2018 May New Cisco 200-601 Exam Dumps with PDF and VCE Just Updated Today! Following are some new 200-601 Real Exam Questions:

2.|2018 Latest 200-601 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNWTIxdF9WZmZqMms?usp=sharing

QUESTION 57
Refer to the exhibit. L3SW1 has a spanning-tree priority of 8192 set on VLANs 1, 300, and 301, and these VLANs are configured on and trunked between all switches.

Executing the command show spanning-tree blockedports on L2SW5 results in:
L2SW5# show spanning-tree blockedports
Name Blocked Interfaces List
——————– ————————————
VLAN0001 Gi1/1
VLAN0300 Gi1/1
VLAN0301 Gi1/1
An additional VLAN, VLAN302, is defined on all switches and trunked between them. VLAN302 access ports are set up on each of the switches and PLC#1, I/O#1, and the PanelView are attached. You expect the new VLAN to be listed as blocked on interface GigabitEthernet1/1 of L2SW5 but it is not. The three new devices are able to communicate with each other.
After executing the same command on all switches you see this output on L2SW4:
L2SW4# show spanning-tree blockedports
Name Blocked Interfaces List
——————– ————————————
VLAN0001 Gi1/2
VLAN0300 Gi1/2
VLAN0301 Gi1/2
Why is VLAN302 forwarding on L2SW5 interface GigabitEthernet 1/1 and L2SW4 interface GigabitEthernet 1/1 and 1/2?

A. VLAN302 is not configured in the VLAN database on L2SW5
B. VLAN302 is not in the allowed list on the L2SW5 interface GigabitEthernet1/1 trunk
C. L2SW4 is the spanning tree root for VLAN 302
D. The FO3 fiber-optic cable between L2SW4 and L2SW5 is damaged

Answer: C

QUESTION 58
Which two are possible solutions to control which devices can communicate between industrial zones? (Choose two)

A. Use per zone private IP addressing and deploy NAT to control traffic between zones
B. Put access control lists on switches connecting industrial zones to control traffic
C. Attach each zone to a firewall to control intra-zone traffic
D. Deploy QoS traffic shaping to limit the volume of traffic between industrial zones
E. Deploy an IDS system between the zones to control intra-zone traffic

Answer: BC

QUESTION 59
Refer to the exhibit. Which three options are needed to configure NAT on router GW so PC1 and PC2 will be able to ping 203.0.113.1? (Choose three)

A. interface Ethernet0
ip nat inside
interface Ethernet1
ip nat outside
B. ip access-list standard ACL_NAT
permit 10.1.1.0 0.0.0.255
C. ip nat inside source static tcp 10.1.1.0 80 interface Ethernet1 80
D. interface Ethernet0
ip nat outside
interface Ethernet1
ip nat inside
E. ip nat inside source list ACL_NAT interface Ethernet1 overload
F. ip access-list extended ACL_NAT
permit tcp 10.1.1.0 0.0.0.255 any eq 80

Answer: ABE

QUESTION 60
Which selection is a reason why IGMP snooping should be configured on a switched network?

A. IGMP snooping populates the snooping table with the results of DHCP requests and can be used by Dynamic ARP Inspection to block IP spoofing attacks at Layer-2.
B. IGMP snooping verifies the source IP address of every IPv4 packet to ensure that it hasn’t been originated from a port different than its return path.
C. IGMP snooping is used to filter ping requests and results to avoid overflowing the MAC address table of the switch.
D. IGMP snooping allows a Layer-2 switch to limit the transmission of multicast frames to only the ports that have members of the relevant IGMP group.

Answer: D

QUESTION 61
Refer to the exhibit. An expansion project added an E-Tap and Device Level Ring to interface FastEthernet1/1 of L2SW1. The administrator has looked at the logs of L2SW1 and found that FastEthernet1/1 was in an error-disabled state.Using command line access on L2SW1, the administrator issued the following commands in configuration mode:

L2SW1(config)# interface FastEthernet 1/1
L2SW1(config-if)# shutdown
L2SW1(config-if)# no shutdown
The administrator checked the logs of L2SW1 and found the following:
Mar 30 02:23:17.588: %PM-4-ERR_DISABLE: bpduguard error detected on Fa1/1, putting Fa1/1 in err-disable state
The administrator checked the software configuration of the switch port and found the following:
interface FastEthernet1/1
switchport access vlan 310
switchport mode access
speed 100
duplex full
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
Why has the port gone error-disabled?

A. interface FastEthernet1/1 is configured as an access port on the wrong VLAN.
B. There is a duplex mismatch between interface FastEthernet1/1 and the E-Tap.
C. The E-Tap is not configured as a ring supervisor causing a loop on interface FastEthernet1/1.
D. The E-Tap is configured at 10Mbps and the switch port is configured at 100Mbps.
E. Automatic MDI Crossover detection is disabled.

