Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 200-301

Cisco 200-301 Exam Questions
Cisco Certified Network Associate (CCNA) (Page 49 )

Updated On: 28-Feb-2026
Page 49 of 281
PDF with 1395 Questions

Which two conditions must be met before SSH operates normally on a Cisco IOS switch? (Choose two.)

  1. IP routing must be enabled on the switch.
  2. A console password must be configured on the switch.
  3. Telnet must be disabled on the switch.
  4. The switch must be running a k9 (crypto) IOS image.
  5. The ip domain-name command must be configured on the switch.

Answer(s): D,E


Reference:

https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html



Refer to the exhibit. Which password must an engineer use to enter the enable mode?

  1. adminadmin123
  2. cisco123
  3. default
  4. testing1234

Answer(s): D

Explanation:

If neither the enable password command nor the enable secret command is configured, and if there is a line password configured for the console, the console line password serves as the enable password for all VTY sessions -> The “enable secret” will be used first if available, then “enable password” and line password.



Which state does the switch port move to when PortFast is enabled?

  1. blocking
  2. listening
  3. learning
  4. forwarding

Answer(s): D



Which protocol prompts the Wireless LAN Controller to generate its own local web administration SSL certificate for GUI access?

  1. RADIUS
  2. HTTPS
  3. TACACS+
  4. HTTP

Answer(s): B

Explanation:

You can protect communication with the GUI by enabling HTTPS. HTTPS protects HTTP browser sessions by using the Secure Sockets Layer (SSL) protocol.
When you enable HTTPS, the controller generates its own local web administration SSL certificate and automatically applies it to the GUI. You also have the option of downloading an externally generated certificate.


Reference:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_011.html



An engineer must configure interswitch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

  1. configure DSCP
  2. configure IEEE 802.1q
  3. configure ISL
  4. configure IEEE 802.1p

Answer(s): B

Explanation:

VLAN trunking offers two options, ISL and 802.1Q. ISL is Cisco proprietary while 802.1Q is standards based and supported by multiple vendors.






Post your Comments and Discuss Cisco 200-301 exam dumps with other Community members:

Join the 200-301 Discussion