CCNA Device Management Questions

75 of 76 questions · Page 1/2 · Device Management · Answers revealed

1
MCQhard

An engineer configures mutual redistribution between OSPF and EIGRP on a router. After a few minutes, routing loops occur. The engineer did not configure route tagging. Which is the most likely explanation?

A.The router redistributes routes from OSPF into EIGRP, and then those routes are redistributed back into OSPF, creating a loop.
B.The seed metric is not configured, causing EIGRP to reject the redistributed routes.
C.OSPF has a lower administrative distance than EIGRP, causing route preference issues.
D.The router is running both protocols on the same interface, causing a conflict.
AnswerA

Without tagging, the router cannot prevent re-redistribution of its own routes, leading to a loop.

Why this answer

Mutual redistribution without route tagging can cause a routing loop because a route redistributed from OSPF into EIGRP may be redistributed back into OSPF, creating a feedback loop. Without a tag to mark the origin, the router cannot distinguish between a route it originated and one it learned from another protocol.

2
MCQhard

An engineer configures unicast Reverse Path Forwarding (uRPF) in strict mode on an interface. Traffic from a legitimate source IP is being dropped. The network has asymmetric routing. Which is the most likely explanation?

A.The router receives the packet on an interface that is not the best return path to the source IP, causing strict uRPF to drop it.
B.The source IP is not in the routing table at all.
C.The uRPF configuration is missing the 'allow-default' option.
D.The router is using loose mode instead of strict mode.
AnswerA

Strict uRPF requires the incoming interface to be the same as the outgoing interface for the source IP; asymmetric routing violates this.

Why this answer

Strict uRPF checks that the source IP of incoming traffic matches the best reverse route via the same interface. In asymmetric routing, traffic may arrive on an interface different from the one the router would use to send traffic back to that source, causing strict uRPF to drop the traffic.

3
MCQeasy

What is the default administrative distance for OSPF routes in Cisco IOS?

A.90
B.100
C.110
D.120
AnswerC

Correct: OSPF routes have a default administrative distance of 110.

Why this answer

The default administrative distance for OSPF is 110. This is a Cisco IOS default value used when comparing routes from different routing protocols.

4
MCQeasy

A network engineer runs the following command to troubleshoot a BGP prefix issue: R1# show bgp ipv4 unicast 192.168.10.0/24 BGP routing table entry for 192.168.10.0/24, version 5 Paths: (1 available, best #1, table default) Advertised to update-groups: 1 Refresh Epoch 1 Local 10.1.1.2 from 10.1.1.2 (2.2.2.2) Origin IGP, metric 0, localpref 100, valid, external, best rx pathid: 0, tx pathid: 0x0 What does this output indicate?

A.The prefix is learned via eBGP and is the best path.
B.The prefix is learned via iBGP and is not the best path.
C.The prefix is suppressed and not advertised to peers.
D.The prefix is invalid due to missing next-hop reachability.
AnswerA

The output shows 'valid, external, best', confirming it is the best eBGP route.

Why this answer

The output shows that the prefix 192.168.10.0/24 is learned via eBGP from neighbor 10.1.1.2 (router ID 2.2.2.2). It is marked as valid, external, and best, meaning it is installed in the routing table.

5
Multi-Selecteasy

Which TWO commands can be used to verify the configured logging destinations on a Cisco IOS-XE device? (Choose TWO.)

Select 2 answers
A.show logging
B.show running-config | include logging
C.show log
D.show syslog
E.show debug
AnswersA, B

This command shows the logging status, including destinations such as buffer, console, monitor, and syslog servers.

Why this answer

The 'show logging' command displays the current logging configuration and buffer contents. The 'show running-config | include logging' command shows all logging-related configuration lines. The other commands either show different information or do not exist.

6
MCQmedium

Given the following partial configuration on router R3: ip access-list extended FILTER permit ip 10.0.0.0 0.255.255.255 any deny ip any any ! route-map RMAP permit 10 match ip address FILTER set metric 100 ! router eigrp 100 redistribute connected route-map RMAP What is the effect of this configuration?

A.All connected routes will be redistributed into EIGRP with a metric of 100.
B.Only connected routes with a prefix matching 10.0.0.0/8 will be redistributed into EIGRP with metric 100; all other connected routes are not redistributed.
C.No routes will be redistributed because the route-map sequence number is not specified.
D.The redistribution will fail because the route-map must specify a metric for EIGRP redistribution.
AnswerB

The route-map matches the ACL, which permits only 10.0.0.0/8. The set metric applies to matched routes. The deny statement in the ACL causes other routes to be denied by the route-map.

Why this answer

The route-map RMAP is configured to permit routes matching ACL FILTER (which permits 10.0.0.0/8) and set their metric to 100. However, the route-map is applied to redistribution of connected routes. Only connected routes that match the ACL will be redistributed; the set metric command will apply metric 100 to those routes.

Routes not matching the ACL will be denied (since the ACL denies all other traffic) and not redistributed.

7
MCQmedium

A network engineer is troubleshooting a router that is not sending SNMP traps to the NMS server at 10.1.1.100. The SNMP configuration includes 'snmp-server enable traps' and 'snmp-server host 10.1.1.100 version 2c public'. The engineer can ping the NMS server from the router, and 'show snmp' indicates SNMP is enabled. What is the most likely cause of the missing traps?

A.The NMS server is not listening on UDP port 162.
B.The 'snmp-server trap-source' command is missing, causing traps to use an incorrect source IP.
C.The SNMP community string 'public' is not configured on the router.
D.The router's ACL is blocking outbound UDP traffic to port 162.
AnswerB

Without 'snmp-server trap-source', the router uses the outgoing interface IP, which may not match the NMS's expected source or may be unreachable.

Why this answer

The router has SNMP traps enabled and a host configured, but the 'snmp-server trap-source' command is missing, causing traps to be sourced from an interface that may not be reachable or may have an incorrect source IP that the NMS expects.

8
MCQhard

A network engineer redistributes OSPF routes into EIGRP on Router R1. After redistribution, Router R3, which is an EIGRP neighbor of R1, starts experiencing routing loops for the 192.168.1.0/24 network. R1 configuration: router eigrp 100, redistribute ospf 1 metric 10000 100 255 1 1500, route-map RM-OSPF-to-EIGRP. The route-map sets tag 100. R3 shows: 'show ip route 192.168.1.0' points to R1, but traceroute shows packets looping between R1 and R3. What is the root cause?

A.The redistribution metric is too low, causing the route to be preferred over the OSPF path, but the loop is due to missing route tagging and filtering on redistribution.
B.The EIGRP metric values are incorrect; the delay value of 100 is too high, causing the route to be considered unreachable.
C.The route-map is applied in the wrong direction; it should be applied to the redistribute command under OSPF instead of EIGRP.
D.R3 has a static route for 192.168.1.0/24 pointing to R1, overriding the dynamic route.
AnswerA

The route-map sets a tag, but without a corresponding filter on the OSPF side (e.g., deny routes with tag 100), the route can be redistributed back into OSPF, creating a loop.

Why this answer

The redistribution injects OSPF routes into EIGRP with a metric that may be suboptimal. However, the key issue is that the route-map sets a tag, but without filtering, the redistributed routes may be re-advertised back into OSPF if mutual redistribution is configured elsewhere, causing a loop. In this case, the loop occurs because R1 redistributes into EIGRP, and R3, which may also have OSPF, redistributes the route back, creating a feedback loop.

The fix is to use route tagging and filtering to prevent redistribution loops.

9
MCQeasy

A network engineer runs the following command on Router R1: R1# show ip sla statistics IPSLAs Latest Statistics: Round Trip Time (RTT) for Index 1 Latest RTT: 10 ms Latest RTT (milliseconds): 10 Number of successes: 100 Number of failures: 0 Operation time to live: 3000 Operation frequency: 60 seconds Next operation start time: 00:00:45 Based on this output, what is the status of the IP SLA operation?

A.The IP SLA operation has failed 100 times.
B.The IP SLA operation is successful and has a low RTT.
C.The IP SLA operation is not configured correctly.
D.The IP SLA operation is about to expire.
AnswerB

100 successes and 10 ms RTT indicate good performance.

Why this answer

The output shows 100 successes and 0 failures, with a latest RTT of 10 ms. This indicates the IP SLA operation is functioning correctly.

10
MCQhard

An engineer is troubleshooting a router that is configured to archive configurations to a TFTP server at 192.168.1.10. The 'archive' configuration includes 'path tftp://192.168.1.10/config-archive' and 'write-memory'. The engineer notices that the archive is not being created after 'copy running-config startup-config'. What is the most likely cause?

A.The TFTP server does not have write permissions for the directory.
B.The 'archive' configuration is missing the 'time-period' command.
C.The router's 'file prompt quiet' command is configured, suppressing error messages.
D.The TFTP server's IP address is incorrect in the path.
AnswerA

TFTP servers often require a pre-existing file or write permissions; if the server cannot create the file, the archive fails silently.