Answer: C

QUESTION 62
Which in-depth approach is used when deploying defense in an industrial zone?

A. Besides using a dedicated firewall / DMZ construction use an IOS based firewall on the WAN router connecting the industrial site to the Internet.
B. Use NTP to make sure that time stamps of log messages are synchronized such that you can do root cause analysis.
C. Deploy an IDS solution with knowledge about industrial protocols in the industrial zone in combination with a firewall.
D. Use multiple firewalls from different vendors in such a way that network traffic will have to traverse both firewalls so that security holes of one firewall is caught by the other firewall.

Answer: C

QUESTION 63
Which statement is correct regarding Media Redundancy Protocol (MRP) in a ring of ProfiNET devices?

A. When a link fault is detected, MRP rings must converge in less than 100 milliseconds
B. MRP defines two device roles, Media Redundancy Master and Media Redundancy Client
C. MRP can support rings of up to 250 devices
D. MRP is only supported on network switches

Answer: B

QUESTION 64
Refer to the exhibit. What issue does this topology present for the represented traffic flow?

A. Standard Produce/Consume traffic is not suitable for an 802.11 wireless environment.
B. Only one of the Work Group Bridges can transmit at a time, because 802.11 is half duplex.
C. The Converged Plant-wide Ethernet best practices for 802.11 wireless don’t allow for PAC to PAC traffic.
D. I/O control traffic should utilize the 2.4 GHz band based on best practices.

Answer: B

QUESTION 65
A ProfiNET management system operator is unable to add a ProfiNET Conformance Class B device to a SIMATIC management station. The device is connected to interface FastEthernet1/3. Based on the provided CLI output, which statement is correct?
switch#show profinet lldp
Fa1/1 port-003-00000 On
Fa1/2 port-004-00000 On
Fa1/3 port-005-00000 Off
Fa1/4 port-006-00000 Off
Fa1/5 port-007-00000 On
Fa1/6 port-008-00000 Off
Fa1/7 port-009-00000 On
Fa1/8 port-010-00000 Off

A. LLDP has been disabled on this switch
B. The connected device is not sending LLDP packets with ProfiNET extensions
C. The port label needs to be changed on interface FastEthernet 1/3 to “port-003-00000”
D. ProfiNET is disabled on this switch

Answer: B

QUESTION 66
A cookie cutter machine requires 2 standard controllers and a safety controller. All of these controllers and machine level I/O have been placed on VLAN 104. The safety controller must monitor an emergency stop connected to an I/O adapter on an adjacent machine (VLAN 105). Which packet type will be used?

A. UDP Multicast TTL = 1
B. UDP Multicast TTL = 2
C. UDP Unicast
D. TCP Unicast

Answer: C

QUESTION 67
Profinet has been disabled on a Cisco Industrial Ethernet switch, which CLI commands correctly enable ProfiNET on VLAN 10?

A. switch(config)#profinet
switch(config)#profinet vlan 10
B. switch#enable profinet
switch(config)#profinet vlan 10
C. switch(config)#profinet
switch(config)#vlan 10
switch(config-vlan)#profinet
D. switch#enable profinet
switch(config)#vlan 10
switch(config-vlan)#profinet

Answer: A

!!!REDOMMEND!!!

https://youtu.be/07100ZztBOA

2018 May New Cisco 200-601 Exam Dumps with PDF and VCE Just Updated Today! Following are some new 200-601 Real Exam Questions:

2.|2018 Latest 200-601 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNWTIxdF9WZmZqMms?usp=sharing

QUESTION 46
It is common to use Resilient Ethernet Protocol (REP) on the manufacturing floor as a resiliency protocol, as opposed to the Enterprise where it is not generally deployed. What are two reasons why REP is more suitable for the plant floor? (Choose two)

A. REP is only supported on Industrial Ethernet switches, it is not supported on Catalyst switches.
B. REP converges faster than Spanning Tree, allowing for greater network availability.
C. REP supports Industrial Ethernet protocols better because it moves the packets faster.
D. Running dual cables from access switches to an aggregation switch can have a much higher cost on the plant floor than in the Enterprise and running a ring protocol like REP provides resiliency at a lower cost.
E. Industrial protocols can be negatively impacted by the number of nodes the Ethernet frame traverses, REP provides a topology with no more than 3 nodes for any data path.

Answer: BD

QUESTION 47
Which scenario represents the correct configuration to support the SSIDs of this autonomous access point?

A. Missing
B. Missing
C. Missing
D. Missing

Answer: D

QUESTION 48
In which two ways could you minimize the impact of monitoring an industrial network? (Choose two.)

A. Send random messages to a device and see what the response is.
B. Do frequent ping sweeps to industrial devices to check for their proper operations.
C. Make a copy of all the network traffic and analyze it offline.
D. Use an industrial-network-grade IDS-IPS system.

