CISCO CCNA 200-301 Q40

Refer to the exhibit. What is the effect of this configuration?


A. All ARP packets are dropped by the switch
B. Egress traffic is passed only if the destination is a DHCP server.
C. All ingress and egress traffic is dropped because the interface is untrusted
D. The switch discards all ingress ARP traffic with invalid MAC-to-IP address bindings.

Correct Answers: D

Explanation:
Dynamic ARP inspection is an ingress security feature; it does not perform any egress checking.

CISCO CCNA 200-301 Q39

Refer to the exhibit. What is the effect of this configuration?


A. The switch port interface trust state becomes untrusted
B. The switch port remains administratively down until the interface is connected to another switch
C. Dynamic ARP inspection is disabled because the ARP ACL is missing
D. The switch port remains down until it is configured to trust or untrust incoming packets

Correct Answers: A

Explanation:
Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks. After enabling DAI, all ports become untrusted ports.

CISCO CCNA 200-301 Q38

Refer to the exhibit. Which route does R1 select for traffic that is destined to 192 168.16.2?


A. 192.168.16.0/21
B. 192.168.16.0/24
C. 192.168 26.0/26
D. 192.168.16.0/27

Correct Answers: D

Explanation:
Because each entry in a forwarding table may specify a sub-network, one destination address may match more than one forwarding table entry. The most specific of the matching table entries — the one with the longest subnet mask — is called the longest prefix match. It is called this because it is also the entry where the largest number of leading address bits of the destination address match those in the table entry.

CISCO CCNA 200-301 Q37

Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right. Select and Place:

Correct Answers:

CISCO CCNA 200-301 Q36

Refer to the exhibit. Drag and drop the networking parameters from the left on to the correct values on the right.

Correct Answers:

CISCO CCNA 200-301 Q34

Drag and drop the network protocols from the left onto the correct transport services on the right.
Select and Place:

Correct Answers:

CISCO CCNA 200-301 Q33

You are a network administrator for your organization. Your organization has two Virtual LANs (VLANs) named Marketing and Production. All switches in the network have both VLANs configured on them. Switches A, C, F, and G have user machines connected for both VLANs, while switches B, D, and E have user machines connected for the Production VLAN only.


To reduce broadcast traffic on the network, you want to ensure that broadcasts from the Marketing VLAN are flooded only to those switches that have Marketing VLAN users. Which Cisco switch feature should you use to achieve the objective?

A. PVST
B. RSTP
C. VTP Pruning
D. Dynamic VLANs

Correct Answers: C

Explanation:
The VLAN Trunking Protocol (VTP) pruning feature of Cisco VTP allows switches to dynamically delete or add VLANs to a trunk. It restricts unnecessary traffic, such as broadcasts, to only those switches that have user machines connected for a particular VLAN. It is not required to flood a frame to a neighboring switch if that switch does not have any active ports in the source VLAN. A trunk can also be manually configured with its allowed VLANs, as an alternative to VTP pruning.

All other options are incorrect because none of these features can be used to achieve the objective in this scenario.

The Per-VLAN Spanning Tree (PVST) feature allows a separate instance of Spanning Tree Protocol (STP) per VLAN. Each VLAN will have its own root switch and, within each VLAN, STP will run and remove loops for that particular VLAN.

Rapid Spanning Tree Protocol (RSTP) is an Institute of Electrical and Electronics Engineers (IEEE) standard. It reduces high convergence time that was previously required in STP implementations. It is interoperable with STP (802.1d).

With dynamic VLANs, the switch automatically assigns a switch port to a VLAN using information from the user machine, such as its Media Access Control (MAC) address or IP address. The switch then verifies information with a VLAN Membership Policy Server (VMPS) that contains a mapping of user machine information to VLANs.

CISCO CCNA 200-301 Q32

The workstation at 10.0.1.3 sends a packet to the workstation at 10.1.1.3.


When the packet leaves the R2 router, what addresses will be located in the header? (Choose two.)

A. Source MAC bb.bb.bb.bb.bb.bb Dest MAC ab.ab.ab.ab.ab.ab
B. Source MAC dd.dd.dd.dd.dd.dd Dest MAC ab.ab.ab.ab.ab.ab
C. Source MAC ee.ee.ee.ee.ee.ee Dest MAC ab.ab.ab.ab.ab.ab
D. Source IP 10.0.1.3 Dest IP 10.1.1.3
E. Source IP 10.0.1.1 Dest IP 10.1.1.2
F. Source IP 10.0.1.2 Dest IP 10.1.1.3
G. Source IP 10.0.1.1 Dest IP 10.1.1.3

Correct Answers: B, D

Explanation:
When the packet leaves the R2 router, the addresses that will be located in the header are:

Source MAC dd.dd.dd.dd.dd.dd Dest MAC ab.ab.ab.ab.ab.ab Source IP 10.0.1.3 Dest IP 10.1.1.3

If we executed the ipconfig/all command on the computer located at 10.1.1.3/24, it would look somewhat like what is shown below. The router interface (10.1.1.1/24) would use an ARP broadcast to determine the MAC address associated with the IP address 10.1.1.3/24 and it would be returned as ab.ab.ab.ab.ab. The router interface would then encapsulate the packet in a frame addressed to ab.ab.ab.ab.ab.

The source and destination IP address never change as the packet is routed across the network. The MAC address will change each time a router sends the packet to the next router or to the ultimate destination. The switches do not change either set of addresses in the header; they just switch the frame to the correct switch port according to the MAC address table. Therefore, when the packet leaves R2, the source MAC address will be that of R2, and the destination will be that of the workstation at 10.1.1.3. The IP addresses will be those of the two workstations, 10.0.1.3 and 10.1.1.3.

When the workstation at 10.0.1.3 starts the process, it will first determine that the destination address is in another subnet, and will send the packet to its default gateway at 10.0.1.2. It will perform an ARP broadcast for the MAC address that goes with 10.0.1.2, and R1 will respond with its MAC address, bb.bb.bb.bb.bb.bb.

After R2 determines the next-hop address to send to 10.0.1.3 by parsing the routing table, it will send the packet to R1 at 10.0.6.2. When R2 receives the packet, R2 will determine that the network 10.0.1.0/24 is directly connected and will perform an ARP broadcast for the MAC address that goes with 10.0.1.3. The workstation at 10.0.1.3 will respond with its MAC address, ab.ab.ab.ab.ab.ab.

CISCO CCNA 200-301 Q31

How many collision and broadcast domains are in the network shown below?


A. 4 collision domains and 3 broadcast domains
B. 7 collision domains and 2 broadcast domains
C. 8 collision domains and 1 broadcast domain
D. 6 collision domains and 2 broadcast domains

Correct Answers: B

Explanation:
There are 7 collision domains and 2 broadcast domains. They are labeled as shown below. Each router interface makes a broadcast domain and each switch interface creates a collision domain. The hub interfaces do neither.