Why this answer

The archive 'write-memory' command triggers an archive when the startup-config is written, but the TFTP server may not allow file creation, or the path is incorrect. A common issue is that the TFTP server requires a filename, not a directory path, or the server is not reachable.

11
MCQeasy

What is the default OSPF dead interval on an Ethernet broadcast network?

A.10 seconds
B.30 seconds
C.40 seconds
D.120 seconds
AnswerC

The dead interval is 4 times the hello interval (10 seconds) = 40 seconds.

Why this answer

The default OSPF dead interval is 4 times the hello interval. On broadcast networks (like Ethernet), the default hello interval is 10 seconds, so the dead interval is 40 seconds.

12
MCQmedium

A network engineer runs the following command to troubleshoot route redistribution: R1# debug ip routing IP: route table insert (10.10.10.0/24 via 192.168.1.1, ospf 1) metric [110/20] IP: route table insert (10.10.10.0/24 via 10.1.1.2, eigrp 100) metric [90/158720] IP: route table delete (10.10.10.0/24 via 192.168.1.1, ospf 1) metric [110/20] IP: route table insert (10.10.10.0/24 via 10.1.1.2, eigrp 100) metric [90/158720] What does this output indicate?

A.The router is load-balancing between OSPF and EIGRP routes.
B.The EIGRP route replaces the OSPF route due to lower administrative distance.
C.The OSPF route is preferred due to lower metric.
D.Both routes are installed in the routing table.
AnswerB

EIGRP AD 90 is lower than OSPF AD 110, so the EIGRP route is preferred.

Why this answer

The debug shows that the router initially installed an OSPF route for 10.10.10.0/24, then replaced it with an EIGRP route because EIGRP has a lower administrative distance (90 vs 110).

13
Multi-Selectmedium

Which TWO commands can be used to verify the SNMP configuration on a Cisco IOS-XE device? (Choose TWO.)

Select 2 answers
A.show snmp
B.show snmp host
C.show running-config | include snmp
D.show ip snmp
E.show snmp community
AnswersA, B

This command displays the SNMP engine ID, community strings, and trap status.

Why this answer

The 'show snmp' command displays SNMP engine ID, community strings, and traps. The 'show snmp host' command lists the configured trap receivers and their associated community strings. The other options either show unrelated information or do not exist.

14
MCQeasy

A network engineer runs the following command to troubleshoot a VRF route issue: R1# show ip route vrf CUSTOMER summary IP routing table name is CUSTOMER (0x1) IP routing table maximum-paths is 32 Route Source Networks Subnets Overhead Memory (bytes) connected 2 0 0 320 static 1 0 0 160 eigrp 100 3 0 0 480 Internal 3 Total 6 0 0 960 What does this output indicate?

A.The VRF CUSTOMER routing table has 6 routes, including static and EIGRP routes.
B.The VRF CUSTOMER routing table is empty.
C.The VRF CUSTOMER has only connected routes.
D.The VRF CUSTOMER routing table has an error due to overlapping subnets.
AnswerA

The summary shows connected, static, and EIGRP routes totaling 6.

Why this answer

The output shows the routing table summary for VRF CUSTOMER, with 6 total routes: 2 connected, 1 static, and 3 EIGRP routes. No red flags are present.

15
MCQmedium

Consider the following partial configuration on router R6: router bgp 65001 bgp router-id 6.6.6.6 neighbor 10.0.0.2 remote-as 65002 neighbor 10.0.0.2 route-map SET-MED out ! route-map SET-MED permit 10 set metric 50 What is the effect of this configuration?

A.Only routes that match a specific prefix will have MED set to 50; other routes will not be advertised.
B.The route-map will set the MED to 50 for all routes advertised to neighbor 10.0.0.2, and all routes will be advertised.
C.The configuration is invalid because the route-map must have a match clause.
D.The MED will only be set if the neighbor is also configured with a route-map for inbound updates.
AnswerB

The route-map has no match, so it matches all routes. The set metric command applies to all matched routes, setting MED to 50.

Why this answer

The route-map SET-MED is applied to outbound updates to neighbor 10.0.0.2. It sets the MED (multi-exit discriminator) attribute to 50 for all routes advertised to that neighbor. However, the route-map does not have a match clause, so it matches all routes.

This is valid; all routes sent to that neighbor will have MED set to 50.

16
Multi-Selectmedium

Which TWO statements about the Cisco IOS-XE SSH server configuration are true? (Choose TWO.)

Select 2 answers
A.The hostname and domain name must be configured before generating RSA keys.
B.SSH version 2 is the default and is automatically enabled when RSA keys are generated.
C.The command 'ip ssh version 1' is required to enable SSH.
D.The command 'transport input ssh' must be configured globally.
E.RSA key modulus size must be at least 2048 bits for SSH version 2.
AnswersA, B

RSA keys require a fully qualified domain name (FQDN) which uses both hostname and domain name.

Why this answer

SSH version 2 is the default and recommended version. The hostname and domain name are required to generate the RSA key pair for SSH. The 'ip ssh version' command is used to set the version, but version 2 is default.

The 'transport input ssh' command is applied to the VTY lines, not globally.

17
MCQmedium

Consider the following partial configuration on router R2: interface GigabitEthernet0/0 ip address 10.0.0.2 255.255.255.0 ip ospf 1 area 0 ! interface GigabitEthernet0/1 ip address 192.168.1.2 255.255.255.0 ip ospf 1 area 0 ! router ospf 1 router-id 2.2.2.2 network 10.0.0.0 0.0.0.255 area 0 network 192.168.1.0 0.0.0.255 area 0 What is the effect of this configuration?

A.OSPF will not form adjacencies because the interface and network commands conflict, causing OSPF to ignore the network statements.
B.OSPF will form adjacencies on both interfaces, but the router-id 2.2.2.2 will be overridden by the highest loopback IP.
C.OSPF will form adjacencies on both interfaces as intended; the configuration is redundant but functional.
D.OSPF will only form adjacency on GigabitEthernet0/1 because the network statement for 10.0.0.0 is incorrect.
AnswerC

Both interfaces have OSPF enabled via the interface command and the network statement. This is acceptable and OSPF will operate normally.

Why this answer

The configuration has OSPF enabled on interfaces both via the ip ospf interface command and via network statements under the router. This is redundant but valid; the network statement will enable OSPF on any interface matching the network, but the interface already has OSPF enabled. The network statement will also enable OSPF on additional interfaces that match, but here both interfaces are already covered.

The configuration works as intended.

18
Drag & Dropmedium

Drag and drop the steps to verify and validate Device Management operational state into the correct order, from first to last.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Why this order

Start by checking the management interface status, then confirm the management protocol is operational, verify the device is reachable, validate data model support, and finally perform a test retrieval of configuration data.

19
MCQmedium

A network engineer runs the following command on Router R1: R1# show dmvpn Legend: Attrb -> S: Static, D: Dynamic, I: Incomplete N: NATed, L: Local, X: No Socket # Entries: 2 Interface: Tunnel0, IPv4 NHRP Details Type: Hub, NHRP Peers: 2, # Ent Peer NBMA Addr Peer Tunnel Addr State UpDn Tm Attrb ----- --------------- --------------- ----- -------- ----- 1 192.168.1.2 10.0.0.2 UP 00:15:30 D 2 192.168.2.2 10.0.0.3 UP 00:14:20 D Based on this output, which statement is correct?

A.The DMVPN tunnel is not functioning because there are only two peers.
B.Both spoke routers have established dynamic NHRP registrations with the hub.
C.The hub router has static NHRP entries for the spokes.
D.The spokes are not able to communicate with each other.
AnswerB

The state is UP and attribute is D (dynamic).

Why this answer

The output shows a DMVPN hub with two dynamic peers (spokes) that are both UP. The hub has NHRP peers, and the entries are dynamic (D). This is normal operation.

20
MCQhard

A network engineer is troubleshooting a router that is not allowing SSH connections from any management station. The router has 'ip domain-name example.com' and 'crypto key generate rsa' configured. 'line vty 0 4' has 'transport input ssh' and 'login local'. The engineer can ping the router from a management station. What is the most likely cause?

A.The RSA key was generated with a modulus less than 768 bits, causing SSH to fail.
B.The VTY lines are missing the 'login local' command.
C.The router has 'ip ssh version 1' configured, and the client only supports SSHv2.
D.The management station is using the wrong username or password.
AnswerA

Cisco IOS requires a minimum 768-bit RSA key for SSHv2; if the key is smaller, SSH will not accept connections.

Why this answer

SSH requires proper AAA or local authentication, and the VTY lines must have 'login local' or AAA configured. However, a common issue is that the RSA key is not generated with sufficient modulus size (minimum 768 bits for SSHv2).

