DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Boost Your Certification Prep with CCNP 300-420 Mock Tests, Cisco Enterprise Networks | SPOTO

Accelerate your path to CCNP certification with SPOTO's comprehensive 300-420 mock tests and exam preparation resources. Our realistic practice tests feature a wide range of authentic sample questions covering advanced routing, enterprise campus networks, WAN, security services, network services, and SDA topics from the actual exam. Detailed explanations for each exam answer ensure you grasp complex concepts thoroughly. Regularly testing your skills with our online exam simulator provides an immersive experience, pinpointing knowledge gaps for focused study. Don't leave your 300-420 success to chance - leverage SPOTO's high-quality mock exams and exam dumps to confidently tackle the certification and validate your enterprise networking expertise.
Take other online exams
Question #1
Which IOS interface configuration command is required to configure a switch port to be a promiscuous PVLAN access port?
A. switchport mode promiscuous
B. switchport mode promiscuous-vlan
C. switchport mode private-vlan host
D. switchport mode private-vlan promiscuous
View answer
Correct Answer: D
Question #2
Which IOS command enables the VTP feature that eliminates unnecessary trunk traffic being flooded to switches that do not have memberships in particular VLANs?
A. vtp mode client
B. no vtp mode
C. vtp v1-mode
D. vtp pruning
View answer
Correct Answer: D
Question #3
What command produces the output in the exhibit?
A. show port-security interface
B. show vlan private-vlan type
C. show port-security
D. show ip dhcp snooping
View answer
Correct Answer: C
Question #4
What is the easiest way to force a specific switch to become the spanning-tree root bridge for a VLAN?
A. Raise the spanning-tree priority value on the switch
B. Lower the spanning-tree priority value on the switch
C. Raise the port-cost value of an interface on the switch
D. Lower the port-cost value of an interface on the switch
View answer
Correct Answer: B
Question #5
EIGRP has been configured on all links. The spoke nodes have been configured as EIGRP stubs, and the WAN links to R3 have higher bandwidth and lower delay than the links to R4. When a link failure occurs at the R1- R2 link, what happens to traffic on R1 that is destined for a subnet attached to R2?
A. R1 has no route to R2 and drops the traffic
B. R1 load-balances across the paths through R3 and R4 to reach R2
C. R1 forwards the traffic to R3, but R3 drops the traffic
D. R1 forwards the traffic to R3 in order to reach R2
View answer
Correct Answer: B
Question #6
An engineer must design a multicast network for a financial application. Most of the multicast sources also receive multicast traffic (many-to-many deployment model). To better scale routing tables, the design must not use source trees. Which multicast protocol satisfies these requirements?
A. PIM-SSM
B. PIM-SM
C. MSDP
D. BIDIR-PIM
View answer
Correct Answer: C
Question #7
What command would be used to verify trusted DHCP ports?
A. show mls qos
B. show ip dhcp snooping
C. show ip trust
D. show ip arp trust
View answer
Correct Answer: B
Question #8
What is accomplished by the command switchport port-security violation protect?
A. The switch will generate a log message but will not block any packets
B. The switch will drop packets that are in violation and generate a log message
C. The switch will drop packets that are in violation, but not generate a log message
D. The switch will shut down the interface when packets in violation are detected
View answer
Correct Answer: C
Question #9
What attack technique uses double VLAN tagging to access network devices that might not otherwise be accessible?
A. VLAN hopping
B. DHCP spoofing
C. Rogue devices
D. MAC flooding
View answer
Correct Answer: A
Question #10
Which PVLAN port types can send frames through a switch to community and promiscuous ports? (Choose two.)
A. public
B. private
C. isolated
D. community
E. promiscuous
View answer
Correct Answer: DE
Question #11
Inter-VLAN routing has been operating successfully for several months. Users who connect to a newly installed switch report that they are unable to communicate with the rest of the company's networks. You decide to ensure that the switch is properly connected to the VTP domain before taking any other troubleshooting steps. What command would be best used to verify this?
A. switch# show vlan
B. switch# show ip route
C. switch# show interfaces trunk
D. switch# show vtp status
E. switch #show interface
View answer
Correct Answer: D
Question #12
During which STP state can ports add information to their address tables, but not send any data?
