New 2020 CCNA 200-301 exam questions from PassLeader 200-301 dumps! Welcome to download the newest PassLeader 200-301 VCE and PDF dumps: https://www.passleader.com/200-301.html (667 Q&As –> 692 Q&As –> 790 Q&As –> 1326 Q&As –> 1527 Q&As) [Lab Simulations Available]
P.S. Free 2020 CCNA 200-301 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1ZyTbPJwJo3BBx79T-r2DPX-PQuM0Bpv7
NEW QUESTION 646
Which command do you enter so that a switch configured with Rapid PVST + listens and learns for a specific time period?
A. switch(config)#spanning-tree vlan 1 max-age 6
B. switch(config)#spanning-tree vlan 1 hello-time 10
C. switch(config)#spanning-tree vlan 1 priority 4096
D. switch(config)#spanning-tree vlan 1 forward-time 20
Answer: D
NEW QUESTION 647
What is the function of “off-the-shell” switches in a controller-based network?
A. providing a central view of the deployed network
B. forwarding packets
C. making routing decisions
D. setting packet-handling policies
Answer: D
NEW QUESTION 648
What is a function of Cisco Advanced Malware Protection for a Next-Generation IPS?
A. authorizing potentially compromised wireless traffic
B. inspecting specific files and file types for malware
C. authenticating end users
D. URL filtering
Answer: B
NEW QUESTION 649
An administrator must use the password complexity not manufacturer-name command to prevent users from adding “cisco” as a password. Which command must be issued before this command?
A. password complexity enable
B. confreg 0x2142
C. login authentication my-auth-list
D. service password-encryption
Answer: A
NEW QUESTION 650
Which two practices are recommended for an acceptable security posture in a network? (Choose two.)
A. Backup device configurations to encrypted USB drives for secure retrieval.
B. Maintain network equipment in a secure location.
C. Use a cryptographic keychain to authenticate to network devices.
D. Place internal email and file servers in a designated DMZ.
E. Disable unused or unnecessary ports, interfaces and services.
Answer: BE
NEW QUESTION 651
What is a zero-day exploit?
A. It is when a new network vulnerability is discovered before a fix is available.
B. It is when the perpetrator inserts itself in a conversation between two parties and captures or alters data.
C. It is when the network is saturated with malicious traffic that overloads resources and bandwidth.
D. It is when an attacker inserts malicious code into a SOL server.
Answer: A
NEW QUESTION 652
A network engineer is replacing the switches that belong to a managed-services client with new Cisco Catalyst switches. The new switches will be configured for updated security standards, including replacing Telnet services with encrypted connections and doubling the modulus size from 1024. Which two commands must the engineer configure on the new switches? (Choose two.)
A. crypto key generate rsa general-keys modulus 1024
B. transport input all
C. crypto key generate rsa usage-keys
D. crypto key generate rsa modulus 2048
E. transport Input ssh
Answer: AE
NEW QUESTION 653
Which QoS queuing method discards or marks packets that exceed the desired bit rate of traffic flow?
A. shaping
B. policing
C. CBWFQ
D. LLQ
Answer: B
NEW QUESTION 654
What is the role of disaggregation in controller-based networking?
A. It divides the control-plane and data-plane functions.
B. It summarizes the routes between the core and distribution layers of the network topology.
C. It enables a network topology to quickly adjust from a ring network to a star network.
D. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions.
Answer: A
NEW QUESTION 655
Why would VRRP be implemented when configuring a new subnet in a multivendor environment?
A. When a gateway protocol is required that support more than two Cisco devices for redundancy.
B. To enable normal operations to continue after a member failure without requiring a change In a host ARP cache.
C. To ensure that the spanning-tree forwarding path to the gateway is loop-free.
D. To interoperate normally with all vendors and provide additional security features for Cisco devices.
Answer: A
NEW QUESTION 656
An engineer has configured the domain name, user name, and password on the local router. What is the next step to complete the configuration tor a Secure Shell access RSA key?
A. crypto key Import rsa pem
B. crypto key pubkey-chain rsa
C. crypto key generate rsa
D. crypto key zeroize rsa
Answer: C
NEW QUESTION 657
Which REST method updates an object in the Cisco DNA Center Intent API?
A. CHANGE
B. UPDATE
C. POST
D. PUT
Answer: D
NEW QUESTION 658
Drag and Drop
Drag and drop the QoS terms from the left onto the descriptions on the right.
NEW QUESTION 659
Drag and Drop
Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.
NEW QUESTION 660
Drag and Drop
Drag and drop the IPv6 addresses from the left onto the corresponding address types on the right.
NEW QUESTION 661
……
New 2020 CCNA 200-301 exam questions from PassLeader 200-301 dumps! Welcome to download the newest PassLeader 200-301 VCE and PDF dumps: https://www.passleader.com/200-301.html (667 Q&As –> 692 Q&As –> 790 Q&As –> 1326 Q&As –> 1527 Q&As) [Lab Simulations Available]
P.S. Free 2020 CCNA 200-301 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1ZyTbPJwJo3BBx79T-r2DPX-PQuM0Bpv7