21
Multi-Selecthard

Which THREE symptoms indicate that a device's NTP synchronization is failing? (Choose THREE.)

Select 3 answers
A.The output of 'show clock' does not have an asterisk (*) next to the time.
B.The output of 'show ntp associations' shows a dot (.) instead of an asterisk (*) for the peer.
C.Syslog messages indicate 'NTP synchronization lost'.
D.The output of 'show ntp status' shows 'Clock is synchronized'.
E.The command 'ntp peer 10.1.1.1' is configured.
AnswersA, B, C

The asterisk indicates the clock is synchronized to an NTP source.

Why this answer

NTP synchronization failure is indicated by the clock being unsynchronized ('*' missing from 'show clock'), NTP associations showing '.' instead of '*' in 'show ntp associations', and syslog messages about NTP synchronization loss. The 'show ntp status' shows the clock is synchronized if working, and 'ntp peer' commands are for configuration, not symptoms.

22
Drag & Drophard

Drag and drop the steps to troubleshoot Device Management adjacency or connectivity failures into the correct order, from first to last.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Why this order

Troubleshooting starts with checking basic IP connectivity, then verifying the management protocol (e.g., NETCONF/RESTCONF) status, ensuring the correct port is open, checking AAA/authorization, and finally reviewing logs for errors.

23
MCQeasy

A network engineer runs the following command on Router R1: R1# show ip eigrp neighbors IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 0 192.168.1.2 Gi0/0 13 00:12:34 10 200 0 15 1 192.168.2.2 Gi0/1 10 00:10:22 12 200 0 22 2 10.10.10.2 Gi0/2 14 00:08:15 15 200 0 18 Based on this output, which statement is correct?

A.Neighbor 192.168.1.2 has a high SRTT indicating a slow link.
B.All EIGRP neighbors are operating normally.
C.Neighbor 10.10.10.2 is experiencing packet loss due to high RTO.
D.The Q count of 0 indicates that EIGRP is not exchanging routes.
AnswerB

All neighbors show normal hold timers, uptimes, and zero queued packets.

Why this answer

The output shows three EIGRP neighbors with normal hold timers and uptimes. The Q count is 0 for all, indicating no queued packets. The SRTT and RTO values are low, indicating good network conditions.

There is no problem evident in this output.

24
MCQmedium

Given the following partial configuration on router R5: interface GigabitEthernet0/0 ip address 10.1.1.1 255.255.255.0 ip pim sparse-mode ! interface GigabitEthernet0/1 ip address 10.2.2.1 255.255.255.0 ip pim sparse-mode ! router ospf 1 router-id 5.5.5.5 network 10.0.0.0 0.255.255.255 area 0 What is the effect of this configuration?

A.OSPF will not form adjacencies because PIM sparse-mode is enabled on the interfaces.
B.OSPF will form adjacencies on both interfaces, and PIM sparse-mode will operate normally; the configuration is valid.
C.OSPF will only form adjacency on GigabitEthernet0/0 because the network statement does not match GigabitEthernet0/1.
D.PIM sparse-mode will not work because there is no rendezvous point (RP) configured.
AnswerB

Both protocols work together. OSPF handles unicast routing, PIM handles multicast. No issues.

Why this answer

The configuration enables OSPF on both interfaces via the network statement (since both are in 10.0.0.0/8). It also enables PIM sparse-mode on each interface. This is typical for multicast routing.

OSPF will form adjacencies and PIM will operate. There is no conflict.

25
Drag & Dropmedium

Drag and drop the steps to enable and verify RESTCONF on IOS-XE into the correct order, from first to last.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Why this order

RESTCONF requires enabling the HTTPS server first, then the RESTCONF service, followed by authentication configuration, verifying the interface, and finally testing via a REST client.

26
MCQhard

An engineer is troubleshooting a router that is configured as an NTP client. The router's clock is not synchronizing with the NTP server at 192.168.1.1. 'show ntp status' shows 'clock is unsynchronized', and 'show ntp associations' shows the server as '.INIT.' with no reachability. The engineer can ping the NTP server. What is the most likely cause?

A.The NTP server is not configured to respond to NTP requests from this client.
B.The router's 'ntp source' command is missing, causing NTP packets to use an incorrect source IP.
C.The router's clock is set too far in the future, causing NTP to reject the server's time.
D.The router has 'ntp authenticate' enabled without the proper key.
AnswerA

Ping works, but NTP uses UDP 123; the server may be configured to deny service to this client, or the server's NTP service is not running.

Why this answer

The NTP server may be reachable via ping, but NTP uses UDP port 123. The router may have an ACL blocking NTP traffic, or the NTP server may not be responding. However, a common issue is that the NTP server is not configured to serve time to the client, or the client's NTP source interface is incorrect.

27
MCQhard

A BGP speaker R1 is advertising a prefix 10.10.0.0/16 to its eBGP neighbor R2. R2 is also receiving the same prefix from another eBGP neighbor R3 with a lower local preference. R1 configuration: router bgp 100, neighbor 192.168.1.2 remote-as 200, neighbor 192.168.1.2 route-map SET-LP in. Route-map SET-LP sets local-preference 150. R2 shows: 'show ip bgp 10.10.0.0/16' shows two paths: one from R1 with local pref 150, and one from R3 with local pref 100. The best path is via R3. Why is the path from R1 not selected?

A.The route-map is applied inbound on R1, but it should be applied outbound to affect the local preference on routes sent to R2.
B.The local-preference value of 150 is not high enough; it should be at least 200 to override the path from R3.
C.R2 has a route-map that sets local preference to 100 for all routes, overriding the value set by R1.
D.The prefix 10.10.0.0/16 is not in the BGP table of R1 because it is not originated or learned.
AnswerA

Inbound route-maps affect routes received from the neighbor; outbound affects routes sent. To set local preference on routes advertised to R2, the route-map must be applied outbound.

Why this answer

The route-map SET-LP is applied in the inbound direction on R1, meaning it sets local preference on routes received from R2, not on routes sent to R2. R1 should apply the route-map outbound to affect the local preference on R2. Since the local preference is set incorrectly, R2 prefers the path from R3 due to lower local preference (100 vs 150, but note: higher local preference is preferred, so 150 should win; however, the issue is that the local preference is not being set on the advertised route, so R2 sees default local pref 100 from R1, and 150 from R3, so R3 wins).

The root cause is the route-map direction.

28
MCQmedium

Which EIGRP packet type is used to confirm receipt of an update during reliable transport?

A.Hello
B.Update
C.ACK
D.Query
AnswerC

Correct: ACK packets are sent to confirm reliable delivery of updates, queries, and replies.

Why this answer

EIGRP uses Reliable Transport Protocol (RTP). When a router receives an update, it sends an ACK packet (a hello packet with no data) to confirm receipt. ACKs are always sent unreliably (unicast).

29
Multi-Selecthard

Which THREE commands can be used to verify the current NTP synchronization status and configuration on a Cisco IOS router? (Choose THREE.)

Select 3 answers
A.show ntp status
B.show ntp associations
C.show ntp packets
D.show ntp statistics
E.show clock detail
AnswersA, B, D

Correct. This command displays the NTP synchronization status, including whether the clock is synchronized, the stratum level, and the reference clock.

Why this answer

The 'show ntp status' displays the clock synchronization state, stratum, and reference. The 'show ntp associations' shows configured NTP peers/servers and their reachability. The 'show ntp packets' is not a valid command.

The 'show ntp statistics' provides packet statistics. The 'show clock' shows the current time but not NTP details. The 'debug ntp packets' is a debug command, not a show command.

30
MCQmedium

A network engineer is troubleshooting a router that is not responding to ICMP echo requests from a management station at 10.10.10.1. The router has an ACL applied to the VTY lines that permits only 10.10.10.0/24. The engineer can telnet to the router from the management station. What is the most likely cause?

A.The VTY ACL also applies to ICMP traffic.
B.An inbound ACL on the interface denies ICMP from 10.10.10.1.
C.The router has 'no ip icmp echo' configured globally.
D.The management station is not in the routing table of the router.
AnswerB

Since Telnet works, the VTY ACL is not the issue; an interface ACL blocking ICMP is the likely cause.

Why this answer

Telnet is permitted by the VTY ACL, but ICMP is controlled by an interface ACL or the global 'ip icmp rate-limit' feature. The most likely cause is an inbound ACL on the interface that denies ICMP from the management station.

31
MCQhard

An engineer configures a BGP route reflector with two clients. One client advertises a prefix to the route reflector. The route reflector reflects the prefix to the other client, but the second client does not install it in its routing table. The second client has a lower administrative distance for the same prefix from another protocol. Which is the most likely explanation?