Answer: CD

QUESTION 49
Which option best describes the ProfiNET Discovery and Configuration Protocol (DCP)?

A. Can be used to override both static and dynamically (DHCP/BOOTP) assigned IP addresses
B. Cannot be used to reset a device to factory defaults
C. Is only supported in Conformance Class B and C devices
D. Uses the ProfiNET-IRT communication class

Answer: A

QUESTION 50
When troubleshooting a high packet loss condition in the network, the inspection area has an assessed M.I.C.E. value of M=1, I=1, C=3 and E=1. Which condition could be suspect?

A. Use of shielded Patch Cables, Bonded on one end only.
B. Use of unshielded Patch Cables.
C. Broken seal on bulkhead connector.
D. Oxidation on Shielded RJ45 Patch Plug

Answer: D

QUESTION 51
Refer to the exhibit. You are required to implement traffic segmentation in the network. See the table for relevant device details:

L2SW4, L2SW5, and L2SW6 are connected to L3SW1 with 802.1Q trunks with VLAN 191 and VLAN 398 allowed on the trunk.
You have the following information from L3SW1:
L3SW1# show run interfaces
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 10.2.2.2 255.255.255.248
!
interface Vlan191
ip address 10.10.27.126 255.255.255.192
!
interface Vlan200
ip address 10.20.20.1 255.255.255.248
!
interface Vlan398
ip address 10.15.153.1 255.255.255.0
L3SW1# show ip route
*** Output Omitted ***
10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 10.2.2.1/29 is directly connected, Vlan2
C 10.10.27.64/26 is directly connected, Vlan191
C 10.15.153.0/24 is directly connected, Vlan398
C 10.20.20.0/29 is directly connected, Vlan200
S 10.200.200.0/24 [1/0] via 10.20.20.2
S* 0.0.0.0/0 [1/0] via 10.2.2.1
You are required to implement a configuration that will meet the following connectivity requirements:
– The Administrator’s Station must have full access to PanelView
– PanelView should have limited access, based on specific TCP ports, to PLC#1 and I/O#1
– The Administrator’s Station should have no access to PLC#1 and I/O#1
– PLC#1 and I/O#1 should be able to communicate with each other on any port
Which action will allow you to meet the connectivity requirements?

A. Put interface VLAN 191 and interface VLAN 398 into different Virtual Routing and Forwarding (VRF) instances on L3SW1
B. Deploy an inbound ACL on interface VLAN 191 to control the traffic from the Administrator’s Station and PanelView to PLC#1 and I/O#1
C. No change is required, the traffic is already limited appropriately by the VLAN segmentation
D. Implement an ACL on Firewall1 to control the traffic flow between VLAN 191 and VLAN

Answer: B

QUESTION 52
It is determined that an intermittent high packet loss event is occurring within a segment of the network. The assigned task is to determine the cause.
Which of these conditions should be suspected?

A. Missing
B. Missing
C. Missing
D. Missing

Answer: D

QUESTION 53
You have been tasked to design an Ethernet network capable of Motion control with cycle times not to exceed 1ms. In order to create a more deterministic network, what characteristic/s should you primarily focus on?

A. Lattency and Jitter
B. Redundancy and high availability
C. Explicit and Implicit messaging
D. This cycle time is not possible on an Ethernet network
E. Gigabit port speed

Answer: A

QUESTION 54
ProfiNET has been disabled on a Cisco Industrial Ethernet switch. Which CLI command will correctly enable ProfiNET on the switch?

A. switch(config)#profinet
B. switch(config-if)#switchport profinet vlan 10
C. switch(config)#vlan 10 profinet
D. switch#enable profinet

Answer: A

QUESTION 55
Which describes a best practice rule for controlling traffic between the corporate network and the controls network?

A. Outbound traffic from the control network to the corporate network and outbound traffic from the corporate network to the control network can be restricted based on source and destination address only.
B. Outbound traffic from the corporate network to the control network should be restricted but outbound traffic from the control network to the corporate network should not be restricted.
C. Outbound traffic from the control network to the corporate network should be restricted based on source and destination address and service only.
D. Outbound traffic from the control network to the corporate network should be restricted based on source and destination address, service, and port.

Answer: D

QUESTION 56
Which statement is true regarding ProfiSAFE?

A. ProfiSAFE traffic must be carried on a network that is physically separated from automation traffic
B. ProfiSAFE relies on the error detection mechanisms of Ethernet and TCP/IP to determine if there are network errors
C. ProfiSAFE can be used in safety applications up to Safety Integrity Level 3 (SIL3)
D. ProfiSAFE is only used by ProfiBUS PA and ProfiBUS DA devices

Answer: C

!!!REDOMMEND!!!

https://youtu.be/07100ZztBOA