The latest Cisco Certified Network Associate 200-301 CCNA certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Cisco Certified Network Associate 200-301 CCNA exam and earn Cisco Certified Network Associate 200-301 CCNA certification.
Exam Question 441
An organization secures its network with multi-factor authentication using an authenticator app on employee
smartphones. How is the application secured in the case of a user’s smartphone being lost or stolen?
A. The application requires the user to enter a PIN before it provides the second factor
B. The application requires an administrator password to reactivate after a configured interval
C. The application verifies that the user is in a specific location before it provides the second factor
D. The application challenges a user by requiring an administrator password to reactivate when the smartphone is rebooted
Correct Answer:
A. The application requires the user to enter a PIN before it provides the second factor
Exam Question 442
Refer to the exhibit.
An engineer booted a new switch and applied this configuration via the console port.
An engineer booted a new switch and applied this configuration via the console port.
Which additional configuration must be applied to allow administrators to authenticate directly to enable privilege mode via Telnet using a local username and password?
A.
B.
C.
D.
Correct Answer:
B.
Exam Question 443
Refer to the exhibit.
Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address?
Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address? (Choose two.)
A. The security violation counter dose not increment
B. The port LED turns off
C. The interface is error-disabled
D. A syslog message is generated
E. The interface drops traffic from unknown MAC address
Correct Answer:
A. The security violation counter dose not increment
E. The interface drops traffic from unknown MAC address
Exam Question 444
Which technology must be implemented to configure network device monitoring with the highest security?
A. IP SLA
B. syslog
C. NetFlow
D. SNMPv3
Correct Answer:
C. NetFlow
Exam Question 445
Refer to the exhibit.
Which two statements about the interface that generated the output are true?
Which two statements about the interface that generated the output are true? (Choose two.)
A. learned MAC addresses are deleted after five minutes of inactivity
B. the interface is error-disabled if packets arrive from a new unknown source address
C. it has dynamically learned two secure MAC addresses
D. it has dynamically learned three secure MAC addresses
E. the security violation counter increments if packets arrive from a new unknown source address
Correct Answer:
A. learned MAC addresses are deleted after five minutes of inactivity
C. it has dynamically learned two secure MAC addresses
Exam Question 446
What are two southbound APIs? (Choose two.)
A. Thrift
B. DSC
C. CORBA
D. NETCONF
E. OpenFlow
Correct Answer:
D. NETCONF
E. OpenFlow
Answer Description:
OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements.
The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices.
Other southbound APIs are:
- onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades.
- OpFlex: an open-standard, distributed control system. It send “summary policy” to network elements.
Exam Question 447
What makes Cisco DNA Center different from traditional network management applications and their management of networks?
A. Its modular design allows someone to implement different versions to meet the specific needs of an organization.
B. It only supports auto-discovery of network elements in a greenfield deployment.
C. It does not support high availability of management functions when operating in cluster mode.
D. It abstracts policy from the actual device configuration.
Correct Answer:
D. It abstracts policy from the actual device configuration.
Exam Question 448
Which API is used in controller-based architectures to interact with edge devices?
A. southbound
B. overlay
C. northbound
D. underlay
Correct Answer:
A. southbound
Exam Question 449
An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine?
A. platform-as-a-service
B. network-as-a-service
C. software-as-a-service
D. infrastructure-as-a-service
Correct Answer:
D. infrastructure-as-a-service
Answer Description:
Below are the 3 cloud supporting services cloud providers provide to customer:
- SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a thirdparty vendor and whose interface is accessed on the clients’ side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins.
- PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a thirdparty provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications.
- IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing.
In general, IaaS provides hardware so that an organization can install their own operating system.
Exam Question 450
Which purpose does a northbound API serve in a controller-based networking architecture?
A. facilitates communication between the controller and the applications
B. reports device errors to a controller
C. generates statistics for network hardware and traffic
D. communicates between the controller and the physical network hardware
Correct Answer:
A. facilitates communication between the controller and the applications