A.The second client has a route from another protocol (e.g., OSPF) with a lower administrative distance for the same prefix, so BGP route is not installed.
B.The route reflector does not set the next-hop-self, so the next-hop is unreachable from the second client.
C.The route reflector is not configured as a client on the second router.
D.The BGP synchronization rule is enabled and the prefix is not in the IGP.
AnswerA

Administrative distance is used to select the best route when multiple protocols provide the same prefix; a lower AD wins.

Why this answer

BGP route reflectors do not modify the path attributes, including the next-hop. If the next-hop is not reachable from the second client, the route will not be installed. However, a more subtle edge case is that the route reflector may reflect the route with the originator ID, but the client may have a route from another protocol with a lower AD, preventing the BGP route from being installed.

32
MCQhard

An MPLS network with routers R1, R2, and R3 is experiencing label distribution failures. R1 and R2 are LDP neighbors, but R2 shows: 'show mpls ldp neighbor' shows R1 in state OPERATIONAL, but 'show mpls forwarding-table' shows no labels for prefixes from R3. R3 is connected to R2 via a different interface. R2 configuration: mpls ip on both interfaces. R1 shows: 'show mpls ldp bindings' includes prefixes from R3. What is the root cause?

A.The interface between R2 and R3 is missing the 'mpls ip' command, preventing LDP from establishing a session and exchanging labels.
B.The LDP router ID on R2 is set to a loopback that is not reachable from R3.
C.R3 is using a different label distribution protocol, such as TDP.
D.The MPLS label range on R2 is exhausted, preventing new label bindings.
AnswerA

LDP must be enabled on each interface where label exchange is desired; without it, no session forms, and no labels are exchanged.

Why this answer

The issue is that LDP is working between R1 and R2, but R2 is not receiving labels for prefixes from R3. This could be due to LDP not being enabled on the link between R2 and R3, or a mismatch in LDP router IDs. The fact that R1 has bindings for R3's prefixes suggests that R3 is advertising them to R1, but R2 is not receiving them.

The root cause is likely that the LDP session between R2 and R3 is not established due to a missing 'mpls ip' on the interface or an LDP router ID issue.

33
MCQmedium

An engineer is troubleshooting a router that fails to write its running configuration to startup configuration using 'copy running-config startup-config'. The command returns 'Destination filename [startup-config]?' and then the prompt returns without error. 'show startup-config' shows an empty configuration. What is the most likely cause?

A.The router is configured to boot from a TFTP server using the 'boot host' command, and the TFTP server is unreachable or does not allow writes.
B.The NVRAM is full and the router cannot save the configuration.
C.The 'file prompt quiet' command is configured, suppressing prompts.
D.The router is running in ROMMON mode.
AnswerA

When 'boot host' points to a remote file, 'copy running-config startup-config' tries to write to that remote server; if it fails, the local startup-config remains empty.

Why this answer

The router may have insufficient space in NVRAM or the startup configuration file may be corrupted. However, a common issue is that the router is booting from a network server (TFTP) and the 'boot host' command points to a remote file, so 'copy running-config startup-config' attempts to write to the remote server but fails silently.

34
MCQhard

An EIGRP network with routers R1, R2, and R3 is experiencing frequent Stuck-in-Active (SIA) events for the prefix 172.16.1.0/24. R1 is the successor, R2 is the feasible successor. R3 is a query originator. 'show ip eigrp topology 172.16.1.0/24' on R1 shows the route in active state. 'show ip eigrp interfaces' on R2 shows the link to R3 is up but with high packet loss. What is the root cause?

A.High packet loss on the link between R2 and R3 causes EIGRP queries or replies to be dropped, leading to SIA.
B.R3 has a route summarization that causes the query to be sent to the Null0 interface.
C.The EIGRP active timer is set too low on R1, causing premature SIA.
D.R2 has a distribute-list that filters the prefix, preventing the reply from being sent.
AnswerA

EIGRP relies on reliable transport; packet loss can cause queries to remain unanswered, triggering SIA after the active timer expires.

Why this answer

The SIA condition occurs when a query is sent to neighbors and the reply is not received within the active timer. High packet loss on the link between R2 and R3 causes queries or replies to be lost, leading to the route staying active. The root cause is the unreliable link causing query/reply loss.

The fix is to improve the link reliability or adjust EIGRP timers.

35
MCQmedium

A network engineer runs the following command on Router R1: R1# show mpls ldp neighbor Peer LDP Ident: 192.168.1.2:0, Local LDP Ident: 192.168.0.1:0 TCP connection: 192.168.1.2.646 - 192.168.0.1.49876 State: Oper; Msgs sent/rcvd: 100/105; Downstream on demand Up time: 00:10:30 LDP discovery sources: GigabitEthernet0/0, Src IP addr: 192.168.1.2 Addresses bound to peer LDP Ident: 192.168.1.2 10.1.1.2 Based on this output, what is the state of the LDP session?

A.The LDP session is down due to a TCP connection issue.
B.The LDP session is operational and exchanging label information.
C.The LDP session is in the process of being established.
D.The LDP session is using downstream on demand mode, which is a problem.
AnswerB

State Oper indicates the session is up and running.

Why this answer

The output shows the LDP session state as 'Oper' (Operational), with messages exchanged and an uptime. This indicates the session is established and functioning correctly.

36
MCQhard

A network engineer runs the following command on Router R1: R1# show policy-map control-plane Control Plane Service-policy input: CoPP class-map: MANAGEMENT (match-all) 100 packets, 5000 bytes 5 minute offered rate 0 bps police: 8000 bps, 1500 limit, 1500 extended limit conformed 95 packets, 4750 bytes; action: transmit exceeded 5 packets, 250 bytes; action: drop conformed 0 bps, exceed 0 bps class-map: ROUTING (match-all) 200 packets, 10000 bytes 5 minute offered rate 0 bps police: 16000 bps, 3000 limit, 3000 extended limit conformed 200 packets, 10000 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps Based on this output, what is happening to traffic matching the MANAGEMENT class?

A.All management traffic is being transmitted without any drops.
B.Some management traffic is being dropped because it exceeds the configured police rate.
C.The management traffic is being rate-limited but no packets are dropped.
D.The police rate is too high, causing all traffic to be dropped.
AnswerB

The exceeded counter shows 5 packets dropped.

Why this answer

The output shows that for the MANAGEMENT class, 100 packets were offered, 95 conformed and were transmitted, but 5 exceeded the police rate and were dropped. This indicates some management traffic is being dropped due to policing.

37
MCQmedium

A network engineer runs the following command to troubleshoot Control Plane Policing (CoPP): R1# show policy-map control-plane input class class-default Class-map: class-default (match-any) 140091 packets, 12345678 bytes 5 minute offered rate 1000 bps, drop rate 0 bps Match: any police: cir 8000 bps, bc 1500 bytes conformed 140091 packets, 12345678 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop What does this output indicate?

A.CoPP is dropping all traffic to the control plane.
B.CoPP is rate-limiting traffic to 8000 bps and not dropping any packets.
C.CoPP is not configured; the class-default shows no action.
D.CoPP is dropping packets due to exceeding the rate.
AnswerB

The police cir is 8000 bps, and all packets conform, so they are transmitted.

Why this answer

The output shows that the CoPP policy on the control-plane input class-default is policing traffic to 8000 bps. All packets are conforming and being transmitted, with no drops.

38
MCQmedium

A network engineer runs the following command on Router R1: R1# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 192.168.1.2 1 FULL/DR 00:00:35 192.168.1.2 Gi0/0 192.168.2.2 1 2WAY/DROTHER 00:00:38 192.168.2.2 Gi0/1 10.10.10.2 1 FULL/BDR 00:00:32 10.10.10.2 Gi0/2 Based on this output, what is a potential issue?

A.Neighbor 192.168.2.2 is stuck in 2WAY state, indicating a problem.
B.The DR election is incomplete on Gi0/0.
C.All OSPF neighbors are in appropriate states for their roles.
D.Neighbor 10.10.10.2 should be in FULL/DR state.
AnswerC

Each neighbor is in the correct state based on its role (DR, BDR, DROTHER).

Why this answer

On interface Gi0/1, the neighbor is in 2WAY/DROTHER state, which is normal for a non-DR/BDR router on a multi-access network. However, the question asks for a potential issue; the output itself shows no problem. The correct answer is that all neighbors are in expected states.

39
MCQeasy

A network engineer runs the following command on Router R1: R1# show route-map TEST route-map TEST, permit, sequence 10 Match clauses: ip address (access-lists): 10 Set clauses: metric 50 route-map TEST, deny, sequence 20 Match clauses: ip address (access-lists): 20 Set clauses: Based on this output, what is the effect of this route-map when applied to a redistribution command?

A.All routes are redistributed with metric 50.
B.Routes matching ACL 10 are redistributed with metric 50; routes matching ACL 20 are denied; all other routes are also denied.
C.Routes matching ACL 20 are redistributed with default metric.
D.The route-map has no effect because set clauses are missing in sequence 20.
AnswerB

This matches the route-map logic.

