ipv6 address 2001:db8:2::1/64 ipv6 verify unicast source reachable-via any

What is the effect of the 'ipv6 verify unicast source reachable-via any' command?

Question 15mediummultiple choice
Study the full IPv6 explanation →

Consider the following configuration:

ipv6 access-list FILTER

permit ipv6 2001:db8:3::/48 any
 deny ipv6 any any

interface GigabitEthernet0/5

ipv6 traffic-filter FILTER in ipv6 verify unicast source reachable-via rx

A packet arrives on GigabitEthernet0/5 with source 2001:db8:3::100 and destination 2001:db8:4::1. The route for 2001:db8:3::/48 points out interface GigabitEthernet0/6. What happens?

Question 16mediummultiple choice
Study the full IPv6 explanation →

Review this configuration:

route-map RMAP permit 10 match ipv6 address prefix-list PREFIX set interface null0 ! ipv6 prefix-list PREFIX seq 5 permit 2001:db8:5::/48 !

interface GigabitEthernet0/6

ipv6 verify unicast source reachable-via any allow-default

What is the purpose of the 'allow-default' keyword?

Question 17easymultiple choice
Study the full IPv6 explanation →

In IPv6, what is the default action for an access-list entry that does not specify a protocol?

Question 18easymultiple choice
Study the full IPv6 explanation →

What is the default uRPF mode when 'ipv6 verify unicast source reachable-via' is configured without any keyword?

Question 19mediummultiple choice
Study the full IPv6 explanation →

According to RFC 2460, what is the correct behavior when an IPv6 router receives a packet with a source address that is a multicast address?

Question 20mediummulti select
Study the full IPv6 explanation →

Which TWO commands can be used to verify IPv6 unicast RPF operation on an interface? (Choose TWO.)

Question 21hardmulti select
Study the full IPv6 explanation →

Which THREE symptoms indicate that IPv6 unicast RPF is misconfigured or failing on an interface? (Choose THREE.)

Question 22mediummulti select
Study the full ACL explanation →

Which TWO configuration steps are required to implement IPv6 traffic filtering using a named ACL on a Cisco router? (Choose TWO.)

Question 23hardmulti select
Study the full IPv6 explanation →

Which THREE statements about IPv6 unicast RPF (uRPF) are true? (Choose THREE.)

Question 24hardmultiple choice
Review the full OSPF breakdown →

A large enterprise network uses OSPFv3 for IPv6 routing. Router R1 and R2 are connected via a multi-access Ethernet link. R1 is configured with 'ipv6 ospf network point-to-point' while R2 uses the default broadcast network type. R1 has an IPv6 ACL applied inbound on its interface that permits only OSPF (89) and denies all other traffic. R2 is unable to form a full OSPF adjacency with R1. R2 shows 'OSPFv3 adjacency state is EXSTART/EXCHANGE' and logs 'Bad LSReq'. What is the root cause?

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

Exam question guide

How to use these 300-410 questions

Use these questions as active recall, not passive reading. Try the question first, review the answer choices, then open the explanation and connect the result back to the exam topic.

Quick answer

Tests identification, purpose, and configuration of routers, switches, access points, and patch panels.

Identify routers, switches, and access points by function

Understand PoE and PoE+ power requirements

Differentiate managed vs unmanaged switches

Recognize cable types: Cat5e, Cat6, fiber

These 300-410 practice questions are part of Courseiva's free Cisco certification practice question bank. Courseiva provides original exam-style 300-410 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.