Win IT Exam with Last Dumps 2025

Which configuration feature should be used to block rogue router advertisements instead of using the IPv6 Router Advertisement Guard feature?

A. VACL blocking broadcast frames from nonauthorized hosts B. PVLANs with promiscuous ports associated to route advertisements and isolated ports for nodes C. PVLANs with community ports associated to route advertisements and isolated ports for nodes D. IPv4 ACL blocking route advertisements from nonauthorized hosts

Refer to the exhibit.
Which action resolves the failed authentication attempt to the router?

A. Configure aaa authorization console global command B. Configure aaa authorization console command on line vty 0 4 C. Configure aaa authorization login command on line console 0 D. Configure aaa authorization login command on line vty 0 4

Refer to the exhibit. A network administrator logs into the router using TACACS+ username and password credentials, but the administrator cannot run any privileged commands.
Which action resolves the issue?

A. Configure the username from a local database B. Configure TACACS+ synchronization with the Active Directory admin group C. Configure an authorized IP address for this user to access this router D. Configure full access for the username from TACACS+ server

Refer to the exhibit. AAA server 10.1.1.1 is configured with the default authentication and accounting settings, but the switch cannot communicate with the server.
Which action resolves this issue?

A. Correct the timeout value. B. Match the authentication port. C. Correct the shared secret. D. Match the accounting port.

Refer to the exhibit. R1 is being monitored using SNMP and monitoring devices are getting only partial information.
What action should be taken to resolve this issue?

A. Modify the CoPP policy to increase the configured exceeded limit for SNMP. B. Modify the access list to include snmptrap. C. Modify the CoPP policy to increase the configured CIR limit for SNMP. D. Modify the access list to add a second line to allow udp any any eq snmp.

Refer to the exhibit. A client is concerned that passwords are visible when running this show archive log config all.
Which router configuration is needed to resolve this issue?

A. MASS-RTR(config)#aaa authentication arap B. MASS-RTR(config-archive-log-cfg)#password encryption aes C. MASS-RTR(config)#service password-encryption D. MASS-RTR(config-archive-log-cfg)#hidekeys

Refer to the exhibit. BGP is flapping after the CoPP policy is applied.
What are the two solutions to fix the issue? (Choose two.)

A. Configure a higher value for CIR under the Class COPP-CRITICAL-7600. B. Configure a higher value for CIR under the default class to allow more packets during peak traffic. C. Configure BGP in the COPP-CRITICAL-7600 ACL. D. Configure IP CEF for CoPP policy and BGP to work. E. Configure a three-color policer instead of two-color policer under Class COPP-CRITICAL-7600.

Refer to the exhibit. A network administrator configured an IPv6 access list to allow TCP return traffic only, but it is not working as expected.
Which changes resolve this issue?

A. B. C. D.

What are two functions of IPv6 Source Guard? (Choose two.)

A. It works independent from IPv6 neighbor discovery. B. It denies traffic from unknown sources or unallocated addresses. C. It uses the populated binding table to allow legitimate traffic. D. It denies traffic by inspecting neighbor discovery packets for specific patterns. E. It blocks certain traffic by inspecting DHCP packets for specific sources.

Refer to the exhibit. Which two actions restrict access to router R1 by SSH? (Choose two.)

A. Remove class-map ANY from service-policy CoPP. B. Configure transport output ssh on line vty and remove sequence 20 from access list 100. C. Configure transport input ssh on line vty and remove sequence 30 from access list 100. D. Remove sequence 10 from access list 100 and add sequence 20 deny tcp any any eq telnet to access list 199. E. Configure transport output ssh on line vty and remove sequence 10 from access list 199.