Why this answer

The route-map has two sequences: sequence 10 permits routes matching ACL 10 and sets metric to 50; sequence 20 denies routes matching ACL 20. Routes not matching any sequence are implicitly denied. The correct answer is that routes matching ACL 10 are redistributed with metric 50, those matching ACL 20 are not redistributed, and all others are also not redistributed.

40
MCQhard

An engineer configures EIGRP named mode on two routers in the same AS. One router uses classic mode configuration. The routers fail to form an adjacency. Which is the most likely explanation?

A.Named mode and classic mode are incompatible and cannot form an adjacency under any circumstances.
B.The K values must match exactly, but named mode defaults to different K values than classic mode.
C.Named mode requires authentication, while classic mode does not.
D.The routers must be in the same autonomous system number, but named mode uses a different AS number format.
AnswerA

EIGRP named mode and classic mode use different packet structures and metric computation; they are not interoperable for adjacency formation.

Why this answer

EIGRP named mode and classic mode use different packet formats and K-value handling. Named mode defaults to 'k1 1 k2 0 k3 1 k4 0 k5 0' with wide metrics, while classic mode uses the same K values but metric computation differs. The adjacency fails because the routers cannot agree on the metric computation method, even if K values match.

41
MCQmedium

Consider the following partial configuration on router R4: interface GigabitEthernet0/0 ip address 192.168.2.1 255.255.255.0 ipv6 address 2001:db8:1::1/64 ipv6 ospf 1 area 0 ! interface GigabitEthernet0/1 ip address 10.0.0.1 255.255.255.0 ipv6 address 2001:db8:2::1/64 ipv6 ospf 1 area 0 ! ipv6 router ospf 1 router-id 4.4.4.4 What is the effect of this configuration?

A.OSPFv3 will not form adjacencies because the router-id must be an IPv6 address.
B.OSPFv3 will only form adjacency on GigabitEthernet0/0 because the router-id is not configured under the interface.
C.OSPFv3 will form adjacencies on both interfaces as intended because the router-id is correctly set and OSPFv3 is enabled on each interface.
D.OSPFv3 will not form any adjacency because the network type is not specified.
AnswerC

The configuration is correct: router-id is set, interfaces are enabled for OSPFv3 in area 0. OSPFv3 will operate normally.

Why this answer

The configuration enables OSPFv3 on both interfaces using the ipv6 ospf command. However, OSPFv3 requires a router-id to be set; here it is set to 4.4.4.4. Without a router-id, OSPFv3 will not start.

The configuration is valid and OSPFv3 will form adjacencies on both interfaces.

42
MCQeasy

What is the default OSPF dead interval on a point-to-point network when the hello interval is set to 10 seconds?

A.10 seconds
B.20 seconds
C.30 seconds
D.40 seconds
AnswerD

Correct: OSPF dead interval defaults to 4 times the hello interval (4 x 10 = 40 seconds).

Why this answer

By default, the OSPF dead interval is four times the hello interval. On point-to-point networks, the default hello interval is 10 seconds, so the dead interval is 40 seconds.

43
MCQhard

What is the default OSPF network type for a serial interface configured with HDLC encapsulation on Cisco routers?

A.Broadcast
B.Non-broadcast (NBMA)
C.Point-to-point
D.Point-to-multipoint
AnswerC

Correct: Serial HDLC defaults to point-to-point, enabling faster convergence without DR/BDR election.

Why this answer

By default, Cisco IOS sets serial interfaces with HDLC or PPP encapsulation to OSPF network type point-to-point. This is because these encapsulations typically indicate a direct link between two routers.

44
MCQhard

A VRF-aware network has VRF BLUE on routers R1 and R2. Routes are leaked between VRF BLUE and the global table on R1 using route-replicate. R2 shows: 'show ip route vrf BLUE' includes a route 10.10.10.0/24 learned via OSPF, but 'show ip route' (global) on R1 does not include this route. R1 configuration: ip vrf BLUE, rd 100:1, route-target export 100:1, route-target import 100:1, and 'route-replicate from vrf BLUE to global unicast 10.10.10.0 255.255.255.0'. What is the root cause?

A.The 'route-replicate' command is not configured under the VRF, so it does not take effect; it must be placed under 'ip vrf BLUE'.
B.The OSPF route in VRF BLUE has a tag that prevents it from being leaked.
C.The route 10.10.10.0/24 is not in the VRF BLUE table on R1 because it is learned via R2.
D.The route-replicate command requires a route-map to specify the prefix, but none is provided.
AnswerA

The route-replicate command is a subcommand of the VRF configuration; if entered in global configuration mode, it is ignored or causes an error.

Why this answer

The route-replicate command is used to leak routes from VRF to global table. However, the command syntax requires a route-map or specific prefix to be matched. The configuration shown uses a prefix list implicitly, but the route-replicate command may not be correctly applied under the VRF or may require a route-map.

Additionally, the route must be in the VRF table to be replicated. The root cause is that the route-replicate command is misconfigured; it should be under the VRF configuration, not as a standalone command.

45
Multi-Selecthard

An engineer must configure a Cisco IOS router to log messages to a syslog server at 192.168.1.100 with a severity level of 3 (errors) and above, while also ensuring that console messages are limited to severity 5 (notifications) and above. Which TWO configuration changes are required? (Choose TWO.)

Select 2 answers
A.Configure 'logging host 192.168.1.100' and 'logging trap errors'.
B.Configure 'logging console debugging' to ensure all messages are seen on console.
C.Configure 'logging console notifications'.
D.Configure 'logging buffered errors' to store logs locally.
E.Configure 'logging source-interface Loopback0' to use a specific source IP.
AnswersA, C

Correct. 'logging host 192.168.1.100' specifies the syslog server, and 'logging trap errors' sets the global trap severity to errors (level 3), so messages of severity 3 and higher are sent.

Why this answer

The 'logging host' command specifies the syslog server and optionally the severity level. The 'logging console' command sets the console logging level. The 'logging trap' command sets the severity for syslog server messages, but when using 'logging host' with a level, it overrides the global trap level for that host.

The 'logging buffered' command affects buffer logging, not console or syslog. The 'logging source-interface' sets the source IP but does not affect severity.

46
MCQhard

A large enterprise network is experiencing intermittent loss of reachability to a loopback interface on Router R2 from Router R1. R1 has the following relevant configuration: router eigrp 100, network 10.0.0.0 0.255.255.255, summary-address 10.0.0.0 255.255.252.0 5. R2 shows: 'show ip eigrp topology all-links' includes 10.0.0.0/22 as a summary route via Null0, but the specific /32 loopback 10.0.1.1 is not in the topology table. What is the root cause?

A.The summary-address command uses an administrative distance of 5, which is lower than the default EIGRP internal distance of 90, causing the summary to override the specific /32 route.
B.The network statement on R1 does not include the loopback interface of R2, preventing the route from being advertised.
C.The summary-address command is misconfigured; the mask should be 255.255.255.252 instead of 255.255.252.0.
D.R2 is not configured with EIGRP, so it cannot receive the route from R1.
AnswerA

The summary route with distance 5 is installed in the routing table, and EIGRP does not install the more specific route because the summary is already present with a better distance.

Why this answer

The summary-address command on R1 creates a local summary route to Null0, but the administrative distance of 5 (default for EIGRP summary) causes the summary to be preferred over more specific routes learned from neighbors. The specific /32 is suppressed because the summary is installed in the routing table with a better distance, blocking the more specific route from being installed. The fix is to adjust the summary distance or not summarize.

47
MCQhard

A network engineer runs the following command to troubleshoot an MPLS LDP issue: R1# debug mpls ldp transport LDP: Transport connection to 2.2.2.2:0 via TCP (passive) LDP: Connection from 2.2.2.2:0 to 1.1.1.1:646 LDP: Transport connection to 2.2.2.2:0 via TCP (active) LDP: Connection from 1.1.1.1:646 to 2.2.2.2:0 LDP: Hold timer expired for peer 2.2.2.2:0 LDP: Closing transport connection to 2.2.2.2:0 What does this output indicate?

A.LDP session is established and stable.
B.LDP session is flapping due to hold timer expiration.
C.LDP session is down because of authentication failure.
D.LDP session is down because of a transport address mismatch.
AnswerB

The hold timer expires, causing the session to close, which suggests flapping.

Why this answer

The debug shows that the LDP transport connection to peer 2.2.2.2 is established but then the hold timer expires, causing the connection to close. This indicates a problem with LDP keepalive or session maintenance.

48
MCQhard

An engineer configures Control Plane Policing (CoPP) on a router to protect the control plane. After applying the policy, OSPF adjacencies go down. The policy includes a class that matches OSPF traffic with a police rate of 1000 pps. Which is the most likely explanation?