A. Learning
B. Listening
C. Blocked
D. Forwarding
View answer
Correct Answer: A
Question #13
Consider the following output of the show spanning-tree command for the SW1 switch: You need to change the spanning-tree configuration such that the following is true: SW1 is the root bridge for VLAN0001 SW1 is not the root bridge for VLAN0101 Fa0/2 port of SW1 should be in the forwarding state for VLAN0202 traffic Which of the following commands should be executed on SW1 to achieve the desired results? (Choose all that apply.)
A. spanning-tree vlan 1 priority 23189 in global configuration mode
B. spanning-tree vlan 1 priority 32768 in global configuration mode
C. spanning-tree vlan 101 priority 32768 in global configuration mode
D. spanning-tree vlan 202 cost 2 in interface configuration mode of Fa0/2
E. spanning-tree vlan 202 cost 252 in interface configuration mode of Fa0/2
View answer
Correct Answer: ACD
Question #14
During a CEF packet rewrite, which of the following changes are NOT made to the packet?
A. The source MAC address is changed to the MAC address of the outbound Layer 3 switch interface
B. The destination MAC address is changed to the MAC address of the next-hop router's MAC address
C. Layer 3 TTL is decremented by one
D. Layer 2 TTL is decremented by one
View answer
Correct Answer: D
Question #15
Which solution allows overlay VNs to communicate with each other in an SD-WAN Architecture?
A. External fusion routers can be used to map VNs to VRFs and selectively route traffic between VRFs
B. GRE tunneling can be configured between fabric edges to connect one VN to another
C. SGTs can be used to permit traffic from one VN to another
D. Route leaking can be used on the fabric border nodes to inject routes from one VN to another
View answer
Correct Answer: B
Question #16
What Cisco switch features are designed to work together to mitigate ARP spoofing attacks? (Choose two.)
A. DHCP snooping
B. port security
C. 802
D. DAI
View answer
Correct Answer: AD
Question #17
Which two BGP features will result in successful route exchanges between eBGP neighbors sharing the same AS number? (Choose two.)
A. advertise-best-external
B. bestpath as-path ignore
C. client-to-client reflection
D. as-override
E. allow-as-in
View answer
Correct Answer: A
Question #18
A customer is discussing QoS requirements with a network consultant. The customer has specified that end-to-end path verification is a requirement. Which QoS solution meets this requirement?
A. IntServ model with RSVP to support the traffic flows
B. DiffServ model with PHB to support the traffic flows
C. marking traffic at the access layer with DSCP to support the traffic flows
D. marking traffic at the access layer with CoS to support the traffic flows
View answer
Correct Answer: A
Question #19
What is accomplished by the command switchport port-security violation restrict?
A. The switch will generate a log message but will not block any packets
B. The switch will drop packets that are in violation and generate a log message
C. The switch will drop packets that are in violation, but not generate a log message
D. The switch will shut down the interface when packets in violation are detected
View answer
Correct Answer: B
Question #20
What Cisco Catalyst switch feature is designed to inspect ARP packets and mitigate ARP spoofing attacks?
A. DHCP snooping
B. port security
C. 802
D. DAI
View answer
Correct Answer: D
Question #21
What command should be used to view the private VLANs configured on ports and the private VLAN mappings?
A. show vlan brief
B. show pvlan
C. show interfaces switchport
D. show mac-address-table
View answer
Correct Answer: C
Question #22
A company is using OSPF between its HQ location and a branch office. HQ is assigned area 0 and the branch office is assigned area 1. The company purchases a second branch office, but due to circuit delays to HQ, it decides to connect the new branch office to the creating branch office as a temporary measure. The new branch office is assigned area 2. Which OSPF configuration enables all three locations to exchange routes?
A. The existing branch office must be configured as a stub area
B. A virtual link must be configured between the new branch office and HQ
C. A sham link must be configured between the new branch office and HQ
D. The new branch office must be configured as a stub area
View answer
Correct Answer: A
Question #23
Which protocol is used to maintain the contents of the Cisco Express Forwarding (CEF) adjacency table?
A. ARP
B. RARP
C. PING
D. INARP
View answer
Correct Answer: A
Question #24
An enterprise customer has these requirements: end-to-end QoS for the business-critical applications and VoIP services based on CoS marking. flexibility to offer services such as IPv6 and multicast without any reliance on the service provider. support for full-mesh connectivity at Layer 2. Which WAN connectivity option meets these requirements?
A. VPWS
B. MPLS VPN
C. DMVPN
D. VPLS
View answer
Correct Answer: BE

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.