Cisco CCNA 200-301 Questions & Answers

• Question 281:

  Refer to the exhibit.

  

  What is the next step to complete the implementation for the partial NAT configuration shown?

  A. Reconfigure the static NAT entries that overlap the NAT pool

  B. Configure the NAT outside interface

  C. Modify the access list for the internal network on e0/1

  D. Apply the ACL to the pool configuration

  Correct Answer: A

  https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16/nat-xe-16-book/iadnat-addr-consv.html#:~:text=ip%20nat%20pool%20net%2D208%20172.31.233.208%20172.31.233.223,inside%0A!%0Aaccess%2Dlist% 201%20permit%2010.114.11.0%200.0.0.255

• Question 282:

  Which advantage does the network assurance capability of Cisco DNA Center provide over traditional campus management?

  A. Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

  B. Cisco DNA Center handles management tasks at the controller to reduce the load on infrastructure devices, and traditional campus management uses the data backbone.

  C. Cisco DNA Center leverages YANG and NETCONF to assess the status of fabric and nonfabric devices, and traditional campus management uses CLI exclusively.

  D. Cisco DNA Center automatically compares security postures among network devices, and traditional campus management needs manual comparisons.

  Correct Answer: C

  Cisco DNA Center correlates information from different management protocols to obtain insights, and traditional campus management requires manual analysis.

  The network assurance capability of Cisco DNA Center provides an advantage over traditional campus management by automatically correlating information from different management protocols to obtain insights into the performance, health, and security of the network. This allows for quicker and more efficient troubleshooting and problem resolution.

• Question 283:

  Which security method is used to prevent man-in-the-middle attack?

  A. authorization

  B. authentication

  C. anti-replay

  D. accounting

  Correct Answer: B

  Authentication is the security method used to prevent man-in-the-middle attacks. Man-in-the-middle attacks occur when an attacker intercepts and alters communication between two parties, without their knowledge. By authenticating the identities of the communicating parties, it becomes more difficult for an attacker to impersonate one of them and insert themselves into the communication.

  Authentication methods can include passwords, digital certificates, biometric authentication, two-factor authentication (2FA), and other mechanisms that verify the identity of the communicating parties. By ensuring that the parties involved are who they claim to be, authentication helps protect against man-in-the-middle attacks and helps establish a secure and trusted communication channel.

• Question 284:

  Which fact must the engineer consider when implementing syslog on a new network?

  A. Syslog defines the software or hardware component that triggered the message.

  B. There are 16 different logging levels (0-15).

  C. The logging level defines the severity of a particular message.

  D. By default, all message levels are sent to the syslog server.

  Correct Answer: C

• Question 285:

  Which syslog severity level is considered the most severe and results in the system being considered unusable?

  A. Alert

  B. Error

  C. Emergency

  D. Critical

  Correct Answer: C

  Syslog is a standard for logging messages and events on network devices. It uses severity levels to indicate the severity of the message or event being logged. The syslog severity levels range from 0 (Emergency) to 7 (Debug).

  Among these severity levels, Emergency (severity level 0) is considered the most severe. Messages logged at this level indicate a catastrophic system failure or complete system shutdown, and the system is considered unusable. This

  severity level should be reserved for only the most severe and critical events that require immediate attention.

  Therefore, the syslog severity level that is considered the most severe and results in the system being considered unusable is Emergency (severity level 0).

• Question 286:

  Which cable type must be used when connecting a router and switch together using these criteria?

  1.

  Pins 1 and 2 are receivers and pins 3 and 6 are transmitters.

  2.

  Auto detection MDI-X is unavailable.

  A. crossover

  B. rollover

  C. console

  D. straight-through

  Correct Answer: D

  You are describing a scenario where a straight-through Ethernet cable (also known as a "patch cable") should be used. In a straight-through cable, each wire on one end of the cable is connected to the same pin on the other end. This type of cable is commonly used to connect different types of devices, such as a router to a switch, where the transmit pins on one end are connected to the receive pins on the other end.

  Ensure that both the router and the switch are configured for the same Ethernet standard (e.g., both support Gigabit Ethernet) and use a straight-through cable to connect them. If auto MDI-X is unavailable, it means you should not use a crossover cable, as a straight-through cable is required for proper communication between the router and switch in this case.

• Question 287:

  How does a hub handle a frame traveling to a known destination MAC address differently than a switch?

  A. The hub forwards the frame to all ports, and a switch forwards the frame to the known destination.

  B. The hub forwards the frame to all ports in the FIB table, and a switch forwards the frame the destination MAC is known.

  C. The hub forwards the frame using the information in the MAC table, and a switch uses data in its routing table.

  D. The hub forwards the frame only to the port connected to the known MAC address, and a switch forwards the frame to all ports.

  Correct Answer: A

• Question 288:

  Which port-security violation mode drops traffic from unknown MAC addresses and forwards an SNMP trap?

  A. shutdown VLAN

  B. protect

  C. restrict

  D. shutdown

  Correct Answer: C

• Question 289:

  Which cable type must be used when connecting two like devices together using these criteria?

  1.

  Pins 1 to 3 and 2 to 6 are required.

  2.

  Auto detection MDI-X is unavailable.

  A. straight-through

  B. console

  C. crossover

  D. rollover

  Correct Answer: C

  When connecting two like devices together (e.g., two computers or two switches) directly without an intermediate device like a hub or a switch, and auto detection MDI-X (Media Dependent Interface with Crossover) is unavailable, a crossover cable is used. In a crossover cable, the transmit (TX) pins on one end are connected to the receive (RX) pins on the other end, and vice versa.

• Question 290:

  Which is a fact related to FTP?

  A. It uses two separate connections for control and data traffic.

  B. It uses block numbers to identify and mitigate data-transfer errors.

  C. It always operates without user authentication.

  D. It relies on the well-known UDP port 69.

  Correct Answer: A

  The FTP protocol typically uses two separate connections:

  1.

  **Control Connection:** This connection is used for sending commands from the client to the server and receiving responses. It is usually established on well-known port 21.

  2.

  **Data Connection:** This connection is used for the actual transfer of data files. Depending on the mode (active or passive) and the specific implementation, the data connection can be established on a different port.

  FTP does use a simple form of error checking, but it does not use block numbers in the same way that some other protocols (e.g., TFTP) do.

  FTP typically requires user authentication, which involves providing a username and password to access files on the server.

  FTP traditionally uses TCP for its connections, and the well-known port for FTP control is 21, not UDP port 69. UDP port 69 is associated with TFTP (Trivial File Transfer Protocol).