A.The OSPF traffic is matched by class-default, which has a low police rate or is set to drop, causing hello packets to be dropped.
B.The police rate of 1000 pps is too low for OSPF hello packets.
C.CoPP only applies to management traffic, not routing protocols.
D.The OSPF process is not configured to use the control plane policy.
AnswerA

If OSPF is not explicitly matched in a higher class, it falls to class-default, which may have a restrictive policy.

Why this answer

CoPP applies to traffic destined to the control plane. If the police rate is too low, legitimate OSPF hello packets may be dropped. However, a more subtle edge case is that the default class (class-default) may have an explicit deny or very low rate, causing all unmatched traffic to be dropped, including OSPF if not explicitly matched.

49
Multi-Selecthard

Which TWO configuration steps are required to enable NETCONF over SSH on a Cisco IOS-XE device? (Choose TWO.)

Select 2 answers
A.Configure 'netconf-yang' under the 'router' configuration mode.
B.Issue the command 'netconf ssh' in global configuration mode.
C.Enable the 'netconf-yang' feature using the command 'netconf-yang' in global configuration mode.
D.Configure 'ip ssh version 2' to ensure SSH is available.
E.Issue the command 'netconf' in global configuration mode.
AnswersB, C

This command enables the NETCONF SSH subsystem.

Why this answer

NETCONF over SSH requires the 'netconf-yang' feature to be enabled globally and the 'netconf ssh' command to activate the NETCONF SSH subsystem. The 'ip ssh' commands are for general SSH configuration, not NETCONF-specific. The 'netconf' command alone does not specify the transport.

50
MCQhard

A network engineer is troubleshooting a router that has been running for 200 days. The router experiences a sudden reboot, and after reload, the configuration is missing. 'show startup-config' returns 'startup-config is not present'. The engineer checks the boot variable: 'boot system flash:ios-image.bin'. What is the most likely cause of the configuration loss?

A.The router's NVRAM has a hardware failure and lost the configuration.
B.The engineer did not execute 'copy running-config startup-config' before the reboot.
C.The 'boot system' command points to a TFTP server that also contains a configuration file, overwriting the local startup-config.
D.The router's configuration register is set to 0x2142, ignoring startup-config.
AnswerB

The router had been running for 200 days without a save; after reload, the running-config is lost, and startup-config is empty because it was never saved.

Why this answer

The router likely has a corrupt NVRAM or the startup configuration was never saved. However, the key clue is that the router has been running for 200 days without a save, and the 'copy running-config startup-config' was not performed, so the startup-config is empty or missing.

51
MCQmedium

Which BGP attribute is considered the highest priority (most preferred) in the BGP best path selection process?

A.Local preference
B.AS path length
C.Weight
D.MED
AnswerC

Weight is the first attribute checked in the BGP best path selection process (Cisco-specific).

Why this answer

BGP best path selection considers many attributes in order. The highest priority (first checked) is the weight attribute (Cisco proprietary), followed by local preference, locally originated routes, AS path length, origin type, MED, etc.

52
MCQhard

A network engineer runs the following command to troubleshoot IPsec IKE phase 1: R1# debug crypto isakmp ISAKMP: (0:0:N/A:0) Starting aggressive mode exchange ISAKMP: (0:0:N/A:0) processing SA payload ISAKMP: (0:0:N/A:0) Checking ISAKMP transform 1 against priority 1 policy ISAKMP: (0:0:N/A:0) encryption 3DES ISAKMP: (0:0:N/A:0) hash SHA ISAKMP: (0:0:N/A:0) group 2 ISAKMP: (0:0:N/A:0) auth pre-share ISAKMP: (0:0:N/A:0) life type in seconds ISAKMP: (0:0:N/A:0) life duration (basic) of 86400 ISAKMP: (0:0:N/A:0) atts are not acceptable What does this output indicate?

A.IKE phase 1 is successful; the transform set is accepted.
B.IKE phase 1 fails due to transform set mismatch.
C.IKE phase 1 fails due to authentication failure.
D.IKE phase 1 fails due to lifetime mismatch.
AnswerB

The attributes are not acceptable, indicating a mismatch.

Why this answer

The debug shows that during IKE phase 1, the router checks the received transform set but finds the attributes not acceptable. This indicates a mismatch in IKE policies between peers.

53
MCQeasy

Which EIGRP metric component is disabled by default?

A.Bandwidth
B.Delay
C.Reliability
D.MTU
AnswerC

Reliability is disabled by default (K2=0).

Why this answer

EIGRP uses a composite metric based on bandwidth, delay, reliability, load, and MTU. By default, only bandwidth and delay are used; reliability and load are disabled (their K values are set to 0).

54
Multi-Selecthard

Which TWO actions will prevent a Cisco IOS router from responding to ICMP echo requests on an interface? (Choose TWO.)

Select 2 answers
A.Configure 'no ip unreachables' on the interface.
B.Apply an inbound access-list on the interface that denies ICMP echo requests.
C.Configure 'no ip redirects' on the interface.
D.Configure 'no ip proxy-arp' on the interface.
E.Configure 'ip icmp echo-reply disable' globally.
AnswersB, E

Correct. An inbound access-list that denies ICMP echo (type 8) will drop incoming ping requests, preventing the router from responding.

Why this answer

The 'no ip unreachables' command disables ICMP unreachable messages but does not affect echo replies. The 'no ip redirects' disables ICMP redirects. The 'no ip proxy-arp' disables proxy ARP.

The 'access-group' with a deny rule for ICMP echo can block the replies. The 'ip icmp echo-reply disable' global command disables all ICMP echo replies. The 'ip access-group' applied outbound on the interface would affect traffic leaving, not incoming echo requests.

55
MCQmedium

Given the following partial configuration on router R1: router eigrp 100 network 10.0.0.0 0.255.255.255 network 192.168.1.0 0.0.0.255 ! interface GigabitEthernet0/0 ip address 10.1.1.1 255.255.255.0 ! interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.0 ! interface GigabitEthernet0/2 ip address 172.16.1.1 255.255.255.0 What is the effect of this configuration?

A.EIGRP will form adjacencies and advertise all three interfaces because the network statements use classful boundaries.
B.EIGRP will only advertise the 10.1.1.0/24 and 192.168.1.0/24 networks; the 172.16.1.0/24 network will not be advertised and no EIGRP adjacency will be formed on that interface.
C.EIGRP will advertise all three networks because the network 10.0.0.0 command includes all interfaces with an IP starting with 1, 172, or 192.
D.EIGRP will not form any adjacencies because the network statements must use exact subnet masks instead of wildcard masks.
AnswerB

Only interfaces matching the network statements are enabled for EIGRP. 172.16.1.0/24 does not match 10.0.0.0 or 192.168.1.0, so it is excluded.

Why this answer

The EIGRP configuration uses classful network statements with wildcard masks. The network 172.16.1.0/24 is not included in any network statement, so EIGRP will not advertise or form adjacencies on that interface.

56
MCQmedium

A network engineer runs the following command to troubleshoot an EIGRP issue: R1# debug eigrp packets EIGRP: Received HELLO on GigabitEthernet0/0 nbr 10.1.1.2 AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 EIGRP: Sending HELLO on GigabitEthernet0/0 AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 EIGRP: Received UPDATE on GigabitEthernet0/0 nbr 10.1.1.2 AS 100, Flags 0x1, Seq 1/0 idbQ 0/0 iidbQ un/rely 0/0 EIGRP: Sending UPDATE on GigabitEthernet0/0 nbr 10.1.1.2 AS 100, Flags 0x1, Seq 2/1 idbQ 0/0 iidbQ un/rely 0/0 What does this output indicate?

A.EIGRP adjacency is forming and routes are being exchanged successfully.
B.EIGRP adjacency is stuck in INIT state because no hello packets are received.
C.EIGRP is experiencing authentication failures.
D.EIGRP is only sending hellos but not receiving updates.
AnswerA

The debug shows HELLO and UPDATE packets with proper sequence numbers, confirming adjacency and route exchange.

Why this answer

The debug output shows normal EIGRP hello and update packet exchange between neighbors. The sequence numbers increment properly, indicating adjacency is established and routes are being exchanged without errors.

57
MCQmedium

A network engineer runs the following command on Router R1: R1# show bgp ipv4 unicast summary BGP router identifier 192.168.0.1, local AS number 65001 BGP table version is 10, main routing table version 10 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1.2 4 65002 1002 1000 10 0 0 00:15:30 5 192.168.2.2 4 65003 1005 1003 10 0 0 00:14:20 3 10.10.10.2 4 65004 0 0 0 0 0 00:00:05 Idle Based on this output, what is the problem with neighbor 10.10.10.2?

