• 4.9/5.0
  • 1197 Questions
  • Updated on: 25-May-2026
  • Cisco Certified Network Associate
  • 211975 Prepared

Free Cisco 200-301 Practice Questions 2026 | Cisco Certified Network Associate


Topic 1: Exam Pool A

   

desc about topic

What is the primary effect of the spanning-tree portfast command?

A. it enables BPDU messages

B. It minimizes spanning-tree convergence time

C. It immediately puts the port into the forwarding state when the switch is reloaded

D. It immediately enables the port in the listening state

B.   It minimizes spanning-tree convergence time

Reference:


https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-
2_55_se/configuration/guide/3560_scg/swstpopt.html

Refer to the exhibit.

A. Option

B. Option

C. Option

D. Option

D.   Option

When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original P packet?

A. IPsec tunnel mode with AH

B. IPsec transport mode with AH

C. IPsec tunnel mode with ESP

D. IPsec transport mode with ESP

C.   IPsec tunnel mode with ESP

Explanation:

“Encapsulating Security Payload…Unlike Authentication Header (AH), ESP in transport mode does not provide integrity and authentication for the entire IP packet. However, in Tunnel Mode, where the entire original IP packet is encapsulated with a new packet header added, ESP protection is afforded to the whole inner IP packet (including the inner header) while the outer header (including any outer IPv4 options or IPv6 extension headers) remains unprotected.

An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured Drag and drop the configuration commands from the left into the correct sequence on the right Not all commands are used

Which statement identifies the functionality of virtual machines?

A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor

B. The hypervisor can virtualize physical components including CPU. memory, and storage

C. Each hypervisor can support a single virtual machine and a single software switch

D. The hypervisor communicates on Layer 3 without the need for additional resources

B.   The hypervisor can virtualize physical components including CPU. memory, and storage

How do TCP and UDP differ in the way that they establish a connection between two endpoints?

A. TCP uses synchronization packets, and UDP uses acknowledgment packets.

B. UDP uses SYN, SYN ACK and FIN bits in the frame header while TCP uses SYN, SYN ACK and ACK bits

C. UDP provides reliable message transfer and TCP is a connectionless protocol

D. TCP uses the three-way handshake and UDP does not guarantee message delivery-

D.   TCP uses the three-way handshake and UDP does not guarantee message delivery-

Drag and drop the functions of DHCP from the left onto any of the positions on the right Not all functions are used


What is a practice that protects a network from VLAN hopping attacks?

A.

Enable dynamic ARP inspection

B. Configure an ACL to prevent traffic from changing VLANs

C. Change native VLAN to an unused VLAN ID

D. Implement port security on internet-facing VLANs

C.   Change native VLAN to an unused VLAN ID

Which global command encrypt all passwords in the running configuration?

A. password-encrypt

B. enable password-encryption

C. enable secret

D. service password-encryption

B.   enable password-encryption

Which mode allows access points to be managed by Cisco Wireless LAN Controllers?

A. autonomous

B. lightweight

C. bridge

D. mobility express

B.   lightweight

Explanation

: https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200- series/70278-lap-faq.html
A Lightweight Access Point (LAP) is an AP that is designed to be connected to a wireless
LAN (WLAN) controller (WLC). APs are “lightweight,” which means that they cannot act independently of a wireless LAN controller (WLC). The WLC manages the AP configurations and firmware. The APs are “zero touch” deployed, and individual configuration of APs is not necessary

Page 22 out of 120 Pages
PreviousNext
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748