Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 (300-410)

Page:    1 / 9   
Total 139 questions

An engineer must configure a Cisco router to initiate secure connections from the router to other devices in the network but kept failing.
Which two actions resolve the issue? (Choose two.)

  • A. Configure transport input ssh command on the console.
  • B. Configure a domain name.
  • C. Configure a crypto key to be generated.
  • D. Configure a source port for the SSH connection to initiate.
  • E. Configure a TACACS+ server and enable it.


Answer : BC

When configuring Control Plane Policing on a router to protect it from malicious traffic, an engineer observes that the configured routing protocols start flapping on that device.
Which action in the Control Plane Policy prevents this problem in a production environment while achieving the security objective?

  • A. Set the conform-action and exceed-action to transmit initially to test the ACLs and transmit rates and apply the Control Plane Policy in the output direction.
  • B. Set the conform-action and exceed-action to transmit initially to test the ACLs and transmit rates and apply the Control Plane Policy in the input direction.
  • C. Set the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates and apply the Control Plane Policy in the input direction.
  • D. Set the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates and apply the Control Plane Policy in the output direction.


Answer : B

In which two ways does the IPv6 First-Hop Security Binding Table operate? (Choose two.)

  • A. by IPv6 HSRP to make sure neighbors are authenticated before being used as gateways
  • B. by various IPv6 guard features to validate the data link layer address
  • C. by the recovery mechanism to recover the binding table in the event of a device reboot
  • D. by IPv6 routing protocols to securely build neighborships without the need of authentication
  • E. by storing hashed keys for IPsec tunnels for the built-in IPsec features


Answer : BC


Refer to the exhibit. The engineer configured and connected Router2 to Router1. The link came up but could not establish a Telnet connection to Router1 IPv6 address of 2001:DB8::1.
Which configuration allows Router2 to establish a Telnet connection to Router1?

  • A. ipv6 unicast-routing
  • B. permit ICMPv6 on access list INGRESS for Router2 to obtain IPv6 address
  • C. permit ip any any on access list EGRESS2 on Router1
  • D. IPv6 address on GigabitEthernet0/0


Answer : C

An engineer is trying to copy an IOS file from one router to another router by using TFTP.
Which two actions are needed to allow the file to copy? (Choose two.)

  • A. Copy the file to the destination router with the copy tftp: flash: command
  • B. Enable the TFTP server on the source router with the tftp-server flash: <filename> command
  • C. TFTP is not supported in recent IOS versions, so an alternative method must be used
  • D. Configure a user on the source router with the username tftp password tftp command
  • E. Configure the TFTP authentication on the source router with the tftp-server authentication local command


Answer : AB

Refer to the exhibit. Users report that IP addresses cannot be acquired from the DHCP server. The DHCP server is configured as shown. About 300 total nonconcurrent users are using this DHCP server, but none of them are active for more than two hours per day.
Which action fixes the issue within the current resources?


  • A. Modify the subnet mask to the network 192.168.1.0 255.255.254.0 command in the DHCP pool
  • B. Configure the DHCP lease time to a smaller value
  • C. Configure the DHCP lease time to a bigger value
  • D. Add the network 192.168.2.0 255.255.255.0 command to the DHCP pool


Answer : B

Refer to the exhibit. ISP 1 and ISP 2 directly connect to the Internet. A customer is tracking both ISP links to achieve redundancy and cannot see the Cisco IOS IP
SLA tracking output on the router console.
Which command is missing from the IP SLA configuration?


  • A. Start-time 00:00
  • B. Start-time 0
  • C. Start-time immediately
  • D. Start-time now


Answer : D

Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt-book/sla_icmp_echo.html

Refer to the exhibit. An administrator noticed that after a change was made on R1, the timestamps on the system logs did not match the clock.
What is the reason for this error?


  • A. An authentication error with the NTP server results in an incorrect timestamp.
  • B. The keyword localtime is not defined on the timestamp service command.
  • C. The NTP server is in a different time zone.
  • D. The system clock is set incorrectly to summer-time hours.


Answer : A

DRAG DROP -
Drag and drop the DHCP messages from the left onto the correct uses on the right.
Select and Place:




Answer :

Reference:
https://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/27470-100.html

A network engineer is investigating a flapping (up/down) interface issue on a core switch that is synchronized to an NTP server. Log output currently does not show the time of the flap.
Which command allows the logging on the switch to show the time of the flap according to the clock on the device?

  • A. service timestamps log uptime
  • B. clock summer-time mst recurring 2 Sunday mar 2:00 1 Sunday nov 2:00
  • C. service timestamps log datetime localtime show-timezone
  • D. clock calendar-valid


Answer : C

When provisioning a device in Cisco DNA Center, the engineer sees the error message ג€Cannot select the device. Not compatible with templateג€.
What is the reason for the error?

  • A. The template has an incorrect configuration.
  • B. The software version of the template is different from the software version of the device.
  • C. The changes to the template were not committed.
  • D. The tag that was used to filter the templates does not match the device tag.


Answer : D

Reference:
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-2-10/user_guide/ b_cisco_dna_center_ug_1_2_10/b_dnac_ug_1_2_10_chapter_0111.html

While working with software images, an engineer observes that Cisco DNA Center cannot upload its software image directly from the device.
Why is the image not uploading?

  • A. The device must be resynced to Cisco DNA Center.
  • B. The software image for the device is in install mode.
  • C. The device has lost connectivity to Cisco DNA Center.
  • D. The software image for the device is in bundle mode


Answer : B

Reference:
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-2-10/user_guide/ b_cisco_dna_center_ug_1_2_10/b_dnac_ug_1_2_10_chapter_0100.html

An engineer configured the wrong default gateway for the Cisco DNA Center enterprise interface during the install.
Which command must the engineer run to correct the configuration?

  • A. sudo maglev-config update
  • B. sudo maglev install config update
  • C. sudo maglev reinstall
  • D. sudo update config install


Answer : A

DRAG DROP -
Drag and drop the SNMP attributes in Cisco IOS devices from the left onto the correct SNMPv2c or SNMPv3 categories on the right.
Select and Place:




Answer :


Refer to the exhibit. An administrator that is connected to the console does not see debug messages when remote users log in.
Which action ensures that debug messages are displayed for remote logins?

  • A. Enter the transport input ssh configuration command.
  • B. Enter the terminal monitor exec command.
  • C. Enter the logging console debugging configuration command.
  • D. Enter the aaa new-model configuration command.


Answer : C

Page:    1 / 9   
Total 139 questions