A.The neighbor is administratively shut down.
B.The BGP session is not established; possible misconfiguration or reachability issue.
C.The neighbor is in the process of establishing the session.
D.The neighbor has sent all its prefixes and is waiting for updates.
AnswerB

Idle state with no messages indicates the session is down.

Why this answer

Neighbor 10.10.10.2 is in Idle state, with very few messages exchanged (0 MsgRcvd, 0 MsgSent) and a short uptime (5 seconds). This indicates the BGP session is not established, likely due to a configuration issue or connectivity problem.

58
MCQhard

An engineer configures iBGP between two routers in the same AS. The BGP table shows the prefix, but it is not installed in the routing table. The IGP does not carry the prefix. Which is the most likely explanation?

A.The BGP synchronization rule is enabled, and the prefix is not in the IGP, so BGP does not install the route.
B.The next-hop is unreachable because of a missing static route.
C.The BGP route is filtered by an inbound route-map.
D.The maximum-paths limit is exceeded.
AnswerA

Synchronization requires that the prefix be reachable via IGP before BGP installs it; if not, the route remains in the BGP table but not the routing table.

Why this answer

BGP synchronization rule (default enabled in older IOS versions) requires that the prefix must be present in the IGP before it is installed in the routing table. If the IGP does not carry the prefix, BGP will not install it even if learned via iBGP. This edge case often surprises engineers who assume iBGP routes are always installed.

59
MCQmedium

Which OSPF LSA type is used to describe a default route injected into a regular area by an Area Border Router (ABR)?

A.Type 1 (Router LSA)
B.Type 2 (Network LSA)
C.Type 3 (Summary LSA)
D.Type 5 (AS-External LSA)
AnswerC

Correct: ABRs use Type 3 LSAs to advertise inter-area routes, including default routes.

Why this answer

Type 3 LSAs are summary LSAs generated by ABRs to advertise networks from one area to another. When an ABR injects a default route into a regular area, it uses a Type 3 LSA with a destination of 0.0.0.0.

60
MCQmedium

An engineer is troubleshooting a router that is not sending syslog messages to the syslog server at 192.168.1.10. The configuration includes 'logging host 192.168.1.10' and 'logging trap informational'. The engineer can ping the syslog server from the router. 'show logging' shows that the logging buffer is filling with messages. What is the most likely cause?

A.The syslog server is not listening on UDP port 514.
B.The 'logging source-interface' command is missing, causing syslog messages to use an incorrect source IP.
C.The 'logging on' command is not configured.
D.The syslog server's IP address is incorrect in the configuration.
AnswerB

Without 'logging source-interface', the router uses the IP of the egress interface, which may not be reachable from the syslog server or may be filtered.

Why this answer

The router has logging to a remote host configured, but the 'logging source-interface' is missing, so syslog messages are sourced from the outgoing interface IP, which may not be reachable or may be filtered by the server.

61
MCQhard

Two routers R1 and R2 are connected via a FastEthernet link. OSPF is configured on both with network type broadcast. R1 shows: 'show ip ospf neighbor' lists R2 as FULL/DR. R2 shows: 'show ip ospf neighbor' lists R1 as FULL/BDR. However, pings between loopback interfaces on R1 and R2 fail intermittently. 'show ip route' on R1 shows the loopback of R2 as reachable via OSPF, but 'show ip ospf interface' on R1 shows the link as point-to-point. What is the root cause?

A.One router has 'ip ospf network point-to-point' configured, while the other uses the default broadcast, causing a mismatch in the network type.
B.The FastEthernet interface is operating at half-duplex, causing packet loss.
C.OSPF hello and dead timers are mismatched, preventing adjacency formation.
D.The MTU on the link is mismatched, causing OSPF packets to be dropped.
AnswerA

A network type mismatch prevents proper OSPF operation; broadcast expects DR/BDR election, while point-to-point does not, leading to inconsistent neighbor states and potential forwarding issues.

Why this answer

The 'show ip ospf interface' output indicating point-to-point suggests that the interface has been manually configured as OSPF network type point-to-point, but the neighbor state shows DR/BDR election, which is inconsistent. This mismatch causes OSPF to form adjacency but with incorrect forwarding behavior. The actual configuration likely has 'ip ospf network point-to-point' on one router but not the other, leading to a mismatch.

The fix is to ensure consistent network type.

62
MCQmedium

Which BGP attribute is used as the first tie-breaker when multiple paths are available for the same prefix, assuming default settings?

A.Local preference
B.AS-path length
C.Weight
D.MED (Multi-Exit Discriminator)
AnswerC

Correct: Weight is checked first in the BGP path selection process.

Why this answer

The BGP best-path selection process uses the highest weight (Cisco proprietary) as the first tie-breaker. Weight is locally significant and defaults to 0 for routes learned from peers.

63
MCQmedium

A network engineer is troubleshooting a router that is not responding to SNMP polls from the NMS at 10.1.1.100. The SNMP configuration includes 'snmp-server community public RO' and 'snmp-server community private RW'. The engineer can ping the router from the NMS. 'show snmp' shows SNMP is enabled. What is the most likely cause?

A.The NMS is using the wrong SNMP version.
B.An ACL is applied to the SNMP community that denies the NMS IP.
C.The router's SNMP agent is disabled due to high CPU.
D.The NMS is using the wrong community string.
AnswerB

The configuration may include 'snmp-server community public RO 10', where ACL 10 denies the NMS; this is a common misconfiguration.

Why this answer

The router has SNMP communities configured, but an ACL may be applied to the community that restricts access. The most common issue is an access-list applied to the community string that does not permit the NMS IP.

64
Multi-Selecthard

Which TWO statements about SNMPv3 configuration on Cisco IOS XE are true? (Choose TWO.)

Select 2 answers
A.The 'snmp-server group' command creates a group and assigns a username to it.
B.The 'snmp-server user' command can specify an authentication and privacy password for a user.
C.The engine ID is automatically generated and cannot be manually configured.
D.The 'snmp-server host' command for SNMPv3 requires a username to be specified when sending traps or informs.
E.SNMPv3 supports only the authPriv security level.
AnswersB, D

Correct. The 'snmp-server user' command allows configuration of authentication (MD5/SHA) and privacy (DES/AES) passwords for SNMPv3 users.

Why this answer

SNMPv3 supports both noAuthNoPriv and authPriv security levels. The engine ID is automatically generated based on the router's MAC address but can be manually configured. The 'snmp-server group' command does not directly specify the username; it creates a group that users belong to.

The 'snmp-server user' command requires the engine ID to be specified if the remote engine ID is known, but for local users it uses the local engine ID. The 'snmp-server host' command can specify a username for SNMPv3 informs, but the default for traps is to use the community string for SNMPv1/v2c.

65
MCQhard

Which loop prevention mechanism does RIP use to avoid routing loops?

A.TTL expiration in IP header
B.Maximum hop count of 15
C.DUAL algorithm
D.LSA aging
AnswerB

Correct: RIP limits the hop count to 15; 16 means unreachable, preventing loops by discarding routes beyond the limit.

Why this answer

RIP uses multiple loop prevention mechanisms, including maximum hop count (15), split horizon, route poisoning, and hold-down timers. The maximum hop count of 15 (with 16 considered infinite) is a fundamental loop prevention method.

66
MCQhard

An engineer configures a DMVPN Phase 2 network. Spoke-to-spoke tunnels do not form, even though NHRP registration is successful. Which is the most likely explanation?

A.The spoke routers do not have a route to each other's tunnel IP via the hub, so the NHRP shortcut request fails.
B.The NHRP authentication key is mismatched between spokes.
C.The mGRE interface is configured with tunnel mode gre multipoint on the spokes.
D.The hub is not configured with 'ip nhrp redirect' and the spokes with 'ip nhrp shortcut'.
AnswerA

Phase 2 requires that the spoke's routing table points to the hub for the remote spoke's tunnel IP; otherwise, the shortcut cannot be established.

Why this answer

In DMVPN Phase 2, spoke-to-spoke tunnels require that the spoke routers have a route to each other's tunnel IP via the hub. Phase 2 uses NHRP redirect and shortcut, but the spoke must have a route pointing to the hub for the destination network. If the spoke's routing table does not have a route to the remote spoke's tunnel IP via the hub, the shortcut will not be triggered.

67
MCQhard

Network management traffic from a monitoring server to routers R1, R2, and R3 is being blocked intermittently. The monitoring server uses SNMP and SSH. R1 configuration: access-list 100 permit udp any any eq snmp, access-list 100 permit tcp any any eq 22, access-list 100 deny ip any any, and 'ip access-group 100 in' on the management interface. R2 shows: 'show snmp' indicates SNMP is enabled. R3 shows: 'show ssh' indicates SSH is enabled. The monitoring server can reach R1 but not R2 or R3. What is the root cause?

A.The ACL permits only SNMP and SSH, but blocks other necessary traffic such as ICMP and routing protocol packets, preventing the monitoring server from reaching R2 and R3.
B.The ACL is applied in the wrong direction; it should be applied outbound to allow traffic from the management interface.
C.SNMP and SSH are not enabled on R2 and R3.
D.The monitoring server is not in the same subnet as the management interface, so routing is required but blocked by the ACL.
AnswerA

The implicit deny at the end of the ACL blocks all traffic not explicitly permitted, including ICMP echo requests and routing updates, which are needed for end-to-end connectivity.

Why this answer

The ACL on R1 is applied inbound on the management interface, which filters traffic coming into R1. However, for traffic to reach R2 and R3, it must traverse R1. The ACL permits SNMP and SSH to any destination, but the implicit deny at the end blocks other traffic, including routing protocols or ICMP needed for reachability.

Additionally, the ACL may be blocking return traffic if not applied correctly. The root cause is that the ACL is too restrictive, blocking necessary control plane traffic.

68
MCQmedium

A network engineer runs the following command on Router R1: R1# show flow interface GigabitEthernet0/0 Interface GigabitEthernet0/0 FNF: enabled Ingress IPV4/IPV6 flow monitoring: enabled Exporter: EXPORTER1 Monitor: MONITOR1 Egress IPV4/IPV6 flow monitoring: disabled Ingress MPLS flow monitoring: disabled Egress MPLS flow monitoring: disabled Based on this output, what is the state of NetFlow on this interface?

A.NetFlow is fully enabled for both ingress and egress traffic.
B.NetFlow is only monitoring incoming traffic on this interface.
C.NetFlow is not configured on this interface.
D.NetFlow is only monitoring MPLS traffic.
AnswerB

Ingress is enabled, egress is disabled.

Why this answer

The output shows that NetFlow is enabled on the interface for ingress IPV4/IPV6 traffic, with an exporter and monitor configured. Egress monitoring is disabled. This indicates NetFlow is collecting data on incoming traffic.

69
MCQhard

An engineer configures IPsec between two routers using transform-set esp-aes 256 esp-sha-hmac. The tunnel fails to establish. Debug shows 'transform set proposal mismatch'. Which is the most likely explanation?

A.The other router uses 'esp-aes' without specifying the key length, defaulting to 128-bit, causing a mismatch.
B.The transform-set uses SHA-1, which is not supported by the other router.
C.The IPsec proposal includes both esp-aes and esp-3des, causing confusion.
D.The transform-set is missing the authentication header.
AnswerA

If one side specifies 256-bit and the other defaults to 128-bit, the transform sets do not match.

Why this answer

The transform-set must match exactly on both ends, including the encryption and hash algorithms. A common edge case is that one side uses 'esp-aes 256' while the other uses 'esp-aes', which defaults to 128-bit. The mismatch causes the proposal to be rejected.

70
MCQhard

An engineer configures OSPF on two directly connected routers with MTU 1500 on one interface and MTU 1600 on the other. The OSPF adjacency remains stuck in EXSTART/EXCHANGE state. Which is the most likely explanation?

A.The larger MTU interface sends DBD packets that are too big for the smaller MTU interface, preventing the exchange of LSAs.
B.OSPF uses TCP, and the MSS mismatch causes the adjacency to fail.
C.The MTU mismatch causes a routing loop that prevents the exchange of hello packets.
D.The router with the smaller MTU will not send hello packets because it detects the mismatch.
AnswerA

OSPF DBD packets are limited by the outgoing interface MTU; a mismatch causes the smaller MTU router to drop the packets, stalling the adjacency.

Why this answer

OSPF uses the interface MTU in the Database Description (DBD) packets. If the MTU values differ, the receiving router will reject DBD packets larger than its own MTU, causing the adjacency to stall in EXSTART/EXCHANGE. This is a common edge case because many engineers assume OSPF will negotiate MTU automatically.

71
MCQeasy

Which statement correctly describes the default behavior of EIGRP auto-summary on Cisco IOS-XE?

A.Auto-summary is enabled by default, summarizing classful boundaries.
B.Auto-summary is disabled by default, so subnets are advertised without summarization.
C.Auto-summary is enabled only for EIGRP named mode configurations.
D.Auto-summary is disabled by default, but only for IPv6 EIGRP.
AnswerB

Correct: In IOS-XE, auto-summary is off by default, preventing unwanted classful summarization.

Why this answer

In modern Cisco IOS-XE releases (15.x and later), EIGRP auto-summary is disabled by default. This changed from older IOS versions where auto-summary was enabled by default.

72
Multi-Selecthard

Which TWO statements about the 'ip domain-lookup' and DNS configuration on a Cisco IOS router are true? (Choose TWO.)

Select 2 answers
A.The 'ip domain-lookup' command is disabled by default on Cisco IOS routers.
B.The 'ip name-server' command can specify up to six DNS servers.
C.The 'ip domain-list' command adds a domain suffix to the search list for DNS queries.
D.The 'ip host' command creates a dynamic DNS entry that can be overwritten by a DNS server.
E.The 'show hosts' command displays only statically configured host entries.
AnswersB, C

Correct. The 'ip name-server' command allows configuring up to six DNS server addresses. The router will query them in order.

Why this answer

The 'ip domain-lookup' command enables DNS resolution; it is enabled by default. The 'ip name-server' command specifies DNS servers. The 'ip domain-list' command adds a domain suffix to be appended to unqualified names.

The 'ip host' command creates a static host entry. The 'show hosts' command displays both static and dynamically learned DNS entries. The 'ip domain-lookup' must be enabled for dynamic DNS resolution to work.

73
MCQmedium

A network engineer runs the following command to troubleshoot an OSPF adjacency issue: R1# debug ip ospf adj OSPF: Interface GigabitEthernet0/0 going Up OSPF: Send with youngest orig age 0 OSPF: Rcv DBD from 2.2.2.2 seq 0x1A opt 0x52 flag 0x7 len 32 mtu 1500 state INIT OSPF: First DBD and we are not SLAVE OSPF: Rcv DBD from 2.2.2.2 seq 0x1A opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART OSPF: Nbr 2.2.2.2 has larger interface MTU What does this output indicate?

A.OSPF adjacency is forming correctly, moving to FULL state.
B.OSPF adjacency is stuck due to MTU mismatch; the neighbor has a larger MTU.
C.OSPF adjacency is stuck because the router is not the DR/BDR.
D.OSPF adjacency is stuck due to authentication mismatch.
AnswerB

The debug explicitly states 'Nbr has larger interface MTU', which blocks adjacency.

Why this answer

The debug shows that the OSPF neighbor has a larger interface MTU, which prevents the adjacency from forming. OSPF requires matching MTU values on the link.

74
MCQhard

A DMVPN network with hub R1 and spokes R2 and R3 is configured with mGRE and NHRP. Spoke-to-spoke tunnels fail to form. R1 configuration: interface Tunnel0, ip address 10.0.0.1 255.255.255.0, tunnel source GigabitEthernet0/0, tunnel mode gre multipoint, ip nhrp network-id 1, ip nhrp map multicast dynamic. R2 shows: 'show dmvpn' shows no dynamic sessions. R3 shows: 'show ip nhrp' shows no entries for R2. What is the root cause?

A.The spokes are missing the 'ip nhrp nhs' command to point to the hub, preventing registration and resolution of spoke-to-spoke addresses.
B.The tunnel mode is mGRE, but the spokes are configured with point-to-point GRE tunnels.
C.The NHRP network-id is different on R2 and R3, preventing communication.
D.The tunnel source interface is not reachable between spokes.
AnswerA

Without NHS configuration, spokes do not register with the hub, so NHRP cannot provide the mapping for spoke-to-spoke tunnels.

Why this answer

For spoke-to-spoke tunnels to form, NHRP must be configured to allow spoke registration and resolution. The hub configuration includes 'ip nhrp map multicast dynamic', which allows spokes to register, but spokes must also have 'ip nhrp nhs' pointing to the hub. If R2 and R3 do not have NHRP server configuration, they will not register, and thus cannot learn each other's addresses.

The root cause is missing NHRP NHS configuration on the spokes.

75
MCQmedium

What is the default EIGRP composite metric formula used for route calculation?

A.metric = bandwidth + delay + load + reliability
B.metric = (K1 * bandwidth) + (K3 * delay)
C.metric = bandwidth + delay + MTU
D.metric = (K1 * bandwidth) + (K2 * load) + (K3 * delay) + (K5 / (K4 + reliability))
AnswerB

Correct: With default K values (K1=1, K3=1, others=0), the formula simplifies to bandwidth + delay.

Why this answer

The default EIGRP metric formula uses bandwidth and delay only: metric = (K1 * bandwidth) + (K3 * delay). By default, K1=1, K3=1, and K2, K4, K5 are set to 0, so load and reliability are ignored.

Page 1 of 2 · 76 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Device Management questions.